PKI and Remote Access Services

DirectAccess (DA), Always On VPN (AOVPN) and Public Key Infrastructure (PKI) Experts

Unlike general ICT distributors, SUREFRONT supplies only a select number of remote access and security products.  Over time, this has enabled our consultants and engineers to become Subject Matter Experts (SMEs).  Over the past ten years, we have helped organisations of all sizes to implement secure Windows-based infrastructures. 

Careful planning, detailed design and clear documentation are key deliverables.   We offer a flexible range of services – from simple advice and guidance through to a fully managed security project (from concept to handover and beyond).  

Secure Remote Access with Microsoft DirectAccess (DA) and Always On VPN

SUREFRONT leads the way with DirectAccess (DA) and Always On VPN (AOVPN).  We offer:

  • Choice of native-Windows Server 2019 or integrated appliance (VIRTUAL or HARDWARE)
  • Guidance in selecting the most appropriate technology (DA or AOVPN)
  • Best practice DA and AOVPN design, including prerequisite infrastructure (ADCS, DNS, firewall)
  • High-availability and multi-site configuration 
  • Two-factor authentication (2FA)
  • In-depth troubleshooting
  • Training.  End-user and Admins
  • Enhanced security options
  • Connectivity for MAC OS X clients

Engage a DA/AOVPN Consultant

Microsoft Public Key Infrastructure (PKI)

SUREFRONT can deliver a secure, scalable and manageable PKI based on Microsoft Certificate Services (ADCS)  

  • Design the Certification Authority (CA) hierarchy
  • Design and implement PKI services, including CDP, OCSP and Web enrollment
  • Painless migration from a single-tier design
  • Implement protection measures (physical and processes) appropriate for risk/impact
  • Plan cryptographic algorithms, key lengths and validity period
  • Protect the CAs’ private keys
  • Integrate Hardware Security Modules (HSM) 
  • Design the Certificate Templates and enrolment policies
  • Certificate Templates
  • Plan for Backup and disaster recovery
  • Implement high availability

SUREFRONT offers fully-managed and co-managed services, ensuring the ongoing health of your PKI  

  • Onsite PKI assessment and audit
  • Management and monitoring of the Certification Authority (CA),  OCSP Responders, Web enrollment services and distribution points
  • Certificate Revocation List (CRL) publication and verification
  • Maintenance
  • Certificate Revocation List (CRL) publication and verification
  • Maintenance and support of Hardware Security Module (HSM)
  • CA certificate renewals
  • Patching and hot-fixes
  • Ad hoc incident response

Engage a PKI Consultant

Distribution Services

SUREFRONT provides value added distribution services

  • Pre-sales technical advice is available for free
  • Exportation to locations throughout Europe and Africa
  • Hardware replacement
  • Technical support and escalation
  • Proof of concept


How can we help you?
Contact us today on +44 (0)161-486-9699
or by email

surefront_high res pdf e copy