The EPM AD Bridge is a solution that allows integration between Linux systems and Active Directory, solving security and management challenges in hybrid IT environments.
Challenges
The EPM AD Bridge solves the following common problems in infrastructures using Linux and Windows:
- Chaotic Authentication: eliminates the need for separate credentials for Linux and AD Server, reducing errors and security vulnerabilities.
- Fragmented Access Control: unifies access management between Windows and Linux environments, simplifying administration.
- Ghost Identities: prevents the multiplicity of identities in different systems, improving traceability and reducing the risk of fraud.
- Tedious User Provisioning: automates the creation of users in Linux from the AD Server, avoiding errors and saving time.
- Invisible Groups: makes AD Server groups visible in Linux, facilitating the application of access policies.
- Limited Visibility: offers a complete view of the policies applied to Linux devices, reducing errors and security breaches.
- Isolated Management: integrates access policies for Linux and AD Server, reducing the risk of errors and security violations.
Problem
Managing segregated silos of users and groups on Linux devices outside the AD generates operational overload and security breaches in the infrastructure.
Solution
The EPM AD Bridge allows automatic provisioning of user groups and authentication and audit controls for your Linux devices.
Benefits
This integration simplifies user management and reduces the administrative burden, providing better visibility and auditing in the Linux infrastructure. The EPM AD Bridge facilitates logins on Linux devices, allowing users to reuse their existing Active Directory credentials. It also improves security and control, allowing administrators to apply Group Policies to Linux machines, managing user access and applying security configurations.
Functionalities
- Authentication via Active Directory: allows users to authenticate to the Linux system using Active Directory credentials, reducing the risk of data breaches and improving the productivity of teams responsible for access management.
- Application of GPO policies: allows administrators to enable policies in the AD GPO to be applied to Linux systems, improving centralized cross-platform administration and reducing the number of IDs and passwords to remember.
- Policy reports: allows administrators to view reports on policies and EPM AD Bridge usage, facilitating the verification of status and parameters in a single solution.
Policies
The EPM AD Bridge offers several policies for managing Linux devices:
- Configuration of a customized welcome message to greet users after successful login.
- Restriction of login access to Linux systems for specific users.
- Automatic creation and configuration of home folders for new users on their first login.
- Configuration of the storage location of log files.
- Specification of ports to be blocked on devices with EPM AD Bridge installed.
- Management of repositories used in the Linux terminal.
- Control of packages that should not be installed in the Linux terminal.
- Verification and guarantee that specific binaries are installed and updated.
- Specification of permissions for files or directories for groups existing in the AD Server.
Additional Benefits
- Single Sign-On on Linux: use your AD Server credentials to access Linux, without the need for duplicate accounts.
- Unified Access Control: easily manage permissions for AD Server users and groups in Linux and Windows environments.
- Simplified Provisioning: add new users to Linux directly from the AD Server, saving time and effort.
- Group Reuse: leverage groups already defined in the AD Server to apply policies in Linux without additional configurations.
- Easy-to-define Policies: use your knowledge of AD Server and group policy management to quickly create policies for Linux devices.
- Fast Deployment and Configuration: easily configure policies on the AD Server and Linux devices, without delay.
- No additional database: no need to worry about additional data management, as it does not use a separate database.
- Integrated Auditing: track security events through the Segura platform software.