Solutions

Additional Resources

Home  |  Solutions  |  IT Security & Compliance

IT Security & Access Control

Strengthen IT security with Active Directory-centric access control and policy enforcement for UNIX, Linux and Mac systems and applications

The Challenge

One of the most difficult questions asked of IT security managers in cross-platform environments is: Can you prove which users have access to a specific business-critical system or application?

For Linux and UNIX systems in particular, access controls might be stored in insecure legacy systems such as NIS or managed locally system by system. Passwords to superuser accounts may be shared among many individuals. Or a single user may have multiple identities across systems.

The Centrify Solution

Centrify addresses this challenge by giving organizations a global view of access controls and user permissions, tied to a single, centrally managed Active Directory identity. With the Centrify Suite, you can:

  • Associate all access rights and privileges on audited systems to individual Active Directory accounts
  • Define logical sets of systems that can have their own authorized users, administrators, and security policies, with centralized reporting of who has access to what systems
  • Implement role-based access controls and limit superuser privileges to just the set of commands they need to perform their jobs
  • Add additional layers of security by isolating and protecting systems holding sensitive information.
  • Capture detailed logs of all user actions, and system responses, to monitor for suspicious activity
  • Globally enforce consistent security and configuration policies (via Windows Group Policy) across a heterogeneous enterprise

Learn More

White PaperSoftware Firm Eases Compliance Improves Security by Linking Heterogeneous Systems (by Microsoft)
White PaperImplementing Detailed User-Level Auditing of UNIX and Linux Systems Using Centrify DirectAudit
White PaperCentrify DirectControl & Regulatory Compliance
White PaperCentrify Adds Value to Active Directory - And the Business (by Enterprise Strategy Group)
Customer StoryYodlee Has Secured Their Clients? Data with DirectAudit
Customer StoryPaeTec Communications Increases Security and Reduces Administrative Overhead with DirectControl
WebinarThe 60-Minute IT Compliance Formula (with Security Expert Rolf von Roessing)
On-Demand WebinarEnhancing Compliance and Troubleshooting with Detailed Auditing and Session Replay for UNIX and Linux
On-Demand WebinarBeyond Logging: Addressing Security and Compliance with Detailed Audit Trails Linked to Active Directory
PodcastLeveraging Your Windows Active Directory Infrastructure to Provide Centralized Identity Management for UNIX, Linux and Mac Systems
Blog PostAuditing UNIX and Linux Systems
Blog PostFannie Mae Incident Reveals Need to Manage and Monitor UNIX Root Access
Video ChalktalkIntroducing Centrify DirectAudit
Video ChalktalkCentralized Management of UNIX, Linux and Mac
Video ChalktalkUNIX and Linux Access Controls Leveraging Active Directory Groups
Video ChalktalkImplementing Centralized Identity Management for UNIX/Linux with DirectControl Zones

Next Steps

Product Information

Contact Us

View a 5-Minute Demo
3-Part Webinar Series What Gartner Says About Using Active Directory for Centralized Authentication, Auditing and SSO
White Paper Centralized Identity and Access Management with Active Directory View
Now
Video Chalktalk Library Detailed overviews of Centrify solutions and technology

And when RIM calculated ROI for an internally developed application [to authenticate Red Hat, Solaris and HP systems through Active Directory], systems architect Ian Brown said it became evident that it would be too challenging and expensive. What RIM needed, he decided, was a third-party application that worked out of the box. He said they found it in Mountain View, Calif.-based Centrify Corp.'s DirectControl. "Obviously RIM is a publicly traded company, so when the SOX auditors were looking at the access control to our systems, [we] were already covered with Centrify," Brown said. "Essentially, we could just print off a DirectControl report and say these people had access to this Linux system and when." With DirectControl, Brown could instantaneously produce this login documentation. He could then correlate that information to any maintenance ticket ever generated at RIM. Before DirectControl, Brown estimated his staff of six spent dozens of hours each week on local server administration - work they now complete in seconds.

Jack Loftus
SearchEnterpriseLinux
March 20, 2007