Centrify gives IT the controls it needs to configure and secure Macs for the broadest range of use cases. In addition to the industry’s deepest support for Microsoft Group Policy on Macs, Centrify goes further by providing the ability to centrally manage networks, certificates, privileges, FileVault 2 disk encryption, Smart Card authentication and more for both Macs inside the firewall and mobile Macs via the cloud-based Centrify Identity Platform.
Key features and benefits include:
Automated Network and Certificate Management
Centrify allows you to implement strong authentication to wired and wireless networks for Macs in your enterprise. Mac configurations for remote access, including Wi-Fi and VPN access, PKI auto issuance and auto-renewal can all be managed centrally and automatically.
IT can automate certificate issuance and renewal by leveraging existing Active Directory Certificate Services and Windows configuration policies without any additional servers or configuration. PKI certificates enable the strongest form of user or computer authentication to 802.1x wired or wireless enterprise network services to ensure that only authorized users and computers can access your network, corporate apps such as Exchange and sensitive corporate information.
Centrally Controlled Access, Security Configuration and Privilege Management
Centralized controls via Group Policy enable IT to lock down and configure Macs to meet stringent security requirements and optimize their use and supportability within the enterprise. IT can use policies and remote access via VNC, ARD or SSH to ensure that sharing services such as web, file, print and FTP are configured appropriately and firewall configuration is correctly set up to secure Macs from potential network attacks.
IT can also centrally deploy login scripts and automount configurations to simplify user access to authorized network shares and other resources.
Internet sharing also can be turned off to prevent Macs from becoming a rogue access point on your network. Secure DNS updates as well as enforcement of web proxy filtering rules can be automatically pushed out. Centrify will even detect rooted and jail-broken devices to improve security and minimize vulnerabilities within your environment.
Automated FileVault 2 Configuration
Organizations can protect corporate data at rest on Mac systems through Group Policy-based configuration of Apple FileVault 2 for full-disk encryption with an enterprise-managed institution recovery key. Corporate data at rest is further secured from brute force attacks through strong encryption and fine grained disk unlock access management.