Choosing access and auditing features

In addition to the management tools for access-related or auditing-related features, each computer you want to manage must have a Centrify agent installed. After you install the agent, you choose whether to enable access features, auditing features, or both feature sets.

If you enable access features, the agent enforces the role-based privileges that enable users to run applications locally with administrative privileges without using the Administrator password and with their activity traceable to their own account credentials. You can also use role-based privileges to secure access to network services on remote computers.

If you enable auditing features, the agent captures detailed information about what users do when they access applications or network resources with administrative privileges.

You can use access features and components without auditing if you aren’t interested in collecting and storing information about session activities. You can also deploy auditing features and components without access control and privilege elevation features if you are only interested in auditing activity on Windows computers. However, the real value of using Centrify to manage Windows computers comes from using all of the services as an integrated solution for managing elevated privileges and ensuring accountability and regulatory compliance across all platforms in your organization.