A new model of identity management is emerging. This new model is being driven from the cloud and is delivered in the “as a service” form. It’s arriving at the perfect time too, because a good number of IT organizations have started wondering if an alternative to their current identity management provider, Microsoft Active Directory®, exists. Many have looked into the concept of Active Directory as a service replacement, but what they would find was not often what they expected.
Hosted Active Directory
While there is no product called Active Directory as a service, there are hosting providers that offer an AD solution. This is often what those looking for an AD as a service product would find. Hosted Active Directory solutions are effectively server instances with AD pre-loaded on the machine. Examples of this type of service exist from AWS and many other providers. However, these solutions still require admins to do a lot of the work, and it isn’t truly “as a service.”
Another proposed cloud alternative has been Microsoft’s Azure Active Directory. This product has been promoted as the cloud version of AD, but the truth is that it doesn’t quite stack up. In fact, a Microsoft rep even stated in this post on spiceworks that Microsoft’s Azure Active Directory isn’t actually an Active Directory instance delivered in the cloud as a service. Azure AD is actually a separate product with a different use case. In short, Azure AD is not an Active Directory as a service replacement or solution for that matter. It is a complement to the on-prem Active Directory.
AD and the Identity Management Landscape
The identity management landscape has been long dominated by Microsoft Active Directory. The solution was introduced in 1999 and immediately became a core part of IT networks. Coupled with Microsoft Exchange, it was a requirement for IT organizations of any size, even when they were just a handful of people. As time has gone on and IT networks have morphed however, IT admins have longed for a more flexible approach to their directory services. The concept of an AD as a service solution still has a lot of appeal. The benefits of shifting maintenance and management of the platform over to a third party was enticing. No longer would IT admins have to worry about reliability, uptime, patching, security, and much more.
Unfortunately, the concept of AD as a service is still not completely there. Most virtual AD solutions are little more than hosted instances of AD where the end customer still needs to do the heavy lifting. Fortunately, there is an new alternative gaining traction in the IT world. This concept of an Active Directory as a service replacement can be leveraged to be the next generation directory service for an organization.
The Active Directory as a Service Replacement
Called Directory-as-a-Service®, this cloud and SaaS-based directory service is the modern approach to AD. Directory-as-a-Service securely manages and connects user identities to the IT resources those users need including systems (Mac, Linux, Windows), cloud and on-prem servers (e.g., AWS, GCP, or Azure), web or on-prem applications via SAML and LDAP, virtual and physical storage systems (such as Samba file servers or NAS storage devices), and wired or WiFi networks via RADIUS.
If you would like to learn more about the innovative Active Directory as a service replacement, drop us a note. We would be happy to answer any questions about the cloud-based directory and how it can make user management, and much more, simpler and easier. You can also try out the Directory-as-a-Service platform for yourself, free of charge. Your first 10 users are free forever, with no credit card required, so there’s no reason not to give it a shot. See for yourself how it works in your environment.
This is a Security Bloggers Network syndicated blog post authored by Jon Griffin. Read the original post at: JumpCloud