Secure Remote Access to Any Application from Anywhere, on Any Device
Total Page:16
File Type:pdf, Size:1020Kb
Solution Brief Secure remote access to any application from anywhere, on any device At Citrix, we empower our customers to provide In addition to allowing access to corporate data contextual and secure access to applications deployed from managed devices, Citrix Secure Workspace on-premises, in the cloud, or delivered as SaaS. In Access provides security controls to protect user and addition, we also provide security controls like web corporate information even when accessed from filtering and web isolation for customers who want to BYO and unmanaged devices. With browser isolation control what users access on the Internet. Currently, technology, it helps users access applications in an we offer three choices to customers looking to isolated environment to protect applications from any implement secure access and single sign-on solutions malicious content on user devices. In addition, app for their applications, network and data. protection policies in Citrix Secure Workspace Access protect user and corporate information from being stolen by key logger and screen capturing malware. Citrix Secure Workspace Access This allows IT to let their users access corporate data from BYO and unmanaged devices; thus making life Citrix Secure Workspace Access offers a easier for both IT and end-users. comprehensive, zero trust approach that delivers secure and contextual access to all applications you need and provides an enhanced user experience while Citrix Workspace Essentials maintaining security control. It allows for consolidation of traditional security products like VPN, single sign-on Citrix Workspace Essentialsis a component of Citrix and browser isolation technologies with one solution. Secure Workspace Access that can be purchased This allows for a holistic security approach based on separately as well. This service, provides single sign-on principles of zero trust. Over and above consolidation, and zero trust VPN-less access to web and SaaS apps it provides cloud app control policies to protect and secure remote access to Citrix Virtual Apps and intellectual property in SaaS and web applications. Desktops. It allows customers to replace their traditional Citrix | Secure remote access to any application from anywhere, on any device 2 VPNs and consolidate SSO solutions for users accessing embedded and app-shared malicious SaaS applications. However, it does not provide links, adding security as they access web apps from their advanced security policies like copy, paste control, personal or BYO devices. These security policies along isolated browser, and app protection policies that with Citrix Analytics for Security, enable organizations come with Citrix Secure Workspace Access. If you are to deliver zero trust outcomes by reducing the attack looking to provide basic access to applications with surface, securing the log-in process, enabling continuous single sign-on experience then this is a good service to authentication and authorization, providing data and begin with. device protection, protecting users from web-based threats, and automated risk prevention. Citrix Gateway 2. Secure Access to sanctioned SaaS apps with security controls Citrix Gateway is a customer-managed solution that can The increase in use of SaaS apps creates security risk be deployed either on-premise or on any public cloud, as users have to juggle multiple log-ins for different such as AWS, Azure, or Google Cloud Platform. It comes services, leading to poor password practices like in both hardware and virtual form-factors that can run reusing passwords or passwords that are easily hacked. on any hypervisor environment. Citrix Gateway provides Secure Workspace Access provides the ability to users with secure access and single sign-on to all the Single Sign-On to SaaS applications and additionally virtual, SaaS and web applications they need to be enforces security controls to govern data exfiltration productive. It also provides a complete SSL VPN solution including preventing copy, paste, print and navigation, for access to network resources. and enabling watermarking on-screen for sensitive applications. These features provide a way to allow Citrix Secure Workspace Access– end-users to gain secure access with Single Sign-On common use cases to all of their SaaS applications configured within Citrix Workspace. Citrix Secure Workspace Access helps customers adopt cloud and SaaS applications while removing concerns 3. Browser isolation for gray sites to augment around unauthorized access and securing confidential anti-phishing and anti-malware capabilities data in SaaS applications. Common challenges that are Citrix Secure Workspace Access provides the ability to solved by Citrix Secure Workspace Access include: isolate and render websites in a cloudhosted browser leveraging the Citrix Secure Browser Service. Citrix 1. Secure VPN-less access with zero trust Secure Browser Service isolates web browsing to network access protect the corporate network from browserbased Unlike a traditional VPN, Citrix Secure Workspace attacks. It delivers consistent, secure remote access Access is a cloud-based offering that provides secure to internet hosted web applications, with no need and contextual VPN-less access with single sign-on for user device configuration. Administrators can (SSO) to on-premises web apps. In addition to SSO, it orchestrate secure browsing as a web filtering policy also provides controls for protecting information shared within Secure Workspace Access. By isolating internet in web applications. Administrators can enforce security browsing, IT administrators can offer end users safe controls to govern data exfiltration including preventing internet access without compromising enterprise copy, paste, print and navigation, and enabling security. In addition to browser isolation, administrators watermarking on-screen for sensitive applications. can also implement traditional web filtering policies to Additionally, it provides security controls like web allow/deny access to one or more websites. filtering and an isolated browser environment to protect Citrix | Secure remote access to any application from anywhere, on any device 3 Citrix Workspace Essentials – common Citrix Gateway–common use cases use cases Citrix Gateway is a secure and remote access solution that has solved these key customer challenges: Citrix Workspace Essentials provides secure remote access solution with a diverse Identity and Access 1. ICA proxy to on-premises deployments of Citrix Management (IDAM) capabilities, delivering a unified Virtual Apps and Desktops experience into SaaS apps, heterogeneous virtual apps Citrix Gateway provides advanced functionality for and desktops, and internal web applications. Customers delivering remote access to Citrix Virtual Apps and Virtual who choose Citrix Workspace Essentials are typically Desktops applications. It is the only solution that provides looking to solve the following challenges: security, performance and complete end-to-end visibility 1. Single sign-on to SaaS and web applications for Citrix environments. Its core strengths are: Today’s end users require easy access to their web, • Security – Citrix Gateway provides contextual cloud or SaaS applications across multiple devices Secure Workspace Access policies for Citrix Virtual and connections. A cumbersome sign in process can Apps and Citrix Virtual Desktops. These policies, significantly impede productivity—although IT must referred to as SmartAccess and SmartControl require secure logins to protect corporate data. In policies, allow enforcing controls on actions a user order to ensure a high-quality user experience while can take once they successfully login to these still maintaining security and control, IT teams must applications. provide users with single sign-on (SSO) across all • Improved performance – Only Citrix Gateway applications, whether they’re hosted on premises, in supports HDX Enlightened Data Transport, a the cloud or delivered as SaaS. By leveraging protocol developed on UDP, to provide a better contextual Secure Workspace Access and multi-factor user experience for traffic over high-latency authentication, IT can maintain productivity and networks like home and public WiFi. end-to-end oversight across all application traffic. 2. VPN for remote access to corporate network and 2. VPN-less and zero trust secure access to internal datacenter resources web applications Citrix Gateway is a full SSL VPN solution that provides Traditional VPNs are complex and tough to manage users, access to network resources. With both full tunnel especially when IT teams are trying to scale quickly. VPN as well as options for clientless VPN, users can Citrix Workspace Essentials securely connects to an on- access applications and data deployed on-premises, or premises data center with the Citrix Gateway Connector, in a cloud environment. Core strengths for our SSL VPN which is deployed on-premises. The connector acts as solution include: a bridge between internal web applications and Citrix Workspace Essentials by establishing a TLS connection • Clientless access to all apps: Citrix Gateway without a VPN connection. offers browser-based access to all web and legacy applications that are deployed on-premises or in a cloud. Citrix | Secure remote access to any application from anywhere, on any device 4 • nFactor authentication framework: Citrix Gateway provides a robust nFactor authentication framework that allows IT to authenticate users based on their location, state of