Applications have evolved. Over time, the addition of multiple point solutions to deliver applications in traditional, mobile, BYOD, and cloud environments has complicated data center infrastructures. Managing and securing an enterprise cluttered with supplemental VPNs, monitors, and gateways drives up costs, requires more administration, makes the network rigid, and more vulnerable to security risks. In addition, it leads to poor user experience as a result of inconsistent UI, multiple passwords and URLs to access applications.
Citrix provides an SSL VPN solution based on the zero trust model, which provides contextual access to your network, applications, and data to users accessing from a remote location.
As a consolidated, secure front end that provides SSL VPN and secure access across all of your internal, web, and cloud resources, Citrix Gateway provides a consistent and seamless user experience. It also simplifies creation and administration of otherwise disparate access policies. With a single solution, you can rely on a consistent set of access rules and reduced security risks.
Citrix Gateway offers secure remote access to any application, network resource, data, whether it’s web, legacy client-server, SaaS, mobile, or virtual apps. A consolidated access point provides administrators centralized policy management, including granular, app-level control based on network or device.
In addition, Citrix Gateway allows users to reset their passwords from the Gateway portal – removing dependencies on support and reducing costly password resets.
Citrix Gateway provides an always-on connection that allows a user to move from the office to a remote or WiFi connection without affecting the SSL VPN session. As the user transitions from office to home, they are automatically reconnected to their corporate network as soon as Internet access is available.
Citrix Gateway provides access to intranet resources through any native browser installed on an end user device. Admins can set up contextual policy controls and scan end user devices before enforcing an appropriate level of authentication and access policies.
The Citrix Application Delivery Management dashboard extracts information from Citrix Gateway to provide end-to-end visibility of all TCP, HTTP, and HDX-based access sessions. Integration of HDX Insight provides monitoring and auditing of HDX traffic associated with Citrix Virtual Apps and Desktops environments, while Gateway Insight provides monitoring and auditing of errors related to user authentication, end point check failures, or any SSO for any application traffic passing through Citrix ADC.
Citrix Gateway provides one-time password capability for multi-factor authentication (MFA), and it also allows users to easily verify identity on their mobile device with one swipe to the Citrix SSO app. It provides contextual policies for MFA that allows configuring any number of authentication steps, based on the zero trust model, to access confidential data based on user role, location, and device state. It supports LDAP, RADIUS, TACACS, Diameter, and SAML2.0 authentication mechanisms.
Split tunneling alleviates bottlenecks, conserves bandwidth and allows for a better experience while accessing different security domains like Internet and corporate resources on the network at the same time. Citrix Gateway provides IP and domain-based split tunneling. Using this functionality, customers can choose to route traffic they want through Citrix Gateway as well as allow users to access Internet directly, without backhauling traffic into the datacenter.