Category Archives: Citrix

  • 0

Unify endpoint management under a single console

Category : Citrix

Is your endpoint management strategy ready for the digital workspace?

Traditional Client Management Tools (CMT) are no longer sufficient to manage the increasing diversity of platforms and devices, BYOD, and Windows 10 updates. Unified Endpoint Management (UEM) allows organizations to deploy a single set of enterprise management and security policies across all endpoints.

Download the kit to learn:

  • When it’s time to begin evaluating a UEM solution
  • How UEM can help simplify workspace administration
  • How your organization can benefit from delivering UEM via Citrix Workspace


  • 0

Forecast Calling for Cloud? Learn the Steps to Blue Skies

Category : Citrix

When discussing cloud with customers, some of the most common themes are “How do we get started? What are my options for Citrix in the cloud? And what steps should we follow?”

A cloud strategy is not one-size-fits-all. Getting started, adding another solution to your cloud portfolio, or diversifying across cloud providers can be intimidating. It helps to first understand where you are in your cloud transition so you can plan the best path forward for your Citrix environment.

I typically come across varying types of customers in the field, many of which can be characterized by one of the three stages in the “Enterprise Cloud Journey”:

  • Cloud Builders – Building is the first step. These are customers who are just getting started, have no cloud footprint, and who typically need to establish cloud policies internally before starting deployment of a cloud solution. Their overall theme is experimentation and discovery as they prepare for delivery of their first cloud workload. This includes understanding the intricacies of cloud costs and aligning existing on-premises roles and responsibilities (security, network, storage, etc.) to public cloud workloads.
  • Cloud Consumers – If your organization is on Office 365, you have already started your cloud journey! Consumers utilize at least one form of IaaS, PaaS, or SaaS based services within their organization. Existing cloud policies are enforced and refined to facilitate the adoption of more cloud technologies across business units. A consumer’s goal is to optimize cloud costs as they leverage greater numbers of solutions to generate more business value.
  • Cloud Brokers – At this stage there is an extensive use of SaaS, PaaS, or IaaS services. Internal IT sees their day to day shift from standard systems management to directing a series of cloud providers to accomplish business goals. At this stage a customer’s focus is governance as they begin to broker solutions across multiple clouds, promoting greater availability and preventing vendor lock-in. Additionally, cloud policies evolve into cross-cloud policies.

The stage you are in as an organization will influence the steps you need to take to get Citrix to the cloud. We can break this process down into three high level phases:

  • Assess – This phase is centered on identifying the Citrix delivery model and use cases that help accomplish your business goals. For example, a Cloud Builder should target a simple, well defined Citrix workload, review Citrix scalability data, and analyze how public cloud costs differ from on-premises workloads.
  • Connect – This phase highlights creating the cloud subscriptions necessary to support your workloads and connecting your existing data center to the cloud. For example, the Citrix team in a Cloud Consumer is targeting an entire business unit for migration into Azure. They will need to assess the existing subscription utilization and review existing cloud policies/steps required to add Citrix workloads to their established Azure resources. Depending on workload projections, this can at times require the creation of a new subscription to host and isolate the Citrix environment. The subscription governance of the Citrix environment can impact the growth of the environment if competing with other systems against Azure’s predefined subscription limits. Additionally, the type of subscription (shared vs. dedicated) will also impact how the Azure Service Principal is created for integration with the Azure MCS service.
  • Build – This phase is the fun part, taking the data gathered during the assess phase and using the bridge established in the connect phase to build the environment. This includes creating the public cloud building blocks, Citrix infrastructure, and Citrix workloads. For example, a Cloud Broker may already have an established Citrix environment in AWS, but a new foundation would need to be created in Azure to support new or existing use cases. Considerations need to be made regarding translating availability recommendations (availability sets vs availability zones) as well as delegation of permissions through Azure Role Based Access Controls from AWS Identity and Access Management.

Whether you are a Cloud Builder, Consumer, or Broker, Citrix is here to help! We will cover the Citrix on Cloud deployment models, considerations, and lessons learned in a free technical deep dive webinar on Thursday, October 19 at 9AM or 2PM EST.

If you want to learn more, please join us to walk through the cloud design and deployment process in greater detail, including a live Q&A session at the end to answer your burning cloud questions.


Author: Kevin Nardone

  • 0

Technology Innovation in 2018: From AI, VR and IoT to robotics

Category : Citrix

The rapid pace of innovation in today’s tech world makes the coming-year predictions game more interesting and exciting than ever. In past generations, visions of world-altering technological transformation had to be set decades or longer in the future — in the case of The Jetsons, a full century. Now, a time traveler visiting from just a few years ago would marvel at everything from stateless digital currencies in common use to widely available self-parking cars to smartphones that recognize their owners’ faces.

