Server Isolation & Data Encryption
Protect sensitive UNIX and Linux systems by dynamically isolating them and blocking untrusted systems from communicating with trusted systems. Protect intellectual property and other sensitive information by encrypting data-in-motion
The Challenge
In today's dynamically changing IT environment, organizations must secure and control physical, virtual and cloud-based systems and protect sensitive information that moves between systems. IT organizations need to think differently about how to meet security and compliance requirements in a diverse computing environment where virtualized systems are 'spun up' in response to increased computing and application demands. While firewalls, routers and other security methods have long protected an organization's perimeter, these mechanisms of protection do not address the challenges presented by critical resources that reside outside the organization or, for that matter, unmanaged systems that are brought inside the organization (for example, by contractors and vendors). Existing approaches, such as VLANs, are too costly and are difficult to manage in virtual and cloud environments. And protecting data-in-motion is expensive, whether over leased lines or when attempting to use public networks in combination with specialized hardware for encryption.
Clearly, organizations need new approaches that can mitigate insider threats to sensitive information and also establish trust and secure communications between systems regardless of where they reside. It also makes sense that the policies that control which systems can interact and whether information is sent in the clear or encrypted should be centrally managed for all systems — physical, virtual or cloud-based.
The Centrify Solution
With DirectSecure, unmanaged or rogue computers are not able to establish network communication with systems protected within the logically isolated network. You can then further restrict network access to specific resources and you can even selectively encrypt network traffic.
Centrify offers a more flexible and cost-effective approach to server-based trust and secure communications — Centrify DirectSecure. Unlike other solutions that are costly to deploy and inflexible, Centrify DirectSecure is a policy-based software solution that secures sensitive information by dynamically isolating and protecting cross-platform systems and enabling end-to-end encryption of data-in-motion by leveraging your existing Active Directory infrastructure and the native IPsec support built into today's modern operating systems,
DirectSecure seamlessly blocks un-trusted systems from communicating with trusted systems, and does so without the need to change your network or applications. Additionally, DirectSecure enables you to take advantage of the Windows 7 DirectAccess feature to secure end-to-end communications with UNIX and Linux systems running DirectSecure.
DirectSecure leverages your existing infrastructure to add another layer to your defense-in-depth strategy. DirectSecure delivers tiered network access by further isolating groups of systems. The result is improved adherence to regulatory compliance initiatives as well an additional layer of policy-driven protection against network attacks for mixed Windows, UNIX and Linux environments.
With DirectSecure, unmanaged or rogue computers are not able to establish network communication with systems protected within the logically isolated network. You can then further restrict network access to specific resources and you can selectively encrypt network traffic for sensitive data like credit card numbers or personally identifiable information which is mandated by PCI DSS, HITECH/HIPPA and numerous E.U. and U.S. state data protection laws.
Learn More
Next Steps
Product Information
