Secure, connected computing through centralized, Active Directory-based identity management and access control

The Centrify DirectControl suite enables a secure, connected computing environment by seamlessly integrating your non-Microsoft systems, web applications, databases and ERP apps, and storage systems with Microsoft Active Directory. With its patent-pending Zone technology, Centrify delivers the only solution that does not require intrusive reconfiguration of existing systems and provides the granular administrative control needed to securely manage a diverse set of systems and applications. With Centrify, you can now fully leverage your investment in Active Directory to significantly strengthen security, reduce infrastructure costs, streamline IT operations, and better comply with regulatory requirements.

Centrify DirectControl for Systems
Secure, centralized account administration, authentication and access control for over 60 flavors of UNIX, Linux and Mac OS

• Secure
  Centralized Active Directory-based account administration, authentication and access control for more platforms than any other solution.
• Easy to deploy and manage
  All-in-one agent architecture; no system integration of multiple products required.
• Non-intrusive
  Does not require changes to Active Directory schema or software on domain controllers.
   
  Mixed Windows, UNIX, Linux and Mac OS environments are a fact of life for almost all IT departments who need to strictly control access and security policies for these systems in order to meet government and industry regulations. IT departments need these systems to "plug and play" so they don't have to spend their budget acting as a systems integrator or having to manually (and expensively) administer an ever-growing number of systems individually. Centrify DirectControl for Systems fills this need by enabling non-Microsoft servers and workstations to participate in an Active Directory domain, effectively turning them into an Active Directory client. Organizations can then secure those systems using the same authentication, access control and Group Policy services currently deployed for their Windows systems.

Centrify DirectControl for Web Applications
Secure, centralized web single sign-on for Apache, JBoss, Tomcat, WebLogic and WebSphere

• Secure
  Active Directory-based web single sign-on for both intranets (leveraging Kerberos/LDAP) and extranets (leveraging ADFS/SAML)
• Easy to deploy and manage
  Leverages existing Active Directory infrastructure.
• Non-intrusive
  Does not require changes to Active Directory schema or software on domain controllers.
   
  According to Meta Group, in the average large organization end-users have more than five user names and passwords. Multiple identity stores increase the risk of orphan accounts being compromised and also lead to delays in provisioning and updating accounts. Centrify DirectControl for Web Applications delivers secure, centralized web single sign-on for both intranet and extranet applications running on Apache and popular J2EE servers at a fraction of the cost of older point solutions. IT departments can quickly provision accounts using existing Active Directory-based tools and processes, and turning off an Active Directory account immediately and reliably shuts off that user's access to all web applications.

Centrify DirectControl for Databases & ERP Apps
Secure, centralized single sign-on for DB2, Oracle and SAP

• Secure
  Active Directory-based single sign-on (SSO) to heterogeneous databases leveraging Active Directory's powerful Kerberos network security infrastructure.
• Easy to deploy and manage
  Leverages existing Active Directory infrastructure.
• Non-intrusive
  Does not require changes to Active Directory schema or software on domain controllers.
   
  Numerous government regulations and industry compliance measures require organizations to control access not only to key systems (such as UNIX, Linux and Mac OS), web-based applications (such as Apache, JBoss, WebLogic and WebSphere) but also to packaged applications such as SAP R/3 as well as databases such as Oracle and IBM DB2. Centrify DirectControl delivers increased database and SAP security by replacing password validation with the strong authentication capabilities of Kerberos found in Active Directory. The benefit for end-users is that they can now silently authenticate to the heterogeneous systems, applications and databases they are allowed to access without being challenged to re-type a user name or password. The benefit for IT managers is that administrators and help desk personnel can now use a single administrative tool – Microsoft Active Directory – to define consistent security policies for and to control access to a mix of different vendors' databases, heterogeneous operating systems, and web-based applications within their organization. For example, once an administrator disables a user's Active Directory account, that user immediately loses their ability to access Oracle DB running on non-Microsoft platforms.

Centrify DirectControl for Storage Systems
Secure, centralized user mapping for EMC and NetApp storage systems and Samba

• Secure
  Active Directory-based user mapping to different vendors' storage devices and file systems.
• Easy to deploy and manage
  Leverages existing Active Directory accounts and groups. Single point of administration simplifies complex network file system access provisioning and management.
• Non-intrusive
  Does not require changes to Active Directory schema or software on domain controllers.
   
  In a mixed environment where both Windows and UNIX systems need to access common files or directories, there is a need for a common security model to control access. Centrify DirectControl for Storage Systems provides an identity mapping mechanism centrally managed within Active Directory that links a user's Windows account to a UNIX profile containing the user's UNIX account attributes.

How It Works

Centrify DirectControl's core feature is its ability to enable UNIX, Linux and Mac servers and workstations to participate in an Active Directory domain. The Centrify DirectControl Agent effectively turns the host system into an Active Directory client. Through its Resource Center, Centrify provides free documentation and downloads to help you configure the host system for Active Directory integration leveraging DirectControl.

 to find out more about Centrify DirectControl, please contact us.