Most Read Technology Reporter For More Than Two Decades

Maureen O'Gara

Subscribe to Maureen O'Gara: eMailAlertsEmail Alerts
Get Maureen O'Gara via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Related Topics: Java EE Journal, Apache Web Server Journal

J2EE Journal: Article

Making Microsoft Support Linux: Centrify To Compete with Vintela

Making Microsoft Support Linux: Centrify To Compete with Vintela

Vintela, the start-up with Microsoft, Canopy and SCO connections, the company that makes Microsoft widgetry do unnatural acts and support Linux, suddenly has a competitor in another ambitious start-up called Centrify Corporation that's been flying below the radar.

Centrify, which was started 10 months ago by Tom Kemp, the co-founder of hotshot security management house NetIQ, is about to come out from under the covers and expects to compete with Netegrity and Oblix as well as Vintela for the identity and access management crown mindful of the fact that identity management is a top security challenge for the IT establishment these days

It's got software - called the Centrify DirectControl suite - that makes Microsoft's Active Directory (AD) cross-platform and seamlessly extends real-time AD authorization, authentication and Group Policy capabilities to Linux and Unix as well as J2EE and applications servers such as Apache and JBoss.

It will reportedly make them all live in a happy nirvana of single sign-on by centralizing all user accounts in Active Directory, and strengthen security by enforcing global password policies and eliminating orphan accounts.

It says it's the only company that can do this.

It says open source solutions such as MIT's Kerberos, Samba's Winbind and PADL only provide a "level" of interoperability with Active Directory and have to be combined to be of any use. Even then they lack Group Policy support, web application support, a centralized management console and easy installation and configuration.

"Active Directory is one thing Microsoft got right," Kemp says, and it's simply more robust than the alternatives.

Centrify says it can do what it does without any costly or intrusive changes to the existing infrastructure. It does not change the Active Directory schema or the Windows servers or require that Unix UIDs be rationalized. Instead they can be mapped to a single Active Directory account by means of Centrify's patent-pending Zone technology.

Vintela, on the other hand, has supposedly got a collection of miscellaneous identity management solution that, according to Kemp, requires extensive changes to the underlying infrastructure to work and limits users to one Unix/Linux identity per Active Directory account. Vintela also requires separate licensing, installation and configuration of each of its three modules while Centrify's solution is integrated, which means less overhead.

Centrify figures it's more focused while Vintela's shooting wide.

Its solution banks on the premise - buttressed by the Meta Group - that upwards of 60% of companies with 500 PCs or more have either deployed Active Directory or are rolling it out and that 86% of large organizations plan to deploy it.

Besides being sure that the enterprise doesn't want to can its hefty investment in AD and instead wants to leverage it, Centrify is also counting on the data center staying heterogeneous way into the future. And if Windows is deployed, Active Directory's a given.

Centrify calls AD a "de facto standard."

Considering that the average large corporation has something like 20 sources of identity, Centrify thinks the market is ready for its kind of simplification.

The start-up has developed agents that are installed on Linux or Unix workstations and servers, and essentially fool the system into thinking they are XP boxes and, perforce, native Active Directory clients. The Unix/Linux identities are integrated into AD, reducing administrative costs, heightening security and improving user productivity.

Centrify says its scheme should let the enterprise get rid of its multiple, redundant, unintegrated identity silos and complex synchronization schemes and replace them with consistent password and security policies.

It should also give them the access control, auditing, security policy enforcement and reporting needed to comply with Sarbanes-Oxley, HIPAA and the countless other regulatory requirements.

Centrify says the way DirectControl works the Unix and Linux boxes can be configured through AD's Group Policy using the same tools and processes used to manage Windows systems.

There are also Centrify management tools - essentially Windows-based GUI utilities - that let users access Linux/Unix systems and Java web apps using Active Directory account credentials.

Centrify says it's different from its rivals in extending AD rather than just synchronizing with it.

The company, which has 40 people, will be selling its stuff direct for $50 per Linux/Unix workstation and $500 for a Linux/Unix uniprocessor, $800 for a two-way and $1,000 for a four-way. It's had 15 betas out with "Fortune 1000-type" customers like Gannett, Kemp said.

It currently supports Red Hat, Solaris, HP-UX, VMware ESX, Apache, JBoss and Tomcat. In the spring it expects to add AIX, SuSE, Mac, WebLogic and WebSphere and deliver so-called Group Policy "packs." Red Hat, which bought the Netscape directory, is expected to start competing with Active Directory eventually.

Vintela has Microsoft and Canopy money in it. Centrify's backers are Mayfield and Accel Partners, top-tier VCs who put $7 million in the firm. Kemp said he expected the money to last through the end of the year.

Centrify managers include VP of engineering Adam Au, formerly with Novell and Computer Associates, and CTO Paul Moore, who worked at Microsoft and integrated print services into Active Directory.


More Stories By Maureen O'Gara

Maureen O'Gara the most read technology reporter for the past 20 years, is the Cloud Computing and Virtualization News Desk editor of SYS-CON Media. She is the publisher of famous "Billygrams" and the editor-in-chief of "Client/Server News" for more than a decade. One of the most respected technology reporters in the business, Maureen can be reached by email at maureen(at)sys-con.com or paperboy(at)g2news.com, and by phone at 516 759-7025. Twitter: @MaureenOGara

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.