ENSURE ONLY AUTHORIZED HUMANS ARE ACCESSING YOUR CRITICAL INFRASTRUCTURE
Login to privileged systems is often the primary attack interface which must be protected from cyber adversaries, who wish to steal information or do harm in the environment. To ensure that only authorized humans are accessing your sensitive systems, you need to enforce strong authentication through multi-factor authentication (MFA). Centrify provides agent-based technology, which cannot be circumvented to enforce multi-factor authentication at systems login for Linux, UNIX and Windows servers.
ADD AN ADDITIONAL SECURITY LAYER TO PROTECT AGAINST BREACHES
Reinforce Zero Trust principles through host-based multi-factor authentication enforcement on each computer that cannot be circumvented (or bypassed) by malware.
CENTRALIZED MFA SERVICE INTEGRATION
Whether apply MFA at system or vault login or during privilege elevation, integration with the Centrify Privileged Access Service allows a consistent and easily maintainable MFA service for ALL privileged access. With the broadest range of authenticators and out-of-the-box support for NIST Level 2 and 3 Assurance Levels. We got you covered.
LOCAL MFA CAPABILITIES FOR UNIX AND LINUX
The Centrify agent can be configured based on a centralized policy to enforce MFA at login locally just by calling out to a Centrify or 3rd party MFA PAM module to challenge the user for MFA. This local enforcement simplifies the environment where all systems are able to directly communicate with the OTP Server and where the user should be challenged for MFA on every access to the system.
WINDOWS MFA NATIVELY INTEGRATED INTO THE LOGIN PROCESS
Secure access to Windows Servers through host-enforced MFA to verify the authenticity of the user who is trying to access the server. Host-enforced MFA cannot be bypassed by malicious attackers while also streamlining the login process for authorized privileged users through seamless integration into the Windows login process.
centrify authentication service
The Centrify Authentication Service data sheet outlines how customer can go beyond the vault and properly verify who requests privileged access. This can be achieved by leveraging enterprise directory identities, eliminating local accounts, and decreasing the overall number of accounts and passwords, therefore reducing the attack surface.