Overview Recently a customer’s AVD environment is in the stage on migrating the Workload from a Standard E16ads v5 to the latest Standard E16ads v6 series. Sounds like there’s no big difference, isn’t it? IT
Continue reading
NetScaler – Enhanced Authentication Feedback Template
Overview Enabling the enhanced Authentication Feedback on NetScaler’s AAA gives Endusers a better understanding of WHAT is wrong with their credentials (Username, Password, OTP) but is also a lack of security, as potential password spraying
Continue reading
Microsoft AVD – vGPU with and without HDX
Overview This Post will list my findings during some Tests with AVD and vGPU, using native AVD (RDP) protocol and also with Citrix HDX on top. The customer story behind that was Publish a customer
Continue reading
Citrix FAS – Entra ID CBA with a PRT
Overview Another (and for the moment the last) Quickpost about getting a Primary Refresh Token (PRT) inside your HDX Session when using Citrix FAS combined with Entra ID Certificate-Based Authentication (CBA) which is my favorite
Continue reading
NetScaler – SSLVPN with DTLS 1.2 UDP
Overview There is a great post about DTLS 1.2 from Ferroque Systems for using EDT with HDX. I tried that config for the usage of DTLS 1.2 within SSLVPN, so the tunnel in Citrix Secure
Continue reading
Citrix DaaS – Geoblocking with NetScaler
Overview This Post contains informations about restricting the Usage of Citrix DaaS (Cloud Workspace customer.cloud.com) for limited Countries / Geo-Locations. In this scenario I’m using NetScaler as IdP of Citrix DaaS – so this is
Continue reading
Citrix DaaS – Conditional Authentication
🆕 Update 24.04.25 GA and Network-Location Filtering Conditional Authentication is now GA and there is a long-awaited new feature to be able to use different Auth-Methods based on Network Locations – so to differ between
Continue reading
Citrix DaaS – Inactivity Timeout and Authentication Period
Overview Recently I’ve discussed some DaaS / Cloud Workspace security settings with a customer where Inactivity Timeout and Authentication Period settings for Citrix Workspace App (not Web!) are very essential. CISO’s are friends of low
Continue reading
NetScaler – EPA Scans with Quarantine Group
Overview Recently a customer had to switch from User-Cert Authentication (CBA) to Device-Cert Authentication, so I had to create a new nFactor flow with EPA for Device-Cert Check. This Post will cover the following requirements:
Continue reading
NetScaler – Session Hijack Protection with Responder
Overview Quick Post about what is the hijacking of an authenticated NetScaler user session and how to protect yourself from it. This feature starts with 13.1 Build 53.17 and 14.1 Build 25.53 There are two
Continue reading