We’re excited to announce integration of Citrix Analytics with Azure Sentinel, which gives IT admins access to critical information. So how does it work? Citrix Analytics collects data from across our product portfolio — Citrix Virtual Apps and Desktops, Citrix ADC, Citrix Content Collaboration, and Citrix Endpoint Management, as well as external sources like Microsoft Graph Security.

What does this data deliver? It gives IT admins unique insights about user behavior and helps them secure Citrix Workspace solutions. It also empowers them to proactively handle user security threats, improve application performance, and optimize IT operations. The tight integration with enforcements points around access, content, and applications gives IT admins a complete solution to help them secure key enterprise resources.

Enterprises with large security operations use a SIEM (Security Incident and Event Management) solution to get a broader view of their IT systems. Azure Sentinel provides a scalable, cloud-native SIEM with built-in intelligence to detect threats and to automate and orchestrate a response.

With the integration of Citrix Analytics with Azure Sentinel, IT admins can get critical information such as:

  • Risk score change: When a user’s risk score increases at any rate or drops by more than 10 percent the change is sent to Sentinel.
  • Risk indicator summary: All risk indicators associated with the user when a new risk indicator is generated.
  • User risk score: Citrix Analytics sends the current risk score of a user to Sentinel every 12 hours.
  • User apps: Citrix Analytics retrieves data on applications a user has launched and used from Citrix Virtual Apps and sends it to Sentinel every 12 hours.
  • User device: Citrix Analytics retrieves data on devices a user is associated with from Citrix Virtual Apps and Citrix Endpoint Management and sends it to Sentinel every 12 hours.
  • User location: Citrix Analytics retrieves data on the city a user was last detected in from Citrix Content Collaboration and sends it to Sentinel every 12 hours.
  • Data usage: Citrix Analytics sends data uploaded and download by the user through Citrix Content Collaboration to Sentinel every 12 hours.

By bringing these solutions together, customers can now take the unique insights provided by Citrix Analytics and leverage Azure Sentinel to get a full view of the threat landscape and respond quickly to mitigate threats.

Learn more about Citrix Analytics and our integration with Azure Sentinel.

Are you at Microsoft Ignite? Stop by the Citrix booth (#1949) to learn more about how Citrix Analytics integration with Azure Sentinel can help you stay ahead of your security challenges.