This content is part of the Conference Coverage: Citrix Synergy 2017 conference coverage

How does Citrix SmartAccess boost XenDesktop security?

Citrix shops looking to enable secure remote access can employ the SmartAccess feature in XenApp and XenDesktop to require endpoint analysis using the company's NetScaler Gateway delivery controller.

Citrix SmartAccess seeks to improve security within XenApp and XenDesktop deployments by applying dynamic access policies based on factors such as user location.

In recent years, the proliferation of mobile devices and internet connectivity has allowed users to begin working from nearly any location and any device. This flexibility comes at a price, however, because remote VDI access introduces new security risks. Users may access corporate resources over untrusted or public networks, or use untrusted and unsecure devices. SmartAccess helps address these issues.

For example, suppose that an organization has five offices and all of the employees from the finance department all work in the same office. There probably isn't a reason why users in any of the other four offices would need to access the organization's financial applications. The organization could create a SmartAccess policy that prevents anyone from the other four offices from accessing financial applications.

Even if someone from a remote office acquired a finance employee's password and logged into his virtual desktop, the SmartAccess policy would prevent the intruder from gaining access to the company's financial applications because he or she is not in the correct physical location.

How to boost Citrix remote access security

Citrix SmartAccess removes some of the risk from allowing users to access virtual desktops from personal devices. IT can use the SmartAccess policy engine to run endpoint analysis scans on client devices. For example, IT can use SmartAccess to determine whether the proper antivirus software is installed on the device, and whether its virus definitions are up-to-date. If the device is not in compliance, then the user cannot gain access to his virtual desktop.

Users may access corporate resources over untrusted or public networks, or use untrusted and unsecure devices. SmartAccess helps address these issues.

SmartAccess can also control users' access to XenApp published applications. Citrix remote access security is based around the company's NetScaler Gateway delivery controller user session policies. An organization can perform pre-authentication checks and post-authentication checks on inbound user sessions to ensure that the client device meets all established conditions. IT can apply XenApp or XenDesktop security policies based on whether users pass a NetScaler Gateway endpoint analysis check -- granting them access to their virtual desktops or applications if they pass or denying them if they fail.

At the Synergy 2016 conference, Citrix previewed an integration between XenApp/XenDesktop and the company's XenMobile enterprise mobility management platform, which will expand SmartAccess coverage to Apple iOS and Google Android smartphones and tablets.

Next Steps

How to nail a XenDesktop farm migration

When and how to migrate from XenApp 6.5

How to use Citrix StoreFront with XenDesktop

Dig Deeper on Citrix virtual desktops