Latest Blogs

from the Emerging Business Team

Startup Superstars

CTO Interview - Paul Moore, CTO Centrify Corporation


Centrify Corporation homepage screenshotIdentify. Simplify. Centrify. That's Centrify's tagline and it says it all. Founded in 2004, Centrify's business is to make Microsoft Active Directory work with non-Microsoft platforms. Today, it is a leading provider of auditing, access control, and identity management solutions that centrally secure an organization's cross-platform environment using Microsoft Active Directory. It boasts more than 300 customers, including 30 percent of the Fortune 50, over 40 resellers worldwide, and $36 million in venture funding from investors including the Mayfield Fund, Accel Partners, Sigma Partners, and INVESCO Private Capital.

Here is our conversation with Paul Moore, CTO Centrify Corporation.

 

Microsoft Startup Zone: You built your whole business around Microsoft Active Directory, please talk to us about this strategy and the need you set out to solve?

Paul Moore, CTO Centrify CorporationPaul Moore: Our business is to make Microsoft Active Directory work with non-Microsoft platforms. The reason we chose to do that was three-fold.

The first one was the fact that Microsoft Active Directory is the de facto market leader for enterprise directory services. It has 85 percent market share. It's very well accepted by the marketplace, very stable and secure, and scalable. And so that technology is now just a part of the security ecosystem in the vast majority of large corporations.

Second, large numbers of those companies, in fact, the vast majority of the Fortune 2,000 run non-Microsoft technology as part of a mixed datacenter for whatever reason. So, our business strategy was to provide the bridge between the Microsoft Active Directory and the heterogeneous platform environment that those people have.

And third, we believed that the reason people wanted to do that, and why we saw the business opportunity is because—and I'm going to get shot down for saying this by a large number of UNIX people—Microsoft's Active Directory is more secure than the vast majority of the UNIX solutions out there. That perception coincided also with the increased requirements brought about by things like Sarbanes-Oxley and other regulatory changes. So, that created the demand for there to be something that created a more secure directory environment for those non-Windows systems. And for customers, the natural thing for them to do is to take the solution that they already know and trust, their Active Directory, and extend that out to their non-Windows machines.

DirectControl Web Administrator Console: DirectControl is the only cross-platform integration solution to deliver a browser-based administrator console. Designed to meet the

MSUZ: So clearly, Microsoft Active Directory was critical, but what other Microsoft technologies have played a key role in your success? We understand you are built on the .NET Framework as well?

Moore: So, the core decision obviously is to use Active Directory, but we have a lot of components that we deliver running on Windows. And, in fact, we do have a product (Direct Audit) where we actually had a choice as to where we would deploy things and how we would build them, whether we would build them in Java or whatever. We chose Microsoft. We are heavy users of Microsoft Visual C# and .NET throughout. All of our user interface technologies are all written using C# and .NET. We do that because of the order of magnitude productivity gains we achieve, and strong integration into the Windows environment. We also use SQL Server, which for one of our products is a core component of that product, and that was chosen because of ease of deployment, scalability, and again integration with our chosen development toolset, which is C#.

The DirectAudit Console gives you a central, global view of user sessions across your audited UNIX/Linux environment. Out-of-the-box views show both current and historical sessions grouped by computer, by user, and other criteria. In this example, you can see all sessions on a specific computer, sorted by start time. DirectAudit can record sessions both for Active Directory accounts for local accounts such as root. Notice that the top two entries in this example show you sessions currently in progress.

MSUZ: Can you quantify some of the productivity gains or advantages?

Moore: I'm probably being conservative if I say twice as fast—it halves the development time. But without truly building it twice in two different technologies it's hard to say. But I'm certainly prepared to say half the time.

MSUZ: What Microsoft technologies are you looking to support in the future?

Moore: Your new version of SQL Server 2008, and obviously Windows Server 2008—we're already certified on this.

MSUZ: What one thing could Microsoft do better or do that would help you out technically?

Moore: Seriously. If they really, really want to help, then make the source code available to ISVs. Because that is the one big difference between developing on Windows and developing on any other platform. With the other platforms, I can see the source code. If I get stuck, it's very easy to understand what's going on and debug it. Whereas on Windows, you can get stuck, because it's a hidden black box to you. That is the one big—our team builds 50 percent of our stuff on UNIX and Linux, and 50 percent of the stuff runs on Windows, and that's the huge difference between the two. I don't want to steal it, the source code I mean, and I don't want to change it, just see it. It is the ultimate form of documentation.

I want to point out that Microsoft has just done this with the source of the .NET 3.0 class libraries for the very reason I just outlined. I think everybody was pleasantly surprised when this happened—and impressed with the great way they delivered it.

Paul Moore's Background

Paul Moore serves as Chief Technology Officer for Centrify, where he provides the technical vision for its cutting-edge solutions. Prior to Centrify, he was Vice President and Principal Architect for next-generation storage management products at Computer Associates. From 1999 to 2003, as CTO of Netreon, Moore designed the architecture and led the team that implemented Netreon's SANexec Manager and SANexec Designer. Prior to Netreon, he was a Program Manager in Microsoft's Windows 2000 development group, where, among other things, he drove the integration between Active Directory and the Windows 2000 enterprise print subsystem. Moore also represented Microsoft on various industry standards committees, and authored several RFCs and other industry standards. Before joining Microsoft he spent 20 years in a wide variety of software development and consulting positions for companies including Hosykns Group (Cap-Gemini), BAT, AT&T, Nestle, the U.S. Navy, the U.S. Air Force, British Petroleum, Hamlet International PLC and Honeywell. Moore holds a Bachelor of Science degree in Math and Physics from the Open University, Milton Keynes, UK, and is a fellow of the Institution for Analysts and Programmers in the UK.

Centrify CorporationFor more information, read the Microsoft Interop Alliance case study on Centrify, Software Firm Eases Compliance, Improves Security by Linking Heterogenous Systems.

Email It!   digg It!   Live It!   del.icio.us  
Published Monday, February 25, 2008 7:38 PM by Startup Superstars

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

 

warrior said:

Way to go :)

3 cheers!

February 25, 2008 8:49 PM

Leave a Comment

(required) 
(optional)
(required) 
Submit

About Startup Superstars