We can help- Active Directory

Posted by Rob Pelmas on Tue, Sep 17, 2013 @ 11:59 AM

I'd like to start a discussion regarding the many offerings we can provide to make your life easier, more productive, and more secure. One area we excel in and can help you out with is Active Directory Integration, Security and Auditing.


Active Directory is wildly popular in the enterprise, and with good reason. It's arguably one of the best products Microsoft has come out with. A single point of entry for new employees, permissions, and security, it's a great way to make sure you know who has access to systems, that password security meets a standard, allows users to be turned on and off centrally, and it 'just works'.


NAPC has partnered for years with Centrify, the leader in Non-Windows AD integration. We've been using them for Unix integration since they first came out with their world class solutions, and they just keep getting better. You probably know of us and them from your Xinet server. We also have been doing Mac desktop integration (Centrify leans on us for this expertise when they need implementation !). Check out our video on easy rollout of desktop macs to get a sense of what can be done, in addition to the basics-

http://www.youtube.com/watch?v=VHrvZiYEZaE


That's just the tip of the iceberg though. Centrify and NAPC can provide data-center wide services- helping implement AD integration across all your *nix systems. There's a very powerful suite of permissions tools included, so you not only get a stable central authentication structure, you also get an easy way to put 'like' servers into admin groups, and assign rights for users and groups to multiple servers simultaneously. This is tremendously efficient. They have the ability to apply sudo permissions as well in this way, all through an easy, intuitive interface.


On top of this, there's even a great story for Windows servers. Centrify gives reporting capabilities that AD itself doesn't. The suite includes much finer grained abilities to search for idle users, accounts, and machines. We've had people fail SOX audits, and been shown the tool in Centrify that  would have caught the exceptions beforehand. And with automated reporting, you can show the auditors you're trapping for this now, and there's no more examples of it. Talk about looking like a hero!


Another example of what can be done is ongoing auditing of systems. You can load a very lightweight client on any Unix or Windows machine that will actually record screen captures of a users actions. That way, if a system goes down, and an Admin or service provider can't remember exactly what they did, you can watch a video of them typing, mistyping, pushing buttons. This helps you from a SOX auditing standpoint for allowing remote providers in, but also allows you to understand exactly what was done that broke the system. This is hugely powerful, not only to speed up recovery, but also from a training perspective for your admins.


This just breaks the surface of what the tools are capable of. Please feel free to reach out and ask what else can be done, or if you have specific needs, or just feel like you could be doing more on the security and auditing front. Odds are, there's a solution that can address your needs, get you home on time, and sleeping soundly!


Tags: AD, Active Directory, Centrify, Unix