updated 04:50 pm EDT, Thu October 23, 2008
Centrify adds PIV, CAC
Centrify Corporation has announced Centrify DirectControl 4.2 for Mac OS X, adding a smart-card-based login to Active Directory for a single sign-on to Windows-integrated services and applications. The smart cards utilize Apple's PKI (public key infrastructure), and work with common access cards, personal identity verification (PIV) and Apple's TokenD interface like the .NET smart card from Gemalto. The smart cards allow an Active Directory to control access for logins across an organization, not just a single computer.
DirectControl allows IT professionals to integrate Macs into an Active Directory network, with similar behavior and accessibility for Macs and PCs. David McNeely, director of product management for Centrify said, "By supporting smart card login to Active Directory, Centrify helps government agencies, education institutions and commercial organizations further secure their environment by centrally enforcing smart card login policies for users of Mac systems."
DirectControl allows a Mac, UNIX, or Linux system to be seen as an Active Directory client, enabling administrators to secure Macs using the same authentication currently used for their Windows systems. The new smart card support enables customers to use Mac systems in high security environments, complying with Homeland Security Presidential Directive (HSPD) 12 requiring secure and reliable identification of federal employees and contractors using PIV cards.
DirectControl 4.2 for Mac OS X also adds increased security features that include allowing organizations to lock the Mac Finder. Other policies added to v4.2 include enforcement of computer policies to require smart card login, removal policies to either lock the screen or force a logout when the smart card is removed, and additional security controls.
Licenses cost $90, with Mac OS X 10.5.3 required. Version 4.2 is shipping now in beta form and will go final within 90 days.