Centrify’s Patented Zones Technology
Quickly consolidate complex and disparate Linux and UNIX user identities into Active Directory with Centrify's patented Zones technology — without first rationalizing across identity silos. Centrify Zones technology enables you to manage privileged access and MFA in your heterogeneous environment by tying the rights an individual user has on a Windows, Linux, or UNIX system to a single user identity, stored and managed in Active Directory.
Privileged Access Management for Windows, Linux, and UNIX Systems
Definitive Privileged Access Security Policies
Centrify Zones make it easy to eliminate identity and authentication policy silos by connecting a users’ access and privilege on Windows, Linux, and UNIX systems to a single, definitive identity in Active Directory. The resulting centralized management model for identities and privileged access establishes the foundation for a zero standing privileges approach to minimizing your attack surface.
Bounded Privileged Access Control Zones
Create sets of systems with like security requirements, business function, or geographical location within Centrify Zones that, when combined, govern users’ access with a least-privilege approach and establish a boundary for delegated administration. Security is more robust when policies consistently grant users scoped privileged access to cloud and on-prem infrastructure, and revoke it when jobs change. Centrify Zones’ establish logical boundaries around systems that prevent attackers from lateral movement in the case of a security breach
Grant Just Enough Privilege
Centrally define roles and security policies that granularly control access and privilege across Windows, Linux, and UNIX to implement Zero Trust principles. With Centrify Zones, you create tiered relationships between a user, job functions, and system criticality that result in privileged access security policies that grant just enough privilege for a scoped set of infrastructure and for a limited amount of time.
Power and Flexibility to Reflect Your Unique Business
Centrify Zones are flexible enough to reflect unique organizational structures. The hierarchical design is powerful with departmental, role-based, and computer-based delegation. For example, a web server role combines all relevant computers across Zones. It is associated with a web developer role whose users now have access to all web servers in all Zones but cannot access any other systems in the Zones.
Balance Zero Standing Privileges Principle and Scale
Implement a zero standing privileges security model that reduces the risk of a breach. Grant users the privileged access they need to do their jobs without disruption, but only the minimum amount, when they need it. Centrify Zones balance the flexibility of a hierarchical model for creating intricate role and policy definitions with scale enabled through the inheritance of shared roles and policies.
Local Enforcement of Centrally Managed Policies
Centrify Zones makes it easy to centrally manage user identities and authentication policies while globally and consistently enforcing privileged access security controls on the host. Centrify Client technology enforcing security controls on the host eliminates the creation of more privileged accounts and backdoor access typical of other centralized management approaches, the resulting security posture minimizes your attack surface and aligns with best practices for zero standing privileges.
Learn More About Centrify Server Suite
Centrify Server Suite
Minimize Your Attack Surface and Control Privileged Access to Your On-Premises and Cloud-Hosted...