Symark's security access tool bridges Linux, Active Directory

Symark's new multiplatform security access and configuration tool PowerADvantage extends Windows Active Directory to Linux and Unix servers to redress Linux admins' pain in mixed-OS environments.

There's a downside to adding Linux or Unix servers to a Windows shop: These orphan machines lie outside the protective umbrella of the centralized user authentication and authorization controls of Microsoft Active Directory. The result? Multiple user identifications and logins, higher risk of errors and security loopholes, and of course, more work for system administrators.

But, according to John Enck, a research vice president at Gartner Inc. probably less than 20% of mixed Linux and Windows shops use a single authentication and authorization vehicle that covers Windows and non-Windows machines.

"[Centralized authentication] is a new trend," Enck said. "Most are using Unix or Active Directory for access control and now are looking to gain efficiency with a common structure."

For more on Linux and authentication
Does Active Directory top Linux authentication options?

Linux authentication troubles? Try Active Directory

Exploring Samba and Active Directory integration options
Several software companies offer products to fill that void. The leaders include Quest Software's Vintela , Centrify's DirectControland Centeris' Likewise. Symark International Inc., which has been in the security field for more than 20 years, is the latest to join the competition.

The maker of PowerBroker., which enables system administrators to implement user control policies system-wide, now has extended PowerBroker's reach with PowerADvantage, an action arm that approves or denies user access and authentication requests based on PowerBroker policies.

Think of PowerADvantage as Windows Active Directory, only it's cross-platform. To the user, PowerADvantage means a single login. For an administrator, PowerADvantage is a time saver, an automated security deployment and configuration tool. PowerADvantage inputs a user identification, maps it with multiple operating systems and carries out PowerBroker policies defining what a user can do, where and when -- all with a simple script from the systems administrator.

And instead of creating duplicate storage of data or rules, PowerADvantage simply extends soft, "nonintrusive" hooks into Active Directory so that the latter's rules about who can access data or run reports are extended to Linux and Unix machines, explained Ellen Libenson, vice president of product marketing.

"A unified login is reality now," Libenson said. "This solves headaches without compromising the freedom of Linux. We're able to take Active Directory and make lives easier."

PowerADvantage also is a huge time saver with configuration or deployment, enabling system administrators to rotate encryption keys or deploy new security policies automatically, added Jeff Nielsen, Symark's senior product manager. Additional servers can be quickly configured to match the rest, he added. "We're leveraging all the nice stuff in Active Directory, like standard Kerberos-based network authentication, to Linux and Unix machines, all from the same console," Nielsen said.

Enck said the basic problem is that Unix "doesn't have a vision" for the future of authentication, so by default everyone has turned to Microsoft's Active Directory. If independent software companies such as Symark can present a reasonable alternative, though, it leaves the door open to fill the gap.

PowerADvantage and its competitors aren't by themselves an incentive to go to a mixed-shop environment but they do remove an irritant for system administrators, Enck said.

"These products make administrators' lives easier … and have resonated well in the market," he said. "They reduce administrative workload and security exposure, which are both drivers [in adoption]. In any regulated business, this is a big factor."

As for the relative merits of the competing products, Enck said they are "a wash:" functionally, with differences at the granular level. A business might do well to choose the vendor with whom it already has a relationship to reduce overhead and license management, he said.

PowerADvantage onetime licenses cost $290 per server and $45 per workstation, with optional 24/7 support, including free upgrades, for an annual fee of 20% of the onetime license.

Let us know what you think about the story; email Pam Derringer, News Writer .

Dig deeper on Linux interoperability

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchDataCenter

SearchServerVirtualization

SearchCloudComputing

SearchEnterpriseDesktop

Close