Domain Controller Competition

By Zach DeMeyer Posted May 30, 2019

guys racing signifying the domain controller competition

With the changing IT landscape, domain controller competition is changing how IT networks are being built and managed. In fact, it might be more accurate to say that the competition exists around the elimination of the domain controller. Let’s break that idea down together.

The Evolution of the Domain Controller

To understand this shift in the fundamental approach to building networks, we need to step back and understand where we’ve come from and how the landscape has changed.

Traditional IT networks were built on Windows® systems and applications. As such, Microsoft® tools, like Active Directory® and SCCM, were created to be used as standard IT management solutions. These management tools would be utilized in conjunction within IT networks, which would enable the development of the cornerstone of the Windows domain, Active Directory Domain Services (AD DS).

AD DS effectively established the concept of perimeter-based security. A network perimeter consisted of AD DS and other security features like VPN and firewalls that would sit around the network’s critical resources. As such, anything existing inside the perimeter, like users and their systems, were considered “safe”. Everything outside the perimeter was therefore deemed unsafe.

This concept of perimeter security, much like the medieval castles of old, acted as a stronghold in which the network lived. This stronghold would go on to be known as the domain. Since Active Directory sat at the middle of it all, pulling the strings and managing user access to network resources, it would often be called the domain controller.

The Fall of the Domain

The challenges started to appear when the network started to change. Web applications, cloud infrastructure, mobile users, and more started to shift how networks needed to be managed. In essence, a user’s IT world was no longer internal to the organization, an affront to the core concept of the domain.

On top of that, approaches to security started to evolve as well, moving from a layered, perimeter approach to something more nebulous. Since resources could be used from outside of the domain, a perimeter of defense could only protect so much of the network as a whole. As such, IT admins needed to treat all sources of traffic, both from inside and outside of the organization, with supreme scrutiny. Thus, the concept of Zero Trust Security was born.

Of course, these changes and others started to break down the concept of the domain at its very core and ultimately challenged the need for a domain controller altogether. The benefit of the domain was that a user could login to their Windows device when connected to the network and immediately have access to whatever resources they needed. But since the domain seemed to be increasingly impractical, a new approach to managing the network was needed.

An Answer From the Cloud

IT admins started to think about how to adapt the single sign-on benefits of the domain for a world where IT resources and users could be anywhere and everywhere. Given that the growing majority of IT resources were being offered from the cloud, what if the domain controller could exist there as well?

And so, the cloud directory service was born. A cloud directory service would essentially reimagine the Active Directory domain of old, making it quick and easy for end users to access their required resources without compromising security. And, since today’s IT networks are heterogeneous (i.e. the rise of Mac® and Linux® machines in the workplace), this cloud directory service would need to be platform-neutral to avoid vendor lock-in and promote freedom of choice for user resources.

Domain Controller Competition: Directory-as-a-Service®

That is where JumpCloud® Directory-as-a-Service comes in. Directory-as-a-Service is the first complete cloud directory service, connecting users to their systems, applications, files, networks, infrastructure, and more with a single set of credentials. As a cloud-based, third party service, IT organizations need not worry about choosing between Windows, Mac, or Linux; AWS®, Azure®, or GCP™; on-prem or cloud, etc. JumpCloud can manage access to them all.

Directory-as-a-Service is created around a Zero Trust mindset. As such, IT admins can opt to enforce password complexity requirements, multi-factor authentication, full disk encryption, and more, all from JumpCloud’s browser-based admin console. By securing access to virtually all IT resources, JumpCloud Directory-as-a-Service has helped Make Work Happen™ for tens of thousands of organizations.

Try JumpCloud Free

You can take advantage of the entire Directory-as-a-Service suite absolutely free for your first ten users. Simply sign up for JumpCloud and start managing user access instantly, no credit card required. As you expand your Directory-as-a-Service instance, you can scale it to your organization’s size using our APIs, PowerShell module, and other tools to help optimize your IT workflow.

If you are interested in learning more about Directory-as-a-Service and potentially replacing your domain controller, please contact us. We would be happy to help you begin your JumpCloud journey. You can also schedule a demo to see the product in the hands of an expert, or check out our YouTube page for more information.

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

Recent Posts