I'll be focusing on Strong Authentication using Smart Card. Recently got a hold of some Yubikeys. Yubikeys make the process of implementing strong authentication much easier.
Historically Centrify has supported PKI authentication for years and you'll be able to see how easy this is to set up.
The first scenario focuses on Servers:
Strong Authentication (PKI)
- Leverage what you have: Active Directory, Microsoft CA, Group Policies
- Enforcing Smart Card access to UNIX/Linux/Mac systems (Windows systems support this natively)
- Use DirectAuthorize roles to limit access to strongly authenticated sessions
Strong Authentication (Smartcard/Yubikey) & OATH OTP access
- IdP Portal Access
- OnPrem or SaaS Application Access
- Privilege Portal Access
- Privilege Password Manager (Shared Account Password Manager)
- Privilege Session Manager (Jump Box)