Enterprise customers are transitioning to the cloud and are looking to consolidate their datacenter footprints and provide single sign-on to all applications deployed in a datacenter, cloud, or delivered as SaaS. Implementing Single Sign-On (SSO) for cloud and SaaS applications also means moving user directories to the cloud. This is a big concern amongst enterprises and is a barrier to providing universal SSO.

NetScaler Unified Gateway provides SSO to applications whether they are in the datacenter, the cloud or delivered as SaaS, and allows the user directory to be kept on-premises, allowing a safe and secure transition to the cloud.


Below are some of the key capabilities we are introducing with Unified Gateway in 12.0.

Support for VMware Horizon

NetScaler Unified Gateway now offers support for the PCoIP protocol and supports VMware Horizon, in addition to Citrix XenApp & XenDesktop, and Microsoft RDP. With this, NetScaler Unified Gateway now supports all VDI environments.

Support for MicroVPN/per app VPN for Microsoft Intune

In January 2017, we announced NetScaler support for Microsoft Intune MDM that offers conditional access and multi-factor authentication for Intune users. We will also soon be announcing a per app VPN/Micro VPN capabilities for Microsoft Intune, soon. This is a joint solution including Citrix NetScaler, Citrix XenMobile and Microsoft Intune. NetScaler, from 12.0 onward, will have support for this solution and will have per app VPN capability for Secure Mail, Microsoft Intune Browser and any third-party line of business application. Citrix and Microsoft will provide SDKs that wraps a mobile application and allows it to create a application specific VPN tunnel to access on-premises resources.

New Policy Infrastructure

The new policy infrastructure allows an administrator to prioritize security and access control policies across multiple groups. If a user is a part of multiple groups,

PAC file support for outbound HDX/ICA proxy

NetScaler Unified Gateway lets you configure the gateway appliance to support Proxy Auto Configuration (PAC), where the URL of a PAC file is pushed to the client browser. The traffic from the client is then redirected to the respective proxies as determined by the conditions defined in the PAC file.

Support for EDT for Citrix XenApp and Citrix XenDesktop environments

EDT is short for Enlightened Data Transport, also referred to as Adaptive Transport for HDX: this applies selected techniques previously available only with Framehawk to all ICA/HDX virtual channels to accelerate performance and reduce end-to-end latency. NetScaler Unified Gateway is the only delivery solution that supports this feature.

For customers who are interested in consuming gateway as a service, we recently announced the NetScaler Gateway Service (NGS). In its current form, it provides a basic ICA proxy for XenApp & XenDesktop Services (cloud services from Citrix). We are working on enhancing the service.

To find out more about what’s coming in Unified Gateway and in NetScaler Gateway Service, join us at Citrix Synergy and attend our session “SYN121: What’s new in Unified Gateway” on May 24th, 2:45 PM – 3:30 PM in Orange County Convention Center, West Concourse, Level IV, W415D.