Centrify is a fairly young company, founded in 2004, but the problem its products seek to address goes back further than this. It is the perennial issue of providing an integrated and centralized approach to access control across disparate platforms, such as Windows, Unix, Linux and Mac. The issue is heightened by regulatory compliance obligations and associated audit requirements. Organizations with a large, mixed infrastructure can find themselves with a heavy workload in order to meet requirements in this context.
Centrify DirectControl addresses the issue by utilizing Microsoft Active Directory as a proven centralized administration tool for the Windows environment and integrating Unix, Linux or Mac-based machines into this model. This is achieved by using an agent on the client platform that takes care of the complex integration issues, providing the user with an effective and simple sign-on, which may be administered centrally without compromising their existing permissions.
The local machine effectively becomes an Active Directory client, regardless of the operating system platform. Implementing this model is fast and easy once the central management tools are in place and consists primarily of installing the local agents and thinking about how such access permissions might usefully be grouped. This latter issue is addressed by the concept of DirectControl Zones, which allows the administrator to configure logical groupings across platforms, organized by department, role or whatever best fits the organisation.
Centrify DirectControl offers additional possibilities, including the provision of web-based single sign-on for internal and external users. However, the access-control integration across Windows and other environments alone is reason enough to take a serious look at this product.
The intention is to simplify this from both an administrative and regular usage perspective, and it is apparent that Centrify has realised this objective. Furthermore, with the provision of a logical and intuitive administrator console and integral reporting facilities, a wealth of information is readily available around access permissions and zones, ensuring that you are always up to date with the access control position within your organiztion.