Identity consolidation and privileged access management across Windows, Linux, and UNIXEnterprise Edition
Detailed auditing of privileged user sessions on Windows, Linux and UNIXPlatinum Edition
Dynamic segmentation and isolation of cross-platform systemsApplication Edition
Secure, centralized single sign-on to on-premises business applications
Single sign-on and unified management for cloud and mobile apps and devicesMac Edition
Centralized security and management for Macs and mobile devicesPremium Edition
SaaS and Mac Editions combined with mobile security managementCentrify for Samsung KNOX
Enterprise management of SSO, MCM and MDM for Samsung KNOX
Here is an overview of DirectSecure component of the Centrify Server Suite, Platinum Edition. For a detailed feature explanation, download our free white paper, Protecting Sensitive Information through IPsec-Based Server and Domain Isolation.
Centrify Server Suite, Platinum Edition, prevents an "untrusted" system — a system that has not been authenticated via issuance of a PKI certificate or a Kerberos ticket from Active Directory — from establishing networking communication with "trusted" systems. Even if an attacker has obtained a valid username and password, they can't access your trusted systems. Leveraging the DirectSecure feature set prevents spoofing because trusted systems must be authenticated.
Centrify Server Suite, Platinum Edition, delivers tiered network access and tighter control over who can access specific groups of systems. For example, with the DirectSecure feature set you can dynamically segment and isolate specific groups of systems. For example, you can limit a PCI audit just to the systems that process credit card data, not your entire network.
Traffic between trusted systems is cryptographically protected so that the receiving system can verify that an authenticated system sent the packet and that the packet was not tampered with in transit. You can even configure groups of servers to accept specific types of traffic. In addition, some or all of the traffic between secured systems can be optionally encrypted, providing protection from malicious network users who attempt to capture and interpret network traffic.
Centrify Server Suite, Platinum Edition, lets you build logical security boundaries that span physical, virtual and cloud-based systems. These security boundaries are erected by independently authenticating and protecting each virtual machine, as opposed to attempting to partition traffic from MAC addresses.
Provisioning certificates is a very manual and time-intensive process. The DirectSecure feature set automates the provisioning of certificates by delivering a UNIX client for Microsoft's certificate server that can be managed by Group Policy and is secured via Kerberos.
Centrify Server Suite, Platinum Edition, builds upon technologies that already exist in your environment, including your existing Active Directory infrastructure and the IPsec functionality that is built into the modern Windows, Linux and UNIX operating systems that you have deployed. This means you can leverage existing skill sets, and the DirectSecure feature set works without the need for additional hardware or for disruptive changes to network topology or even to applications. Because the DirectSecure feature set uses IPsec, a Layer 3 protocol, it operates transparently to both applications and users. Finally, because Microsoft already provides both Group Policy and IPsec as a standard part of the Windows platform through its Server and Domain Isolation solution, there is no additional cost to integrate Windows systems with UNIX and Linux systems supported by Centrify Server Suite, Platinum Edition.