Secure app and data delivery across devices, networks and locations

Similar documents
Security in Higher Education: A Model for the Modern Institution

Top three reasons to deliver web apps with application virtualization

Empower a Mobile Workforce with Secure App Delivery

A comprehensive security solution for enhanced mobility and productivity

Remote access to enterprise PCs

White Paper Taking Windows Mobile on Any Device Taking Windows Mobile on Any Device

Citrix Education Learning Journey

Secure XenApp and XenDesktop, Embrace the Flexibility

Citrix Education Learning Journey

Accelerate Graphics in Virtual Environments

Windows Server 2003 Migration with Citrix App and Desktop Delivery

Welcome to the new Citrix Product Documentation site

Desktop virtualization for all

Citrix CloudBridge Product Overview

What is an application delivery controller?

Secure File Sharing and Real-Time Mobile Access to Business Data with Citrix ShareFile

Deploying NetScaler with Microsoft Exchange 2016

Guide to Deploying NetScaler as an Active Directory Federation Services Proxy

Citrix ShareFile Enterprise: a technical overview citrix.com

Adding XenMobile Users to an Existing XenDesktop Environment

Deliver a seamless user experience for Windows apps on Chromebooks

XenApp, XenDesktop and XenMobile Integration

Client virtualization secrets of a savvy IT director

DaaS Market Report Workspace Services and Desktops-as-a-Service Global Market Trends: The Service Provider Perspective

Citrix Consulting. Guide to Consulting Methodology and Services

Mobilizing Windows apps

Addressing Today s Endpoint Security Challenges

Windows 7 made easier with Citrix XenDesktop

Safeguard protected health information with ShareFile

Securing Today s Mobile Workforce

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Five reasons to choose Citrix XenServer

Maximize your investment in Microsoft Office 365 with Citrix Workspace

Design and deliver cloud-based apps and data for flexible, on-demand IT

Solutions Brief. Unified Communications with XenApp and XenDesktop. citrix.com

Deployment Guide. ICA Proxy for Citrix Receiver with SMS Authentication. Access Gateway Enterprise Edition XenApp XenDesktop

Data Center Consolidation for Federal Government

Citrix XenMobile and Windows 10

Deployment Guide. ICA Proxy for Citrix Receiver. Access Gateway Enterprise Edition XenApp XenDesktop

A Guide to Closing All Potential VDI Security Gaps

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

DEPLOYMENT GUIDE Amazon EC2 Security Groups. Deployment Guide. Security Groups Amazon EC2.

Deploying XenApp 7.5 on Microsoft Azure cloud

Deployment Best Practices and Guidelines to Deliver Any App to Mobile Users

Features. HDX WAN optimization. QoS

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

White Paper. Deployment Practices and Guidelines for NetScaler 10.1 on Amazon Web Services. citrix.com

Mobile Access Security & Management Managed and Unmanaged Mobile Access to Windows Applications and Virtual Desktops from Smart phones and Tablets

Changing face of endpoint security

White paper. Security Beyond Corporate Boundaries. Using Citrix Application Delivery to Protect Corporate Information Anywhere Business Happens

Consolidate your Secure Remote Access Delivery Infrastructure with one URL

The Need For A New IT Security Architecture: Global Study On The Risk Of Outdated Technologies

Solution. Imagine... a New World of Authentication.

3 Ways Businesses Use Network Virtualization. A Faster Path to Improved Security, Automated IT, and App Continuity

BUFFERZONE Advanced Endpoint Security

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

Improve the XenApp or XenDesktop experience for branch and mobile workers with CloudBridge

Citrix XenDesktop White Paper. How to provide unmatched availability, performance and security for Citrix XenDesktop.

Transforming Security Part 2: From the Device to the Data Center

Cisco ACI and Citrix NetScaler: Opening the Way to Data Center Agility

Installation Guide. Citrix License Server VPX v1.01

Protect Your End-of-Life Windows Server 2003 Operating System

High availability and disaster recovery with Microsoft, Citrix and HP

Citrix SD-WAN for Optimal Office 365 Connectivity and Performance

BUFFERZONE Advanced Endpoint Security

The threat landscape is constantly

DEPLOYMENT GUIDE XenApp, Avaya 1X Agent. Deployment Guide. Avaya 1X Agent R2 SP2. XenApp 6.0.

