Friday, October 31, 2014

Basics: Centrify User Suite


Centrify has two product lines.  Server Suite and User suite. With the release of Suite 2014.1, we are starting to see some synergy between product lines and since the blog has focused exclusively on server suite, we figured we need to expand, but first, let's explore this product.

What is Centrify User Suite?

Well, let's see:
  • It's a cloud-based Identity Provider
  • It provides access and SSO to on premise and cloud apps
  • Provides Mobile Device, Application and Container Management
  • It provides self-service capabilities (device enrollment, management, self-service password reset)
  • Provides a catalog of over 2500 templates for fast publishing of Web, SaaS (SAML, WS-Fed, etc) and Mobile Apps.
  • Provides Multi-factor Authentication
  • Provides AD-based, Cloud-based or Mixed Identity
  • Works with Active Directory in a non-intrusive (no directory duplication) and secure way
  • Provides a policy engine for the directory
  • Provides Role-Based Access for Application access and Privilege Management
  • Provides multi-geography, shared or dedicated hosting
  • Provides an interface that
  • Provides access in rich (web) and mobile clients
  • Provides tenants with their own publicly-rooted certification authority
  • Provides access to apps can be via a self-service portal (provider-initiated) or application initiated.
  • Extensible by way of an SDK, customizations and branding.
  • Recognized by Gartner as a visionary in the 2014 IDaaS MQ.
  • Continues to add capabilities at a near monthly rate

Where's the value?

In my opinion, the biggest value of user suite is that in the same spirit of server suite, for any organization with AD, provides the fastest, most efficient and secure way to adopt SaaS applications, it does it without breaking the bank and without aspiring to become the organization's directory of record.  The mobile, directory and hybrid identity and policy services are the cherry on top.

Here's what you don't need to do with user suite:
  • Deal with servers in the DMZ
  • Deal with understanding on premise federation technologies
  • Deal with understanding app authentication or federation patterns
  • Deal with publicly rooted certificates
  • Pay for expensive MDM solutions
  • Pay for 2-factor authentication solutions
  • Worry about geographically located solutions
  • Worry about language and branding
  • Worry about having a split strategy for mobile devices
This translates to tighter control, time to market, added capabilities, etc.

What you must know and have:
  • What are the different Cloud IdPs and their pros and cons.
  • A policy for cloud-based access controls
  • A plan for service availability
We'll explore topics related to cloud in Security Corner.

User Suite Tour

Labs and User Suite

Updated labs logo

We will keep things practical expect a lot of labs, howto's, etc.  We will be using Office365, Google Apps and Salesforce as our key apps given that they either provide a free or cheap version.  As we can find trial apps we will explore them.  As it relates to mobile, we will use iOS, Android and OS X.

No comments:

Post a Comment