Friday, December 5, 2008

Superuser Privilege Management

Clearly, a key value proposition of Centrify DirectControl is the ability to leverage Active Directory as the central identity hub/store to administer users and their access, as well as centrally control authentication. This centralization then enables single sign-on for users to non-Microsoft systems and applications.

Tuesday, December 2, 2008

We've Moved!

We just completed moving our corporate headquarters a few miles down the road from 444 Castro in Mountain View, CA to our new digs at 785 N. Mary Avenue in Sunnyvale, CA.

Wednesday, November 19, 2008

Centrify LISA Presentation on Integrating Linux with Microsoft Active Directory

Our VP of Technology, Mike Patnode, presented on the topic of integrating Linux (and UNIX and Mac) identity management in Microsoft Active Directory at LISA 2008 (aka the Large Installation System Administration Conference).

Monday, November 17, 2008

Strong Authentication for the Mac

In this blog post I am going to drill down in more detail on why customers (especially in the Federal government) should leverage strong authentication for the Mac and how our solution works in this regard.

Tuesday, November 4, 2008

How DirectAuthorize Compares to sudo for Root Access Control

This is my fourth in a series in a series of blog posts on our great new product DirectAuthorize. In this blog post I want to discuss how DirectAuthorize compares and contrasts to the popular "sudo" utility found on most UNIX and Linux systems.

Friday, October 24, 2008

How DirectAuthorize Leverages Active Directory to Enable Privilege Account Management on UNIX/Linux

This is a third in a series of blog posts on our hot new product DirectAuthorize. In this post I will drill down on the architecture of DirectAuthorize and describe some of its unique architectural features including how it uniquely leverages Active Directory.

Wednesday, October 22, 2008

How DirectAuthorize Addresses Root and Shared Account Management in UNIX/Linux Environments

In this post I want to drill down in more detail on the customer challenges that DirectAuthorize addresses, specifically in the areas of improving security and addressing audit and compliance requirements.

Tuesday, October 21, 2008

Introducing DirectAuthorize and the Centrify Suite

Centrify is pleased to announce a brand new product called DirectAuthorize, a software solution that centrally manages and enforces role-based entitlements for UNIX and Linux systems, and we are also introducing the Centrify Suite, which is a comprehensive solution for cross-platform identity and access management.

Wednesday, September 17, 2008

SAP Certifies DirectControl for SAP on UNIX and Linux

I am happy to report that as of last week, after working with SAP Waldorf and the SAP Integration and Certification Center (ICC), we have officially certified the integration of Centrify DirectControl for SAP on UNIX 4.1 with SAP Netweaver via BC-SNC 4.0.

Thursday, September 4, 2008

New Survey Details Top Mac/Windows Integration Needs

GroupLogic - one of Centrify's partners in the Enterprise Desktop Alliance has just released a very interesting survey detailing the major issues and concerns when faced with Mac integration within the enterprise.

Friday, August 22, 2008

Mac Shipments to Hit 3 Million This Quarter? And an Upcoming Webinar on "Managing Macs in a Windows Environment"

I found it interesting to read that one analyst is predicting that Apple will ship 3 million Macs this quarter, which would put Apple on a glide path to grow global PC market share from to 4.2% in 2009 from 2.9% in 2007.

Wednesday, August 13, 2008

Another Award: Best in Identity Management

On the heels of winning WindowsITPro Magazine's "Best Pick" for interoperability, it looks like we won another award: Network Product's Guide Reader Trust Award for "Best in Identity Management." It is great to win an award from an analyst or editor, but we are equally proud (if not more so) when customers name us their top solution within security in the identity management market as is the case with this award.

Thursday, August 7, 2008

Centrify to Host Three-Part Webinar Series on Identity Management Featuring Gartner Group

As part of our continuing education series on leveraging Microsoft Active Directory for cross-platform Identity and Access Management to enable strengthened IT security and regulatory compliance, Centrify is pleased to announce a three part webinar series featuring Gartner Group analyst Perry Carpenter. Click here to learn more and register.

Tuesday, August 5, 2008

What Another Great Year!

Last year I wrote a blog post what a great year we had last fiscal year. Well now that another fiscal year has gone by (our fiscal year ends June 30), I am pleased to report to our employees, customers and partners that we had another great year! The high-level summary is that Centrify is coming off of another year of continuing triple-digit growth in revenue and customers for the fiscal year. We increased sales into Global 2000 companies; the Centrify customer base more than doubled to over 500 organizations in all sectors and includes implementation by 38% of the Fortune 50.

