David McNeely
Senior Director of Product Management
Centrify Corporation
A large civilian agency required secure authentication and access control across hundreds of Solaris virtual zones, Linux systems and applications. The agency needed to eliminate sharing of credentials for root and service accounts, and provide privileged access management for database administration and systems operators ensuring that privileged users authenticated with a unique identity.
This case study details how a government enterprise solved these challenges, securing virtual and physical systems (and the applications and database running on them) with existing infrastructure and skills. As a result, they improved compliance and made significant progress on their “scorecard” for improving IT operational efficiency.
Learning Points:
- How secure authentication and access centralized in Active Directory addresses key FISMA provisions as recommended in NIST SP 800-53, including sections AC (Access Control), AU (Audit and Accountability), CM (Configuration Management) and IA (Identification and Authentication).
- How to dynamically provision accounts, set up role-based access and privilege controls, enforce consistent policies, and audit activity on virtualized systems.
- How to protect sensitive UNIX and Linux systems by using native IPSec to dynamically isolate them and block untrusted systems from communicating with trusted systems