Active Directory-based authentication, access control and role-based privilege management for Windows, Linux & UNIX
Standard Edition + privileged user auditing
Enterprise Edition + encryption of data-in-motion and server isolation
Any Edition + single sign-on for SAP, Apache and J2EE/Java applications
Single sign-on for cloud apps + mobile device supportMac Edition
Active Directory-based authentication and Group Policy management for Macs + mobile device supportPremium Edition
SaaS and Mac Editions + mobile device supportCentrify for Samsung KNOX
Active Directory-based SSO, MCM and MDM for KNOX-enabled devices
Here is a look at the individual tools that are included with Centrify DirectManage. These tools are available in all editions of the Centrify Server Suite, with the exception of the Audit Analyzer, which is provided as part of the Enterprise and Platinum editions.
Although installing Centrify on a UNIX or Linux system is a straightforward task, organizations that want to deploy to dozens — or hundreds or thousands — of systems will want to use the Deployment Manager to guide them through the process. With Deployment Manager you can:
Automate the discovery of identity-related risks in your Linux and UNIX server environment. CIRA quickly identifies critical violations of identity and access management best practices, and provides the insight to help you understand how to prioritize and mitigate these identity-related risks.
With CIRA you can:
The Centrify Suite enables you to retire redundant and legacy identity stores by managing UNIX, Linux and Mac identities through Active Directory. The DirectManage Migration Wizard accelerates your deployment by helping you import user and group information from sources such as NIS maps and local files into Active Directory. The Migration Wizard checks for duplicate IDs and gives you options for resolving conflicts, such as creating new Active Directory user or group objects or mapping the incoming IDs to existing Active Directory objects. The Migration Wizard is included at no extra charge as part of DirectManage.
Centrify DirectManage includes two Windows-based administrator's tools: our Centrify DirectManage Access Manager and an MMC-based Active Directory Users and Computers (ADUC) property extension. With these interfaces you can configure the UNIX profile of Active Directory users (such as their UNIX ID, home directory and shell), manage computer properties, and manage Centrify Zone membership. The ADUC property extensions are particularly useful for delegated administration. For example, Windows-based IT help desk personnel could be enabled to use ADUC to update users' UNIX profile without giving them administrative access to advanced Centrify features.
Through the Access Manager you also have access to all Centrify advanced features, such as creating and managing Centrify Zones, importing identities and running reports.
Centrify's advanced support for Group Policy for UNIX, Linux and Mac enables you to enforce consistent configuration and security policies across heterogeneous systems.
DirectManage's streamlined Group Policy Object Editor interface makes it easy to create and edit Group Policies within the standard GPO Editor. It provides a rich editing environment for many policies where multiple lines of text need to be entered or edited after initial entry, such as firewall policies.
Centrify reports give you detailed, global visibility over access rights, privileges and security policies across heterogeneous systems.
The DirectManage Report Center provides pre-defined reports that answer the most common questions asked by compliance auditors, such as who has access to a set of computers in a Zone, what systems a specific user has access to, and what privileged commands users have been granted on specific systems. You can define custom reports as well.
Centrify DirectAudit collects detailed logs of user activity on Windows, Linux, and UNIX servers, including not only the commands entered but system responses as well. The Centrify Audit Analyzer is useful for IT personnel with a range of responsibilities: