“Rock-solid in terms of security, but it also has one of the most elegant interfaces”
That was used to describe the SecureView solution in a recent article by Government Computer News (GCN), which reviewed SecureView and described it as “graceful given how secure it [SecureView] was” and “a surprisingly inexpensive solution that perfectly matches the needs of the government security community.” SecureView is a hardened government security solution developed through technical collaboration between Citrix, the Air Force Research Laboratory (AFRL), Assured Information Security (AIS), and Intel. It was created to enable greater information sharing between different intelligence agencies (which has become more important than ever after 9/11) and to protect against increasingly sophisticated security threats.
Recent years have seen a rise in organizations of professional attackers who are essentially mercenaries hired for targeted attacks against high-value targets such as the intelligence community. These organizations are able to breach some of the most secure environments in the world with well-funded, professional ‘hackers for hire’ and the ability to buy and sell attacks in underground markets. Government agencies have typically addressed these security threats and shared information among multiple agencies by isolating feeds from various networks and security domains on separate physical computers, segregated networks, monitors, and cables. However, this has proved to be extremely costly and unwieldy, with analysts having to keep a dedicated workstation, monitor, and several cables for each domain on their desks. Another alternative involves using custom-built security solutions that are extremely expensive and that quickly become outdated due to ever-changing security threats.
SecureView better addresses these challenges for government agencies by protecting their computing environments from persistent security threats while lowering TCO and providing a great user experience. It is based on the Citrix XenClient XT client virtualization platform, a secure local virtual desktop solution that offers high levels of security, isolation and performance to highly regulated environments, such as those found in the public sector, financial services, and energy industries. XenClient XT does this through a hardened Xen Project™ client hypervisor, hardware-assisted security features, and an open, extensible development platform.
SecureView leverages key capabilities from Citrix XenClient XT to provide high-assurance security and isolation for government agencies, including high-value targets such as the intelligence community. For instance, it is designed for security from the ground up, with an architecture that disaggregates and de-privileges functionality such as networking and VPNs into separate, completely isolated modules for increased security and isolation. Moreover, it uses the Type-1 Xen Project™ client hypervisor, which has been enhanced using SELinux and Xen Project Security Modules or XSM to further harden the hypervisor with additional access control mechanisms. SecureView also utilizes hardware-assisted security functionality in XenClient XT by using Intel® Trusted Execution Technology (TXT) to establish a dynamic root of trust measurement for a known good computing base at boot-time. This provides the ability to boot to a trusted and verified system every time.
SecureView complements the security, isolation, and performance benefits of XenClient XT with its MultiView feature that consolidates multiple desktops and thin clients running on different networks onto a single physical system. MultiView allows security analysts to view data from segregated networks (i.e. JWICS, SIPRNet, NIPRNet) on one physical workstation with one network connection. These feeds are still completely segregated from one another and are presented through a simple, elegant interface for a seamless user experience. Furthermore, SecureView uses Commercial Off The Shelf (COTS) Intel vPro hardware that can run even the most demanding workloads and 3D applications. The SecureView solution has enabled government agencies to successfully collaborate with one another while protecting highly sensitive information from persistent security threats. This is all done while offering near-native performance for a great user experience. Most importantly, it simplifies and reduces the cost of IT, as TCO analysis conducted by AFRL and Intel shows that SecureView reduces the TCO by up to 67% as compared to single-domain architectures and 45% as compared to a widely deployed thin-client, multi-domain architecture.
For more information about SecureView, read about how it reduces cross-domain solution costs and how it provides high-assurance security and performance. To learn more about Citrix XenClient XT, download and evaluate it in your environment for free and visit the XenClient XT product page. Please contact a XenClient expert if you have questions or wish to learn more about SecureView or XenClient XT.
Join the conversation by connecting with the Citrix XenClient team online!