Brand new problems, same old tools

Security and privacy are at the forefront of every enterprise security team with a high-profile breach hitting the news every week. Digital Transformation is compelling enterprises to introduce new technologies and trends into the workforce aimed to improve the employee experience and productivity at a breakneck pace. This is invariably putting tremendous strain on the enterprise security teams forcing them to deal with new attack surfaces in the way of BYOD, cloud services, mobile & SaaS apps. But, they are constrained to do so with tools that are designed to safeguard a physical datacenter with all the assets centralized and located within that datacenter. It’s no wonder that sophisticated attackers with high level of persistence are increasingly successful in breaching the enterprise security perimeters now more than ever.

How Can Citrix Help?

While it seems overwhelming, Citrix can help address some of the hairiest IT security challenges. Uniquely, Citrix solutions have visibility across users, endpoints, networks, applications and files. Just this week, we announced the acquisition of Cedexis by Citrix, which brings a new dimension to Citrix Analytics with the addition of internet availability metrics. Citrix can now apply intelligent traffic steering techniques by capturing data points from literally billions of measurements in real time from public clouds, ISPs, datacenters, and multiple CDNs. Capturing this will enable Citrix customers to have deeper visibility and access to rich, actionable insights from real-time analytics of 15B+ data points obtained daily from Real-User-Monitoring (RUM) measurements, 150+ Content Delivery Networks (CDNs), multiple public clouds, 800+ private clouds/DCs and 40,000+ IP networks operated by network operators world-wide.

This range of vantage points enables Citrix to aggregate and correlate data to detect issues and prescriptively take action to mitigate threats before they cause problems. With an end-to-end view of the location and usage of data, Citrix also enables organizations to monitor and control data privacy across endpoints, datacenter, mobile, hybrid and multi-clouds. Unlike solutions from other vendors, Citrix has built a system that provides near instantaneous data collection without the need to install dozens of agents. This radically reduces the time and effort to resolving security issues.

It cannot be overstated that Citrix has and the unique ability to capture and analyze all kinds of data, end-to-end, within the deployed Citrix infrastructure. For example, taking advantage of over 20 years of innovation with the High Definition Experience (HDX) and the ICA protocol behind it, only Citrix can directly mine ICA traffic to surface key pieces of a larger puzzle. That’s just one input among dozens across the broader Citrix portfolio. However, it is a largely deployed use case across multiple undustries and scores of enterprises.

Citrix has included decades of deep knowledge and experience with the Citrix networking offerings, core virtual applications and desktop systems, mobility, and data in its solutions. Combining all the collected inputs together, correlating the data and using advanced machine learning, Citrix can deliver truly meaningful and actionable insights unique to each customer in support of mitigating the toughest security and privacy issues.

Let’s look at this solution a bit more closely.

Citrix Analytics & Security

Citrix Analytics is our latest cloud service. Citrix Analytics Service ingests data from all its products — XenApp, XenDesktop, XenMobile, NetScaler & ShareFile — whether they are deployed on-premises behind a firewall or in a public cloud. This data includes user access behaviors as they enter the enterprise. It also includes information about the enterprise resources, such as apps and data that users normally consume once they enter the enterprise network. Additionally, all this information is being captured from networks whether it is encrypted or unencrypted.

As it gathers all the critical information, Citrix Analytics creates models of these users using machine learning algorithms that track their normal behavior, for example, the devices they log in with, the locations they work from, the apps they use and the data consumption patterns. Once, the normal behavioral patterns of the users are understood and tracked, any abnormal behavior, either arising from a careless or rogue internal user or a malicious external user is easily identified and highlighted promptly to the admin.

Further, these abnormal behaviors are correlated and aggregated into a comprehensive user risk scores that, in turn, can be used to determine specific actions to be taken by the admin (e.g., enable multi-factor authentication, restrict access to certain applications and files or even block the user in an extreme scenario).

This kind of data analytics-based security solution provides security admins with a valuable arsenal of tools that they can use to mitigate internal threats, external attacks and other data exfiltration activities that are otherwise extremely hard, if not impossible, to deal with using traditional perimeter-based solutions.

Citrix Analytics is highly differentiated!

On the surface, it may appear that any vendor could build such an analytics solution. However, Citrix has inherent advantages that make the solution unique. To start with, Citrix has a rich portfolio, giving access to users’ apps and data via its app delivery products (XenApp, XenMobile) and content collaboration platform (ShareFile). It has access to identity and authentication information from its gateway products (Universal Gateway, Secure Web Gateway) in the networking portfolio. The Citrix networking portfolio with SD-WAN, ADC, and WAF also provides access to network traffic.

Next, the diverse portfolio is already deployed in key vantage points in the enterprise. This eliminates the cumbersome task of deploying, managing and maintaining third-party agents, sensors, and probes that are vital for competing solutions.

Finally, Citrix Analytics Service generates actionable insights, by correlating the data and employing ML algorithms, and then turns these insights into programmable actions within its product portfolio.

These unique elements in the solution enable admins to enjoy many benefits of the solution and mitigate data exfiltration, internal threats and external attacks with very little up-front or on-going work. And, this solution enables management to know where security and privacy policies are being effective – and where intervention is required.

Try out the solution

If you are a Citrix admin, you can onboard your Citrix environment within minutes. Why not give it a spin and see first-hand what the solution has to offer. For more information and to sign up for a preview, reach out to Blake Connell,