Extend Your AD Existence to The Cloud through InstaSafe® AD Connect+
The Great IT Admin Challenge
Workforce today, is becoming increasingly mobile and dynamic. They expect that the individuals should not be confined to an office and should have the freedom and ability to work remotely. Not only that, they also expect that they have ready access to the documents and applications at any place, any time. This poses a great challenge to the IT Team, as communicating and collaborating on unsecure and non-trusted networks, puts the entire organization at risk.
Active Directory® – The Go-to Solution, But…
Over the years, IT Admins have relied on many directory services, like Active Directory®, LDAP, Radius, SAML, etc. to make the workforce compliant to the company policies. However, in today’s scenario, it becomes very difficult to make the remote workers comply with the policy, as the directory services can only be implemented on On-Premise users.
Enterprises have been unable to have remote devices join the corporate domain as it is not possible to expose the Domain Controller (DC) to the internet without exposing the entire network to a huge security risk. As a result, most IT resources are being poorly managed with multiple silos, or not managed at all. Not only is such an infrastructural setup difficult to manage, but it could leave your organization open to great security risks.
InstaSafe AD Connect+ The One Stop Solution
InstaSafe AD Connect+ empowers the IT teams to make the remote devices join the corporate domain. They can then easily push directory services, like Active Directory®, LDAP, Radius, SAML, etc. and other such corporate group policies, to make them compliant. It also gives them the ability to have the remote devices pull updates, patches and therefore comply with the corporate security policies.
How does the ISA AD Connect+ Solution Work?
- InstaSafe Secure Access allows you to keep your DC in the private network and secured with the firewall blocking all inbound ports.
- The access to the DC is provided by the InstaSafe Gateway, located in the same network as the DC.
- The InstaSafe Gateway creates a tunnel from the internal network to the InstaSafe Controller.
- The Controller is the central enforcement point to interconnect the Users to the applications (including the DC) in the data center.
- The client computer has the InstaSafe Client running as a service.
- This ensures that the InstaSafe Client always starts immediately when the computer is started.
- As the InstaSafe Client starts, it detects an internet connection and establishes a connection to the InstaSafe Controller.
- The InstaSafe Client then provides the user certificate and the device fingerprint to the InstaSafe Controller.
- The InstaSafe Controller authenticates the user computer transparently using the certificate and the device fingerprint to ensure that only authorized users and their computers can connect.
- Once authenticated, the user is provided access to the DC through the InstaSafe Gateway tunnel.
- Now, the user can go through the normal steps to join the computer to the corporate domain.
- The IT Admin can now push the directory services / corporate policies to this remote device and make it compliant.