+ All Categories
Home > Documents > Citrix Receiver – The Challenge

Citrix Receiver – The Challenge

Date post: 22-Feb-2016
Category:
Upload: rollin
View: 72 times
Download: 0 times
Share this document with a friend
Description:
Citrix Receiver – The Challenge. Certificate-Based Authentication (CBA - 2FA) The organization MUST be able to positively determine users’ ID for security CBA requires Public Key Identification (PKI) hardware (USB smart card chip) and middleware Installation and Configuration Issues - PowerPoint PPT Presentation
Popular Tags:
of 7 /7
11 All rights reserved to Ceedo. Ceedo - Flexible Computin Certificate-Based Authentication (CBA - 2FA) The organization MUST be able to positively determine users’ ID for security CBA requires Public Key Identification (PKI) hardware (USB smart card chip) and middleware Installation and Configuration Issues Citrix Installation might suffer conflicts and related issues (incompatibility, conflicting versions, etc.) If the connection runs through VPN SSL – users will require plug-ins and/or specific browser version Additional plug-ins might be required for organizational portal (.net, Java, etc.) If a self-signed certificate (server certificate) is used, users have to configure end- point’s browser Data Leakage Hard to manage where users export data to (machines/media) and how they use it A misconfigured machine might be used by unauthorized personal for accessing sensitive data Citrix Receiver – The Challenge
Transcript
Page 1: Citrix Receiver – The Challenge

© 2011 All rights reserved to Ceedo.

Ceedo - Flexible Computing

Certificate-Based Authentication (CBA - 2FA)

• The organization MUST be able to positively determine users’ ID for security

• CBA requires Public Key Identification (PKI) hardware (USB smart card chip) and middleware

Installation and Configuration Issues

• Citrix Installation might suffer conflicts and related issues (incompatibility, conflicting versions, etc.)

• If the connection runs through VPN SSL – users will require plug-ins and/or specific browser version

• Additional plug-ins might be required for organizational portal (.net, Java, etc.)

• If a self-signed certificate (server certificate) is used, users have to configure end-point’s browser

Data Leakage

• Hard to manage where users export data to (machines/media) and how they use it

• A misconfigured machine might be used by unauthorized personal for accessing sensitive data

Citrix Receiver – The Challenge

Page 2: Citrix Receiver – The Challenge

© 2011 All rights reserved to Ceedo.

Ceedo - Flexible Computing

Certificate-Based Authentication (CBA - 2FA)

• The organization MUST be able to positively determine users’ ID for security

• CBA requires Public Key Identification (PKI) hardware (USB smart card chip) and middleware

Installation and Configuration Issues

• Citrix Installation might suffer conflicts and related issues (incompatibility, conflicting versions, etc.)

• If the connection runs through VPN SSL – users will require plug-ins and/or specific browser version

• Additional plug-ins might be required for organizational portal (.Net, Java, etc.)

• If a self-signed certificate (server certificate) is used, users have to configure end-point’s browser

Data Leakage

• Hard to manage where users export data to (machines/media) and how they use it

• A misconfigured machine might be used by unauthorized personal for accessing sensitive data

Citrix Receiver – The Challenge

Tough security issues.

Data compromise.

High helpdesk costs.

Hard to manage.

Page 3: Citrix Receiver – The Challenge

© 2011 All rights reserved to Ceedo.

Ceedo - Flexible Computing

AdditionalSoftware

Home PC Laptop/Any PC Branch PCsContractors

Citrix Receiver + 2FA: Current Situation

Self-SignedCertificate

VPN SSLAdd-on & URL

ReceiverClient

2FAMiddleware

Data & UserPolicies

Citrix Farm / IT Dept.

Traditional technologies demand that each component will be distributed separately to EACH end-point:

• 2FA Middleware• Citrix Receiver Client

(for both managed and unmanaged machines)

• VPN SSL add-on for browser• Self-signed certificate• Additional required plug-ins/software

Unmanaged machines are handled by the end user.

Novice/non-savvy users will probably require helpdesk services.

2FAHardware

End User Helpdesk

What a mess…

Page 4: Citrix Receiver – The Challenge

© 2011 All rights reserved to Ceedo.

Ceedo - Flexible Computing

AdditionalSoftware

Home PC Laptop/Any PC Branch PCsContractors

Citrix Receiver + 2FA: Current Situation

Self-SignedCertificate

VPN SSLAdd-on & URL

ReceiverClient

2FAMiddleware

Data & UserPolicies

Citrix Farm / IT Dept.• Middleware• Citrix Receiver Client

(for both managed and unmanaged machines)

• VPN SSL add-on for browser• Self-signed certificate• Additional required plug-ins/software

Are all mounted on one device…Centrally managed…In plug-and-play mode…On a single device for any platform at any time.

2FAHardware

End User

But what if…

Helpdesk

This is exactly what Ceedo for Citrix is!

Page 5: Citrix Receiver – The Challenge

© 2011 All rights reserved to Ceedo.

Ceedo - Flexible Computing

Administrator pre-configurescomponents, apps in a Ceedofor Citrix workspace and installs it on a flash drive or USB token.

USB drives or installation packagedelivered to end-users(usually in a read-only partition).

Users plug in devices and startworking immediately! Zero-installand zero footprint - nothing is leftbehind after USB is unplugged.

Workspaces can be managed remotely from the cloud.

The Solution: Ceedo for CitrixSolution: Pack everything into a plug-and-play platform on USB drive or 2FA device!

CeedoWorkspace

ReceiverClient

SandboxedBrowser

Self-SignedCertificate

VPN SSLAdd-on & URL

PKIMiddleware

AdditionalSoftware

Data & UserPolicies

Home PC Laptop/Any PC Branch PCsContractors

Page 6: Citrix Receiver – The Challenge

© 2011 All rights reserved to Ceedo.

Ceedo - Flexible Computing

Ceedo for Citrix Technology

Device architecture (varies)Flash memory on 2FA device or regular USB drivePartitioned to Read Only and Read/WriteRead Only: Ceedo workspace, 2FA Middleware or software and all other applications and components.Read/Write: User Data and customizations.

Virtual Runtime

Environment

Ceedo EnterpriseManager (CME)

Management SystemCEM: Creates Ceedo workspaces and their policies.CPC: Creates application packages.CCMS: Assigns users and groups with devices, workspaces, edits and creates policies, aggregates usage data, and more (web-based)…Ceedo Package

Creator (CPC) Ceedo ClientManagement (CCMS)

Virtual Runtime EnvironmentActs as a surrogate OSRuns all components within a sandboxWorks entirely in User ModeNo admin rights or installation requiredCross windows platforms

Page 7: Citrix Receiver – The Challenge

© 2011 All rights reserved to Ceedo.

Ceedo - Flexible Computing

Plug-and-Play zero-install CitrixReceiver on a flash memory of a 2FA device (or any USB thumb-drive).

Encrypted data, sandboxed apps and enables configuring user-rights policies enforcement (access to drives, printers, etc.).

Includes a built-in pre-configured browser, plug-ins and additional software.

Allows for remote management of policies and component updates.

Roam from PC to PC, regardless of OS version and user privileges.

To Conclude: Ceedo for Citrix Key Features


Recommended