| Developers: | Avanpost (Outpost) |
| Date of the premiere of the system: | 2022 |
| Last Release Date: | 2025/02/05 |
| Technology: | Information Security - Authentication |
Content |
2025: Avanpost DS 1.6 with support for one-way and two-way trust relationships with Microsoft Active Directory
Avanpost introduced an updated version of the Avanpost DS 1.6 directory service on February 5, 2025.
The main release change is support for one-way and two-way trust relations between Microsoft Active Directory and Avanpost DS, which allows transparent access to resources during coexistence.
Directory service version 1.6 expanded the functionality of password policy management, which ensured the implementation of the usual account management capabilities similar to those present in Microsoft AD. The extended functionality includes the login hours of the domain user, the validity period of the account, the ability to set the "password never expires" flag for the account, the ability to set the requirement to change the account password without binding to the policy.
For the convenience of administration, the new release added the functionality of the directory service basket by analogy with MS AD, which provides ease of recovery of remote objects and a graphical interface for the domain client.
In addition to the added features, the Avanpost DS 1.6 directory service has fixed group policy display and log event display errors.
 | The coexistence period is extremely important in import substitution projects of the directory service, so, of course, this release is of great importance to us. With the release of Avanpost DS 1.6, we are taking a step forward in identity security by providing administrators with advanced account management and integration with Microsoft Active Directory. We are confident that the above changes will significantly increase the convenience of administration and make access to resources transparent in the coexistence scenarios of Avanpost DS and MS AD, "said Dmitry Zakoryuchkin, head of the Avanpost DS product line. |  |
2024: Presentation of Avanpost DS Public and Avanpost DS Pro
Avanpost on November 27, 2024 presented two updated versions of the fully Russian directory service Avanpost DS (Directory Service): free Avanpost DS Public for companies with a small corporate infrastructure and industrial Avanpost DS Pro.
Avanpost DS is designed to replace Microsoft Active Directory (MS AD) and manage Linux infrastructures. The solution provides seamless migration with MS AD and transparent resource management during a long coexistence period.
Avanpost DS Public will help companies with small corporate infrastructure within one domain to eliminate the use of illegitimate foreign software and ensure the security and manageability of the IT environment. In large companies, Avanpost DS Public can be used in dedicated branches as the main directory service, as well as in local infrastructures for solving various technological problems. Free directory service allows you to manage 1000 objects, 200 accounts. The use cases familiar to MS AD administrators will help you easily work with Linux infrastructures and comfortably import Microsoft Active Directory. The Avanpost DS Public directory service has guaranteed software support throughout the product lifecycle.
At the same time, the Avanpost DS Public solution is ready to scale to an extended, professional version as the company grows, which provides the possibility of a smooth transition without re-installation and configuration.
Avanpost DS Pro is an industrial solution for complex, high-load infrastructures operating in Business Critical or Mission Critical (Mission Essential) mode. In this version of the product, it is possible to build a domain forest by analogy with MS AD, as well as establish trust relationships with many external domains.
The industrial catalog service also allows you to customize the product to meet your business needs and requirements, as well as download customized group policy templates. The Pro version of the Avanpost directory service has successfully passed long and intensive load testing in industrial environments. As a result, it showed better performance than MS AD when operating at scales up to 30 million.
The product allows you to solve the problems of a single directory service: user and computer management, centralized authentication using LDAP (S) and Kerberos protocols based on your own implementation of these protocols in accordance with RFC without using open source. All this provides reliable and secure user authentication, high performance, fault tolerance and scalability without limitations.
| | We at Avanpost strive to ensure that as many Russian companies as possible have access to a high-performance solution for managing corporate infrastructure. We are announcing two versions of the directory service for different consumption models at once: Avanpost DS Public and Avanpost DS Pro. They take into account the requirements of the market, and the solutions are ready for use "out of the box, - said Alina Kurakina, CEO of Avanpost. | |
| | Avanpost DS Public will allow you to smoothly migrate your IT infrastructure from Western products without disrupting your organization. At the same time, Avanpost DS Pro offers advanced features and capabilities for large enterprises that require high performance and scalability. Such solutions are a step towards digital independence and innovation, allowing organizations to confidently look to the future, "said Dmitry Zakoryuchkin, Head of Product Development at Avanpost DS. | |
2023
Avanpost Directory Service 1.1
On November 16, 2023, the company Avanpost announced the release of an updated version of the Avanpost Directory Service 1.1. The added functionality of the solution combines a role model with a granular assignment of access rights integration and with -. DNSserver
Microsoft Active Directory For a long time, it was the only directory service provider to the domestic market, providing centralized management of users and resources and simplifying the process authentications authorizations and users on the network. Due to sanctions and withdrawal Microsoft from all products of Russia the company, including operating system Windows the Active domains Directory service, became inaccessible to Russian organizations.
At the beginning of 2023, Avanpost offered the market an up-to-date product for import substitution - a full-fledged domestic replacement of the unified Avanpost Directory Service.
Avanpost Directory Service (Avanpost DS) addresses the challenges of identifying and authenticating users in organizations by managing accounts, security policies, and user access rights to resources.