Monday, August 4, 2008

DirectControl Wins Best Interoperability Award for Windows/Linux Integration

I was pleased to notice in the recent issue of WindowsITPro Magazine that hit my desk that Centrify DirectControl won Editors' Best pick (i.e. the "Gold Medal") for Best Interoperability solution.

Tuesday, July 8, 2008

SocGen CIB Selects Centrify

Centrify is pleased to announce that Société Générale Corporate & Investment Banking (SG CIB) - after a rigorous and comprehensive selection process of identity and access management solutions - has selected our DirectControl solution for a pilot deployment to optimize the efficiency and manageability of its UNIX - and Linux-based computing systems.

Monday, June 30, 2008

The Enterprise Desktop Alliance: Making it Easy to Manage and Integrate Macs in a Windows Environment

Today five enterprise software companies announced the creation of the Enterprise Desktop Alliance (EDA) to facilitate the acceptance of the Mac in environments managed with Microsoft Windows. Centrify is pleased to be one of these five software companies participating in the EDA.

Wednesday, June 25, 2008

Auditing UNIX and Linux Systems

I wanted to use this blog post to discuss the ways our DirectControl and DirectAudit solutions can be used to audit your UNIX and Linux environment. Many vendors bandy about that they do auditing, but many just simply interpret and/or write to log files regarding successful and unsuccessful logon attempts. What they don't do is deal with what today's auditors and security professionals must increasingly address which is auditing user-level activity. For example, the Payment Card Industry Data Security Standard (PCI DSS) requires that organizations audit "all actions taken by any individual with root or administrative privileges"- not just their logon attempts. Fortunately Centrify can help with the both high-level and more detail levels of auditing required to meet organization's compliance requirements.

Tuesday, June 17, 2008

Enabling SAP Single Sign-On (SSO) Leveraging Active Directory

Having recently written about how DirectControl can integrate non-Microsoft web servers into Active Directory, I want to provide some insight into our efforts in extending Active Directory-based single sign2on to SAP ERP applications running on UNIX and Linux systems. This blog post on our SAP SSO solution is a complement to our upcoming webinar on SAP SSO using Active Directory (which I urge you to register for :-) ) and other resources such as our white paper on SAP SSO.

Monday, June 16, 2008

We're hiring!

We are looking to immediately add 15+ great people to our sales team that represents the market leader in this hot market within security for extending Microsoft Active Directory across heterogeneous systems and applications. Positions are located all over the US and in the UK.

Wednesday, May 28, 2008

Web SSO for Extranet Applications using ADFS and DirectControl for Java/Web

In my last few blog posts I discussed some of the challenges customers are trying to address with Web single sign-on (SSO) solutions, the architecture and key features of our DirectControl solution for web and Java/J2EE applications, and the specific use case of web SSO for intranet applications (applications where all of the users are "internal" users such as employees, contractors and consultants.) In this final blog post regarding DirectControl for Java/Web I would like to discuss the second use case regarding web SSO for extranet applications using ADFS and DirectControl for Java/Web.

Thursday, May 22, 2008

Web SSO for Intranet Applications Using SPNEGO and DirectControl for Java/Web

In my last couple of blog posts I discussed some of the challenges customers are trying to address with Web single sign-on (SSO) solutions, the architecture and key features of our DirectControl solution for web and Java/J2EE applications, and how DirectControl addresses these challenges. In this blog post I will discuss the specific use case of web SSO for intranet applications (applications where all of the users are "internal" users such as employees, contractors and consultants.)

Tuesday, May 20, 2008

A Closer Look at Centrify DirectControl's Web SSO Solution

In my last blog post I discussed some of the challenges customers are trying to address with Web single sign-on (SSO) solutions that leverage Microsoft Active Directory. In this blog post I want to discuss the architecture and key features of our DirectControl agent for web and Java/J2EE applications and how it addresses these challenges. In future blog posts I will describe some use cases of our web/Java agent.

Thursday, May 15, 2008

Thoughts on Some of the Key Security Challenges Involving Web Single Sign-on (SSO)

Most of our customers are familiar with DirectControl's core ability to seamlessly integrate non-Microsoft operating system platforms such as UNIX, Linux and Mac into an Active Directory environment. But over the years we have also heavily investing in building on top of DirectControl's OS-level capabilities some really solid technology that enables Active Directory-based single sign-on to custom web and java application servers running on a UNIX, Linux or Windows systems.

