Centrify Application Services Alternative

Written by Vince Lujan on September 1, 2017

Share This Article

Over the years, there have been many web application single sign-on (SSO) solutions. Centrify’s Application Services solution is a great example. Centrify’s Application Services are effectively an SSO and application-level multi-factor authentication (MFA) add on layered on top of Microsoft Active Directory® (AD).

Centrify is proficient at extending AD identities and authenticating access to web applications. The problem is that means an organization’s core directory services are still firmly grounded on-prem. With the massive shifts in the IT industry, many IT organizations are looking to move away from on-prem infrastructure and move to the cloud. As a result, they are looking to modernize their identity and access management (IAM) infrastructure with an alternative to Centrify Application Services.

How to Know if Centrify’s Application Services is Right for You

Centrify's Application Services right for you?

Whether Centrify’s Application Services is right for you depends upon a number of factors. The first being how invested the organization is with Microsoft infrastructure. Centrify works by extending on-prem AD identities. However, many organizations are looking to move away from Microsoft AD or completely shift their identity management infrastructure to the cloud. In this case, it wouldn’t make sense to go with a solution that keeps you locked into AD.

The other factor that many organizations are considering is whether they want a number of different components. Centrify is layered on top of AD. That means it must be managed in addition to managing AD, adding complexity. Further, AD requires a number of on-prem devices like a domain controller, file servers, and virtual private networks (VPN) – all of which must be manually installed and configured before you even consider Centrify. Not to mention the added costs of obtaining Windows® licensing, infrastructure devices, and dedicated maintenance personnel.  

These factors are exactly what cloud-minded organizations are trying to avoid. Fortunately, cloud-forward alternatives have the potential to provide more components for less cost and also less operational overhead, while simultaneously providing One Directory to Rule Them All®.

Alternatives to Centrify Application Services

Alternatives to Centrify Application Services

There are a number of interesting alternatives to Centrify Application Services. Organizations will have to spend some time thinking about the number of applications and types (legacy or cloud-forward) they want to connect to their core identity provider and whether they want their core identity service to be on-prem or in the cloud.

Of course, there are the legacy web application SSO providers. There is also a group of application-level multi-factor authentication providers as well. Yet, these solutions only solve one part of the problem.

Directory-as-a-Service features Centrify Application Services Alternative

Centrify Application Services Alternative - DaaS

The most comprehensive Centrify Application Service replacement to consider is Directory-as-a-Service®. With it’s AD Integration component, IT organizations can simply federate their identities to the cloud hosted directory service, which will then enable web application single sign-on and portal-level MFA. In addition, those same credentials can be leveraged for LDAP-authenticated applications as well including high profile applications such as OpenVPN, Docker, Jenkins, and thousands more.

Beyond being a web and on-prem application single sign-on provider, Directory-as-a-Service can also connect users to systems (e.g. Mac, Windows, and Linux) and also cloud or on-prem servers. There is no need for additional components such as an LDAP server, or even an Active Directory server for that matter.

If you are looking for an alternative to Centrify Application Service, take a look at JumpCloud’s capabilities for True Single Sign-On™ and MFA. If you’re organization is looking to accomplish all of this without an on-prem AD instance, then Directory-as-a-Service may be the way forward. Or feel free to keep leveraging AD, but using our cloud identity bridge to extend to the cloud.

Directory-as-a-Service is more than just a Centrify Application Services alternative. To discover other ways JumpCloud can help your organization, drop us a note. You can also sign up today for a virtual identity provider and see for yourself. Your first ten users are free forever.

Continue Learning with our Newsletter