Protect your Citrix apps from DDoS attacks

Keep your business up and running, always

For many organizations, Citrix applications are the lifeblood of business. If hit by a distributed denial-of-service (DDoS) attack, those apps will be offline—and business will stop functioning. However, many DDoS protection services are incapable of scrubbing Enlightened Data Transport (EDT) traffic. Without a way to fight back, these threats can destroy employee productivity, damage your reputation, and cut off sources of revenue.

Executive summary

  • Cyberattacks are on the rise, and one of the most common (and dangerous) types is the DDoS attack.
  • Mitigating against downtime to keep Citrix applications online is critical to business survival.
  • With comprehensive DDoS protection from Citrix, you can keep bad actors out while letting legitimate traffic in.

Keep reading

Business outcomes

Get the right DDoS protection for your Citrix traffic

DDoS attacks target applications and the infrastructure that houses them—and unfortunately, Citrix virtual apps and desktops are no exception. That’s why Citrix DDoS protection service includes special countermeasures associated with ICA/UDP traffic. In addition to mitigating general DDoS attacks, it safeguards your Citrix environments to ensure application traffic is never dropped. Set thresholds to receive alerts when you need to monitor a possible attack, or have mitigations automatically kick in when there’s a definite attack. You can run fire drills and test readiness to ensure your environment is always protected.

Defend against the largest DDoS attacks

DDoS attacks are more prolific and more powerful than ever, with 26,000 attacks per day1. But while options for DDoS mitigation abound, few can protect Citrix ICA Proxy and EDT traffic—the unique UDP-based delivery protocol that’s critical for virtual app and desktop delivery. For that, you’ll need specialized DDoS mitigation. With a scrubbing capacity of 12 terabits per second, Citrix DDoS protection service can mitigate 4x the amount of traffic caused by the largest attack ever recorded. It vets all traffic against any DDoS attack vector, leveraging 14 globally distributed points of presence (PoPs) to ensure there’s always a scrubbing center close by.

Deploy fast and scale quickly

DDoS attacks are astonishingly easy to launch and can cost the average enterprise $2 million2. Which means you can’t afford to wait until it’s too late. Citrix’s cloud-based DDoS protection service can go live in less than 30 minutes and doesn’t require any added network routing changes. You can add it to Citrix DaaS at any time. Then use point-and-click dashboards to quickly configure rules and policies. As your business grows and you need more scrubbing capacity, simply upgrade your license to add more application and API security.

Choose from multiple DDoS mitigation methods

DDoS attacks are a serious threat to every business, but different applications can require different levels of protection. In industries like finance and healthcare, for example, a single second of app downtime could be devastating or even life-threatening. That’s why Citrix lets you choose from different DDoS mitigation options based on your unique application security requirements. To keep costs low and minimize routine latency, you can use the on-demand solution to divert traffic once a DDoS attack has been detected. Or, to ensure there are no gaps in coverage for critical apps, the always-on service continuously scrubs all traffic before it reaches its destination. 


1 Forbes 2 Kaspersky

Related products


Citrix Web App and API Protection

Keep your public and private apps and APIs secure with application security as a cloud service.

Citrix DaaS

Deliver secure virtual apps and desktops to any device, without the need for manual setup or upgrades.

Get more information


What could you lose from a DDoS attack?

Read the blog


Protecting against DDoS attacks with Citrix

Read the white paper


Protect your business with Citrix's DDoS mitigation service

Read the blog