Solutions
Centrify Your UsersSSO for SaaS & AppsSSO for Mobile AppsSSO for Mac & LinuxSmart Card Authentication
Centrify Your SecurityPrivileged User ManagementAccess ControlServer Isolation & EncryptionSecurity Policy EnforcementServer Auditing
SOXPCIFISMANERC
Centrify Your ITActive Directory BridgingNIS-to-Active-Directory MigrationMobile Security ManagementMac ManagementCross-Platform Group Policy
Federal Government
OverviewFISMA
Products
Centrify for ServersDirectControlDirectAuthorizeDirectAuthorize for WindowsDirectAuditDirectAudit for WindowsDirectSecureDirectManageCentrify Suite 2013Centrify Suite Editions
Centrify for Mac & MobileDirectControl for MacCentrify for MobileMobile Authentication Services
Centrify for SaaS & AppsCentrify for SaaSCentrify for Office 365Centrify for Java & WebCentrify for SAPCentrify for Databases
5-Minute Demos
At-a-Glance Overviews
Want to Give It a Try?
Request a Trial or Ask for Question
Services
Services OverviewJumpStart PackagesOnsite TrainingOnline TrainingFree Online TrainingRequest More Info
Support
Customer Support PortalBenefits of Technical Support
Partners
Find a Centrify Reseller PartnerTechnology PartnersCentrify & MicrosoftCentrify & SamsungIndustry Alliances
How to Work with CentrifyPartner ProgramsPartner Application FormReferral ProgramReferral Registration FormOEM OpportunitiesPartner Network Login
Resources
Centrify Suite ResourcesRemote Access Tools for Linux & UNIXActive Directory Integration for Storage SystemsCentrify Suite Deployment & Migration ToolsCentrify Cloud ToolsCentrify Suite Integration with Provisioning SystemsCentrify Suite Reporting ToolsVideo Chalktalk LibraryCentrify WebinarsCustomer Success StoriesWhite Papers & Datasheets
Centrify BlogsCentrify BlogCentrify TechnovationsLeveraging MicrosoftThe Centrify Apple GuysCentrify Express CommunityCentrify RSS Feeds
About Us
Corporate OverviewExecutive ManagementInvestorsContact UsJobs at Centrify
News
News & Events OverviewPress ReleasesAwards & ReviewsCalendar of EventsWhat the Press SaysWhat the Analysts Say
Centrify DirectSecure

Features

Here is an overview of key features of Centrify DirectAudit. For a detailed feature explanation, download our free white paper, Protecting Sensitive Information through IPsec-Based Server and Domain Isolation.

Deter External Security Threats from Unmanaged or Rogue Computers

DirectSecure prevents an "untrusted" system — a system that has not been authenticated via issuance of a PKI certificate or a Kerberos ticket from Active Directory — from establishing networking communication with "trusted" systems. Even if an attacker has obtained a valid username and password, they can't access your trusted systems. DirectSecure cannot be spoofed because trusted systems must be authenticated.

Protect Against Insider Threats by Restricting Access and Dynamically Segmenting your Network

DirectSecure delivers tiered network access and tighter control over who can access specific groups of systems. For example, with DirectSecure you can dynamically segment and isolate specific groups of systems. For example, you can limit a PCI audit just to the systems that process credit card data, not your entire network.

Enable Optional End-to-End Encryption of Data-in-Motion

Traffic between trusted systems is cryptographically protected so that the receiving system can verify that an authenticated system sent the packet and that the packet was not tampered with in transit. You can even configure groups of servers to accept specific types of traffic. In addition, some or all of the traffic between managed systems can be optionally encrypted, providing protection from malicious network users who attempt to capture and interpret network traffic.

Seamlessly Implement Logical Secure Boundaries Spanning Physical, Virtual and Cloud-Based Systems

DirectSecure lets you build logical security boundaries that span physical, virtual and cloud-based systems. These security boundaries are erected by independently authenticating and protecting each virtual machine, as opposed to attempting to partition traffic from MAC addresses.

Automate Certificate Provisioning on Linux and UNIX

Provisioning certificates is a very manual and time-intensive process. DirectSecure automates the provisioning of certificates by delivering a UNIX client for Microsoft's certificate server that can be managed by Group Policy and is secured via Kerberos.

Cost-Effectively Extend your Existing Infrastructure without the Need for additional Hardware or Software

DirectSecure builds upon technologies that already exist in your environment, including your existing Active Directory infrastructure and the IPsec functionality that is built into the modern UNIX, Linux and Windows operating systems that you have deployed. This means you can leverage existing skill sets, and DirectSecure works without the need for additional hardware or for disruptive changes to network topology or even to applications. Because DirectSecure uses IPsec, a Layer 3 protocol, it operates transparently to both applications and users. Finally, because Microsoft already provides both Group Policy and IPsec as a standard part of the Windows platform through its Server and Domain Isolation solution, there is no additional cost to integrate Windows systems with UNIX and Linux systems supported by DirectSecure.

Free Trial

Test Drive DirectSecure

Request a free, fully functioning version.
White Paper

Protecting Sensitive Information through IPsec-Based Server and Domain Isolation