At Summit in January I ran into an interesting Citrix partner – Xceedium.  It’s a security company with an appliance product, called GateKeeper, that is complementary to XenApp.  It enforces security policy by providing compartmentalization and containment.

Say you are outsourcing development.  The GateKeeper provides capability they call “LeapFrog Prevention” to isolate and contain users to authorized applications and network devices.  So your outsourced developers can’t do DNS look up, NFS mount, ICMP to LeapFrog to unauthorized areas and information.  It also provides tracking and reporting for compliance reasons. 

In a XenApp environment, their agent monitors each user process and prevents unauthorized apps from trying to leapfrog to another device.  They also provide tracking for all CLI and prevent unauthorized CLI, so it adds to the security features of XenApp at the application layer with control over the command line/infrastructure layer.

The GateKeeper is complementary to the SmartAuditor session recording feature of XenApp, adding keystroke logging and session recording for CLI.

For customers who have audit and compliance requirements, Xceedium is an extremely interesting addition to XenApp.  They’re already verified Citrix Ready too.  As a bonus, Gatekeeper is Common Criteria certified to EAL3.