Customers can take advantage of the extensive tools set that was built based on the experience of thousands of successful deployments in organizations around the world. Centrify Zero Trust Services deploy rapidly, without interfering with existing tools and practices.
The Right Tools for Consolidating Identity and Access
A heterogeneous data center with hundreds or thousands of servers requires robust deployment, migration and automation tools to accelerate and streamline the identity consolidation process. Centrify has built such tools because of more than a decade of experience and thousands of successful deployments.
Integration to Existing Tools
Leveraging tools your team is already familiar with, Centrify provides Microsoft Active Directory Users and Computers (ADUC) and Group Policy Object Editor (GPOE) extensions to allow for delegated administration. Day-to-day administration stays within the existing tools and processes that are already established in your organization.
Automated Discovery and Deployment
Organizations deploying to hundreds or thousands of systems use the Centrify Deployment Manager to automatically discover candidate systems, download the correct package for each individual system, analyze each system for issues that might prevent successful integration, and deploy the Centrify Agent to join the system to Active Directory.
Centrify enables you to retire redundant and legacy identity stores by managing non-Windows identities through Active Directory. The Centrify Migration Wizard accelerates deployment by importing user and group information from outside sources such as NIS, NIS+ and /etc/passwd into Active Directory. The Wizard checks for duplicate IDs and gives you options for resolving conflicts.
Centrify's management tools centralize the discovery, management and user administration of systems through Active Directory. With Centrify Access Manager you can configure the UNIX profile of Active Directory users, manage computer properties, and create and manage Centrify Zones and their memberships.
Powerful and Time-Saving Automation
Centrify also provides a comprehensive set of UNIX command-line and PowerShell tools designed to enable administrators to manage Centrify Zones and UNIX data, as well as Active Directory accounts and groups. These command-line tools have also been carefully crafted to support different output options so that they can be integrated with in-house automation or provisioning scripts.
To enhance security and enable single sign-on (SSO) with your Active Directory account, Centrify delivers a packaged and tested version of PuTTY that works seamlessly with Linux and UNIX systems. This allows users to authenticate against Active Directory and provides single-sign-on to logged-in users. This ensures enforcement of the applicable privileges for a user, based on their role(s). Centrify also enables you to centrally configure security settings for PuTTY using Windows Group Policy.
Centrify provides a version of OpenSSH that is built with the Centrify Kerberos libraries to ensure that single sign-on (SSO) works seamlessly in an Active Directory environment and ensures enforcement of privileges and roles defined in Centrify. This provides several advantages: the OpenSSH client and server are pre-configured to automatically support Privileged Access Management (PAM) and Kerberos — there's no need for DNS-to-realm mapping and there is no need for a “.k5login” file in the user's home directory.
To ensure that privileges and data access rights are maintained and enforced across platforms, Centrify provides Centrify-enabled Samba. When a Windows user saves a file on a UNIX share, Samba must assign UNIX user and group IDs to the file. Windows users do not typically have UNIX profiles, so Samba will set and store arbitrary values for these attributes on each UNIX server. Centrify-enabled Samba solves this on Linux and UNIX systems joined to Active Directory by assigning the appropriate user and group IDs based on the person saving the file.
Centrify Licensing Report Utility
The Centrify Licensing Report Utility collects information about the Centrify software you have deployed, including how many licenses you have available, and the number of licenses currently in use. You can use this utility to generate a report that provides a summary and detailed information about the different types of licenses you have purchased for access control, privilege management and auditing as well as where active licenses are being used.
centrify AUTHENTICATION service
The Centrify Authentication Service data sheet outlines how customers can go beyond the vault and properly verify who requests privileged access. This can be achieved by leveraging enterprise directory identities, eliminating local accounts, and decreasing the overall number of accounts and passwords, therefore reducing the attack surface.