This is my first post in the new year...so let me start by wishing everyone a happy and prosperous 2016! While many were off for the last couple of weeks of 2015, we were still busy getting our newest version of the platform ready. In case you hadn't heard, we will be upgrading our platform (Centrify Identity Service and Centrify Privilege Service) to version 16.1 this weekend (Saturday, January 16th). The complete list of new features is available in the release notes, but let me tell you about some of the key new features and enhancements here:
Google Directory Support
If you've heard us present our platform and products, or have spent any time on our website, you've most likely heard us talk about "Identity from Anywhere." The key to our story here is that the Centrify Platform is agnostic to where user identities are stored. If you use AD or LDAP to manage identities, we can proxy authentication requests to those stores without the need to replicate those data stores to our cloud. If you don't use an on-prem data store, you are welcome to use our Cloud Directory. We also support business partners and customers through Federation. Well, we've had a number of customers / prospects ask us about using Google as a directory source.
With 16.1, we enable you to add your Google Directory as a directory service in the Centrify platform. Adding Google Directory allows you to use Google as a "first-class" directory, meaning that you can do everything (SSO, MFA, EMM, etc.) with Google users that you are able to do with the already supported internal identity stores (Centrify Cloud, AD and LDAP). You can add Google Directory by going to Cloud Manager > Settings > Directory Services.
While this is not a new feature per se, we are excited to announce some of the improvements we've made to performance in 2 key areas:
- Cloud Connector Selection for AD Authentication: As you may know, when user identities are stored in AD, we use our Cloud Connector to proxy authentication requests for those users to Active Directory. These Cloud Connectors scale horizontally (additional connectors can be added to an environment to better serve users by sharing the load). This is done by randomly selecting any of the active Cloud Connectors. In the past, if the communication between a Connector were to fail we would mark that connector as offline and we would no longer send authentication requests to that Cloud Connector (e.g. in an environment with 3 Cloud Connectors with 1 marked as offline, we would only use 2 of the Connectors for authentication). Now, instead of marking the Connector as offline, we measure the "health" of every connector. While we still select Cloud Connectors randomly, we've changed our algorithm to favor selection of "healthier" (higher throughput) Cloud Connectors.
- Provisioning: We've also improved our provisioning engine by batching like jobs and executing jobs in parallel.
We hope you enjoy these new features and look forward to hearing your feedback!