Support

What’s New

Complete details on recent product releases and announcements

Centrify
Identity Services Platform

New cloud features for:
  • Application Services
  • Endpoint Services
  • Infrastructure Services
Learn More

Centrify
Infrastructure Services

New features in Standard and Enterprise editions, plus updates on platform support

Learn More

Announcements of On-Going Interest


November 12, 2018

What's New in Centrify 18.10

What's New in Centrify Privileged Access Service 18.10

Better support for just-in-time access and approval

Many organizations are moving to a model of just-in-time access and approval. Centrify supports this model with new controls to prohibit permanent entitlements in the request and approval process.

Disallow approvers the option to grant permanent entitlements.

  • Applies to all access request and approval processes
    • Password checkout or SSH key retrieval
    • Remote management sessions
  • Approvers can grant only time-bound access to accounts and systems
  • Global switch applies to all approval processes
    • Simple to enact and prove to auditors

Remote sessions at scale for customer-managed installations

Distributed connector architecture and direct-to-target session brokering ensures performance at enterprise scale.

Enable the use of local SSH/RDP clients and disallow session streaming through the Web tier.

  • Forces remote management session data path direct from user workstation to connector to target system
    • Removes the Web tier from the data path
    • Scale management sessions by adding connectors
  • Global switch disallows use of browser-based SSH/RDP and brokers session out of the Web tier
  • Logging and auditing fully supported

System, appliance and database support for shared accounts

Continuous improvement in coverage of local account management for systems, appliances and databases, and secure remote access for systems and appliances.

Multi-tenant Oracle

  • Manage database account password on Oracle Database 12c multi-tenant architecture
  • Standalone database only

October 25, 2018

What's New in Centrify 18.9

New Centrify Privileged Access Services Features: 

Manage connections and passwords for desktop apps

For organizations who require external controls on desktop application and database clients, Centrify controls the accounts and target connections the client can access.

Control the users and accounts that can access your systems and databases through thick clients such as TOAD.

Thick clients — Windows desktop applications — run on a secure proxy.

You control:

  • Who can log into the proxy
  • What thick client application they can run
  • What the client can connect to
  • What account the client uses to connect

Sessions are audited (recorded).

Users can create custom templates for apps that:

  • Support running in Windows Remote Desktop Services for Windows Server 2012R2 and 2016.
  • Allow command line parameters for account credentials and, optionally, target systems (such as databases).

Pre-defined templates are provided for:

  • Microsoft SQL Server Management Studio
  • TOAD for Oracle
  • VMware vSphere Client
    Network-based discovery of local privileged accounts

Managing local privileged accounts can be a challenge for even the best IT teams. New discovery features help you find local privileged accounts and manage their passwords.

Use Centrify to automatically find, import, and manage local privileged accounts.

  • Find and scan systems for local privileged accounts by network subnet
  • Uses the same robust architecture and features as network system discovery
  • Automatically import local accounts
  • Take local account passwords under management
  • New bulk selection, i.e. “multi-select”

Discovered local accounts are automatically placed into sets.  Accounts that are members of a Windows built-in/Administrators group (local administrator) can optionally be added to a separate set, making it easy to discover and view Windows local accounts that have very high privilege.

System and device login using SSH keys

For organizations who use SSH keys for access to systems, Centrify supports storing and using SSH keys for login.

Control the users and accounts that can access your systems through SSH keys.

  • Any account can use either a password or an SSH key (exclusive)
  • Access request to accounts using SSH keys is fully supported
  • PAS supports PEM for private keys and the following key algorithms:
    • DSA
    • PEM

Additional Enhancements

Time stamps were added to the log output of the diagnostic PowerShell scripts in customer-managed installations.

For customer-managed installations, a new process for obtaining the APNS certificate ensures that these customers will receive a unique CSR from Centrify, and a unique APNS certificate from Apple.

A change to the SailPoint IdentityIQ integration with PAS enables the creation of a tile on the PAS User Portal after an access request has been approved within IIQ.

