• No results found

Centrify Express72 Jump Start Upgrade Service

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Centrify Express72 Jump Start Upgrade Service"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

Centrify “Express72” Jump Start Upgrade Service

Summary

This Jump Start package streamlines the migration from Centrify Express Edition for UNIX and Linux to Centrify Server Suite, Standard Edition in three days. Completion of this package will establish a baseline for future migrations while implementing Centrify’s proven best practices, automation, and privilege management.

Why Migrate to Centrify Server Suite, Standard Edition?

• Hierarchical Zones make it easier to manage Linux and UNIX identities with inheritance capabilities that reduce the need to duplicate policies that control access and privileges. Flexibility in the management model is simultaneously improved with hierarchical Zones through the ability to use overrides at any level within the hierarchy.

• Centrify Server Suite, Standard Edition also introduces Computer Roles, which simplify the assignment of privileges across servers. For example, you might create a Computer Role for web servers, which gives your web developers consistent access rights and privileges to web servers across your enterprise.

• To granularly control what users can do on what systems based on their job function. Centrify Server Suite, Standard Edition provides flexibility in the implementation and management of a least-privilege access model through role definitions and assignments that can be inherited or overridden at any level (or Zone).

• Repeatable and sustainable compliance with comprehensive reporting that combines who has access to servers with the privileges they have on those servers.

Benefits of the “Express72” Jump Start Upgrade Service

Centrify Professional Services provides the expertise and best practices, acquired through hundreds of successful deployments.

The “Express72” Jump Start is the sort of intense, hands on, direct process approach where our experienced PS Consultant helps you build out the recommended back end, optimal configurations and design methodology, delegated administration points, automated deployment, automated provisioning and de-provisioning and proof of design on an actual pilot system.

Your organization will benefit from a hands-on training workshop, implementation of best practices, and reducing your overall trial and error process to a streamlined proven approach. Our proven processes are flexible enough to handle a small single day migration and yet scalable enough to also handle a complex global enterprise level deployment.

(2)

• Improve enterprise security by replacing sudoers with consistent management and enforcement of security policies across your cross-platform enterprise

• Reduce administration costs through optimized role definitions and role-assignment • Increase user productivity with seamless privilege elevation

Service Scope

• Up to five Linux/UNIX systems will be migrated from Express Edition, up to three hierarchical Zones will be considered, and up to three Linux/UNIX roles will be configured in DirectAuthorize.

• All Windows Server Suite management components such as the Zone Provisioning Agent, Deployment Manager, and Access Manager Console will be deployed to a single host for this engagement.

Engagement Management

Engagement management provides end-to-end oversight and management to ensure successful service delivery and on-site trainings. Centrify’s engagement management adds dedicated resources that provide the following essential elements to your project:

• Management focus and expertise • Quality control and management • Cost management

Your Centrify engagement manager will ensure your staff, change control processes and equipment are prepared for Centrify staff to work productively and efficiently on-site so projects are completed on time and with the highest quality levels.

Deliverables

As part of the service, you will receive the following:

• A Training Workshop providing an overview of Hierarchical Zone Capabilities and design. • A custom workshop on additional functionality in Standard Edition and Centrify’s best practices • Overview of DirectAuthorize configuration and management of privileges.

• A backend organizational structure that will provide separation of duties, single profile access to Unix/Linux systems, and a process that allows automated user provisioning, role based access and privilege

management, as well as flexible and granular access controls.

Duration

Duration is 3 consecutive business days at customer facility.

Who Should Participate

(3)

Prerequisites

• Prior to the Centrify Consultant arriving, a designated virtual host should be made available. The purpose of this host is to serve as a Deployment Server.

• The Deployment Server Requirements include the following: - .NET Framework version 3.51 SP1

- Network connectivity to all in-scope Unix, Linux, or Mac OS-X systems - Hardware: 4GB RAM, 2GB Free Disk Space, and a 2GHz Processor

• All Centrify Server Suite, Standard Edition Software must be copied to the “Deployment Host” where we will be doing most of the Administrative work from. We recommend creating a [C:\Centrify] directory to copy the software to.

• We can help customize this offering if your organization has more than 100 deployed UNIX systems running Centrify Express Edition for UNIX and Linux.

• Customer personnel will require root or equivalent access for all systems in scope of the deployment, and the privileges to install software on Windows computers that may require configuration, or administration using the Centrify DirectManage consoles, including the Deployment Server.

• If outages or change control requests are required then these must be scheduled in advance • A signed Statement of Work

Format

Daily interdisciplinary design sessions held at the customer’s location, access to white boards and a lab environment for collaborative and interactive sessions. See Daily Overview for details.

