The ability to manage systems has traditionally been provided by on-prem Microsoft solutions like Active Directory® (AD) and SCCM® (previously called SMS). However, as more IT resources move away from on-prem Microsoft networks in favor of online alternatives, more IT organizations want a cloud directory that features system management.
The challenge is that system management is often overlooked by cloud directory services that don’t want to step on Microsoft’s toes. Fortunately, a bold new generation of cloud directory service has emerged to change that by providing a cloud directory with a robust system management feature. It’s called Directory-as-a-Service®, but before we dive into the characteristics of hosted system management, let’s first explore the development of the legacy approach to reveal why system management is better in the cloud.
The Legacy Approach to System Management
The modern era of directory services really kicked off with the introduction of the LDAP protocol in 1993. LDAP was developed by our advisor, Tim Howes, and his colleagues at The University of Michigan as a lightweight alternative to the X.500 directory service protocol that was common prior to the release of LDAP. However, LDAP did not offer support for system management.
Microsoft actually pioneered Windows-based system management when they combined LDAP with Kerberos to create Active Directory in 1999. AD’s system management capabilities are manifested in the form of Group Policy Objects (GPOs), which effectively enable IT admins to manage a fleet of Windows systems from one central location by automating a variety of routine and complex tasks like setting screen lock timeout, disabling USB ports, and a lot more.
GPOs are certainly a powerful tool. Yet, they have always been limited in that GPOs can only be applied to Windows-based systems. Of course, this limitation wasn’t really an issue when AD was released since IT networks were predominantly Windows based and on-prem. However, things started to change as Mac and Linux devices made their way onto IT networks.
The rise of Mac and Linux began in the mid-2000’s around the same time that Software-as-a-Service (SaaS) apps like Salesforce and Dropbox also started to gain popularity. The introduction of these new types of IT resources was like adding new variables to an equation that described how to manage identities and systems in IT networks.
AD was the solution when it came to managing a traditional on-prem IT network. However, the effectiveness of AD as a solution was dependent on two primary factors. The first factor was the network had to be on-prem so that IT resources could be directly bound to the AD domain. The other factor was the network had to be homogenous (e.g., exclusively Windows). These two factors must remain constant for AD to remain an effective solution.
To change the equation is to change the solution. For most modern organizations, there is no doubt that AD is no longer the correct solution to the overall question of IT management. The good news is that a new generation of cloud directory has emerged that solves the problem of managing systems in modern networks. That solution is called Directory-as-a-Service, from JumpCloud.
Make Room for Cloud Directory feature System Management
Directory-as-a-Service is like Active Directory and LDAP reimagined for the cloud era. The key difference is that JumpCloud takes a far more holistic approach to system management by providing support for all three major systems (e.g., Windows, Mac, and Linux), whereas AD was only focused on Windows.
Under this new cloud identity management model, IT organizations will be able to securely manage and connect their users to the best IT resources for the job, regardless of platform, provider, protocol, or location. A cloud directory also shifts a great deal of work and effort from the IT team to a third party provider. The result is that IT organizations no longer have to procure hardware, install and configure software, and then manage and maintain the solution. Instead, IT admins simply consume the service and pay for what they use.
Directory-as-a-Service goes far beyond system management to provide a comprehensive array of management capabilities for virtually any IT resource. For example, JumpCloud empowers IT admins with management capabilities such as centralized user management, LDAP-as-a-Service, cloud RADIUS, True Single Sign-On®, Samba file server and NAS authentication, multi-factor authentication, and much more.
Directory-as-a-Service can even provide cross-platform GPO-like capabilities to help manage a fleet of heterogeneous systems (i.e., Windows, Mac, and Linux) from one centralized location. In other words, IT admins have the ability to set policies, execute scripts, and run commands remotely on Windows, Mac, and Linux devices without the hassle of maintaining AD on-prem.
Learn More about JumpCloud’s Cloud Directory feature System Management
Check out the following whiteboard presentation to learn more about our cloud directory feature system management.
Contact the JumpCloud team to answer any questions about JumpCloud’s cloud directory feature system management, or sign up for a Directory-as-a-Service account today and explore the full functionality of our platform first hand. Your first ten users are free forever to help you discover how Directory-as-a-Service can benefit your organization.
This is a Security Bloggers Network syndicated blog post authored by Vince Lujan. Read the original post at: JumpCloud