New Centrify Application Services Features:

  • MFA Redirect Phase 1: Allows admins/users  with  multiple  accounts  potentially in different domains to ensure that  he  or  she  can  use  MFA  from  one  account
  • CBE Improvements:  We  now  provide  extension  for  all  4  browsers  to  access  apps  easier
  • SAML script  editor:  The  editor  now  includes  inline  hints,  autocomplete,  and  onscreen  help  to  make  it  easier  for    customers  to  write  SAML  scripts
  • DevOps applications  category:  This  new  applications  category  in  the  apps  catalog  enables  customers  to  easily  set  up  SSO  for  popular  DevOps  CI/CD  apps
  • AWS CLI  Utilities:  We  now  offer  Python  and  PowerShell  CLI  utilities  for  both  admins  and  users  to  access  Amazon  Web  Services  (AWS)  by  leveraging  Centrify  Identity  Services
  • Time-based workflow  for  mobile  and  desktop:  Customers  can  now  reduce  risk  by  requesting  and  granting  access  to  apps  only  during  a  given  time  window

New Centrify EndPoint Services Features:

  • Delegated Administration:  Customers  can  now  implement  policy  sets  for  endpoints  and  mobile  devices  ensuring  that  endpoints  /  mobile  devices  are  being  added  to  and  removed  from  sets  dynamically,  based  on  changes  to  the  attributes  of  the device.
  • O365 conditional  access:  We  now  provide  an  exchange  (o365)  /  MDM  administrators  the  ability  to  ensure  that  no  one  can  get  access  to  company  mail from  a  mobile  device  unless  that  mobile  device  is  enrolled  in  MDM  with  our  Centrify  MDM  solution.

For details see Centrify Cloud 18.9 Release Notes.

October 9, 2018

NEWS TODAY: Centrify to focus on Zero Trust Privilege, spins out IDaaS business as Idaptive

Centrify announces the spinout of its IDaaS business into a new company called Idaptive to better serve its customers and partners.

Centrify and Idaptive will operate as independent, affiliated companies beginning in January 2019. This strategy doubles down on two distinct areas of enterprise security – Privileged Access Management and IDaaS – with dedicated resources to optimize focus, efficiency and growth.

  • Centrify is sharpening its strategic focus on redefining the legacy approach to Privileged Access Management (PAM) with cloud-architected Zero Trust Privilege to stop the leading cause of breaches – privileged access abuse.
  • Idaptive will deliver Next-Gen Access to protect employees, partners and customers with its market-leading IDaaS solution, securing access everywhere with an Intelligent Access Cloud that constantly learns from and adapts to login context and risk in a way that protects companies.

We’re committed to clearly and consistently communicating this news to our customers, partners, and employees, so there are a lot of communications going out starting today:

For details, please contact your Centrify Account representative or Centrify Technical Support at https://www.centrify.com/support.

August 27, 2018

What's New in Centrify 18.8

New Centrify Application Services Features:
  • Dome9 SAML App in the App Catalog
  • Password Complexity and History Enhancements
  • Centrify Browser Extension Enhancements
New Centrify Infrastructure Services Features:

Linux and UNIX
  • Privileged command rights for dzdo check digest (hash) of executable file
  • New cifsidmap plug-in to map Active Directory users and groups to Zone-enabled UIDs/GIDs in CIFS
  • New privilege elevation support for Microsoft Privilege Access Management for Active Directory
  • New support for caching-only DNS server environments
  • Commands linked with the MIT Kerberos library can now inter-operate with the Centrify KCM service
  • Support for 2-way forest trust relationships when the forests are firewalled
  • Pre-staged cache support for very fast machine provisioning in automatedenvironments
  • Gateway and host audit coordinate to eliminate duplicate and housekeeping session recordings
  • Performance improvements for adclient and ldapproxy
  • Updates to OpenSSH, OpenSSL and curl
New Centrify Endpoint Services Features:

Windows
  • Privilege management and elevation for PowerShell
  • MFA at login supports 800-53/PCI guidelines
  • Endpoint enrollment no longer requires administrative rights
  • Endpoint enrollment supports Windows 7 and 8.1 (x64)
  • ZSO support for Windows 7 and 8.1

For details see Centrify Cloud 18.8 Release Notes and Infrastructure Services 18.8 Release Notes.

July 28, 2018

What's New in Centrify Cloud 18.7

New Centrify Application Services Features:
  • SAP SuccessFactors: Support for In-bound provisioning
  • Delegated Administration for Apps via Sets
New Centrify Endpoint Services Features:
  • Delegated Administration for Endpoints via Sets
  • Certificate Auto Renewal for iOS, Android & Mac
  • Time Bound Workflow Approval on Mobile
New Centrify Infrastructure Services Features:
  • Privileged Access Services
    • Centrify Agent for Linux - CoreOS Support
    • Enhanced Password Generation Rules
    • Performance Optimizations
    • Remote Access Kit - Host Trust Verifications
  • Privileged Access Service - Customer Hosted
    • Windows Server 2016 Support

For details see Centrify Cloud 18.7 Release Notes.

See More Announcements