Centrify Resource Center

Home  |  Centrify Resource Center
Tom Kemp's Centrify Blog

Virtual Security

Tuesday, June 16, 2009

Today we announced extensive support for heterogeneous, virtualized data centers with the general availability of the Centrify Suite 2008 update 3. With this release we help our customers securely and efficiently transition from a traditional, physical infrastructure to a dynamic, virtualized computing environment. We do this by allowing our customers to leverage their existing Microsoft Active Directory infrastructure for centralized identity management, access control, privilege management and auditing across over a dozen hypervisor platforms as well over 190 UNIX and Linux operating systems running as guests on hypervisors or on physical servers.

So what's the significance of this? The reality is that server virtualization platforms are becoming increasingly ubiquitous. But it is not just about VMware; virtualization is increasingly heterogeneous as organizations deploy bare-metal hypervisors from vendors such as VMware and Citrix while, in parallel, they are also leveraging virtualization technology built into the latest UNIX, Linux and Windows operating systems. This growing ubiquity and the ability for business-critical guest systems to proliferate and seamlessly move and migrate across a datacenter can lead to a loss of control from a security and management perspective.

For example, in a virtualized data center, what was a server is now a file. How do you protect who has access to that file? Who can copy, move or delete that file? Many organizations are leaving themselves extremely vulnerable as they transition to the optimal mix of physical and virtual systems.

So the need to secure these guest systems' underlying hypervisors from insider and outsider threats cannot be ignored. In addition, as organizations continue the migration from a physical to a virtualized server infrastructure, they find themselves managing a complex environment of heterogeneous operating systems and applications. IT managers need unified, global control over their evolving data center to meet security and compliance requirements — from management and segregation of duties to protection and auditing across any server instance.

That's where Centrify steps in. The Centrify Suite with DirectControl version 4.3 addresses the need to secure both physical and virtual environments by effectively turning a non-Microsoft system or hypervisor into an Active Directory client, enabling administrators to secure that system using the same authentication and Group Policy services currently deployed for their Windows systems, as well as adding granular access control through its patent-pending Zone technology. Centrify DirectAuthorize can from there enable role-based entitlements for fine-grained control of user access and privileges on these hypervisors, while Centrify DirectAudit can delivers auditing, logging and real-time monitoring of user activity on those hypervisors.

The Centrify Suite has long supported VMware ESX and other virtual environments, and with this release has added support for eleven new virtualization platforms such as Solaris™ xVM Hypervisor, IBM AIX WPAR and IBM z/Linux, and has added support for over 40 new guest operating system such as Fedora 10, Mandriva 2009, Ubuntu 8.10 and OpenSUSE 10 bringing the total to over 190 operating systems supported — both of which lead the industry in Active Directory cross-platform integration and interoperability. Specific virtualization technologies that the Centrify Suite supports include:

  • VMware ESX, VMA and vStudio
  • Citrix XenServer
  • IBM AIX system and application Logical Partition (LPAR) and Workload Partition (WPAR)
  • Solaris™ Containers and Solaris™ xVM Hypervisor
  • Hewlett Packard's HP-UX Virtual Server Environment including Virtual Partitions (vPars) and hard partitions (nPars) as well as HP Virtual Machines
  • IBM z/Linux running SUSE (see related announcement on our Active Directory integration support for the zSeries)
  • Red Hat Virtualization built into Red Hat Enterprise Linux
  • Novell SUSE's Xen-based Virtualization
  • Non-Microsoft Guest OSes running on Microsoft Hyper-V

To learn more about our virtualization security solution, feel free to sign up for a free webinar entitle "Addressing the Unique IT security Risks posed by the Virtual Data Center" that happens on Tuesday, June 23 at 10am PDT. In my next few blog posts I am going to drill down on how the Centrify Suite can secure the VMware ESX platform.

Categories: Centrify, Centrify Suite, Customers and Press, DirectAudit, DirectAuthorize, DirectControl for Databases, DirectControl for Systems, DirectControl for Web Apps, Group Policy, Regulatory Compliance, All
Bookmarks: del.icio.usDiggFurlNetscapeYahoo! My WebStumbleUponGoogle BookmarksTechnoratiBlinkListNewsvinema.gnoliaRedditWindows LiveTailrank

< Previous Article: Centrify Suite 2008 Updated to Support Over 190+ Flavors of UNIX, Linux and Mac
> Next Article: VMware Virtual Security and Compliance


View a 5-Minute Demo
3-Part Webinar Series What Gartner Says About Using Active Directory for Centralized Authentication, Auditing and SSO
White Paper Centralized Identity and Access Management with Active Directory View
Now
Video Chalktalk Library Detailed overviews of Centrify solutions and technology

Without a product such as the Centrify product ... you have to cobble together a bunch of technologies to make it work, and you don't get the same integration.

Eric Kuzmack
IT Architect
Gannett