The enterprise-out approach is favored by organizations that are looking to leverage investments in policy logic residing with Microsoft AD, such as role definition expressed through group membership and entitlements, to manage access control to off-premises services and infrastructure.
Senior Analyst, The 451 Group
The ability secure and manage cloud environments and virtualized guest and host systems is critical as data center operations employ flexible models for private, hybrid and public cloud computing. Server virtualization platforms from vendors such as VMware and Citrix have made it possible to apply a specific platform based on cost and deployment requirements when and where they are required, but they have also increased platform heterogeneity and the need to have a mechanism for global security management.
This rapid adoption of virtualization technologies and the widespread acceptance of cloud computing combined with the ability for business-critical guest systems to seamlessly move from private to public cloud environments has led to gaps in both management and security practices. In these dynamic environments, controlling who has access to the underlying hypervisor platform and guest systems, and strictly defining what they can do based on their job role, becomes a critical requirement.
In addition, as organizations begin the migration from a private to hybrid or public clouds, IT managers need unified, global control over their evolving data center operations to meet security and compliance requirements — from management and segregation of duties to protection from external and internal threats — across any server instance.
The Centrify Suite addresses the need to secure the data center — no matter what hybrid state it is in along the migration path from private to public cloud — by giving IT managers a single point of administration for all of their heterogeneous systems and applications. By enabling administrators to secure the hypervisor platform and guest operating systems using the same Active Directory-based tools and skill sets that are already in place, Centrify is enabling organizations to embrace cloud computing models through a cost-effective solution that actually helps them simplify their environment while strengthening security and streamlining processes.
With the Centrify Suite you can:
And Centrify's "enterprise-out" approach establishes Active Directory as the center of trust between enterprise and cloud servers, whether private or hosted, to make them as secure and compliant with regulations as those in your data center. Centrify DirectControl will auto-join cloud VMs to Active Directory upon first boot when deployed in combination with Centrify CloudTools. Centrify DirectControl and Centrify DirectAuthorize ensure that superuser accounts are locked down, accounts and privileges are automatically provisioned, and consistent security policies are enforced. Centrify DirectSecure provides the unique capability to isolate specific groups of trusted systems so that they can communicate only with each other regardless of location, and to encrypt data-in-motion between them. Centrify also provides unique visibility into your cloud environment through Centrify DirectManage Deployment Manager, which auto-discovers and manages VMware vCloud servers and Amazon EC2 instances.
Once systems are deployed, Centrify DirectAudit can verify that privileged access controls are in place and working as expected. Enterprise single sign-on not only to systems but to SAP and web application can be implemented.
The result is a dynamically updating, hardened cloud infrastructure that is secure from inside your enterprise, out through the public network, and into your private or hosted cloud environment.
|Webinar||Five Steps to Securing Cloud Servers|
|White Paper||Enforcing Enterprise-Out Security for Cloud Servers|
|White Paper||Using Centrify DirectControl with VMware ESX Server|
|On-Demand Webinar||Addressing the Unique IT Security Risks Posed by the Virtual Data Center|
|On-Demand Webinar||Cloud-based Servers: Getting Security and Compliance Right the First Time|
|On-Demand Webinar||Integrating Linux on System z Environments into Active Directory with Centrify Suite (cohosted by Red Hat)|
|Blog Post||Auditing VMware ESX with DirectAudit and Hardening the VMware Infrastructure with the Centrify Suite|
|Blog Post||Hardening VMware vSphere Security and the ESX v4 Console Operating System with Centrify|
|Blog Post||VMware Virtual Security and Compliance|
|Video Chalktalk||Securing a Cloud Computing Architecture|
|Video Chalktalk||Introducing Centrify DirectSecure Part 1: Server Isolation and Protection|
|Video Chalktalk||Introducing Centrify DirectSecure Part 2: Securing UNIX and Linux Systems with IPsec and Active Directory|
|Video Chalktalk||Introducing Centrify DirectSecure Part 3: Leveraging the Racoon Internet Key Exchange (IKE) Daemon|
|Video Chalktalk||Securing VMware ESX Server with Active Directory|
|Video Chalktalk||Securing Solaris Zones with Active Directory|
|Video Chalktalk||Securing Linux Systems Running on IBM System z with Active Directory|