Cloud-ready Zero Trust Privilege is designed to handle requesters that are not only human but also machines, services and APIs. There will still be shared accounts, but for increased assurance, best practices now recommend individual identities, not shared accounts, where least privilege can be applied. Centrify Authentication Service allows properly verifying who requests privileged access. This can be achieved by leveraging enterprise directory identities, eliminating local accounts and decreasing the overall number of accounts and passwords, therefore reducing the attack surface.
Simplify user authentication to servers from any directory service including Active Directory, LDAP and cloud directories. Organizations can take advantage of the benefits of the cloud without compromising the level of privileged access security and enterprise access they currently have on-premises.
Active Directory Bridging
Secure Linux and UNIX with the same identity services currently used to secure access to Windows systems. Centralize discovery, management and user administration for Linux and UNIX systems to enable rapid identity consolidation into Active Directory.
Machine Identity & Credential Management
Centrally manage machine identities and their credentials within Active Directory or the Centrify Zero Trust Privilege Services to establish an enterprise root of trust for machine-to-machine authentication based on a centralized trust model.
Local Account & Group Management
Manage system accounts the same way you would manage user accounts in Active Directory. Instead of using a variety of IT tools to provision, maintain and decommission local accounts and groups, leverage the Centrify Authentication Service capabilities to take care of the job. Save time and money while increasing your IT staff’s productivity.
Centrify Zone Technology
Quickly consolidate complex and disparate UNIX and Linux user identities into Active Directory with Centrify's patented Zone technology — without having to first rationalize all user identities. Centrify's Zone Technology enables you to manage your heterogeneous environment by tying the rights a user has on a Windows, Linux or UNIX system with a single identity, stored and managed in Active Directory.
Group Policy Management
Manage authentication, access control, and group policy for non-Windows systems the same as Windows. Use Active Directory group policy to automate firewall and SSH configuration, decide which users can connect to each system, drop inactive sessions and act as a network-based authentication.
MFA at System Login
Login to privileged systems is often the primary attack interface, which must be protected from cyber adversaries who wish to steal information or do harm in the environment. Multi-factor authentication at login for Linux, UNIX, and Windows servers minimize the risk of exposure and fulfills stringent regulatory mandates like PCI DSS and NIST 800-63A.
We needed to get away from admins having to use multiple IDs — or worse — sharing a common identity on the same box... Centrify has allowed us to accomplish all of our goals., Manager of Information Security for GOGO, Inc.
centrify authentication service
The Centrify Authentication Service data sheet outlines how customer can go beyond the vault and properly verify who requests privileged access. This can be achieved by leveraging enterprise directory identities, eliminating local accounts, and decreasing the overall number of accounts and passwords, therefore reducing the attack surface.