Linux systems are now the most popular platform in the data center – whether that is your own data center or cloud infrastructure such as AWS, Google Cloud Platform, Digital Ocean, and many others. The question for many IT organizations is how to manage Linux users and devices. Or, said another way, is there a concept of Active Directory® as a service and Linux device management?
Of course, Active Directory has the concept of GPOs (Group Policy Objects) which help manage Windows devices. But, AD doesn’t have an analogous concept to manage Mac or Linux devices. In fact, user and device management for non-Windows platforms can be quite painful with Active Directory. So let’s take a look at how the IAM space has shifted in the last decade, some of the options that exist for managing Linux and Mac systems in an AD environment, and how a new emerging solution can optimize Linux device management in your IT environment.
Active Directory Prevails over the IAM Market
Historically, the IAM (identity and access management) space has been dominated by Active Directory, populated by Microsoft resources like Windows Server, and hosted on-prem. This setup created an environment that was easy to manage and secure with features like GPO’s. So, Microsoft ecosystems became a popular choice for many organizations.
A Changing IT World and a Resistant Active Directory
Life with Active Directory was good until the mid 2000’s when the IT landscape significantly changed. Web-based applications, the rise of Mac and Linux, and cloud-based data centers transformed the office. Data centers are making such a big impact, in fact, that in 2017 IDC predicted that 60.5% of spending on infrastructure would go towards cloud data centers. Many other IT resources like applications and storage have also been adapted for a cloud-based IT world, and the entire public cloud services market is expected to be worth $246.8 billion by the end of 2017 (Gartner).
While these new IT resources have seen tremendous market growth in the last decade, they undermined Microsoft’s monolithic presence in the workplace. In a move to keep their grasp on the enterprise market, Microsoft did a couple of things. One, they made it difficult to integrate new IAM aspects like Linux device management with Active Directory. While solutions have emerged to extend Active Directory to modern IT resources, Microsoft’s second move has been to preserve Active Directory in its on-prem form.
Hurdles with Active Directory in Today’s IT Environment
Both of these moves have caused major headaches for IT. Without the ability to integrate resources like Linux servers, IT has had to resort to manual management or using additional third-party solutions that are often expensive and inefficient. On the other hand, cloud-based resources have proven to help organizations save 14% of their budgets (Gartner). The fact that Microsoft is keeping Active Directory on-premises prevents organizations from being able to take advantage of the cost efficiencies associated with the cloud. For example, if IT had a cloud identity provider, they wouldn’t have to worry about constantly upgrading and managing hardware, software, and licenses – a regular, constant occurrence with Active Directory. So, Active Directory’s lack of support for Linux device management and inability to move to the cloud has caused IT admins to reconsider their on-prem identity management infrastructure, and to look for a cloud directory service.
Linux Device Management with Active Directory as a Service
The idea for IT organizations is to create a modern Active Directory as a service solution. Of course, Microsoft doesn’t have a product called Active Directory as a service, but the concept of a cloud hosted directory service is highly sought after for today’s modern IT environment.
The difference is that IT admins are searching for a cloud directory that connects users to the IT resources they need regardless of platform, provider, protocol, or location. IT admins are looking for a next generation directory service that controls users and devices across all three major platforms: Linux, Mac, and Windows. Could a solution like this really exist? Actually, yes.
A new approach to cloud directory services called Directory-as-a-Service® (DaaS) is shifting the core identity provider to the cloud. Directory-as-a-Service’s device management allows IT admins to remotely support Linux, Mac, and Windows systems. After installing JumpCloud’s system agent onto a device, IT admins have the ability to execute scripts, set policies, enable MFA for Linux server access and Mac OS X access, and maintain widespread visibility over all the systems in their environment. Additionally, the cloud identity management platform connects users to web and on-prem applications, physical and virtual storage, and wired and WiFi networks. Users can enjoy easy access to all of their IT resources, and IT gains a centralized, secure environment. As an Active Directory as a service like approach, but with Linux device management and macOS device management included, it is the next generation approach to cloud directory services.
Learn more about Linux Device Management with DaaS
For more information on Active Directory as a Service and Linux device management, consider reading how Tamr used DaaS to centralize user access to about 300 remote servers. You are also more than welcome to reach out to us with any questions about our virtual identity provider. If you’re ready to test our modern IAM platform, sign up for a free account. All of our features are available, including our cross platform device management, and your first ten users are free forever.
This is a Security Bloggers Network syndicated blog post authored by Natalie Bluhm. Read the original post at: JumpCloud