Julian Jakob, Author at Julian Jakob

August 30, 2024 Julian Jakob

Citrix DaaS – Geoblocking with NetScaler

Overview This Post contains informations about restricting the Usage of Citrix DaaS (Cloud Workspace customer.cloud.com) for limited Countries / Geo-Locations. In this scenario I’m using NetScaler as IdP of Citrix DaaS – so this is

July 16, 2024 Julian Jakob

Citrix DaaS – Conditional Authentication

🆕 Update 24.04.25 GA and Network-Location Filtering Conditional Authentication is now GA and there is a long-awaited new feature to be able to use different Auth-Methods based on Network Locations – so to differ between

July 8, 2024 Julian Jakob

Citrix DaaS – Inactivity Timeout and Authentication Period

Overview Recently I’ve discussed some DaaS / Cloud Workspace security settings with a customer where Inactivity Timeout and Authentication Period settings for Citrix Workspace App (not Web!) are very essential. CISO’s are friends of low

June 30, 2024 Julian Jakob

NetScaler – EPA Scans with Quarantine Group

Overview Recently a customer had to switch from User-Cert Authentication (CBA) to Device-Cert Authentication, so I had to create a new nFactor flow with EPA for Device-Cert Check. This Post will cover the following requirements:

June 16, 2024 Julian Jakob

NetScaler – Session Hijack Protection with Responder

Overview Quick Post about what is the hijacking of an authenticated NetScaler user session and how to protect yourself from it. This feature starts with 13.1 Build 53.17 and 14.1 Build 25.53 There are two

May 22, 2024 Julian Jakob

NetScaler – WAF for Gateway and AAA

Overview Finally, with 14.1 Build 21.57 and 13.1 Build 53.17 there’s the long awaited support for using NetScaler’s Web Application Firewall (WAF) for all kind of Gateway vServer and AAA vServer. This is a Quickpost

March 1, 2024 Julian Jakob

Citrix DaaS – Entra ID SSO with PRT and without FAS

Overview This guide provides information for configuring Entra ID Single Sign-on (AAD SSO) for Citrix DaaS without the use of FAS and also getting a PRT – so there are no SSO problems with M365

February 16, 2024 Julian Jakob

NetScaler – OAuth IdP with one empty Attribute results in Failure

Overview Quick Post about a latest finding of an Issue when using NetScaler as OAuth IdP (doesn’t matter with which SP) and there is the need of sending some User-Attributes to the SP. Update –

February 4, 2024 Julian Jakob

NetScaler – How to get rid of SSO / missing PRT Issues using Entra ID Phone Sign-in

Overview You’re using Microsoft Entra ID (SAML or OAuth) as IdP for your OnPrem CVAD or DaaS Environment. Your default is to use Citrix FAS so the User-Logon to the VDA happens with a virtual

November 22, 2023 Julian Jakob

Microsoft Entra – Using Private Access to tunnel Citrix HDX Sessions and giving HDX Direct a Try

Overview Private Access, a Feature of Microsoft Entra’s Global Secure Access Suite, is a simple but powerful Security Service Edge (SSE) network solution for providing secure access to your Cloud / OnPrem Apps without VPN,

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.