The number one reason we're using Centrify's mobile security solution is its integration with Active Directory...It's incredibly easy to manage — I can secure all of my mobile devices using Group Policy.
IT Manager for Butterball Farms
Centrify for Mobile and Centrify for SaaS are built on a single, unified architecture that is easy to deploy and does not require additional complex infrastructure, such as replicating your Active Directory in the cloud. This results in one single login for users, and one single identity infrastructure for IT. Here is an overview of the key architectural components.
The Centrify Cloud Proxy Server is a simple Windows service that seamlessly and securely connects your Active Directory via https to the Centrify Cloud Service. It runs behind your firewall, providing real-time authentication, policy and access to user profiles without synchronizing data to the cloud.
This multi-tenanted service provides secure communication from your on-premise Active Directory to your mobile devices and to the MyCentrify User Portal. The cloud service facilitates secure enforcement of policies for mobile devices. It also controls access to your SaaS applications through a security token service, which authenticates users to the portal with Kerberos, SAML, or an Active Directory username/password. It then automates logins through a one-click interface when users select from their list of authorized SaaS applications.
This is robust, Active Directory-integrated includes gives each user a personalized view of their approved apps, their devices, and their activity, plus self-service features. It includes:
The MyCentrify mobile app is a native app that runs on the user's mobile device.
In addition to managing security policies received via the Centrify Cloud Service, it provides users with access to their approved SaaS apps in much the same way that the browser-based MyCentrify User Portal does. An added benefit: once users unlock their device (thus authenticating), they have Zero Sign-On to their apps: they can simply launch an app without being challenged to re-authenticate, which is a tremendous usability and efficiency gain compared to the effort of keying in a username and password on a small touchscreen.
For ISVs and other developers, Centrify's Mobile Authentication Services SDK enables them to write apps that leverage the Centrify Cloud Service to provide Zero Sign-On to their organization's Active Directory.
Device data and security policies are stored directly in Active Directory, which means iPads, iPhones and Android devices can be managed using the existing tools and lifecycle processes you currently have in place. The Centrify Cloud Management Suite installs a collection of extensions to standard Windows-based management tools. The Centrify extension to Active Directory Users & Computers (ADUC) shows you the devices that are associated with a user's Active Directory profile. An extension to the Windows Group Policy Objects Editor (GPOE) lets you set up configuration and security policies that can be automatically applied to mobile devices.
The Centrify Cloud Manager is a browser-based administrative tool hosted by the Centrify Cloud Service. It provides a single pane of glass to administer SaaS app access and SSO, mobile devices, and user profiles. It also provides centralized reporting, monitoring and analysis of all SaaS and mobile activity.
Register for our Cloud Service and get full features for 30 days, with an easy path to upgrade or Express.
Upgrade to full features, extend your trial, or ask a question.