In Blog, Single Sign On (SSO)

As IT organizations look to connect their non-Windows® resources to Microsoft® Active Directory®, one question comes up quite often: what is Centrify®? In web searches targeted at discovering a way to extend AD, Centrify comes up quite a bit, so it’s important to understand what their product does. In short, Centrify is an identity bridge. It works by extending legacy, on-prem Microsoft Active Directory identities to non-Windows resources such as Mac® and Linux® systems as well as web applications. Centrify is essentially an add on to on-prem Active Directory infrastructure.

Instead of Asking What Centrify Is, Ask What It Isn’t

What we should really be asking when we attempt to define Centrify is more of a question about the right approach to identity management in the cloud era. Do we want to continue to leverage on-prem hardware and its expenses when the industry is shifting to the cloud? No longer are IT networks based on just Microsoft Windows. They’re an amalgamation of different types of solutions including G Suite, Office 365, AWS® and GCP, Mac® and Linux® machines, web applications such as Slack, Github, Salesforce®, cloud and physical file servers (NAS devices, Samba file servers, and Box™) and many other types of IT resources. So, with all of these IT changes, why must the directory remain on-prem and require add ons like Centrify to work with all these resources?

Resulting from the shift of IT resources in most environments (Windows-based workstations, wired networks, on-prem file servers) to what we have today in our cloud-forward environment (Macbooks, WiFi, and cloud storage) IT organizations are struggling to extend their legacy directory service to these modern IT resources. On-prem identity bridges such as Centrify extended AD to some of these new digital tools, but not all. While it may seem like a good approach, Centrify’s scope is limited in that it still requires Active Directory on-prem to fulfill its purpose. The shift to the cloud is underway; don’t prolong it by continuing to purchase CALs, maintaining AD implementations, and spending time deploying add ons to AD. Perhaps, a Centrify implementation would make sense if it were a full-fledged directory solution, but it isn’t.

A New Way Forward

So, here we are. What should IT admins do for identity and access management (IAM) in a modern IT network? The short answer is to look at replacing your identity provider (IdP), in this case AD, with something based in the cloud. For many organizations, the most effective cloud IdP is JumpCloud® Directory-as-a-Service®. JumpCloud thinks about the problem of securely connecting users to the IT resources differently. As a cloud-based source of truth for identities from the cloud, JumpCloud can connect you to more resources, more easily than you can using Centrify and AD.

In addition to web apps and systems, our cloud-based directory service can securely connect users to WiFi via RADIUS, authorize and authenticate to LDAP applications, enforce system security standards with Policies, provision identities via Office 365 and G Suite, and do it all from one browser window.

Learn More About JumpCloud

When asking yourself, “What is Centrify,” consider asking instead, “how do I want to manage my IT resources going forward?” Do you want to do it from the cloud, with minimal upkeep, or do you want to continue to implement, configure, and ultimately replace aging on-prem infrastructure every few years? If you’re ready to learn more about how JumpCloud can support your IT environment, drop us a line. Or, sign up today and start managing up to 10 users free, forever.

Recent Posts