In the 20.3 product release for Centrify Privileged Access Service (PAS), we unveiled a new architecture offering that allows hyper-scalable installations of PAS for on-premises deployments. This solution was built to aid high availability requirements by permitting multiple active nodes at the web tier, background job tier, and communication relay tier. In addition, Hyper-Scalable PAS supports automation for installation and scaling resources in customer-managed environments.
Read on to learn more about the benefits of Centrify Hyper-Scalable Privileged Access Service, which is available immediately:
Centrify Hyper-Scalable PAS empowers unlimited scale-out of individual components of the architecture, at a granular level.
The web tier, which contains the front-end where incoming web and REST API requests are handled, can be horizontally scaled up and down depending on the needs of the environment. Background nodes handle long running jobs and scheduled tasks, such as regularly rotating passwords, re-syncing with the Domain Controller, and running reports. The relay nodes are the bridge between other technologies, such as Active Directory, RDP hosts, log aggregation, and the Centrify Hyper-Scalable PAS installation. Web, Background, and/or Relay nodes can be added at any time to scale up your architecture and focus on specific needs. As the volume of processing expands, adding additional nodes distributes the workload allowing traffic to be spread out.
The installation of Hyper-Scalable PAS is capable of full automation using Microsoft® Powershell® scripts, which allows for easy scaling. Orchestration solutions that leverage auto scaling, like Auto Scaling Groups for AWS EC2 instances, can be used to scale up during high traffic times and down during weekends and holidays. Auto scaling can help reduce costs, especially in cloud environments.
Hyper-Scalable PAS can be configured to have multiple active web, background, and relay nodes.
These web nodes are positioned behind a “round robin” load balancer and have a health check that tests the connectivity of the database, cache, relay nodes, and background nodes. With multiple active nodes, software upgrades have zero service downtime and administrators have the ability to stage deployments before they go live in production.
In addition, our solution utilizes a dedicated PostgreSQL database that can be replicated and backed for high availability and disaster recovery.
Hyper-Scalable PAS is agnostic to cloud or on-premises installations that are customer-managed.
Our solution is not only compatible with Amazon Web Services (AWS), Microsoft Azure, and Google Cloud, but it is also compatible for hypervisor and on-premises servers. We support different derivatives of PostgreSQL that range from managed database services like Amazon Aurora and Azure Database for PostgreSQL to customer-managed installations of PostgreSQL.
Our caching server can also be customer-managed installations or managed caching services. For instance, installations in AWS can leverage Amazon’s ElastiCache in Redis mode.
In addition to being able to install Hyper-Scalable PAS in most types of environments, we have enhanced our diagnostic logging so that they can be consolidated into one relay node. This will allow administrators to easily access Centrify’s service logs to use for any necessary diagnostics.
The hyper-scalable deployment option for Centrify Privileged Access Service offers many benefits to Centrify customers that want to adapt and scale their computing for the modern enterprise. Customers can automate installations, scaling, and consolidate logging in multiple types of environments, including public clouds, private clouds, hybrid clouds, and on-premises landscapes. Also, this architecture will continue to support high availability and disaster recovery scenarios, with the added functionality of having multiple active nodes working simultaneously.
Centrify Hyper-Scalable Privileged Access Service is currently available in the Centrify Support Download Center for all customer-managed PAS customers.
This is written by the individual author in his/her personal capacity, and the opinions, views and/or thoughts expressed herein are solely the author’s own. They are not intended to and may not necessarily reflect the official policy or position, or the opinions or views of ThycoticCentrify or its affiliates, employees, or any other group or individual.