"Understanding which users do what and where, on networks and on applications, is a key component of the compliance strategy of virtually every enterprise. Doing so requires implementing a security architecture based on the roles and identities of users.
Collateral Links:
Compliance and Network Protection for Citrix XenApp and XenDesktop
The Case for Application Delivery Infrastructures
According to a commissioned study conducted by Forrester Consulting on behalf of Citrix Systems, organizations need to adopt application delivery infrastructure technologies like desktop virtualization, application virtualization and application streaming to address pressures for improved desktop performance, security and availability. However, deploying these solutions can create compliance and network security concerns for the organization, leading to questions such as:
- How can we manage access to network applications and data when users are sharing virtualized applications and desktops?
- How can we prevent a user from escalating his privileges on an application delivery server and accessing unauthorized resources in the network?
- How can we demonstrate to management and auditors which users accessed network resources, and when?
The Applied Identity Solution
Identisphere works transparently with Citrix XenApp and XenDesktop, addressing compliance and critical asset protection needs with access policy enforcement and auditing based on user identities. Identisphere brings the power of identity aware networking to Citrix Delivery Center customers, giving them the flexibility to consolidate server farms inside the enterprise and helping them further address compliance needs with improved network access policy enforcement, visibility and accountability.
A Citrix Ready Solution
Identisphere is verified as Citrix Ready and works with Citrix XenApp and XenDesktop to deliver improved compliance and secuity to organizations deploying applications delivery solutions. Identisphere:
- Controls application access to network resources - Identisphere leverages identity-based access control to restrict XenApp server access to back end network applications and data, limiting visibility to critical network resources according to a user’s privileges. The result is improved and demonstrable compliance with organizational security policies.
- Isolates resources for desktop users - Identisphere helps address compliance requirements for segregation of resources by enforcing a logical segregation of network resources by users, roles and user groups.
- Enhances policy compliance monitoring - Identisphere augments SmartAuditor capabilities by providing visibility into user network access behaviors, allowing administrators to leverage Identisphere reports to identify and review XenApp sessions of interest.
- Supports compliance audits - Identisphere’s ID-Audit supplements the administrative capabilities in Citrix Delivery Center with the ability to generate network usage reports based on user identity.
- Centralizes authentication - Identisphere leverages centralized Windows authentication to extend access control access to all network resources, including Linux, mainframe, and legacy applications.
- Deploys quickly - Deploying Identisphere with Citrix Delivery Center requires no application integration or client deployment to end user machines. Identisphere’s ID-Enforce appliance installs behind XenApp and XenDesktop servers to protect the network environment.
- Unifies user administration - By sharing the same identity management system, provisioning network access policies for new users is automatic, with no reengineering of rules or policy creation required.
- Provides a transparent user experience - Identisphere leverages Windows authentication to authorize access to the network environment. The result is improved information security and compliance with no impact to the user community.
- Works anywhere you deliver applications - Citrix Delivery Center allows you to accelerate application delivery over any WAN from any datacenter.
Visit the Applied Identity Page on the Citrix web site for more information.
Take the next steps. Find out how identity aware networking can help you meet compliance objectives, protect critical network assets and improve accountability. Contact Applied Identity and get started with your free 30-day trial of ID-Enforce VA.