Now that the latest XenApp and XenDesktop LTSR builds have been out in the wild for a while, I’ve been getting a lot of questions about whether customers should upgrade their platform to the 7.15 LTSR release and what features are being used by their peers.
My answer? Yes, upgrade to LTSR.
That was too easy. The conversation often diverges into questions about new features and scalability numbers, and often the answer is: “It depends…” A favorite reply from consultants and architects alike. To help answer some of the common questions and get some tips, you can visit my colleague Sarah Steinhoff’s blog post, as there is a wealth of information available already.
What I’d like to focus on is how some of these feature sets can increase security while maintaining agility and flexibility of the environment. To frame the conversation, when I talk about 7.15 LTSR, I’m looking at the collective suite of features since the last LTSR (7.6). These tools may already be a part of your environment today – and if they’re not, I want to share a few ways you can you take advantage of them.
To start, did you know that your existing Citrix environment inherently provides application access controls, containerization, and segmentation?
Federated Authentication Services (FAS). FAS can increase authentication flexibility, such as by giving trusted external users SSO access to your applications, or by enabling you to adopt certificate-based authentication methods instead of using Kerberos. FAS is especially helpful for customers who have B2B partners and need to provide access to internal systems over dedicated links. Now, you can control authentication without having to set up complex Active Directory policies.
WEM Transformer. Have you ever wanted to lock down the user experience of a repurposed PC or company-owned asset? Windows Environment Manager (WEM) Transformer can enable you to harness Windows capabilities to completely lock down the user in kiosk mode. That way, individuals or groups are only allowed to interact with the WEM Agent and send the user to their XenDesktop environment.
XenServer LTSR with Bitdefender HVI. XenServer LTSR now supports Direct Inspect APIs. These Direct Inspect APIs enable a shift towards software-defined infrastructure protection against viruses and malware. By combining the security policy engine of XenApp/XenDesktop with XenServer LTSR, Bitdefender Hypervisor Introspection can detect malicious attacks and add extra protection to your Citrix stack. This is pretty cool from a security perspective.
For expanded discussion on these topics, attend the next event in our Technology in Practice webinar series. We might just add a few extra tidbits on configurations, and some tips and tricks for designing and implementing these into your environment. Please join Louis Climaco and me for this free webinar on December 7 at 9AM and 2PM EST. There will be a live Q&A session at the end when you can ask any question you wish related to security strategies.