  • 0

Digital Vikings and the Internet of Ransomed Things

Category : Citrix

The saying “Prediction is very difficult, especially if it’s about the future” is an amusing Danish proverb. But predicting the future of the internet that uses sensitive and personal information as its fuel is less amusing. One dystopic prediction is an Internet of Ransomed Things full of hijacked smart devices. I previously wrote about how organizations are under siege by the explosion of ransomware. Ransomware has been retooled to not only attack individuals, but organizations and enterprises, as well. As we saw this year with WannaCry and NotPetya, both were designed to worm and spread throughout networks to encrypt and destroy data. I’m afraid that’s just the tip of the iceberg, unless we change the fundamental way we approach security.

Is it really that hard to predict the future? No, not if the past repeats itself. Edmund Burke stated that “those who don’t know history are doomed to repeat it.” Let’s look at history and predict Tomorrow’s Internet by looking at the parallels between the cyber world and the kinetic world. And there is a certain period in history that is repeating — The Viking Age.

The Viking Age

From the Ninth to the 12th century, Norsemen from Denmark, Sweden, and Norway went Viking — they left their homes to seek a fortune as pirates. Going on an expedition — “fara í Viking” was a way of life — every spring when the warming sun returned and melted away the snow, Vikings looted and pillaged their way around the European continent. Using their shallow-bottom longboats to move swiftly over rivers, tributaries, and open ocean, they excelled at exploring, raiding, trading, and settling in Europe and even North America. Cities in Ireland, Scotland, England, Wales, France, Iceland, Greenland, Vinland, Ukraine, Russia, and the Middle East — among others — have Viking heritage or were raided, sieged, and sacked.

Besides being pirates, mercenaries, and slavers — Vikings also employed the tactic of ransoming — demanding tribute from cities they sacked. The First Siege of Paris is a prime example. On March 29, 845, led by Ragnar Lodbrok, one hundred and twenty Viking ships carrying five thousand warriors occupied and plundered Paris. King Charles the Bald paid a ransom of seven thousand livres — the first of thirteen payments of Dane-geld to the Vikings by the Franks. The Vikings attacked Paris three more times in the 860s. In 864, fortifications and bridges were built to block the Vikings sailing up the Seine. While eventually reaching Paris, the siege was repulsed and scattered by the imperial army — the Vikings managed to only gain seven hundred livres for their effort. The appeasement of the Vikings served as inspiration for Rudyard Kipling’s poem Dane-Geld.

And that is called paying the Dane-geld;
But we’ve proved it again and again,
That if once you have paid him the Dane-geld
You never get rid of the Dane.

The digital Viking Age

Raids and sieges that took months and years of preparation, are now executed in a matter of hours and days from virtual encampments within the safety of “bulletproof hosting providers” in countries where policies are lax, search warrants are not honored, or extradition agreements are not in place. Bulletproof providers, compromised IT servers, and more recently, cloud hosting providers house the command and control servers, exploit kits, data stashes, and dark net markets — the weapons and spoils of a cyber war. A war that is waged campaign by campaign, in large part by criminal organizations driven by financial gain. From their bases, digital Vikings build their siege engines and launch their attacks, which they adapt, as needed. For example, the plague of Pharma spam used the same botnets as ransomware is using today.

Ransomware is a weapon that has evolved over three decades, gaining more capabilities — it’s become easier to spread, better at encryption, and more creative at monetizing attacks. The dozens of variants use different encryption algorithms and exploits to deliver the payload. However, modern ransomware is mostly spread the same way — targeted or spam emails with malicious attachments or links to infected web sites.

It started off as Scareware —malware that threatened to contact the “Cyber Police” with the victim’s IP address, embarrassing browser history, or webcam photo unless payment was made. Others demanded purchase of fake antivirus software. This was followed by ransomware that locked PCs, encrypted the Master Boot Record, or specific file types. More recently “Ransomware as a Service” has lowered the bar — for a cut of the profits, the platform allows the buyer to customize the message, payload, and payment address. And as devices proliferate, the attack surface expands as well. Last year, White hat hackers made the first proof-of-concept for malware that locked a smart thermostat and demanded a ransom. Mobile ransomware is also seeing tremendous growth — mostly via fake mobile video apps that lock the device. Rooted and jailbroken devices are the most susceptible.