Control and secure sensitive data while empowering business mobility with ShareFile

Maximize your move to Microsoft in the cloud

The Device Has Left the Building

Total Threat Protection. Whitepaper

Oracle PeopleSoft 9.2 with NetScaler for Global Server Load Balancing

mhealth SECURITY: STATS AND SOLUTIONS

Make security part of your client systems refresh

Mobility, Security Concerns, and Avoidance

White paper. The three levels of high availability Balancing priorities and cost

Maintain Compliance with SWIFT Security Standards

Security Assessment Checklist

Your Adoption Kit for Citrix Workspace Standard

THE SONICWALL CLEAN VPN APPROACH FOR THE MOBILE WORKFORCE

Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER

Overview. Premium Data Sheet. DigitalPersona. DigitalPersona s Composite Authentication transforms the way IT

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

XenMobile Technology Overview

Symantec Network Access Control Starter Edition

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Accelerate Transportation Services with Citrix Mobile Access, High Availability and Centralized IT

How to buy or cancel the XenDesktop Essentials Service

Mobilize with Enterprise Security and a Productive User Experience

Six Myths of Zero-Client Computing

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

PCI DSS Compliance. White Paper Parallels Remote Application Server

A Mobile Security Checklist: The Top Ten Threats to Your Enterprise Today. White Paper

BYOD Success Kit. Table of Contents. Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips

Introducing XenApp, Built on the FlexCast Management Architecture

SIEM: Five Requirements that Solve the Bigger Business Issues

CA Host-Based Intrusion Prevention System r8

Citrix XenServer 7.1 Feature Matrix

Transcription:

Secure app and data delivery across devices, networks and locations How XenApp dramatically simplifies data protection, access control and other critical security tasks. citrix.com

Most discussions of application and desktop virtualization focus on cost reduction, simplifying IT operations, and increasing convenience for employees. These factors are extremely important, but IT professionals should not overlook the immense impact of workspace virtualization on information security. In fact, application and desktop virtualization have profound advantages for key security functions such as data protection, access control, user provisioning and compliance. They can also give administrators extremely granular control over how employees, contractors and business partners use and share application data. This white paper examines how Citrix XenApp can dramatically reduce the effort required to protect mission-critical information, while giving users fast, simple, flexible remote access that enhances business productivity. Growing IT security challenges Corporate IT groups are continuously challenged to support critical new business initiatives and improve end user computing experiences, while facing limited budgets and mounting pressures to improve information security. Many of these challenges involve making computing resources easier to utilize, regardless of physical and geographical boundaries. Employees are demanding the following: Work anywhere, with a consistent experience, from PCs, laptops, tablets and smartphones. Utilize personal devices within a corporate environment through bring your own device (BYOD) programs. Freedom from rigid IT security controls that restrict performance and inhibit productivity. Access to corporate data and self-provision applications on-demand. At the same time, today s headlines announce data breaches and IT news websites feature stories about cyber criminals and hackers spreading zero-day attacks, new types of malware, and stealthy planning targeted attacks. Fundamental changes in the way people work and waves of new consumer technologies are shattering the old methods of balancing employee productivity and IT security. IT admins are facing powerful workplace trends that disrupt routine protocols and processes for protecting corporate information: Since 2014, each knowledge worker is expected to have an average of 3 devices connected in the workplace. citrix.com 2

