Centralized, Role-Based Entitlement Management Designed for Compliance

DirectAuthorize delivers unique entitlement management features, ease of use, an integrated architecture and fault tolerance

In working with customers to understand their IT security and compliance challenges, we focused on delivering the following benefits:

Centralized, role-based entitlement management designed for compliance

Consolidates UNIX and Linux entitlement management in Microsoft Active Directory, streamlining administration and closing security gaps caused through lax deprovisioning and change management practices
Links entitlements to Active Directory accounts and groups, enhancing accountability and compliance reporting through a global view of users' entitlements across the enterprise
Role-based entitlement model meets regulatory requirements for defining "least access" controls and administrative privileges delegated according to job duty, protecting enterprises against both accidental and malicious changes
Restricted Environment feature permits users to execute only specific "whitelisted" commands, resulting in unambiguous compliance reporting compared to other systems that require security managers to pile on "deny" specifications
Built-in reports for users and computers give auditors a complete view of authorizations

Simplified privilege management that goes beyond sudo and other existing products

Graphical user interface makes creating roles and rights far easier compared to scripting complex sudo policy files or learning other solutions' proprietary scripting languages that cannot match the rich group-based modeling available in Active Directory
Centrally and securely apply and report on policies from Active Directory, as opposed to trying to manage config files on individual systems
Unique ability to control users' access to secured systems via PAM-enabled applications and interfaces (SSH, FTP, etc.)
Unique Restricted Environment feature provides the option to restrict users to a "whitelist" of specific commands, compared to older, cumbersome and error-prone solutions that permit all actions except those that are put on a "deny" list
Simplifies users' workflow, enabling them to execute commands with privilege without having to change accounts, remember additional passwords, or learn new commands

Single, cost-effective architecture for cross-platform authentication, access control and authorization

Comprehensive privilege management provided as part of an integrated authentication, access control and authorization solution that is priced below what you would expect to pay for a single, older point product that addresses just one of these areas
Part of a comprehensive suite designed from the ground up to seamlessly integrate a wide array of UNIX and Linux systems with existing Active Directory infrastructure, tools and processes

Rapid, non-intrusive deployment and management

Leverages existing Active Directory domain controller infrastructure; no additional servers or network infrastructure needed
No Active Directory schema changes required
Does not require proprietary changes to UNIX kernel; no reboot required after installation
Streamlines IT management by leveraging existing Active Directory tools and processes
Management data is stored in Active Directory, a modern LDAP database that has a rich ecosystem of available administration, provisioning and reporting tools

Highly available and fault-tolerant

Leveraging Active Directory domain controller infrastructure ensures high availability and fault-tolerant network connection
Local caching ensures entitlements are enforced even in cases when the computer is disconnected