Identity consolidation and privileged access management across Windows, Linux, and UNIXEnterprise Edition
Detailed auditing of privileged user sessions on Windows, Linux and UNIXPlatinum Edition
Dynamic segmentation and isolation of cross-platform systemsApplication Edition
Secure, centralized single sign-on to on-premises business applications
Single sign-on and unified management for cloud and mobile apps and devicesMac Edition
Centralized security and management for Macs and mobile devicesPremium Edition
SaaS and Mac Editions combined with mobile security management
The Centrify Server Suite, Enterprise Edition, captures historical user activity to establish accountability and ensure identity-related compliance with government regulations and industry mandates. The key Enterprise Edition component is Centrify DirectAudit, which integrates seamlessly with the identity consolidation and privileged access management features of Centrify Server Suite, Standard Edition, to provide clear visibility and auditing of the activities of privileged users. For a detailed feature explanation, download our free white paper, Privileged User Activity Auditing: The Missing Link for Enterprise Compliance and Security.
Here are the key features of the Centrify DirectAudit component of Enterprise Edition:
Centrify captures and stores a detailed recording of privileged user sessions on Windows, UNIX and Linux systems. Unique audit policies can easily be configured with options to leverage video capture only on the most critical systems, or for users in a specific role, and to audit Centrify administration activity such as the management of Centrify Zones. The Centrify Audit Analyzer gives you a global view of privileged user sessions across your audited environment, and proof of regulatory compliance for auditors through out-of-the-box reports that capture both current and historical sessions grouped by server, user, or other criteria.
You can see what happened in a specific session at a high level by viewing a command/event summary, or you can replay the video to see every action taken by a user and every system response. You can pause, rewind, fast-forward, scrub through the timeline, or jump to a specific point in the video replay. This unique playback feature gives IT security managers and IT auditors the ability to proactively identify insider threats, and perform forensic investigation into which privileged user did what after an incident occurs.
Out-of-the-box queries and compliance reports provide information on both active and historical sessions. The flexible query builder supports the creation of customized reports based on search options including by user, computers, time period, type of event, and role. For example, a compliance report can easily be configured to show everyone in a privileged role who logged on remotely to a specific set of computers during the previous week.
User session metadata is captured to enable integration with reporting tools. Centrify stores audit information in an SQL database, which enables robust querying by log management tools, and an event serialization service enables integration with SIEM and alerting tools.
You can configure Centrify to trigger auditing sessions for specific users, computers or roles. DirectAudit policies can be applied to a Global Zone or Child Zone, enabling secure delegation of audit policy settings.
The Audit Analyzer provides real-time visibility into user sessions on every audited Windows, UNIX and Linux system. For each session you can see who is currently logged in, and you can immediately drill down to see what they are in the process of doing. Detecting insider threats before a security breach happens can save money and reputation for an organization.
By centralizing your access controls, privileges, and privileged user's activity with Centrify Server Suite you can quickly generate comprehensive reports that prove identity related compliance with government regulations and industry mandates. Auditors can be handed reports that document which users have access to what servers and with what administrative privileges. Privileged activity is associated with an individual and recorded versions of their entire privileged sessions are available on demand.