Employees are supplying their own personal endpoint devices, making it difficult or impossible to mandate and enforce corporate security standards. IT must provide access to employees, contractors and business partners, from remote offices, home offices, hotel rooms and even kiosks, across the globe. Rethink security Clearly these trends are not sustainable with current approaches to security and remote access. How can IT groups provide easier access to resources, in the face of more sophisticated threats, with multiplying endpoints to defend? And the challenges are not just related to the quantity of end points, but to the increasing diversity. Each type of device PC, laptop, tablet and smartphone requires different security products, protecting against different threats, and applying different access policies. The remedy is not adding yet another layer of security products that require more management. Instead, it is to change the game by moving to a computing model that is inherently secure, with an architecture that dramatically simplifies fundamental security functions such as data protection, access control, provisioning and secure remote access. XenApp XenApp is an application delivery solution that enables any Windows, Linux, Web or SaaS application to be virtualized, centralized and managed in the datacenter and instantly delivered as a service to users anywhere on any device. With XenApp, applications execute in the data center and are securely accessed from any location. Keeping applications and data protected within the hardened data center and hosted in the same location as the back-end databases further enhances application performance even when accessed from distant locations. The application access and performance benefits of XenApp are numerous, but many times the security advantages of a centralized application deployment model are overlooked. XenApp provides an inherently secure architecture that dramatically reduces the quantity of data exposed outside of the data center without configuring extensive security features or add-on security products. The fundamental design of XenApp is to keep all apps, data, and information secured in the data center and only send screen update, mouse click and keystroke commands across the network to the user s endpoint device. XenApp keeps sensitive corporate information protected in the data center, but employees still need secure access to the XenApp infrastructure. Applications published using XenApp are accessible through Citrix Receiver a lightweight client that can be installed on any type of device, including ios, Mac, Android, Windows and more. Citrix Receiver makes it easy for IT administrators to securely enable application access from any type of personal or corporate-owned device while ensuring that IT security procedures and processes are enforced. Citrix Receiver is in constant communication with the XenApp infrastructure, making it easy to identify the optimal application delivery method for any user based on device features, available network connection, and specific application-related tasks. Users in any location can download Citrix Receiver and securely access XenApp published applications making it easy for IT to meet the employee demands without compromising security standards. citrix.com 3

NetScaler Gateway XenApp deployments can be further enhanced with NetScaler Gateway. NetScaler Gateway is a secure application, desktop and data access solution that provides granular application and device-level policies and action- controls. NetScaler Gateway secures remote access to XenApp infrastructure and provides users with a secure, single point of access to published applications and desktops from any type of device. NetScaler Gateway ensures secure remote access by using secure Citrix ICA proxy technology to encrypt data without the need to establish a full VPN tunnel from remote devices. NetScaler Gateway leverages HDX SmartAccess technology to give IT managers a single point of management for controlling access and limiting actions allowed to users. With HDX SmartAccess, IT administrators can strike the right balance between security and end user convenience in every situation. They do this by defining a precise set of policies based on users, devices and locations. For example, administrators might want to create policies so that one group of users can access a wide range of applications and data while on the LAN, a subset of those resources while on a tablet at home, and a smaller subset from a smartphone connected through a public network. Another, less trusted group could be restricted to a small subset of resources under all conditions. Administrators can go even further by restricting the ability of users in insecure environments to copy, email or print data, or to save confidential files to removable media. They could limit users on public kiosks to viewing data and nothing else. Further, access can be limited based on the security posture of the endpoint. HDX SmartAccess includes endpoint analysis software that can scan remote computers and determine if security tools like anti-virus software, client firewalls and hard drive encryption utilities are present, running, and up-to-date. If these requirements are not met, the user can be restricted to a limited set of applications and data, or redirected to a remediation site where the security deficiencies can be remedied. These policies can be applied dynamically as users move between different devices, applications and locations. Administrators can enforce compliance with rules that govern privacy and the secure storage of data. This is critical for enterprises that are affected by regulations such as those in some European countries that require data about its residents be stored within the country s borders. With HDX SmartAccess, an organization could not only prove that the data resides in a virtual environment located in the country, it could also create policies so that nobody located outside of the country, or using a mobile device, could access that data. Reduce security complexity The architecture and core features of XenApp with NetScaler Gateway make security far more reliable and easier to manage. By opting for a solution that is inherently secure, some of the most vexing challenges of protecting data on endpoints simply disappear or are dramatically reduced in complexity. Data protection Sensitive data can be centralized in the data center and protected by a complete set of network and host security products such as next-generation firewalls (NGFWs), intrusion protection citrix.com 4

