As more IT management solutions move to the cloud, many IT admins have started wondering if the domain controller is going to make a similar move. Is there a SaaS domain controller available?
Why Is There a Need for a SaaS Domain Controller?
The concept of a cloud domain controller delivered as a service is interesting. This is because domain controllers were predicated on the concept of the Microsoft Windows networks of yesteryear. The original idea behind Microsoft’s approach was to create a ‘domain’ where all of an organization’s IT assets would live. These would all be Microsoft assets, and would all be located on-prem as well.
This enclosed area or “domain” was thought to be more secure than the more open network alternative. Plus, once a user was within the domain, a directory service such as Active Directory® could control what a user had access to. This approach made it simple to appoint one central identity management platform as the control point for user access, since every IT asset could easily reach and authenticate access with the domain controller.
While this on-prem and Microsoft domain concept made a great deal of sense when the world was all Microsoft and on-prem, it started to break down as the IT landscape shifted. Non-Windows machines were starting to appear on the network – would they be able to easily join the domain and benefit from single sign-on? Web applications and cloud infrastructure started to shift IT resources away from the domain. How would a centralized, on-prem domain controller authenticate and control access to remote IT resources?
SaaS Domain Controller Options?
Both of these were fundamental problems for IT admins, and were key reasons why the concept of a SaaS domain controller started to become interesting. The challenge with a cloud domain controller concept is that it really can’t be a single vendor solution. There are too many different applications and providers of enterprise technology now to limit offices to a specific vendor. Microsoft is trying to introduce their next generation approach to the DC, called Azure Domain Services, but it runs into the same challenge as before. This tool is built to manage your Azure virtual machines and systems, not to replace your on-prem domain controller.
When thinking about the new IT landscape, the very concept of the domain is in question. The on-prem IT network is being run more like a café with WiFi access. Many IT resources like web applications and cloud infrastructure are remotely accessed, so the concept of the SaaS domain controller needs to be expanded.
The new concept of a SaaS domain controller needs to uniquely authenticate users into their systems (Windows, Mac, Linux), cloud and on-prem servers (AWS, Azure, GCP, and on-prem), physical and virtual file servers including Samba and NAS appliances, web and on-prem applications via LDAP and SAML, and wired and WiFi networks through RADIUS. Plus, it needs to provide the same increase in security that the legacy domain controller did for old environments.
The Real SaaS Domain Controller Solution
Fortunately, there is a solution out there that fits this new description of the cloud domain controller. This tool is called Directory-as-a-Service®, and it is helping connect users to the IT resources they need. Plus, the modern incarnation of a identity and access management platform is operating from the cloud, for cloud, on-prem, and remote resources.
You can learn more about this SaaS domain controller alternative by reaching out to us. We would be happy to explain how exactly the platform operates, and how it can benefit your organization. Alternatively, you can also sign up for a free account of the DaaS platform. Your first 10 users are free forever, with no credit card required, so there’s no reason not to give it a shot.
This is a Security Bloggers Network syndicated blog post authored by Jon Griffin. Read the original post at: JumpCloud