Thursday, April 7, 2016

Using Centrify+Microsoft PKI+Yubikeys to enforce Strong Authentication for UNIX/Linux/Windows Elevation and more....

Announcing a new series!!!

I'll be focusing on Strong Authentication using Smart Card.  Recently got a hold of some Yubikeys. Yubikeys make the process of implementing strong authentication much easier.

Historically Centrify has supported PKI authentication for years and you'll be able to see how easy this is to set up.

The first scenario focuses on Servers:

css-yubi-scenario.png
Strong Authentication (PKI)
  • Leverage what you have:  Active Directory, Microsoft CA, Group Policies
  • Enforcing Smart Card access to UNIX/Linux/Mac systems  (Windows systems support this natively)
  • Use DirectAuthorize roles to limit access to strongly authenticated sessions
Strong Authentication for Windows Privilege Elevation
  • Applications
  • Desktops
We already covered Access and Privilege Elevation For UNIX/Linux using Centrify MFA here:

css-yubi-scenario2.png
Strong Authentication (Smartcard/Yubikey) & OATH OTP access
  • IdP Portal Access
  • OnPrem or SaaS Application Access
  • Privilege Portal Access
  • Privilege Password Manager  (Shared Account Password Manager)
  • Privilege Session Manager (Jump Box)
Here's a quick overview/demo
Stay tuned!

No comments:

Post a Comment