Principle Networks is a managed service provider specializing in SD-WAN (software-defined wide area network) environments that give customers more speed and flexibility.
Ian Wharton, Principle Networks’ WAN specialist, oversaw the company’s search for an authentication solution that would allow quick growth without domain controllers, and that would centrally connect remote users to both its hosted applications and SaaS apps.
- Organization: Principle Networks
- Location: Based in the U.K., but with an all-remote workforce
- Problem: Needed a platform to centralize authentication to SaaS apps & CentOS and Windows virtual machines
- Goal: Centralize authentication and avoid vendor lock-in
Background: Principle Networks’ Search for a Cloud Identity Provider
Principle Networks used Azure® Active Directory to centrally authenticate users accessing corporate laptops. However, the team didn’t want to augment it with on-premises AD, and they sought a full-suite cloud directory service that would enable secure and vendor-neutral expansion.
“As an 18-month-old business, we knew we were about to grow,” Wharton said. “But, as a matter of principle, we didn’t want to build domain controllers, and we had a series of requirements, including the ability to take advantage of SAML integration easily.”
As the business has grown and its user base has expanded, the need for identity and access management controls has become more urgent, too.
“Security, control, and ease of access for employees is crucial,” Wharton said. “We are a ‘virtual’ business — as we don’t have an office and don’t intend to have one. All of this meant that we had to implement a directory.”
Challenges: Select a Solution, but Avoid Vendor Lock-In
Wharton set out with a few needs in mind as he vetted cloud service providers. Principle Networks needed a solution for:
- A full-suite cloud directory service
- User authentication to Windows 2016 & CentOS virtual machines
- User authentication to as many third-party SaaS applications as possible
Principle Networks relies on a local data center to host its CentOS and Windows applications, which enable monitoring and customer-facing systems. Wharton and his team evaluated Azure’s Infrastructure-as-a-Service offering, but they found that the local data center was more cost effective, and its staff were more personable. Although that’s the case for now, the team wants to maintain the freedom to change IaaS providers if needed.
They appreciate cloud service providers that can help them avoid lock-in, and they wanted to find something similar in their Directory-as-a-Service® (DaaS) provider.
“Having an independent DaaS provider means that we can maintain our IaaS mobility,” Wharton said. “We felt that it was likely that we would be more and more tied to Microsoft® if we were to get more involved with their directory services offering.”
Wharton and the team also evaluated OneLogin, but they felt its SAML capabilities were lacking, and they wanted to see more true SSO connections than application bookmarks in its portfolio. They looked for other solutions to adequately support their organization and its growth into the future.
“When we looked at OneLogin, the integration with third-party SaaS applications wasn’t what we were looking for,” Wharton said. “A lot of their integration seems to be around a user portal with what amounts to bookmarks for third-party apps. We wanted as many applications via SAML as possible, so OneLogin just isn’t what we were looking for.”
Solution: JumpCloud Directory-as-a-Service
Ultimately, Wharton and the team selected JumpCloud® because it allowed them to meet the needs on their checklist and avoid vendor lock-in — and it was more economical than the competitors they evaluated. JumpCloud provides the first 10 users free forever, and “that makes a big difference for a growing business,” Wharton said. The Principle Networks team was also impressed by JumpCloud’s SSO offerings.
“JumpCloud is obviously committed and experienced with SAML, and that convinced us as much as anything else,” Wharton said.
The team also took comfort in JumpCloud’s ability to accommodate their CentOS virtual machines, which support their service to customers, too.
“We wanted to incorporate our CentOS services, and we don’t expect that will ever sit well with Microsoft,” he said. “We’ve got to make good choices now, as the cost in time and effort to change down the line is just too disruptive.”
Implementation: ‘We Already Take it for Granted’
The implementation was easy, and the Principle Networks team began to see benefits almost immediately.
“The trial was simple, the SAML integration is far more extensive than we need at the moment, and everything worked the first time,” Wharton said. “It quickly became a no-brainer for us. We didn’t need any support to get it set up, and we already take it for granted.”
Principle Networks intends to remain all-remote to reduce the employee time wasted on commuting and the environmental impact of unnecessary travel. JumpCloud allows central access control and device management for these remote employees without the challenges of a traditional AD domain.
“In previous ‘traditional’ office businesses, group policy or password changes required an office visit or VPN connection,” Wharton said. “It’s amazing how often these changes occurred when I was on leave or otherwise unable to connect, only to find my account locked when I returned. JumpCloud means that we don’t have any of those issues, but we can still enforce policy and know that it’s always up to date.”
It gives the team more time to focus on delivering services to their customers, rather than managing an on-prem directory instance. In fact, the transition to JumpCloud was so seamless, they’re now considering becoming a reseller, too.
“JumpCloud means that we save time and effort ensuring our access is controlled across all our environments.”
What advice would you give to someone considering JumpCloud?
“Just do it,” Wharton said.
Learn more about how Principle Networks is helping organizations upgrade their networking with SD-WAN at their official site or find them on LinkedIn.
If you’re an MSP considering JumpCloud, visit our partner page for more information. JumpCloud is also committed to supporting and securing organizations, no matter where their employees are located. Click here to learn more about how JumpCloud enables remote work.