systems (IPSs), and host anti-malware and anti-spyware tools. These defenses are generally much more powerful and effective than the local firewall and anti-virus products deployed on endpoints, and are far easier to update. With XenApp, data is never transferred over the network, and if policies are enabled to allow data transfer, that data is encrypted. Keeping intellectual property and sensitive information protected from eavesdropping, man-in-the-middle attacks, and other threats to data in motion. Application and desktop virtualization with XenApp also simplifies the operational aspects of data protection. Databases and files in a central location are far easier to monitor and back up than those residing on distributed devices. Employees are easily protected from data loss due to hardware and software failures, accidents and human errors. Data can be recovered faster in the event of a major outage or disaster. Access control Controlling access to applications and data residing on endpoints is extremely challenging, especially since the tools available to manage those local controls vary widely across different types of laptops, tablets and smartphones. Further complicating the picture is the fact that most organizations have multiple access points and authentication procedures to support different use scenarios. Three different gateways and three different authentication procedures might be needed to handle one employee connecting from a PC in the office, a second employee connecting over the Internet from a tablet at home, and a contractor connecting from a smartphone at the airport. With XenApp, administrators can use one set of tools to create and enforce a single set of access control policies for all users, regardless of their locations and the devices they are using. They could also add multi-factor authentication to any Windows or legacy application, including tokens, smartcards, RADIUS, Kerberos and biometrics. These same access controls and authentication methods can be used to manage access to all resources delivered by XenApp while providing a self-service, enterprise app store that gives users fast, on-demand access to Windows applications and application updates. By providing an enterprise app store, IT can provide consumer-type flexibility to users and free up operations and support staffs from providing applications to individual employees. It also enhances security by giving users convenient access to corporate-approved and tested applications, so they don t potentially download infected apps from dubious app stores and compromised sites on the web. Provisioning and de-provisioning Provisioning and de-provisioning employees can be a burdensome activity for IT administrators. It is particularly challenging to cut off application and data access when employees, contractors and others are terminated. War stories abound of contractors retaining application access months after their work is complete, and of fired employees walking off with customer lists and intellectual property. citrix.com 5

With XenApp, new users can be provided with access to applications with a few clicks, and access to applications and data can be revoked in seconds from terminated employees and contractors. If terminated employees are using their own laptops or mobile devices, sensitive data is stored out of reach in the data center, not on their equipment. Incident response and disaster recovery Incident response and disaster recovery are also inherently simpler with application and desktop virtualization. Centralized data is easier to monitor and analyze than data spread around distributed systems. Vulnerabilities can be patched or remediated in a central location, instead of across hundreds of remote PCs and devices. For disaster recovery, administrators can set up a two data center configuration where applications and data are mirrored between two sites. If one site goes down, users can quickly be switched to the other with no loss of data or productivity. If laptops and other devices are destroyed or unreachable in a disaster, employees can access their applications and data from other devices in safe locations. Compliance XenApp can simplify audits and regulatory compliance. Investigators can use a complete, centralized audit trail to determine who accessed what applications and data. There is no need to collect extensive logs from remote devices. Conclusion This paper outlines how XenApp solutions from Citrix give users more power and flexibility to securely access applications and data anywhere, using any device. It also explains some of the ways application and desktop virtualization can simplify difficult and time-consuming IT security tasks related to: Data protection Access control Policy enforcement Provisioning and de-provisioning Incident response and disaster recovery Compliance Secure, efficient remote access XenApp solutions reduce the work needed to provide better security. Security improvements are inherent in a virtualized architecture and a centralized application and desktop delivery model. That means that organization can enjoy the benefits of simpler and more reliable security, without having to implement and manage complex new security tools. citrix.com 6

Additional Resources App Virtualization Solutions Compare XenApp vs. VMware Horizon Corporate Headquarters Fort Lauderdale, FL, USA India Development Center Bangalore, India Latin America Headquarters Coral Gables, FL, USA Silicon Valley Headquarters Santa Clara, CA, USA Online Division Headquarters Santa Barbara, CA, USA UK Development Center Chalfont, United Kingdom EMEA Headquarters Schaffhausen, Switzerland Pacific Headquarters Hong Kong, China About Citrix Citrix (NASDAQ:CTXS) is leading the transition to software-defining the workplace, uniting virtualization, mobility management, networking and SaaS solutions to enable new ways for businesses and people to work better. Citrix solutions power business mobility through secure, mobile workspaces that provide people with instant access to apps, desktops, data and communications on any device, over any network and cloud. With annual revenue in 2015 of $3.28 billion, Citrix solutions are in use at more than 400,000 organizations and by over 100 million users globally. Learn more at www.citrix.com. Copyright 2016 Citrix Systems, Inc. All rights reserved. Citrix, XenApp, Receiver, NetScaler Gateway, ICA and HDX Smart Access are trademarks of Citrix Systems, Inc. and/or one of its subsidiaries, and may be registered in the U.S. and other countries. Other product and company names mentioned herein may be trademarks of their respective companies. 0316/PDF citrix.com 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback