Active Directory-Based Security and Management for Mac and Mobile Devices
Apple Mac desktops and laptops are increasingly being utilized in today’s workplaces. Employees are bringing their own Macs to work and many organizations are choosing to deploy Macs to their users. Yet managing Macs and securing access to corporate networks and data can be challenging — especially for organizations that rely on Microsoft management solutions.
With Centrify Identity Service, Mac Edition, organizations can manage and secure Macs with the same tools they use to manage PCs. In addition, Centrify extends your management and security infrastructure into the cloud and also lets Apple iOS and Android devices be managed using the same infrastructure. By leveraging existing management tools and processes across a broad range of popular devices, organizations can lower IT costs and achieve increased worker productivity and security.
Centrify Identity Service, Mac Edition includes the following three components:
- Centrify for Mac: Active Directory-Based Security and Management for Mac OS X
- Centrify Enterprise Mobility Management: Mobile and BYOD Management
- Centrify Identity Platform: Unified Cloud-based Architecture for Apps, Mobile & Mac Management
The Right Choice for Managing Mac and Mobile Environments
- Best-in-Class Active Directory Integration
Centrify Identity Service, Mac Edition centralizes authentication, administration and Group Policy management of end-users’ Macs and mobile devices within Active Directory, enabling IT to provide endusers their platform of choice without sacrificing efficiency or security. Users get single sign-on across all their devices and apps — no matter how complex the environment is — while Admins can leverage familiar Windows-based tools, thereby reducing the cost of managing Mac and mobile devices and allowing end-users to safely use their desired systems.
Centrify’s Active Directory-based administration also enables separation of duties, so Mac administrators within a department can be granted specific rights to perform their jobs. And, instead of configuring endpoint devices one by one, administrators can centrally enforce the industry’s broadest set of Group Policy-based security settings across workstations, laptops and mobile devices — including automating certificate issuance so Mac users and computers can seamlessly access 802.1x wired or wireless enterprise network services. Centrify’s non-intrusive solution deploys without installing software on servers or requiring any changes to the Active Directory schema.
- Integrated Software Agent and Cloud Architecture Delivers Unmatched Flexibility
As a complement to its proven agent-based approach for Active Directory-based authentication and Group Policy management, Centrify for Mac also includes a cloud-based option for managing Macs that are remote and/or not connected to the corporate network. In order to support these remote Macs, Centrify leverages Apple’s mobile device support and profile-based management for Mac laptops and mobile devices. Centrify provides administrators and users with capabilities such as remote lock and remote wipe functions, application inventory, user self-service management, security policy enforcement, and auto configuration of network and wireless access — all designed to simplify the end-user experience. For the first time, IT staff has the flexibility to deploy a single solution to manage Macs using a combination of both on-premise software and cloud-based services to address the myriad of Mac use case scenarios.
- Security Management for Mobile Devices Made Easy
With the increasing trend toward BYOD, users are bringing their own smartphones, tablets and laptops into the workplace. Today’s knowledge workers use multiple devices and are more productive when enabled with single sign-on, one-click access to their apps and other enterprise resources — whether accessing from their mobile devices or Mac computers. Centrify Identity Service, Mac Edition comes standard with integrated mobile security management that delivers the controls IT needs and the simplicity users require.
Just as it does for Mac systems, Centrify seamlessly integrates mobile devices into existing Active Directory and Windows Group Policy-based management infrastructure to automate security policy enforcement as well as auto-issuance and renewal of certificates for strong authentication to Wi-Fi and VPN networks. Or you can use Centrify Identity Service to manage the mobile devices via the cloud — Centrify gives you the choice to manage Macs and mobile devices the way you want to manage them. Centrify also offers web-based application Zero Sign-On through its optional Centrify Identity Service, App Edition solution. And, because it’s based on the Centrify Identity Platform, it’s quick and easy to also deploy, configure and manage iOS and Android mobile devices.
- World-Class Support and Expertise
Centrify’s worldwide support organization operates 24x7 with deep expertise in all aspects of Mac administration and Active Directory integration. Our specialists are dedicated to ensuring a successful deployment even in the most complex environments. As a strategic partner with Apple, Centrify’s support experts are also equipped to provide timely and knowledgeable support, and our product development is organized to deliver product updates as Apple releases new operating systems — ensuring you and your users are always operational. Access to an active Centrify online community involving thousands of IT professionals provides real-world deployment advice, best practices information, and unique insights into the issues you care about most.
- Unified Administration
- One single login for users and one unified identity infrastructure for IT
- Enable Active Directory-based management and security policy enforcement for Mac, iOS and Android devices
- Centrify Identity Service extends management for updating security policies & to lock or wipe Macs and mobile devices
- Use familiar Windows tools such as Group Policy to centrally manage access to services and enforce security policies
- Manage Macs whether in the office or on the road
- Automate certificate issuance and renewal leveraging your existing Active Directory Certificate Services
- Simplified User Access and Management
- Mac OS systems transparently connect to file shares hosted on Microsoft Distributed File System (DFS) volumes
- Simplify access to Wi-Fi and VPN networks through strong certificate-based authentication
- Provide users with Zero Sign-On to authorized web applications
- Self-service user portal enables end-user management of Macs and mobile devices
- Improved Security
- Automate device configuration for remote access, including Wi-Fi and VPN access, PKI auto-issuance and auto-renewal
- Ensure trusted security functions with optional FIPS-certified cryptography
- Optionally enforce two-factor authentication for CAC and PIV cards
- Enable authorized user accounts to unlock and access encrypted disks through Apple’s FileVault 2 Full Disk Encryption
- Automated certificate enrollment secures access to Exchange, VPN and Wi-Fi connections, ensuring only assigned users can access sensitive corporate information ɚ Broad support for all popular device platforms and OS release levels ensures compatibility across all end user devices
- Inventory devices and applications across your entire enterprise, organized by user, group or device, for better visibility of both company-owned and user-owned devices ɚ Detect rooted and jail-broken devices to improve security and minimize vulnerabilities within your environment