Centrify Delivers Windows Privilege Management to Mitigate Internal Threats to Systems On-Premise and in the Cloud
New Centrify Suite 2013 Uniquely Helps Organizations Meet Compliance Requirements and Reduce Costs for the Broadest Set of Cloud and On-Premise Platforms
January 29, 2013
SUNNYVALE, Calif. — Centrify Corporation, the leader in Unified Identity Services across data center, cloud and mobile, today announced the general availability of the latest version of the Centrify Suite security and compliance solution in use today by more than 4,500 organizations worldwide. Featuring new advanced privileged user management and auditing for Windows systems, as well as new “sudo” migration tools for Linux systems, Centrify Suite 2013 enables organizations to quickly and effectively meet compliance requirements, mitigate risks from internal threats, and reduce operational costs across the broadest set of cross-platform systems deployed on-premise and in the cloud.
In today’s heterogeneous IT environments, achieving security best practices and compliance by linking access privileges and actions to named users is a complex task. Managing user privileges for Windows, UNIX and Linux systems can be difficult to implement since identities and privileges often reside in disparate silos or are managed locally system by system. Point solutions exist for privilege management of Windows systems or UNIX and Linux systems, but no solutions exist that span across both Windows and UNIX/Linux that utilize a unified architecture leveraging existing directory infrastructure. Centrify Suite 2013 offers a comprehensive approach to identity management that includes integrated authentication, access control, privilege management, policy enforcement and compliance — all based on a single, unified architecture that leverages Microsoft Active Directory. This eliminates the need for IT staff to install, configure and manage multiple single-purpose products from a collection of other vendors.
According to Gartner, “…there is a need for the organization to have more granular control over and visibility into the way that these privileges are granted and used. Super User Privilege Management (SUPM) tools offer a flexible method for granting and/or limiting these privileges in a way that matches the organization's needs.” 1
Windows Privileged Management
Centrify Suite 2013 now includes DirectAuthorize for Windows, a new integrated solution that eliminates problems associated with too many users having broad and unmanaged administrative powers by delivering secure delegation of privileged access and granularly enforcing who can perform what administrative functions. Key features of DirectAuthorize for Windows include:
- Secure delegation of privileged administration for Windows Servers. DirectAuthorize eliminates wide-open privileges of Windows and Domain administrators and grants privileges to only the roles, rights and resources required for each administrator’s job function. It also allows administrators to easily elevate privilege without having to re-enter passwords or know an administrative password.
- Granular authorization and enforcement of administrative functions. DirectAuthorize goes beyond capabilities found natively in Windows by time limiting privileges for any user, restricting the access rights of high-privilege roles to specific systems, services or applications. It also delivers secure delegation using Centrify’s patented Zones technology that provides the necessary flexibility and granularity for administrative functions.
- Seamless integration with user-level auditing. DirectAuthorize integrates with Centrify DirectAudit to easily add user-session capture, search and playback, and can automatically trigger high-value session recording based on user, role, system or privilege elevation.
Enhanced Privilege Management for UNIX and Linux
In addition to the new Windows privilege management capabilities, Centrify Suite 2013 builds on its core capabilities to further empower organizations to easily migrate and manage identities and secure privileged user access across UNIX and Linux systems. New Linux- and UNIX-specific functionalities now available in Suite 2013 include:
- Centralized UNIX/Linux authorization with simple sudo migration and sudo replacement features. New import wizards automate the retrieval and import of sudoers’ files for centralized enforcement via the Centrify Suite.
- Enhanced user policy enforcement and administrative session audits. DirectAudit policies can now trigger auditing sessions for specific user, computer and DirectAuthorize roles.
- Additional UNIX and Linux platform support. Already supporting the most platforms in the industry, the new solution now supports more than 400 platforms, applications and devices, including new platforms such as Fedora 18; Red Hat Enterprise Linux 5.8, 5.9 and 6.3; CentOS 5.8, 5.9 and 6.3; Scientific Linux 5.8, 5.9 and 6.3; Oracle Linux 6.3; Ubuntu 12.10; Linux Mint 13 and 14; Mandriva One 2012; and OpenSuSE 12.2 and 12.3.
“Centrify Suite 2013 raises the bar in delivering enhanced functionality for organizations to secure their systems and protect their resources across cloud and on-premise environments, including Windows least-privilege access management,” said Matt Hur, Centrify senior director of product management. “With Centrify, organizations take advantage of their existing Microsoft Active Directory investments across the industry’s broadest set of platforms in heterogeneous environments to centralize disparate identities and control privileged access for improved security and compliance.”
Pricing and Availability
Centrify Suite 2013 is available today from Centrify and authorized partners worldwide. The Centrify Suite is licensed on a per server basis and starts at $385 per server and $65 per workstation. For more information about the Centrify Suite and a five-minute demo of the new DirectAuthorize for Windows, visit http://www.centrify.com/suite. To request a free Centrify Suite 2013 trial, visit http://www.centrify.com/trial.
Note 1 – Gartner, “Hype Cycle for Identity and Access Management Technologies, 2012,” by Gregg Kreizman, et al, July 23, 2012.
Centrify provides Unified Identity Services across the data center, cloud and mobile that results in one single login for users and one unified identity infrastructure for IT. Centrify’s solutions reduce costs and increase agility and security by leveraging an organization’s existing identify infrastructure to enable centralized authentication, access control, privilege management, policy enforcement and compliance. Centrify customers typically reduce their costs associated with identity lifecycle management and compliance by more than 50 percent. With more than 4,500 customers worldwide, including 40 percent of the Fortune 50 and more than 60 Federal agencies, Centrify is deployed on more than one million server, application and mobile device resources on-premise and in the cloud. For more information about Centrify and its solutions, call (408) 542-7500, or visit http://www.centrify.com/.
Centrify, DirectAudit, DirectControl and DirectSecure are registered trademarks and DirectAuthorize and DirectManage are trademarks of Centrify Corporation in the United States and other countries.
Ready to protect against the #1 Attack Vector?
Register for a 30-day trial of Centrify's Privileged Access Management (PAM) software to minimize your attack surface and control privileged access to your hybrid environment.