Transcription
Solution BriefSecurAccess MFAand Citrix WorkspaceSecure multifactor authentication that is easy touse, deploy, and integrateSecurAccess helps organizations protect the Citrix Workspace as a partof the Citrix Secure Digital Perimeter. With support for a broad choice ofauthentication methods and deployment options, SecurAccess offers aversatile and flexible multifactor authentication platform that is easy toimplement and integrate with NetScaler.
Solution BriefSecurAccess MFA and Citrix WorkspaceIn today’s challenging and dynamic security climate, multifactorauthentication is increasingly seen as “must-have” technology andan emerging best practice. Devastating high-publicity breacheshave shown the true costs of outdated and obsolete username/password security schemes. Not only are passwords a security risk,but they are very costly to administer as well, particularly as usersmust increasingly move between on-premises, cloud, and Software1as a Service (SaaS) environments.Citrix WorkspaceOnly Citrix offers the mostcomplete and integratedworkspace to enable people tosecurely access their apps,desktops, and data fromanywhere. Rely on Windows appand desktop delivery fromXenApp and XenDesktop ,device security from XenMobile ,secure file sync and sharing withShareFile , and network securitywith NetScaler . Only a CitrixWorkspace offers you completechoice of device, cloud andnetwork, streamlined for ITcontrol and simple, secureaccess for users.SecurAccess from SecurEnvoy delivers a powerful and cost-effective multifactor authentication solution.When deployed with Citrix NetScaler, the highly secure and highly available solution allows securing theentire Citrix Workspace, including virtualized apps and desktops. SecureEnvoy’s multifactor authenticationsolution also integrates seamlessly with Microsoft Active Directory, reutilizing existing enterpriseauthentication database infrastructure and avoiding the need to re-architect, deploy, backup, and managea secondary user database. With deployment options that include the SecurAccess Virtual SecurityAppliance, multifactor authentication has never been easier to evaluate and deploy at scale.SecurAccess MFA—Security that puts you in controlSecuring user and corporate data is an enormous and pressing priority, but it cannot come at the cost ofthe user experience or negatively impact productivity. Multifactor authentication must be easy to use, andit must avoid creating complexity for IT staff.Automatic group deploymentAny viable authentication solution must reduce the helpdesk burden for activities like password resets,while enrolling (and disenrolling) users in a timely and convenient fashion. SecurAccess addresses thisissue through close integration with Active Directory and selection and control via a brandable selfenrollment portal. Through “Automatic Group Deployment” SecurAccess monitors selected LDAP groupsfor new or removed users, automatically issuing an enrollment invite. Users are likewise automaticallyplaced into an unmanaged state when they are removed.A flexible choice of authentication methodsUsers need to be able to choose any personal device to be their authentication token, whether it is theirmobile phone, table, laptop, or even their desk phone. Users also need to be able to seamlessly movebetween these devices without leaving their identity behind. SecurAccess supports an extremely widerange of access methods to fulfill different user requirements (Figure 1).1. Microsoft now estimates that it spends over 2M per month in helpdesk calls for password x.com2
Solution BriefThe Citrix Ready Program TheCitrix Ready Program showcasesverified products that are trustedto enhance Citrix solutions formobility, virtualization,networking and cloud platforms.The Citrix Ready designation isawarded to third-party partnersthat have successfully met testcriteria set by Citrix, and givescustomers added confidence inthe compatibility of the jointsolution offering.SecurAccess MFA and Citrix WorkspaceFigure 1. SecurAccess is tightly integrated with NetScaler Unified Gateway viathe RADIUS protocol, and supports a wide range of authentication methods. SoftToken App. For all smartphone or wearable platforms, the app allows for online push notificationor offline availability of One Time Passwords (OTPs). Near Field Communicatoins (NFC). SecurEnvoy’s innovation in published web applications and NFCpush provides a new and simple way to authenticate. SMS preload and realtime. These schemes allow secure and realiable login independent ofsmartphone availability or network coverage. Microsoft Windows and Mac support. SecurAccess supports second factor authentication via adesktop or laptop computer.SecurAccess Virtual Security ApplianceSecurEnvoy’s SecurAccess Virtual Security Appliance (VSA) takes the