Wednesday, April 30, 2008 Is Now Live; New Resource Site for Replacing NIS

As part of our continued efforts to make UNIX and Linux systems more secure by getting customers to replace their old and insecure Network Information Service (NIS) directory service deployment(s) and onto a modern and more secure LDAP and Kerberos infrastructure, Centrify is pleased to announced it has created a NIS replacement and migration resource site:

Tuesday, April 22, 2008

Off-Topic: Mapping Microsoft Windows Server Protocols to Patents

As readers of my Centrify blog know, I usually use this blog as a forum to discuss Centrify's vision, customers, why our technology and our approach to interoperability makes sense, etc. In today's blog I am going to go "off topic" and discuss interoperability as it relates to Microsoft's recent announcements re: their "interoperability principals" and analyze how recently published Microsoft protocols map to US patents and US patent applications that are held by Microsoft.

Categories: Customers and Press, All

Thursday, April 17, 2008

Additional Resources on Migrating from NIS/NIS+ to LDAP

On April 23rd for North America and on April 24th for Europe we are hosting a free Network Information Service (NIS) Migration webinar that explains how Centrify DirectControl can enable you to leverage your existing Active Directory-based LDAP and Kerberos infrastructure to replace NIS with a solution that meets regulatory requirements and streamlines your IT infrastructure and operations in the process.

Monday, April 7, 2008

Centrify Broadens UNIX Authentication and Access Control with DirectControl 4.1

Today we announced DirectControl 4.1. While a relatively minor release, it adds over 20 additional operating systems to our industry-leading list of non-Microsoft platforms (now over 135 platforms), Windows 2008 support, new web application support and also adds misc. support tools and utilities. It will be released by the end of April.

Saturday, March 15, 2008

Java and J2EE Integration with Active Directory

Recently we have seen a lot interest in our Java and J2EE integration capabilities with Active Directory. I wanted to use this blog entry to give some thoughts on why we do it and how we do it.

Friday, March 14, 2008

How Secure Is Your OpenSSH?

Recently one of our developers was visiting a customer and he told me the story that when one of the sys admins he was working with gave him a hostname to ssh to, he was presented with the following message: The authenticity of host 'hostname (' can't be established. RSA key fingerprint is 37:58:49:7b:da:8c:a9:61:44:3f:5c:35:81:20:b1:ff. Are you sure you want to continue connecting (yes/no)?

Thursday, February 28, 2008

Startup Superstar - Our Own Paul Moore

Microsoft has just posted an interview with our CTO Paul Moore. He talks about some of the reasons why we are leveraging Active Directory and building our business around it. Check it out!

Wednesday, February 27, 2008

Centrify Partners & Customers Featured at Directory Experts Conference

We have lots of stuff happening at the Directory Experts Conference, March 3-5 in Chicago, where we are a Gold Sponsor for the fourth DEC in a row. On Tuesday, March 4, from 6:00-8:30 we're throwing a party for DEC attendees in the Marquette Room. If you are at DEC, drop by for some refreshing cocktails and lively conversation with our identity management experts. You'll also receive a free Centrify t-shirt! Here's a list of customers, partners and Centrify experts who are among the featured speakers.

Wednesday, February 27, 2008

DirectControl Gets Windows 2008 Certified; Centrify Participates in 'Heroes Happen Here' Launch Events

In support of today's launch of Windows 2008, Centrify is pleased to announce that DirectControl is the first (and only!) identity and access management solution to receive Windows Server 2008 software certification. We will be showing off DirectControl and its support for Windows 2008 at a number of "Heroes Happen Here" Microsoft launch events in cities throughout the U.S.

Monday, February 18, 2008

Group Policy for UNIX, Linux and the Mac

As many of you know Centrify DirectControl provides a comprehensive solution for global policy enforcement by extending Windows Group Policy services to Linux, UNIX and Mac systems. I want to use this blog entry to describe in a bit more detail how Centrify DirectControl implements Group Policy in a heterogeneous environment.

Friday, February 15, 2008

Microsoft and Kerberos

Back in October of 2007 I blogged about the launch of the Kerberos Consortium and how Centrify was a "Founding Sponsor" of the Kerberos Consortium, joining fellow sponsors and supporters such as industry vendors Google, Sun and Apple in supporting this important initiative. Since then a number of universities and US government agencies (e.g. NASA and the DOD) have joined the Consortium, but probably the biggest news of late is that Microsoft has also signed up as a Founding Sponsor and joined the Consortium's Executive Board.