Avanpost Directory Service is the first directory service of its own design, without using Open source solutions, which guarantees high product performance, the ability to optimize and scale the functional modules of the catalog, as well as use in cloud technologies.
The Avanpost DS is based on a highly productive, proprietary LDAP directory, which is a centralized repository of user and resource information, as well as the Kerberos key distribution center, which provides end-to-end authentication in the domain.
The additional functionality implemented in Avanpost DS 1.1 offers network administrators advanced access control and infrastructure management capabilities for the catalog service of modern organizations with a large number of workplaces.
A role model with granular assignment of permissions at the attribute level was developed in Avanpost DS 1.1 for flexible delegation of authority to individual sections of the catalog. This feature enables you to implement the most complex departmental delegation scenarios for directory service objects. For example, a limited set of access rights can be granted to technical support employees or regional administrators.
This granular control system makes access control more efficient, reducing regulatory complexity while ensuring optimal availability and disaster tolerance of catalog data and authentication services in geodistributed infrastructures.
The ability to integrate flexibly with infrastructure services is another key feature of Avanpost DS, which made it possible to integrate with the high-performance Power DNS server in terms of storing zone data, for which Avanpost DS acts as an LDAP backend. The directory service and the domain name system are as closely connected as possible - so much so that Active Directory services cannot function without a stable DNS configuration.
Avanpost DS 1.1 now stores zone data in the directory and supports secure dynamic updating of DNS records. As a result, the servers are equal and the transmitted information is up-to-date.
| | We have been developing the Avanpost DS service for more than three years and, having released the LDAP catalog in September, we continue to improve our product. Our goal is to provide the market with a high-performance, scalable solution. The new functionality of Avanpost DS 1.1 is designed to help our customers solve a number of important problems in terms of high availability and disaster tolerance of catalog data, which is especially important for large distributed infrastructures designed for tens of thousands of jobs, - said Dmitry Zakoryuchkin, owner of the Avanpost DS product. | |
Starting the Avanpost DS Single Directory Service
On August 16, 2023, Outpost announced the launch of the Avanpost DS unified catalog service.
According to the company, the Avanpost DS catalog service is a solution for centralized user management, authentication and authorization in Linux infrastructures with the ability to hierarchically represent objects.
Avanpost DS is a standalone development. LDAP and Kerberos protocols, domain topology building and replication - all the main functions are developed by Outpost independently in the Go language. On the one hand, this makes the implementation fully manageable, on the other hand, it provides optimal performance, the ability to optimize and scale the functional modules of the catalog, as well as use in cloud technologies.
The target audience of the product, first of all, are large enterprises, state companies and institutions - structures. They tend to have a large, often distributed IT infrastructure for tens and hundreds of thousands of jobs, which has specific scalability and performance requirements that free directory services cannot provide. For this reason, the use of open solutions, such as FreeIPA, or products based on them, in such organizations remains a big question.
In 2020, the company began developing its directory service (Avanpost DS) in response to a request from the Russian market for import substitution of infrastructure services. At the end of 2022, the first version of the product was released. This made it possible to conduct a number of pilot projects for large customers in the first half of 2023. The potential volume of future projects covers about 1 million jobs.
The roots of the development of Directory Service class systems go back to the 1980s. It began with the development of the X.500 standard, which was a distributed directory service developed, International Telecommunications Union (ITU-T) as well as the creation of the LDAP protocol, which was widespread. In 1999 Microsoft , she released her implementation of the directory service called. Active Directory It became the basis for organizing resources and user accounts in the family's networks Windows and quickly became the standard, including for Russian enterprises. In the structure of Global Identity and Access Management Market, the Directory Service segment for August 2023 occupies about 11%, while Microsoft AD is essentially a monopoly in this segment.
As of August 2023, as part of the import substitution trend in Russia, a favorable situation is developing for domestic manufacturers, which allows them to bring to the market a competitive replacement for Microsoft AD. The Avanpost DS directory service solves the tasks of centralized authentication and authorization, management of users and computers in a hierarchical structure, while ensuring optimal availability and Disaster tolerance of directory data and authentication services in geodistributed infrastructures.
Avanpost DS is based on a high-performance LDAP directory of its own design, which is a centralized directory storage information about users and resources, as well as domain a Kerberos key distribution center that provides end-to-end authentication in. For tasks such as workstation configuration management, name resolution, time synchronization, Avanpost DS provides integration with external systems for which the solution acts as an LDAP backend. For example, for DNS servers Avanpost, the DS can store zone data in the directory and support secure dynamic updates, and for the configuration management system act as a "group policy selector" by mapping stored configurations to the desired computers. The flexibility of integration with infrastructure services is a feature of Avanpost Directory Service. This allows, for example, to use a more efficient Power DNS as a DNS server instead of the usually used Bind, and also to choose the configuration management system that is most suitable for a specific infrastructure.
Moreover, Avanpost DS will allow smooth migration with Microsoft AD, without interrupting service during the transition period. During the coexistence period, it will be possible to access resources in the Avanpost DS domain from workstations Windows, as well as access to non-migrated resources from workstations running any domestic Linux distributions.
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |