Centrify Unifies User Sign-On Control Across Multiple Platforms, Devices

Multiple devices are the norm for today's knowledge worker, creating excessive burdens for network managers trying to keep information secure, yet still accessible. Centrify's centralized user management helps to tame the new security paradigm created by multi-device user-access scenarios.

Centrify Suite 2012 Enterprise Edition tames user-access problems by centralizing user-account management across multiple platforms and devices.

The product, which began shipping July 25, offers a single-pane-of-glass view for user accounts and automatically synchronizes user-account metadata and credentials across multiple security schemas. This allows users to enter the same credentials across multiple networks and operating systems, while supporting multiple endpoints, ranging from Windows clients to Linux desktops to OS_X- (Mac-) based devices.

Priced at $825 per server and $65 per workstation, costs can quickly add up on enterprise networks; however, a decent return on investment is all but guaranteed, thanks to the time the product saves network administrators, reductions in help desk calls and the secure integration of multiple endpoints into an enterprise.

What's more, the product includes extensive auditing features, as well as reporting and control features that enable administrators to meet compliance requirements and plug account-security holes before the network is affected. Auditing also provides forensics capabilities, assisting in determining if data leakage has occurred, while supporting investigative chores.

The Enterprise Edition of Centrify Suite is actually a mash-up of several Centrify products. Included in the suite are DirectManage, DirectControl, DirectAuthorize and DirectAudit. The DirectManage product integrates Unix, Mac and Linux systems into Microsoft's Active Directory, allowing for centralized management of user accounts, entitlements and security policies.

DirectControl brings support for Active Directory authentication, Windows Group Policies and single sign-on to Linux, Unix and MAC systems. Direct Authorize further strengthens security by bringing role-based privilege management to Unix and Linux systems, further centralizing the security of multiple platforms across heterogeneous networks. DirectAudit adds real-time auditing of Windows, Unix and Linux systems to the mix.

The company also offers suites that have fewer products, as well as more. However, the Enterprise Edition is the most popular suite that the company offers and contains the features needed by the majority of enterprises supporting heterogeneous networks.

For testing, I set up a Windows Server 2008 R2 as the primary network server, with Active Directory. I then added a Red Hat Enterprise Linux 6 server and an Ubuntu 12.04 LTS Linux Server. For client systems, I added a MacBook, Ubuntu System and a Windows 7 system to the mix.