Single Sign-on

On-Premises App Gateway

Centrify Identity Service delivers secure remote access to internal web apps without a VPN. Now, whether your apps are in the cloud, or in your building, users get secure one-click access, and IT gets policy-based control and visibility.

Whether your internal app is for employees, contractors, partners or suppliers, users get single sign-on with nothing to configure on endpoint devices, and no need for firewall changes.

On-Premises App Gateway delivers secure remote access to internal web apps like SharePoint, and SAP — without the hassles and risk of VPN. 

How It Works

With a single five-minute install of the Centrify Cloud Connector, you’re ready to encrypt and tunnel secure connections to on-premises applications. There’s no need to open ports in your firewall, thanks to an outbound connection from the Cloud Connector to the Centrify Identity Service.

Redundancy and failover are as simple as a second install — and since it’s a simple software agent, you can install on any domain-joined machine. No need for dedicated hardware or additional infrastructure in your DMZ. In fact, if your users are in Active Directory, a single Cloud Connector can serve as both an AD Proxy and an App Gateway.

Integrated Access — Everywhere

Users have nothing new to learn. When a user needs access to any app, in the cloud or behind your firewall, they just click or tap the app for seamless single sign-on.

Your mobile users are covered, as this single solution works across any device with an Internet connection.

Visibility and Security

On-Premises Gateway provides the visibility and reporting IT needs to ensure the right users have the right access. See which devices are accessing your apps. Track failed logins. Monitor app usage by region, group, time of day, and much more.

Traditional VPNs provide full network access, which opens up a big security risk — they bore a hole through your firewall and allow access to your entire network. With On-Premises App Gateway, only specific apps are made available — limiting the access for each endpoint, and allowing IT fine-grained control of who has access to what.