Ransoms aren’t limited to ransomware. A more traditional attack involves penetrating a victim’s network, capturing sensitive data, and holding it for ransom with threat of doxxing personal info or leaking intellectual property. These types of attacks usually forgo the middle man and demand direct payment. Ransoms also include distributed denial of service attacks — harnessing tens and hundreds of thousands of compromised Internet facing devices to overwhelm the target’s infrastructure — as we saw when the Mirai botnet attempted to take down the Internet. Another more recent method involves hijacking resources on an endpoint or network device for crypto mining — bitcoin, the preferred currency of ransomware and the dark web.

Bitcoin: The new Dane-geld

Alongside Ransomware as a Service, bitcoin has fueled ransomware’s explosive rise. As the equivalent of digital gold or as some call it the “Internet of Money,” it acts like an open but almost anonymous ledger for financial transactions. Bitcoin is the first peer-to-peer electronic cash system using the decentralized and distributed database known as a blockchain. There are traditional use cases that crypto currencies like bitcoin are disrupting — perfectly legitimate and legal such as retail, investing, banking, and remittances. But these are just scratching the surface of the blockchain. The potential lies with more digital applications. Consider:

  • Machine-to-machine payments — SaaS- and Cloud-based systems can leverage API to purchase additional resources as required
  • Payment system for IoT — Devices using sensors which, based on environmental conditions, will trigger a workflow
  • Micro-payments — to replace advertisements for Web browsing. A fee model where you pay by the word

The current reality is that bitcoin facilitates the vast majority of ransomware payments replacing MoneyPak and WebMoney. In fact, Citrix conducted a survey that found that organizations are stockpiling bitcoins in anticipation of attacks. Earlier this year, an alleged administrator for the Russian cryptocurrency exchange BTC-E was arrested on charges of money laundering $4 Billion. The exchange was fined $110 Million for facilitating transactions involving ransomware. Researchers also presented a report at Black Hat 2017 that 95% of the traced ransoms were cashed out via BTC-E.

But as notorious as Bitcoin has become, its power lies in the blockchain. Proponents say that blockchain can secure the internet by providing an immutable and decentralized platform for tracking assets and contracts. Can the blockchain be the future of the internet? Using blockchain, IBM is transforming Inventory management. “Blockchain offers a shared ledger that is updated and validated in real time with each network participant. It enables equal visibility of activities and reveals where an asset is at any point in time, who owns it and what condition it’s in.” Another prime opportunity in the light of continuous breaches are Social Security Numbers.” As stated in the article, “The issue we have today is that a Social Security number is kept as a secret to authenticate access and identity. We need to be moving away from that and add biometrics on top of that or the equivalent of a private wallet with blockchain.” Blockchain also has promise in healthcare and artificial intelligence. The Centers for Disease Control and Prevention (CDC) is investigating how they might use the blockchain to share medical data between organizations across the United States.

Defense and Fortifications

To Pay or not to Pay? It may actually be an easy decision — and the only viable option if caught unprepared. But paying the ransom incurs a cost; it rewards criminal activity and strengthens the incentive for such attacks throughout the industry. Additionally, as with WannaCry and NotPetya, there is no guarantee of recovery — “boneidleware” and “leakerware” are malware disguised as ransomware but designed to destroy or steal data with no recourse.

How should individuals and organizations fortify themselves to avoid becoming part of the “Internet of Ransomed Things?”

Just like in traditional warfare, cyber warfare requires preparations to reduce the attack surface, protect against vulnerabilities, and contain the blast radius. It requires a new security architecture built from the ground up to protect the apps and data being targeted. But, the most important and likely easiest defense against ransomware is to negate the ransom by having up-to-date (and tested) backups. Even as new and creative methods of ransoming, hijacking, and extorting are being devised, there are a few additional steps that will help:

In the end, we depend on an Internet that is connected via smart devices that are susceptible to being hijacked and our data ransomed. We must prepare and fortify ourselves against the “digital Vikings” so that paying the ransom is not our only option.


Author: Florin Lazurca

  • 0

3 Challenges for delivering applications in the hybrid cloud

Category : Citrix

Hybrid cloud is increasingly becoming a new reality for many enterprise businesses. Here are 3 keys to successfully delivering your applications in a hybrid cloud environment.

The 6 Essential Requirements for Managing ADCs in Hybrid Cloud Environments

  • 0

Cloud Workspace Services, Adoption Made Simple

Category : Citrix

The adoption of cloud services poses dilemmas for companies at every stage of their journey. At the outset, all-or-nothing solutions can force IT to commit prematurely to a single vendor, roadmap or timeframe. Whatever your cloud strategy or desired level of adoption, a few requirements are already clear:

  • the flexibility to adopt the cloud services you want, when you want;
  • the freedom to use any combination of on-premises and cloud resources from any vendor;
  • simple ways to activate, secure, manage and optimize diverse cloud services so that your entire cloud journey delivers the best results for your users and your business.

