Citrix Access Partner
Establish a secure Citrix Presentation Server environment and protect your business critical operations.
Block all unauthorized, illegal or unwanted applications by default and prevent any interruption in the normal flow of your business.
 |
Hardening of the Citrix® Presentation Server through the use of Lumension Endpoint Security to definitively control who can run what executables gives Citrix customers the ability to protect critical business operations from unwanted intrusions regardless of their source, increases the operating stability of the application environment and to achieve lower TCO goals.
|
Many organizations are using Citrix® Presentation servers to supply critical business and training applications to remote worker desktops. However, these advantages are also accompanied by risks that can adversely affect business operating productivity and server performance (e.g. the use of utilities stored on remotely connected end user systems to access main corporate network to conduct unauthorized activities).
Prevent unauthorized and unlicensed software running
Lumension Endpoint Security prevents all non-authorized executables from running on endpoint PCs and servers, whether they're known or not. This effectively prevents viruses, Trojans, hacker intrusive software (e.g. Citrix Published Application Scanner, as well as unlicensed and illegal software to be introduced into critical Citrix® Presentation Server environments. As Citrix Presentation Server, Lumension Endpoint Security runs on Windows 2000/2003.
Citrix® Secure Access Manager provides secure, single-point access over the Web. By adding Lumension Endpoint Security, administrators have the means to ensure that no unauthorized executable code can be introduced or run by users from any single-point access.
Ensure Execution Authentication with hash codes
Lumension solutions integrate seamlessly into the Terminal Services and Citrix® Presentation Server environments. Administrators just have to identify which applications can be executed per user / group of users. Lumension Endpoint Security calculates a cryptographic hash for each executable file. This 20-byte signature is generated using the well-known SHA-1 algorithm and serves to identify a particular file. This signature is calculated on the binary content of the file itself instead of weak attributes such as file name or date, ensuring that only authorized files will be executed. This signature is calculated at each and every launch of any executable code, insuring a 100% reliability. If just one bit of the original file is modified, it will not be allowed to execute on the host. Any attempts to execute any unauthorized file will fail.
Central administration
Application access control policies are administered from a central location via the Lumension Management Console. Any change of policy to user or group profiles can be dynamically pushed out to our client software that resides on the Citrix® Presentation Server, enabling changes to take effect immediately. Some of Lumension's customers centrally manage and administer Lumension Endpoint Security on tens of thousands of endpoint PCs.
Enhancing the security of Citrix environments while easing System Administration
Citrix® Presentation Server enables organizations to install, manage, deploy and support enterprise applications from a central location and provide access to them from anywhere. Lumension Endpoint Security extends this capability by ensuring that users run only the applications that they are authorized to run, based on our white-list principle. Like Citrix® Presentation Server, Lumension Endpoint Security is centrally manageable for maximum efficiency, adding a complete security layer without creating an additional management burden through constant updates like black-list based solutions.
Contributing to TCO reduction
Customers who adopt Citrix® access infrastructure do so to reduce the total cost of ownership through lower product costs, and reduced administration and support costs. By hardening the Citrix® Presentation Server environment with Lumension Endpoint Security, Citrix® customers are fully protected from unwanted intrusions and malicious code, regardless of their source. By controlling what can run, Lumension Endpoint Security increases the operating stability of business critical application environment, enabling Citrix customers to achieve their total cost of ownership goals. Alongside Citrix Secure Access Manager, Lumension Endpoint Security provides strong security on both Citrix MetaFrame Presentation Servers and end-users' workstations.
Making sure PCs can only be used as Terminal access devices
Lumension also provides Lumension® Application Control for desktops/laptops. This desktop version uses the same authenticated execution process as our terminal version, but at a PC level. This enables Citrix® customers to enforce user policies at the PC access level. Systems administrators can control what applications run on their endpoints, ensuring that only authorized software is introduced and run by end-users on their PCs. Together, Lumension® Application Control and Lumension Application Control Terminal Services Edition solutions provide strong security allowing Citrix customers to achieve their total cost of ownership goals even with PCs as access devices.
Full support of Citrix® Access Gateway:Enforce remote Citrix access device health with Lumension Endpoint Security and Citrix Access Gateway.
The compliance of devices can be enforced via Citrix® Access Gateway. Agents presence, version and status of Lumension desktop policy enforecement products including Lumension® Device Control, Lumension® Application Control can be checked prior to granting access to devices requiring connections to Citrix® Presentation Servers.
Lumension Endpoint Security is the best way to secure your Citrix® environment
- Make sure no unauthorized applications are run, including viruses and hacking tools.
- Minimize risk of data theft and illegal intrusions.
- Reduce the risk of disruption and enhance services availability.
- Comply with data secrecy and security regulations in Financial and Healthcare industries.
- The resilience of the Citrix Metaframe servers can be assured through the ability to exercise total control over exactly who can execute applications and when, with no performance impact.
- Enforce policies regarding device & application use for workstations used as access devices with Citrix® Access Gateway.
For more information: