Overview There is a great post about DTLS 1.2 from Ferroque Systems for using EDT with HDX. I tried that config for the usage of DTLS 1.2 within SSLVPN, so the tunnel in Citrix Secure
Continue readingCitrix DaaS – Geoblocking with NetScaler
Overview This Post contains informations about restricting the Usage of Citrix DaaS (Cloud Workspace customer.cloud.com) for limited Countries / Geo-Locations. In this scenario I’m using NetScaler as IdP of Citrix DaaS – so this is
Continue readingCitrix DaaS – Conditional Authentication
Overview There’s a new feature in Citrix DaaS called Conditional Authentication (which is currently in private tech preview where you can sign up for here) which helps to give different authentication methods based on filter
Continue readingCitrix DaaS – Inactivity Timeout and Authentication Period
Overview Recently I’ve discussed some DaaS / Cloud Workspace security settings with a customer where Inactivity Timeout and Authentication Period settings for Citrix Workspace App (not Web!) are very essential. CISO’s are friends of low
Continue readingNetScaler – EPA Scans with Quarantine Group
Overview Recently a customer had to switch from User-Cert Authentication (CBA) to Device-Cert Authentication, so I had to create a new nFactor flow with EPA for Device-Cert Check. This Post will cover the following requirements:
Continue readingNetScaler – Session Hijack Protection with Responder
Overview Quick Post about what is the hijacking of an authenticated NetScaler user session and how to protect yourself from it. This feature starts with 13.1 Build 53.17 and 14.1 Build 25.53 There are two
Continue readingNetScaler – WAF for Gateway and AAA
Overview Finally, with 14.1 Build 21.57 and 13.1 Build 53.17 there’s the long awaited support for using NetScaler’s Web Application Firewall (WAF) for all kind of Gateway vServer and AAA vServer. This is a Quickpost
Continue readingCitrix DaaS – Entra ID SSO with PRT and without FAS
Overview This guide provides information for configuring Entra ID Single Sign-on (AAD SSO) for Citrix DaaS without the use of FAS and also getting a PRT – so there are no SSO problems with M365
Continue readingNetScaler – OAuth IdP with one empty Attribute results in Failure
Overview Quick Post about a latest finding of an Issue when using NetScaler as OAuth IdP (doesn’t matter with which SP) and there is the need of sending some User-Attributes to the SP. Update –
Continue readingNetScaler – How to get rid of SSO / missing PRT Issues using Entra ID Phone Sign-in
Overview You’re using Microsoft Entra ID (SAML or OAuth) as IdP for your OnPrem CVAD or DaaS Environment. Your default is to use Citrix FAS so the User-Logon to the VDA happens with a virtual
Continue reading