Thursday, February 14, 2008

Centrify Wins Best Identity Management Software Award

Looks like Centrify is officially on a roll. We are pleased to see that we just won the 2008 Global Excellence Award for Best Identity Management Software from Info Security Products Guide.

Tuesday, February 12, 2008

Integrating Samba with Active Directory

We recently updated our Samba package on our support site to reflect some of the updates coming from the Samba team, and I wanted to use this blog to discuss what we offer with respect to how DirectControl can better integrate Samba into Active Directory.

Friday, February 8, 2008

Case Study: Mac Windows Integration

Having recently blogged on how Wyeth Research migrated from Sun ONE Directory Server as to using Active Directory and Centrify DirectControl as the underlying identity infrastructure for their UNIX and Linux servers (as well as naturally for their Windows infrastructure), I want to discuss in this blog post how one of our customers is integrating their large number of UNIX-based desktop systems with their Windows environment leveraging Centrify DirectControl.

Wednesday, January 30, 2008

Case Study: Replacing Sun ONE Directory Server with DirectControl and Active Directory for UNIX Single Sign-on

Now that I've posted on some of our recent awards, let me go back to focusing on some recent customer case studies ala how I highlighted Wyse. The first one I'll focus on is Wyeth Research. We recently posted a case study on Wyeth that discusses their migration from a Sun ONE Directory Server for their Linux and UNIX systems to using Active Directory and Centrify DirectControl as the basis of UNIX authentication, and I want this blog post to highlight a few interesting points.

Tuesday, January 22, 2008

Not As Ironic As You May Think: Active Directory-Based Solution for Linux Identity Management Wins's 'Security Product of the Year'

Wow, right on the heels of earning a spot on Linux Magazine's "Top 20 Companies to Watch," we are pleased to see that has just named DirectControl its Security Product of the Year. In selecting Centrify as the Gold winner, the editors noted, "Centrify Corp.'s DirectControl 4 makes it drop-dead simple to incorporate Linux, UNIX, Mac, Web and database platforms into a pre-existing Microsoft's Active Directory (AD) schema, enabling Linux administrators to eliminate redundant identity management systems and standardize on a single enterprise-wide identity management platform."

Monday, January 21, 2008

Centrify Recognized by Linux Magazine as "Top 20 Company to Watch" for Windows and Linux Interoperability

It was neat to see that Linux Magazine has published its annual list of "Top 20 Companies to Watch" and Centrify was on the list. We were the only security software company and the only one focusing on delivering Windows and Linux interoperability on the list. Centrify was touted for helping Linux, Windows, and Mac OS X "all just get along" and providing "the glue" to enable interoperability between these heterogeneous systems. The editors further recognized Centrify's DirectControl solution by noting "…anything that fosters interoperability is going to be a hot technology."

Monday, January 14, 2008

Why Leverage Active Directory for Linux Identity Management? Part 2

In my last blog post I described the benefits of reducing identity "silos" and moving toward a single directory for your heterogeneous infrastructure. In this blog post I will describe some of the technical and business reasons why organizations should consider leveraging Active Directory to be "the" central directory for UNIX-based systems and applications, as well as non-Microsoft applications running on Windows.

Friday, January 11, 2008

Why Leverage Active Directory for Linux Identity Management? Part 1

I was recently interviewed by Art Wittman, Editor at InformationWeek, and one of the questions he asked me was regarding the technical soundness of leveraging Active Directory as the basis for Linux identity management. That question motivated me to articulate in this two-part blog entry the various technical and business reasons why customers should deploy our DirectControl solution on non-Microsoft platforms to enable Active Directory to become the central identity and access management "hub" for cross-platform systems (e.g. Windows, UNIX, Linux and Mac) and applications (e.g. IIS, Apache, JBoss, WebLogic, DB2, SAP, etc.). But before I do, let me first articulate why reducing identity stores and moving toward a single directory is highly beneficiary.

Saturday, January 5, 2008

No Surprise Here: Compliance Still Driving Identity Management and Overall Security Spending

Back in October I attended the Goldman Sachs' "Building Great Security Companies 3.0" conference, which covered trends impacting the future of information security. One of the highlights for me was Sarah Friar from Goldman Sachs discussing the results of the fifth installment of Goldman's security spending survey that was published in September 2007. Over the holidays I had the opportunity to catch up on some reading material, and I was able to finally review the 2007 survey in detail, and was curious what had changed from the 2006 security spending survey edition that I blogged about previously.