Centrify delivers Windows privilege management to mitigate internal threats to systems on-premises and in cloud
New Centrify Suite 2013 uniquely helps organisations meet compliance requirements and reduce costs for the broadest set of cloud and on-premises platforms.
Centrify Corporation, the leader in Unified Identity Services across data centre, cloud and mobile, today announced the general availability of the latest version of the Centrify Suite security and compliance solution in use today by more than 4 500 organisations worldwide.
Featuring new advanced privileged user management and auditing for Windows systems, as well as new “sudo” migration tools for Linux systems, Centrify Suite 2013 enables organisations to quickly and effectively meet compliance requirements, mitigate risks from internal threats, and reduce operational costs across the broadest set of cross-platform systems deployed on-premises and in the cloud.
In today’s heterogeneous IT environments, achieving security best practices and compliance by linking access privileges and actions to named users is a complex task. Managing user privileges for Windows, Unix and Linux systems can be difficult to implement, since identities and privileges often reside in disparate silos or are managed locally system by system.
Point solutions exist for privilege management of Windows systems or Unix and Linux systems, but no solutions exist that span across both Windows and Unix/Linux that utilise a unified architecture leveraging existing directory infrastructure. Centrify Suite 2013 offers a comprehensive approach to identity management that includes integrated authentication, access control, privilege management, policy enforcement and compliance - all based on a single, unified architecture that leverages Microsoft Active Directory. This eliminates the need for IT staff to install, configure and manage multiple single-purpose products from a collection of other vendors.
Fortinet rolls out new FortiOS 5.0 operating system for enabling more security, control, intelligence
According to Gartner, “…there is a need for the organisation to have more granular control over and visibility into the way that these privileges are granted and used. Super User Privilege Management (SUPM) tools offer a flexible method for granting and/or limiting these privileges in a way that matches the organisation's needs.” 1
Windows privileged management
Centrify Suite 2013 now includes DirectAuthorize for Windows, a new integrated solution that eliminates problems associated with too many users having broad and unmanaged administrative powers by delivering secure delegation of privileged access and granularly enforcing who can perform what administrative functions. Key features of DirectAuthorize for Windows include:
* Secure delegation of privileged administration for Windows Servers. DirectAuthorize eliminates wide-open privileges of Windows and Domain administrators and grants privileges to only the roles, rights and resources required for each administrator’s job function. It also allows administrators to easily elevate privilege without having to re-enter passwords or know an administrative password.
* Granular authorisation and enforcement of administrative functions. DirectAuthorize goes beyond capabilities found natively in Windows by time limiting privileges for any user, restricting the access rights of high-privilege roles to specific systems, services or applicationsecure delegation using Centrify’s patented Zones technology that provides the necessary flexibility and granularity for administrative functions.
* Seamless integration with user-level auditing. DirectAuthorize integrates with Centrify DirectAudit to easily add user-session capture, search and playback, and can automatically trigger high-value session recording based on user, role, system or privilege elevation.
Enhanced privilege management for Unix, Linux
In addition to the new Windows privilege management capabilities, Centrify Suite 2013 builds on its core capabilities to further empower organisations to easily migrate and manage identities and secure privileged user access across Unix and Linux systems. New Linux- and Unix-specific functionalities now available in Suite 2013 include:
* Centralised Unix/Linux authorisation with simple SUDO migration and SUDO replacement features. New import wizards automate the retrieval and import of sudoers’ files for centralised enforcement via the Centrify Suite.
* Enhanced user policy enforcement and administrative session audits. DirectAudit policies can now trigger auditing sessions for specific user, computer and DirectAuthorize roles.
* Additional Unix and Linux platform support. Already supporting the most platforms in the industry, the new solution now supports more than 400 platforms, applications and devices, including new platforms such as Fedora 18; Red Hat Enterprise Linux 5.8, 5.9 and 6.3; CentOS 5.8, 5.9 and 6.3; Scientific Linux 5.8, 5.9 and 6.3; Oracle Linux 6.3; Ubuntu 12.10; Linux Mint 13 and 14; Mandriva One 2012; and OpenSuSE 12.2 and 12.3.
“Centrify Suite 2013 raises the bar in delivering enhanced functionality for organisations to secure their systems and protect their resources across cloud and on-premises environments, including Windows least-privilege access management,” said Matt Hur, Centrify senior director of product management. “With Centrify, organisations take advantage of their existing Microsoft Active Directory investments across the industry’s broadest set of platforms in heterogeneous environments to centralise disparate identities and control privileged access for improved security and compliance.”
Pricing and availability
Centrify Suite 2013 is available today from Centrify and authorised partners worldwide. The Centrify Suite is licensed on a per server basis and starts at $385 per server and $65 per workstation. For more information about the Centrify Suite and a five-minute demo of the new DirectAuthorize for Windows, visit http://www.centrify.com/suite. To request a free Centrify Suite 2013 trial, visit http://www.centrify.com/trial.
Note 1 – Gartner, “Hype Cycle for Identity and Access Management Technologies, 2012,” by Gregg Kreizman, et al, July 23, 2012