  • 0

Driving Digital Transformation with a Secure Digital Workspace

Category : Citrix

As state and local government organizations consider how to improve services delivery, simplify processes and reduce administrative costs using digital technologies (such as cloud, Big Data, artificial intelligence and the Internet of Things), one major concern is security.

In fact, a survey by the Public Sector Media Group found that 50 percent of respondents were very concerned about security risks related to digital services, while another 33 percent reported being somewhat concerned.

This preoccupation with security is understandable, considering that:

  • Cyberthreats continue to escalate and evolve, as seen by the recent ransomware attacks on government entities such as the UK’s National Health Service.
  • Citizens’ personal data is a prime target for hackers.
  • Many digital technologies – especially cloud and mobile – move data beyond the protection and control of the traditional datacenter.

These trends are all part of the fast-changing cyberthreat landscape, where threat actors are taking advantage of people’s desire to be connected at all times and targeting the evolving enterprise network, which is expanding and becoming increasingly undefined and diffuse.

The Secure Digital Workspace

Digital literacy is increasing, as shown by these stats:

  • By 2020, half of the world’s population will be online (4.1 billion Internet users).
  • By 2025, Millennials are expected to comprise up to 75% of the workforce. These workers are considered digital natives — people who have been born and raised in the age of digital technologies.

Government agencies and programs are under increasing pressure to provide a fully digital workspace featuring a consumer-like computing experience, combined with greater freedom and autonomy. Industry analyst firm Gartner calls this strategy “digital dexterity.”

At the same time, governments face greater scrutiny from regulators, the media and the public about the strength and reliability of their security posture.

That is why it’s so important to provide a secure digital workspace.

This workspace model has three important attributes:

  1. Unified: provides a single pane of glass through which IT can configure, monitor and manage the organization’s entire technology infrastructure.
  2. Contextual: uses machine learning and AI to adapt to each worker’s patterns and exceptions, delivering a personalized experience that reflects the work situation (device, location and network connection).
  3. Secure: features a software-defined perimeter that grants safe access and full visibility across the network and user ecosystem.

Let’s discuss this new security perimeter in more detail.

The New Software-defined Perimeter

Today’s IT security perimeter must accommodate data and applications that are no longer confined to the government datacenter. Instead, they are being hosted in the cloud and delivered as a service over the network, or downloaded by employees in the field onto their smart devices.

This new workspace is giving rise to a new type of security perimeter – defined by software and continuously adapted through the use of powerful analytics.

Deploying an intelligent, software-defined perimeter means you can secure your organization’s infrastructure, empower citizens and employees, and give IT flexible control.

As described at our 2017 customer conference, Citrix Synergy, Citrix envisions a workspace with security measures based on user behavior (actions and profile) that is analyzed in real time. For example, our new cloud-first solution, Citrix Workspace, relies on a software-defined perimeter based on users and their identity, not just their location or device. This approach extends protection beyond datacenter tools to ensure enforcement for distributed control points, such as mobile devices.

The latest release of Citrix NetScaler, our industry-leading application delivery controller (ADC), is key to the software-defined perimeter. Following are the top enhancements to NetScaler version 12:

  • NetScaler Secure Web Gateway protects against malware
  • User behavior analytics identify insider threats
  • New and stronger ciphers for SSL security keep up with more-stringent compliance and security requirements.

These new features complement existing NetScaler security components, including the WebApp Firewall and NetScaler SD-WAN to secure data across the network and into the cloud.

Balancing Security and Access

Adopting digital technologies in government organizations requires a thoughtful strategy that balances data security with ease of access, and maintains control while optimizing user flexibility.

This is not easy, but Citrix solutions can help. Our virtualization technologies have been chosen by many government entities to deliver better security than traditional distributed computing by enabling apps and data to run in the datacenter instead of being exposed on the device. Our networking technologies reinforce this security posture by protecting against attacks.

Securing the Internet of Things

The explosion of new connected devices, each generating volumes of data that need to be stored, managed, analyzed and secured, requires a technology-agnostic approach to unifying security. All these devices present a wider and more diverse attack surface that is harder to monitor and protect. Software-defined perimeters featuring AI promise to play a major role in authenticating IoT devices, preventing malicious intrusions and making corrections to prevent a recurrence. For more insights, read “Evolving options for securing IoT in the enterprise.”