Logistics

This package is delivered on-site only. The project room should be equipped with an LCD projector and a whiteboard with dry-erase markers, and a printer should be available. Customer participants will require direct network access.

Pricing and Ordering

This offering is invoiced on purchase and is valid for 6 months from the date of purchase. Contact your Centrify Sales representative for pricing details for your region and to arrange for a time, place, and schedule.

Customizations

(4)

Day Description

1

Centrify Professional Services and your personnel review the existing Centrify Express Edition deployment in your network environment focusing on specific Active Directory OU Structure and Permissions.

§ Discussions with key personnel around user provisioning, Active Directory, UNIX, Security, and auditing or compliance

§ Review of privilege management of local accounts and associated compliance / auditing risks

§ Design review of existing implementation and Active Directory storage structure

1

Custom training workshop on additional functionality and Centrify’s best practices for the current Centrify Server Suite, Standard Edition

§ Design best practices for OU structure, delegation, separation of duties and automation § The Zone Provisioning Agent, DirectAuthorize Roles, Global access, Zone-level access,

Computer Overrides, and Computer Groups.

§ The process of migrating to Hierarchical Zones for an optimized design.

2

Management components installed on Windows Deployment Server

§ The Centrify Server Suite, Standard Edition Access Manager Console current product release installed on the Deployment Server.

§ Deployment Manager current product release installed on Deployment Server § Deployment of the Zone Provisioning Agent to the most current product release § Run CreateOU Script (Powershell)

§ Configure Console(s), build out Global Zone and Child Zone § User Import

§ Pre-Create (with prefix or suffix) Computer Object § Configure DZ Role(s) for Access and Privilege § Demo “Show Effective Unix Users” tool

§ Deployment Manager, Discover, Analyze, Review, and Push Software § Configure Computer Role

3

Non-invasive migration of UNIX data in Active Directory § Join system to child zone (Active Directory)

§ Test access control, test privilege execution, and confirm POSIX attributes. § Configure and test automation (ZPA)

§ SCRIPT Computer Role buildout § SCRIPT User Role buildout § DEMO script

(5)

About Centrify

Centrify strengthens enterprise security by managing and securing user identities from cyber threats. As organizations expand IT resources and teams beyond their premises, identity is becoming the new security perimeter. With our platform of integrated software and cloud-based services, Centrify uniquely secures and unifies identity for both privileged and end users across today’s hybrid IT world of cloud, mobile and data center. The result is stronger security and compliance, improved business agility and enhanced user productivity through single sign-on. Over 5000 customers, including half of the Fortune 50 and over 80 federal agencies, leverage Centrify to secure their identity management. Learn more at www.centrify.com.

Santa Clara, California: +1 (669) 444-5200 Email: [email protected] EMEA: +44 (0) 1344 317950 Web: www.centrify.com Asia Pacific: +61 1300 795 789

Brazil: +55 11 3958 4876

Latin America: +1 305 900 5354

Centrify is a registered trademark and Centrify Server Suite and Centrify User Suite are trademarks of Centrify Corporation in the United States and other countries. All other trademarks are the property of their respective owners. Copyright © 2005-2015 Centrify Corporation.

References

Download now ( PDF - 5 Page - 121.23 KB )

Related documents

Centrify Server Suite Express

• Agents enable UNIX and Linux computers to join an Active Directory domain and automatically generate user and group profiles for all Active Directory users and groups..

Centrify Identity and Access Management for Cloudera

Centrify Server Suite is an enterprise-class solution that secures even the most complex Hadoop environments leveraging an organization’s existing Active Directory infrastructure

The Centrify Vision: Unified Access Management

DirectControl for Mobile supports familiar Active Directory management tools, ADUC (left) and Group Policy Object Editor (right), so administrators can see which devices are

Centrify Suite Enterprise Edition Online Training

Audit Manager Configuration – This module describes how to install the DirectAudit user interface and database(s) in. your Windows and SQL

Centrify Suite 2012 Express

When you install Centrify Suite Express on a computer and join an Active Directory domain, all of the users and groups in the Active Directory forest automatically become valid

Centrify Server Suite, Standard Edition Design Service

- Note: The immediate project team is required to participate in this session, and we encourage additional staff (such as members of a change control board) to attend if possible

What s New in Centrify Server Suite 2013 Update 2

The new Centrify Server Suite 2013 Update 2 (2013.2) builds on the core enhancements Centrify introduced in Server Suite 2013 with new reports in Centrify Audit Analyzer, new

Centrify DirectAudit Jump Start Service

Centrify shall not be required to provide any portion of the Services to the extent the performance of such Services becomes "Impracticable" as a result of a cause or