In the previous post we saw how to securely configure VPN access to our users through our Citrix NetScaler Gateway; In today's post we will continue to tighten some nuts. We will make sure that if the remote computers do not have a certificate installed, they won't even be able to see the NetScaler Gateway website!
We start with a series of documents for the assembly of the VPN service in our beloved Citrix NetScaler; The objective will be to allow users external to the organization to connect in a simple and secure way. Be 4 documents where we will add different complexities to secure access as much as possible.
This post will be very useful if we have any service published with NetScaler, from the Gateway itself, to a Content Switch that we have, for example, The issue will be to raise the level of encryption required while avoiding possible vulnerable old ciphers.
In this post we are going to see something fabulous, let's see how to enable 2FA or two-factor authentication in NetScaler Gateway, forcing users to use an additional Token for corporate access to the organization. We will use SMS2 which is a free tool, which through RADIUS will validate the user tokens, we'll use software tokens using the Google Authenticator app on mobile, A blast!
Something you know I like, that it costs nothing and is very grateful especially by VIP users… is nothing more than what we will see in this post, which is how to customize the access portal to our organization from the outside! That is, we will customize the Citrix NetScaler portal 12 with our company logo, Corporate colors and backgrounds!
Well, I've wanted to leave you this post for a long time, where we are going to see how to enable one of the great new features of Citrix NetScaler 12, which is the possibility of using OTP authentications (One Time Password) or one-time password natively and without having to rely on third-party manufacturers!
Continuing a little with Citrix elements that we can monitor… what less than our NetScaler! In this document, we'll see how to monitor a Citrix NetScaler VPX virtual appliance that is currently the Gateway for my Citrix XenDesktop organization. We will monitor its basic consumption such as CPU through SNMP, Memory or disks, but also the connections, your network interfaces or certificates!
Today I want to share with you a document by Oscar Mas, where he is going to show us a functionality of NetScaler systems that can be very useful for publishing access to shared resources, Websites, etc.... What we do is publish something that is on our network and deliver the encrypted information through our NetScaler. We could also publish our XenApp 6.X/7.X through this same access. In this case, what I am going to publish is access to a well-known monitoring system, which is called Zabbix through a NetScaler.
I leave you a piece of Oscar Mas's document, We hope you are interested! One of the most important things in any system we implement, is the monitoring of said system. Microsoft and Citrix, give us the possibility to monitor our systems, using the System Center Operations Manager tool, better known as SCOM. For those of us who are old in the trade, we will know this tool as MOM (Microsoft Operations Manager).
Very good! I leave you with a magnificent post by our dear Oscar Mas! One of the new features that came out with the firmware version 10.5 NetScaler, is the possibility of scanning the client that wants to connect to our Citrix infrastructure and based on pre-established criteria, give you access or be denied access. This functionality is known as EPA (End Point Analysis). This article, you want to show the steps required to be able to configure EPA (End Point Analysis), with a very simple example. It must be taken into account, that this system only works with Windows and MAC-based operating systems.
Do Tailor-made training
Windows Server – VMware vSphere – Citrix Virtual Apps & Desktops – Centreon
|
We are a consulting firm that cares and pampers
|
 |
|
With quality and added value
|
 |
|
¡Let's work together!
|
 |
