Endpoint Privilege Management

Application Management

Protect Against Rogue Apps and Malware

Prevent malicious applications from entering the environment through endpoints with an additional layer of protection of application control. Provide an enterprise app store to ensure employees can only install trusted apps without giving those users administrative rights they don't need. Automatically install and update the applications your users need on their endpoints.

Comprehensive Security at the Endpoint

  • Strengthen investments in existing endpoint security solutions with an additional layer of protection focused on identity
  • Control and manage the applications employees need to be productive
  • Push apps and updates automatically, to ensure up-to-date security
  • Eliminate the need for local admin rights for end users so that the risk of lost, stolen, or compromised devices is minimized

Application Management Powered by Munki

Centrify Endpoint Services has built-in integration with the Munki open source project for Mac Application Management to enable administrators to centrally manage and automatically distribute 3rd party and in-house developed macOS applications to end users based on their role in the organization. Application installation is accomplished silently as soon as the user enrolls their Mac, or when the user is added to a role in which the applications are assigned.


How it Works

Centrify has contributed to the Munki open source project to help enable plugin support for the project, thus allowing the open source toolset to commit application imports securely into an application repository hosted privately for each customer in the cloud based Centrify Identity Service. Admins can run a simple command on any Mac application or package and target the application for automatic installation or to be added to a catalog for end users to browse and install at their leisure. End users benefit from a rich client called the Managed Software Center that mimics the appearance and functionality of the built-in Apple App Store that they are already familiar with. Centrify has enhanced the client to support role based application assignment and built-in security leveraging certificates for authentication that are deployed via MDM.

In addition to leveraging Munki, administrators can also leverage the AutoPkg and AutoPkgr open source projects to discover application repositories and keep up to date on the latest security patches and application updates. This greatly simplifies and helps automate the process of ensuring that end users have the latest updates providing the features they desire, and the security patches that help prevent exposure to known security vulnerabilities.

All of this is done while maintaining the desired privilege level for end users. Traditionally, end users often require administrative rights on their laptop or workstation to ensure they can get the applications and updates installed that they need to do their jobs. With Centrify’s Mac application management solution all of this can be accomplished whether the end user is an admin or preferably as a standard user. When IT can keep users from having local admin rights, it is much easier to prevent the installation of malware. A compromised end user’s device is often the entry point used to initiate a major security breach.

In addition to providing application management for Mac systems, Centrify Endpoint Services provides Mobile Application Management for iOS, Android and Samsung devices and can distribute certificate-based Single Sign-On to cloud and on-premises web applications to enrolled Mac, Windows and mobile devices. End users can access all the applications they may need on both their Mac and Windows laptops as well as their mobile devices.