Solutions
Centrify Your UsersSSO for SaaS & AppsSSO for Mobile AppsSSO for Mac & LinuxSmart Card Authentication
Centrify Your SecurityPrivileged User ManagementAccess ControlServer Isolation & EncryptionSecurity Policy EnforcementServer Auditing
SOXPCIFISMANERC
Centrify Your ITActive Directory BridgingNIS-to-Active-Directory MigrationMobile Security ManagementMac ManagementCross-Platform Group Policy
Federal Government
OverviewFISMA
Products
Centrify for ServersDirectControlDirectAuthorizeDirectAuthorize for WindowsDirectAuditDirectAudit for WindowsDirectSecureDirectManageCentrify Suite 2013Centrify Suite Editions
Centrify for Mac & MobileDirectControl for MacCentrify for MobileMobile Authentication Services
Centrify for SaaS & AppsCentrify for SaaSCentrify for Office 365Centrify for Java & WebCentrify for SAPCentrify for Databases
5-Minute Demos
At-a-Glance Overviews
Want to Give It a Try?
Request a Trial or Ask for Question
Services
Services OverviewJumpStart PackagesOnsite TrainingOnline TrainingFree Online TrainingRequest More Info
Support
Customer Support PortalBenefits of Technical Support
Partners
Find a Centrify Reseller PartnerTechnology PartnersCentrify & MicrosoftCentrify & SamsungIndustry Alliances
How to Work with CentrifyPartner ProgramsPartner Application FormReferral ProgramReferral Registration FormOEM OpportunitiesPartner Network Login
Resources
Centrify Suite ResourcesRemote Access Tools for Linux & UNIXActive Directory Integration for Storage SystemsCentrify Suite Deployment & Migration ToolsCentrify Cloud ToolsCentrify Suite Integration with Provisioning SystemsCentrify Suite Reporting ToolsVideo Chalktalk LibraryCentrify WebinarsCustomer Success StoriesWhite Papers & Datasheets
Centrify BlogsCentrify BlogCentrify TechnovationsLeveraging MicrosoftThe Centrify Apple GuysCentrify Express CommunityCentrify RSS Feeds
About Us
Corporate OverviewExecutive ManagementInvestorsContact UsJobs at Centrify
News
News & Events OverviewPress ReleasesAwards & ReviewsCalendar of EventsWhat the Press SaysWhat the Analysts Say
Cloud Service

A Unified Architecture for Mobile and SaaS Management

Unleash user productivity and enhance IT efficiency by using existing Active Directory infrastructure and processes to centrally manage mobile devices and SaaS apps

The number one reason we're using Centrify's mobile security solution is its integration with Active Directory...It's incredibly easy to manage — I can secure all of my mobile devices using Group Policy.

Eric Bowers
IT Manager for Butterball Farms

Centrify for Mobile and Centrify for SaaS are built on a single, unified architecture that is easy to deploy and does not require additional complex infrastructure, such as replicating your Active Directory in the cloud. This results in one single login for users, and one single identity infrastructure for IT. Here is an overview of the key architectural components.

Centrify Cloud Proxy Server

The Centrify Cloud Proxy Server is a simple Windows service that seamlessly and securely connects your Active Directory via https to the Centrify Cloud Service. It runs behind your firewall, providing real-time authentication, policy and access to user profiles without synchronizing data to the cloud.

Centrify Cloud Service

This multi-tenanted service provides secure communication from your on-premise Active Directory to your mobile devices and to the MyCentrify User Portal. The cloud service facilitates secure enforcement of policies for mobile devices. It also controls access to your SaaS applications through a security token service, which authenticates users to the portal with Kerberos, SAML, or an Active Directory username/password. It then automates logins through a one-click interface when users select from their list of authorized SaaS applications.

MyCentrify User Portal

This is robust, Active Directory-integrated includes gives each user a personalized view of their approved apps, their devices, and their activity, plus self-service features. It includes:

ADUC Integration
MyCentrify User Portal

Users log in once and then point, click and launch the SaaS apps they are authorized to use without having to remember their username and password for each app.

  • MyApps: Shows users their approved SaaS apps, with a one-click interface for single sign-on.
  • MyDevices: Lets users view the properties of their enrolled smart phones and tablets. It includes self-service for passcode reset, device lock and remote and device location mapping.
  • MyProfile: A self-service interface that lets users update selected Active Directory attributes, unlock their account, or reset their password.
  • MyActivity: Details activity that can help users self-report suspicious activities on their account.

MyCentrify Mobile App

The MyCentrify mobile app is a native app that runs on the user's mobile device.

ADUC Integration
MyCentrify Mobile App

Centrify's application management capabilities auto-provision mobile and Web apps to iOS and Android devices. Users obtain "zero sign on" to all SaaS and corporate apps with a single click of an icon — whether accessing from their PC or their mobile device.

In addition to managing security policies received via the Centrify Cloud Service, it provides users with access to their approved SaaS apps in much the same way that the browser-based MyCentrify User Portal does. An added benefit: once users unlock their device (thus authenticating), they have Zero Sign-On to their apps: they can simply launch an app without being challenged to re-authenticate, which is a tremendous usability and efficiency gain compared to the effort of keying in a username and password on a small touchscreen.

For ISVs and other developers, Centrify's Mobile Authentication Services SDK enables them to write apps that leverage the Centrify Cloud Service to provide Zero Sign-On to their organization's Active Directory.

Centrify Administration and Management

ADUC Integration
Centrify Cloud Manager

The Centrify Cloud Manager enables IT managers to manage access to SaaS apps, apply role-based access controls, and run reports.

Device data and security policies are stored directly in Active Directory, which means iPads, iPhones and Android devices can be managed using the existing tools and lifecycle processes you currently have in place. The Centrify Cloud Management Suite installs a collection of extensions to standard Windows-based management tools. The Centrify extension to Active Directory Users & Computers (ADUC) shows you the devices that are associated with a user's Active Directory profile. An extension to the Windows Group Policy Objects Editor (GPOE) lets you set up configuration and security policies that can be automatically applied to mobile devices.

The Centrify Cloud Manager is a browser-based administrative tool hosted by the Centrify Cloud Service. It provides a single pane of glass to administer SaaS app access and SSO, mobile devices, and user profiles. It also provides centralized reporting, monitoring and analysis of all SaaS and mobile activity.

Get Started

Start Your
Free Trial

Register for our Cloud Service and get full features for 30 days, with an easy path to upgrade or Express.
Upgrade from Express

Upgrade to full features, extend your trial, or ask a question.
App Spotlight
Office 365 SSO
without ADFS
Learn More
Datasheet

Centrify for SaaS.
White Paper

Stop Password Sprawl with SaaS SSO via Active Directory