The document discusses how Centrify provides solutions to centralize the control, security, and audit of UNIX, Linux, and Mac systems by leveraging an organization's existing Active Directory infrastructure. It describes how Centrify solutions can automate security enforcement on these systems by protecting them with security policies, authorizing privileges through role-based access controls and identity management in Active Directory, and auditing all user activities. The goal is to help organizations address regulatory compliance requirements by controlling access, securing systems, and auditing user actions across their heterogeneous, multi-platform environments.
DSS - ITSEC conf - Centrify - Identity Control and Access Management - Riga Nov2011
1. Centrify
Centralizing the Control, Security and Audit
of
UNIX, Linux and Mac Systems
Barry Scott
Technical Director
Centrify EMEA
barry.scott@centrify.com
+44 7770 430 007
3. The Centrify Vision
Control, Secure and Audit Access to Cross-Platform Systems and Applications
Centrify the Enterprise
Leverage infrastructure you already own – Active Directory – to:
Control Secure Audit
What users can access User access and privileges What the users did
33. Centrify Products… Delivered as the Centrify Suite
EXPRESS STANDARD ENTERPRISE PLATINUM
DirectManage Single Sign-On
Centralized Management and For Applications
Administration
With all editions you can
purchase SSO modules for:
DirectControl • Apache & J2EE web apps
Consolidate Identities and
Centralize Authentication • SAP NetWeaver & GUI
• DB2
DirectAuthorize Centrify-Enabled
Role-based Authorization and
Privilege Management
Open Source Tools
All editions also include free,
Centrify-enabled versions of:
DirectAudit • OpenSSH
Detailed Auditing of User Session
Activity for Windows, UNIX & Linux • PuTTY
• Kerberized FTP and Telnet
• Samba
DirectSecure
Server Isolation and Protection
of Data-in-Motion
34. Solutions that Centrify Delivers
Compliance and Audit
• Auditing and reporting (SOX, PCI,
Meet Strict Security & Audit Req’s
FISMA, HIPAA, Basel II, etc.)
Security Enforce system security policies
SOX /JSOX PCI DSS
Enforce ―least access‖
• Risk mitigation & security of users
with privileged access Lock down privileged accounts
Operational Efficiency Enforce separation of duties
Microsoft Active Directory +
Associate privileges with individuals
FISMA
Centrify
HIPAA
• Leverage existing architecture
• Leverage investments in Active Directory
Audit privileged user activities
tools, skill sets and processes
Protect sensitive systems
• Consolidate ―islands of identity‖
• Deliver single sign-on for IT and end-users
Encrypt data-in-motion
Basel II.
...?
FFIEC
• Enable new computing models such
as virtualization, cloud and mobile