S E R V E R S U I T E T E C H N I C A L B R I E F
Centrify Server Suite Management Tools
Centrify Server Suite includes - at no extra charge - a powerful set of management tools in all editions:
Deployment Manager Group Policy Object Editor
Centrify Identity Risk Assessor (CIRA) (Available without Server Suite)
Report Center
Migration Wizard Audit Analyzer (Enterprise and Platinum Editions only)
Access Manager and MMC Snap-In Deployment Report Utility
Deployment Manager
Through Deployment Manager you can also single sign-on to systems to edit local files or perform other tasks.
Although installing Centrify on a UNIX or Linux system is a straightforward task, organizations that want to deploy to dozens — or hundreds or thousands — of systems will find it easier to use the Deployment Manager to guide them through the process. With Deployment Manager you can:
• Discover UNIX and Linux systems within your environment — either on-premise or in the cloud — and select which systems should integrate with Active Directory.
• Analyze the systems' readiness for integration with Active Directory. The Deployment Manager can, for example, identify DNS issues in your network that would prevent the system from reaching an Active Directory domain controller.
• Deploy and install or upgrade the appropriate Centrify Server Suite components.
• Join the systems to Active Directory, establishing a trusted relationship between that system and Active Directory.
• Gain single sign-on to remote systems via PuTTY, VNC, RDP or WinSCP.
• Centrally manage local accounts and groups on systems discovered through Deployment Manager, whether those systems have been joined to Active Directory or not.
Deployment Manager
Centrally discover systems and integrate them into Active Directory.
Connect to Remote Computers
Centrify Identity Risk Assessor (CIRA)
Automate the discovery of identity-related risks in your Linux and UNIX server environment. CIRA quickly identifies critical violations of identity and access management best practices and provides the insight to help you understand how to prioritize and mitigate these identity-related risks.
With CIRA you can:
• Discover hidden issues in the Red Hat, AIX, Solaris, and Ubuntu infrastructure, such as inconsistent password polices across servers, excessive use of local root and service accounts, and other fundamental security weaknesses that can be hard to identify and correct.
• Drill into the findings from CIRA’s comprehensive survey. Per-test reporting of issues found provides account and privilege level data per server, and recommendations for risk mitigation.
• Compare your findings against recommended best practices developed by Centrify through the experience of over 5,000 customer deployments. • Gain new insight to help prioritize and mitigate
identity-related vulnerabilities and potential audit and compliance issues.
• Download Centrify Identity Risk Assessor (Does not require Server Suite)
Migration Wizard
The Centrify Server Suite enables you to retire redundant and legacy identity stores by managing UNIX, Linux and Mac identities through Active Directory. The Migration Wizard accelerates your deployment by helping you import user and group information from sources such as NIS maps and local files into Active Directory. The Migration Wizard checks for duplicate IDs and gives you options for
CIRA
Survey Linux and UNIX servers to identify access control-related issues.
Gain Insight
Access Manager and ADUC Extension
Centrify Server Suite Management tools includes two Windows-based administrator's tools: our Access Manager and an MMC-based Active Directory Users and Computers (ADUC) property extension. With these interfaces you can configure the UNIX profile of Active Directory users (such as their UNIX ID, home directory and shell), manage computer properties and manage Centrify Zone membership. The ADUC property extensions are particularly useful for delegated
administration. For example, Windows-based IT help desk personnel could be enabled to use ADUC to update users' UNIX profile without giving them administrative access to advanced Centrify features.
Through the Access Manager you also have access to all Centrify advanced features, such as creating and managing Centrify Zones, importing identities and running reports.
Group Policy Object Editor
Centrify's advanced support for Group Policy for UNIX, Linux and Mac enables you to enforce consistent configuration and security policies across heterogeneous systems. Server Suite’s streamlined Group Policy Object Editor interface makes it easy to create and edit Group Policies within the standard GPO Editor. It provides a rich editing environment for many policies where multiple lines of text need to be entered or edited after initial entry, such as firewall policies.
Access Manager
The Access Manager provides centralized access to all advanced Centrify Server Suite features, including Zone setup, roles and rights definition, and reporting.
Group Policy Editor
Report Center
Centrify reports give you detailed, global visibility over access rights, privileges and security policies across heterogeneous systems.
The Report Center provides pre-defined reports that answer the most common questions asked by compliance auditors, such as who has access to a set of computers in a Zone, what systems a specific user has access to, and what privileged commands users have been granted on specific systems. You can define custom reports as well.
Centrify Audit Analyzer
(Available in Enterprise and Platinum editions only) Quickly find and replay privileged user sessions on Windows, Linux and UNIX systems.
Centrify Server Suite, Enterprise Edition collects detailed logs of user activity on Windows, Linux, and UNIX servers, including the commands entered as well as the system responses. The Centrify Audit Analyzer is useful for IT personnel with a range of responsibilities:
• Compliance auditors can use it to verify that access control policies are being enforced, by building queries and reports; for example, reports that show activity on specific systems or activity by specific users.
• IT security personnel can use it to search for specific types of activity, such as commands to change passwords or insert accounts, and they can monitor user sessions in real time.
• Compliance auditors, security personnel and IT operations staff can replay historical or current sessions to do forensic analysis of suspect sessions or identify issues in sessions that may have contributed to a system outage.
Centrify Deployment Report Utility
Report Center
Quickly run reports for compliance auditors or others.
Audit Analyzer
Available in Enterprise and Platinum editions only)
Contact Centrify
Centrify provides unified identity management across data center, cloud and mobile environments that result in single sign-on (SSO) for users and a simplified identity infrastructure for IT. Centrify’s unified identity management software and cloud-based Identity-as-a-Service (IDaaS) solutions leverage an organization’s existing identity infrastructure to enable single sign-on, multi-factor authentication, privileged identity management, auditing for compliance and enterprise mobility management.
