Centrify Server Suite, Standard Edition

Comparing Centrify Server Suite with Sudo

Sudo is a UNIX program that lets users run programs with the security privileges of another user. Sudo will prompt for a user's password, but it can be configured to require the root user’s password or no password at all. Many organizations have tried to use Sudo to authorize users to run commands under a privileged account without knowing the account password. IT administrators in these organizations have encountered major drawbacks with Sudo that make it difficult to adopt enterprise-wide. Here is a comparison of Sudo and the corresponding advantages of using Server Suite.

Comparing Centrify Server Suite with Sudo

Feature Sudo Server Suite
Control user access to privileged commands on specific computers Supported Supported
All privileges associated with identities that are centrally managed in Active Directory   Supported
Via Group Policy using DirectControl feature set
Centralized policy management   Supported
Policy stored centrally and securely within Active Directory   Supported
No additional infrastructure required Supported Supported
Time-based privilege authorization limits   Supported
Temporary rights assignment   Supported
Control all commands (privileged or not)   Supported
Control access to PAM applications (such as FTP and SSH)   Supported
Automatically run privileged commands as the correct user   Supported
Inheritable roles and assignments with override Supported
Requires complex scripting
Supported
Modeled easily with graphic interface
Policy can be applied to members of an Active Directory group   Supported
Integrated session activity audit   Supported
Via DirectAudit feature set
Unified solution includes Windows privilege management   Supported
Via DirectAudit feature set
Server protection via server isolation/encryption of data-in-motion   Supported
Via DirectSecure feature set