Privileged Access Governance
Cloud transformation promises business agility, cost savings, and innovation, but the elastic nature of the environment can result in gaps in security coverage that introduce risk. Centrify Platform’s continuous discovery service preserves visibility and control over the infrastructure in this dynamic environment to prevent blind spots and enable better privileged access governance for hybrid environments.
Visibility and Control for Hybrid Environments
Continuous discovery and automated enrollment of systems into the Centrify Platform enables consistent enforcement of privileged access security policies in your AWS environments.
Simplify and Secure
Maintain visibility across elastic infrastructure
Automate enrollment of systems in Centrify Platform
Consistently enforce privileged access security policies
Cloud Provider Discovery, Enrollment, and Cleanup on Termination
Monitor elastic infrastructure in AWS to ensure privileged access security policies are applied consistently across cloud and on-premises systems. Automated enrollment of discovered EC2 instances into the Centrify Platform establishes trust and unique machine identities that enable centralized governance and privileged access controls.
Extend Privileged Access Security Policy Enforcement Seamlessly
Rapidly extend privileged access security policy enforcement to new infrastructure, VPCs, and subnets with automated deployment of Centrify Platform's gateway connectors. Gateway connectors bring new IT resources into scope for integration into the Centrify Platform without requiring VPNs or new identity infrastructure.
Active Directory Discovery
In non-elastic environments such as a data center, you can schedule discovery of Windows and domain-joined Linux and UNIX systems. Automatically vault local Windows, Linux, and UNIX account passwords and enable secure remote access. Discover Windows services, scheduled tasks, and IIS Application Pools along with their associated accounts. Also, discover alternate admin accounts (also known as “dash-a” accounts) and associate them with the relevant account owner.
Port Scanning Discovery
In non-elastic environments such as a data center, you can schedule discovery of standalone systems and network devices not joined to Active Directory. Scan the network for systems and probe their ports to identify the system type. Optionally, the Centrify Platform can log in for a more detailed discovery of, for example, local accounts and the accounts associated with IIS application pools, services, and scheduled tasks.