guesswork out of deployingmultifactor authentication for small, medium, and enterprise-class environments. Harnessing theunparalleled security of SecurAccess, the military grade highly secure platform offers consistent andpredictable deployments in a self-contained infrastructure. The appliance allows for ease of deployment forboth production and trial environments.By providing all the needed base components for installation, the appliance is a smart choice for hardenedon-premises deployments using best-of-breed components from industry leaders. The robust appliance isbased on Microsoft Server 2016. It is designed to stack and scale in multiple configurations, supportingeasy scalability and multitenant environments. The platform meets or exceeds many U.S. regulatoryguidelines including PCI, HIPPA, FIPS 140-2, and Criminal Justice Information Systems (CJIS).Citrixready.citrix.com3
Solution BriefSecurAccess MFA and Citrix WorkspaceCitrix Secure Digital Perimeter for Citrix WorkspaceBeyond user names and passwords, administrators need to validate the user identity and provide finegranularity access to exactly the applications and data required. At the same time, the environment ischanging rapidly, creating new security challenges for IT, including: Cloud and application sprawl Distributed work styles Un-sanctioned storage Multiple devices (BYO, company-provided) IT complexity Motivated/malicious hackers Vast attack surfacesDeploying a patchwork of security point solutions actually only complicates the problem. Separatelymanaging authentication, single-sign-on, endpoint access, and password management can createadditional security vulnerabilities. In fact, many businesses now believe the complexity of theirorganizational structures and IT infrastructure is putting their companies at even greater risk of securitybreaches. Meanwhile users are left to grapple with a less productive environment.Citrix WorkspaceOnly Citrix offers the most complete and integrated workspace to enable users to securely access theirapps, desktops, and data from anywhere. App and desktop delivery (XenApp / XenDesktop). Citrix Workspace features XenApp and XenDesktop—the industry’s leading solutions for application and desktop delivery, with over 100 million usersworldwide. Citrix Workspace enables secure, remote access to Windows applications and desktops aswell as Linux, web and SaaS applications from any device, over any network. Enterprise mobility management (device security from XenMobile). Using XenMobile technology, CitrixWorkspace delivers full access to mobile device management (MDM), mobile application management(MAM), mobile content management (MCM), secure network gateway, and enterprise-grade mobileproductivity apps in one comprehensive solution. File sync and share (ShareFile). Citrix Workspace offers enterprise-class data services across allcorporate and personal mobile devices, while maintaining total IT control. Using ShareFile, you canaccess, sync, and securely share files from any device. Offline access maintains productivity, even whenusers are on the go. Branch networking and WAN. Citrix Workspace includes NetScaler SD-WAN, a solution that combinesreal-time path selection, edge routing, stateful firewall, end-to-end QoS, and WAN optimization. Secure remote access. NetScaler Unified Gateway consolidates remote access infrastructure andprovides single sign-on across all applications whether in a datacenter, in a cloud, or delivered as SaaS.Citrix Secure Digital PerimeterWith Secure Digital Perimeter, Citrix significantly expands its network offerings in a SaaS, hybrid,multicloud and multidevice world. The approach provides simplified control, 360-degree visibility, andintelligent analytics, with benefits that include:Citrixready.citrix.com4
Solution BriefSecurAccess MFA and Citrix Workspace Contextual and secure access. Single sign-on and secure access provides end-to-end security to appsdeployed in datacenter, cloud, or SaaS to users accessing from hospital clinics, or remote sites, on anydevice. Mobile and device security. User productivity is improved by delivering secure access to corporate appsfrom both personal and corporate-issued devices. User security and malware protection. The Secure Digital Perimeter offers a differentiated andcoordinated approach to protecting against malware and ransomware through multiple touchpoints. Secure collaboration. ShareFile offers easy access and collaboration while Secure Digital Perimeterprotects against data theft, misuse, and loss. Governance, risk, and compliance. Organizations can address risk, global compliance standards, andindustry regulations for app, user, and device security. Business continuity and app security. Secure Digital Perimeter helps prevent malicious attacks fromaffecting business