Privilege Management

Seamless Privilege Elevation with Dynamic Access Restrictions

Protect all of your critical Windows, Linux and UNIX systems by centrally controlling exactly who can access what and when. Centrify Server Suite lets you configure dynamic privileges so that users can only use privilege for a specified period of time, at specific times, on certain servers, or by a range of other criteria.

Centrify Server Suite eliminates the problem of too many users having too many broad, unmanaged administrative privileges. Through granular enforcement of a least-privilege access model, users get access to exactly what they need to do their jobs, but nothing more. The net result is organizations can improve security, reduce risks and more easily meet compliance requirements.

You can also grant internal users — such as help desk reps, developers and system administrators — or external users — such as vendors, contractors or outsourced IT partners — temporary additional privileges for a single project, a short-term assignment or to participate in a program outside their normal job scope.

On-Demand Privilege Elevation with Centrify

When a user needs to elevate their access privileges to run a specific application or perform a privileged operation, they can do so quickly and easily. Centrify Server Suite makes it seamless to elevate privilege based on roles tightly integrated with Active Directory users and groups. And because Server Suite is an integrated product built on a common technology, privilege elevation can be used as one of the triggers to begin auditing of the user session.

Users can elevate privileges based on Centrify roles that leverage group membership in Active Directory. Users can elevate privileges per-command, or open a privileged shell (with whitelisted commands) in Linux or UNIX, or one-click to a specific role or open a privileged desktop in Windows.

On-demand privilege elevation is seamless and eliminates the need to re-enter passwords, check out temporary passwords or submit help desk requests for access while maintaining least-privilege access and increasing security.

Elevate Privilege and Dynamically Enforce Access Rights with Centrify Server Suite

  • Allow users to quickly elevate privilege, and optionally require users to re-enter credentials (password or smartcard) before elevation.
  • Restrict the access rights of privileged roles to specific systems, services or applications, with the ability to enforce privileges by time allotment, job function, system, services and applications.
  • Enforce privilege and privilege elevation in remote connections across the network — not just when users login to specific servers.
  • Automatically trigger session recordings based on user, role, system or privilege elevation to comply with your audit policy.
  • Verify privilege elevation on selected Linux or UNIX servers by automatically executing specific, defined actions when privilege is elevated.