As digital transformation in government becomes more pervasive, new Citrix technologies offer access controls, real-time analytics and threat prevention tools that are perfectly matched to the way people work today. These solutions meet the demands of digital natives for intuitive, flexible technology tools that meet – and even anticipate – their needs. At the same time, they protect sensitive government data and critical infrastructure from current and evolving threats.

Tackling Today’s Security Threats

Government organizations are in the public spotlight regarding data security. Citizens want reassurance that their personal data is being protected. At the same time, they – and the employees who serve them – demand the freedom to use their preferred devices and connections to access government resources.

Resolving the dilemma of security vs. flexibility requires advanced technology, including machine learning, artificial intelligence and software-defined networking that adapt on the fly to different scenarios.  Adopting a secure digital workspace solution featuring these capabilities can empower government agencies to strike an ideal balance between data protection and user productivity.


Author: David Smith

  • 0

Download the Citrix Ransomware kit

Category : Citrix

Are you reducing your attack surface so ransomware attacks are minimized?  Can you quickly recover without paying a ransom?  Yes you can.  Learn how.

With this kit you will learn how to:

  • Publish virtualized, sandboxed and hardened browsers and email clients
  • Utilize Hypervisor Introspection (HVI) to detect ransomware techniques
  • Protect mobile devices against attacks with containerization
  • Provide a secure and robust enterprise data sync and sharing service

Complete the form

  • 0

Winning the Business Relay Race with ShareFile Secure Document Workflows

Category : Citrix

As I mentioned in my last few blog posts (links below), watching my kids in elite level sports for many years, I’ve seen what a competitive edge delivers. In track, relay runners must pass a baton between each leg of the run. A missed baton pass or an early/late pass can disqualify the entire team. It’s no different for today’s IT decision makers — they must also delver finely–tuned collaboration tools to optimize effective team communication both internally and externally. In the third post of the series, the focus is on how Citrix ShareFile delivers advanced, secure document workflows with built-in feedback, approval, and collaboration features to deliver that extra edge to internal productivity.

Passing the baton is one of the most challenging components for a relay in track. It requires fine-tuned collaboration, because a dropped baton or a delay in the pass means instant disqualification for the team. Like a well-oiled relay team, ShareFile provides a seamless pass when working with secure document workflows with built-in feedback, approval, and collaboration features.

ShareFile supports advanced, secure document workflows with built-in feedback, approval, and collaboration features

Exchanging files is at the core of how things are done in most organizations today. Sending documents internally and externally for approvals and signatures are common when managing contracts, onboarding employees, approving work orders, doing performance reviews, and many other typical business tasks.

Citrix ShareFile is evolving from a basic sync and share tool to a platform that supports all document-centric tasks and workflows required by the modern enterprise. ShareFile’s simple, secure, and seamless workflows enable anytime, anywhere, and any-device access while meeting the organization’s requirements for security, manageability, and compliance. ShareFile provides real-time secure mobile access to critical business information, enabling instant collaboration and increased productivity across distributed teams. Collaboration is built around defined workspaces to achieve specific tasks and objectives. A single solution supports business requirements for secure file sharing, document collaboration, and activity workflows.

Improve Efficiency with Mobile Forms and Workflows

ShareFile delivers three critical workflows to meet the dynamic needs of today’s mobile work­force:

  1. Feedback & Approval Document Workflows
  2. Custom Workflows
  3. Advanced Custom Workflows


Today’s increasingly dynamic, distributed, and digitized mobile workforce demands instant access to the critical business information they need to do their jobs effectively and add value. The ability to securely exchange insights and collaborate on work documents is an essential component of productivity. Content collaboration and file sharing are at the core of hundreds of organizational workflows responsible for coordinating the people, processes, and technologies that drive daily business operations, including project plans, work orders, status reports, contract management, invoice processing, employee onboarding, and performance reviews.

More posts in this series:

Read More on ShareFile:


Author: Jane Foreman

  • 0

Moving to the Cloud? Rethink your Security Efficacy

Category : Citrix

How do you protect your hybrid cloud deployments against cybersecurity attacks

Cybersecurity is all about managing and reducing your business risks. Increasing your application and network security efficacy mitigates these business risks. In the new world of hybrid cloud and SaaS apps, the security perimeter no longer exists.

Watch this webinar and learn:

  • Strategies to increase your security efficacy
  • If you are adopting hybrid cloud, how do you maintain your security efficacy?
  • How do you get started today?

Watch now!