operations while providing network and secure access resilience during outages,natural disasters, and calamities. User behavior analytics and proactive security insights. Citrix Analytics collects data across Citrixofferings, generating actionable insights that enable administrators to proactively handle user and appsecurity threats, improve performance, and support continuous operations.Enhancing the Citrix Secure Digital Perimeter with Citrix ReadyCitrix understands that security is a rapidly evolving area, with diverse vendors offering importantinnovations. Augmenting the capabilities of the Secure Digital Perimeter through the Citrix Ready programallows Citrix to partner for a flexible and comprehensive security solution that supports access to anyapplication and data from any device. Organizations can move away from discrete point solutions that bringunwanted complexity without compromising flexibility or choice. Organizations can reward innovation andchoose specific security solutions that meet their needs without adding unnecessary administrativecomplexity, or creating new security vulnerabilities.General Data Protection RegulationOrganizations that serve customers or individuals in the European Union must comply with the GeneralData Protection Regulation (GDPR), with an extremely high cost for non-compliance. The GDPR requiresaffected companies to document the personal data they collect, what they use it for, and how they secure it.In today’s world, this mandate includes the vast majority of enterprises and a large proportion of smallerbusinesses as well. The regulation includes any data that can be used to identify an individual, regardless ofhow it has been provided, observed, or inferred.Citrix solutions provide a foundation of confidentiality, integrity, and availability across all types ofonpremises, hybrid cloud, and public cloud IT environments. Four key design principals make Citrixsolutions ideally suited to aid GDPR readiness: Applications are centralized in the datacenter or cloud so that enterprise data is not stored on individualuser devices. When sensitive data must be distributed, mobilized, or utilized offline, it is protected in a securecontainer. Context-aware policies around identity, device, location, and network connection give IT granular accesscontrol. Visibility and user behavior analytics can help detect potential threats to proactively remediate andmitigate risk.Citrixready.citrix.com5
Solution BriefSecurAccess MFA and Citrix WorkspaceConclusionThe combination of SecurAccess and Citrix allows organizations to protect and secure Citrix Workspace—with seamless NetScaler integration. Single sign-on provided by Citrix combined with multifactorauthentication from SecurAccess helps organizations make sure that users really are who they say they are.With considerable deployment flexibility and vast options for end-user token delivery, the SecurAccessVirtual Security Appliance provides a simple and predictable way to deploy and scale multifactorauthentication.Corporate HeadquartersFort Lauderdale, FL, USAIndia Development CenterBangalore, IndiaLatin America HeadquartersCoral Gables, FL, USASilicon Valley HeadquartersSanta Clara, CA, USAOnline Division HeadquartersSanta Barbara, CA, USAUK Development CenterChalfont, United KingdomEMEA HeadquartersSchaffhausen, SwitzerlandPacific HeadquartersHong Kong, ChinaAbout Citrix ReadyCitrix Ready identifies recommended solutions that are trusted to enhance the Citrix Delivery Center infrastructure. All products featured inCitrix Ready have completed verification testing, thereby providing confidence in joint solution compatibility. Leveraging its industry-leadingalliances and partner ecosystem, Citrix Ready showcases select trusted solutions designed to meet a variety of business needs. Through theonline catalog and Citrix Ready branding program, you can easily find and build a trusted infrastructure. Citrix Ready not only demonstratescurrent mutual product compatibility, but through continued industry relationships also ensures future interoperability. Learn more atcitrixready.citrix.com. 2018 Citrix Systems, Inc. All rights reserved. Citrix, the Citrix logo, and other marks appearing herein are property of Citrix Systems, Inc.and/or one or more of its subsidiaries, and may be registered with the U.S. Patent and Trademark Office and in other countries. All othermarks are the property of their respective owner(s).Citrixready.citrix.com6
provides single sign-on across all applications whether in a datacenter, in a cloud, or delivered as SaaS. Citrix Secure Digital Perimeter With Secure Digital Perimeter, Citrix significantly expands its network offerings in a SaaS, hybrid, multicloud and multidevice world. The approach provides simplified control, 360-degree visibility, and
