Products

Machine Identity & Credential Management

CENTRALLY MANAGE MACHINE IDENTITIES AND THEIR CREDENTIALS

Centrally manage machine identities and their credentials within Active Directory or the Centrify Zero Trust Privilege Services to establish an enterprise root of trust for machine-to-machine authentication based on a centralized trust model. Machine identities support federated authentication from machine-to-machine so that applications running on these systems can take advantage of the underlying authentication service to seamlessly access other services on other computers within the enterprise, leveraging Kerberos or PKI authentication mechanisms.

ESTABLISH MACHINE IDENTITIES FOR AN ENTERPRISE ROOT OF TRUST

  • Establish best practices for strong root of trust for all machines accessing other enterprise services.
  • Ensure compliance through centrally managing security policies.

LEVERAGE ACTIVE DIRECTORY MACHINE IDENTITIES TO SUPPORT KERBEROS AUTHENTICATION SERVICES

Centrally manage both Unix/LINUX and Windows machine identities in AD to support Kerberos Authentication Services and avoid the maintenance and cost of managing local identities.

PKI

SUPPORT OF AUTO-ISSUANCE & RENEWAL OF COMPUTER PKI CREDENTIALS

Centrify Agent for Linux and UNIX systems enforces Microsoft® group policies such as the certificate policies to both establish trusts with enterprise-trusted certificate authorities as well as auto-issue and auto-renewal of computer certificates from Microsoft Certificate Authorities leveraging the same policies that you may already be using for Windows systems. This greatly simplifies the computer certificate management taking advantage of existing infrastructure and management processes in place for Windows systems. Applications can take advantage of the computer PKI credentials through existing OpenSSL functions, which automatically use the computer credentials and enterprise trusts.

DOWNLOAD THE DATA SHEET
Authentication Service

centrify authentication service

The Centrify Authentication Service data sheet outlines how customer can go beyond the vault and properly verify who requests privileged access. This can be achieved by leveraging enterprise directory identities, eliminating local accounts, and decreasing the overall number of accounts and passwords, therefore reducing the attack surface.

get data sheet

Ready to protect against the #1 Attack Vector?

Register for a 30-day trial of Centrify's Privileged Access Management (PAM) software to minimize your attack surface and control privileged access to your hybrid environment.

Free Trial