Whilst this guide specifically uses NetScaler v11.1 many of the tweaks that secure the NetScaler configuration can be applied to prior versions or later versions. This has also been tested on NetScaler 12.0.57.24. This guide shows how to obtain an A+ rating score from SSL Labs for your NetScaler Gateway vServer.
Browse Tag
citrix
Azure Multi-Factor Authentication with NetScaler Unified Gateway
MFA/Azure Multi Factor Authentication (previously PhoneFactor) is a multi-factor authentication technology that can be used with IIS, VPNs, OWA, ADFS, Office 365 and NetScaler to name a few using either the LDAP or RADIUS protocols from Azure cloud or on-premise. MFA has the ability to verify a users identity by calling their phone, texting their phone or using an app for verification. Using a phone for the second factor allows you to make use of something everyone will likely already have without additional bits of hardware whilst making it a great deal harder for attackers to break into accounts.
Citrix 7.x Policy discrepancy error
Remember the old IMA versions of Citrix XenApp and XenDesktop where you had to create separate policies for computer settings and user settings? In FMA Citrix 7.x XenApp & XenDesktop platforms, Citrix made it simpler merging both computer and user policies in to one. When creating policies you no longer need to worry about what is a user setting vs. computer. However this merging is merely at the GUI level. At the data level the policies are still split in to two for reasons such as backwards compatability.
Machine Creation Services Storage RAM and Disk Cache
Citrix Machine Creation Services as of XenApp/XenDesktop 7.9 provides the ability to write to memory with overflow to disk just like what is available with PVS using RAM w/ overflow to HDD. This greatly decreases write I/O so you don’t have to rely as much on the underlying storage or worry about hitting a storage bottlenecks as you scale the desktop environment.
Citrix Workspace Environment Management (WEM)
Workspace Environment Manager (previously Norskale as many people may be familiar with) is a recent acquisition by Citrix that will fill the gap when it comes to Citrix offering a UEM solution. WEM is available for all Enterprise and Platinum XA/XD customers with active Software Maintenance (Customer Success Services) and is available for download today. WEM 4.0 was the initial release.
Add Citrix applications to Start Menu and Desktop
Adding Citrix resources to the Start Menu and Desktop has been possible for quite some time now with the use of Citrix Receiver. The most recent version 4.5 of Receiver for Windows allows users to select the Start Menu and Desktop location themselves. You can also configure the location via GPO and command line install which I will show.
Citrix Session Lingering
Session Lingering has been re-introduced to the Citrix 7.6 FMA version of XenApp and XenDesktop. Session Lingering is used to keep a session “active” for a period of time after a user has closed an application in the event that if they do decide to reconnect back within the allocated time the existing session will just be used. This ensures fast launch of an application.
Citrix Self-Service Password Reset
StoreFront self-service password reset was first introduced with XenApp/XenDesktop FMA version 7.8. This feature grants users the ability to reset their own Active Directory passwords from the Receiver for Web or Receiver client and/or unlock their account.
Note: In the Virtual Apps and Desktops 7 2003 release, Citrix announced that SSPR is deprecated.