The last several years have brought about an explosion in remote work, with millions of people around the world accessing their data and apps from their home office or any number of non-traditional workplaces. Organizations depend on the productivity of the remote workforce but providing a secure and a productive work environment is an ongoing challenge. Hackers and other bad actors are using mechanisms like exploiting vulnerabilities of appliance-based solutions or embedding malware content in whitelist applications or using bots to launch increasingly insidious attacks. Devastating corporate or governmental security breaches, ransomware attacks, and attacks on critical infrastructure often start with a common theme: an attack against individual remote workers, their devices, or their applications.

In an environment defined by increasingly sophisticated threats with costly consequences, Citrix is ready to help you ensure that your organization’s security posture is constantly evolving to stay ahead of the hackers and thieves. Only Citrix offers a complete secure access service edge (SASE) solution that allows you to maximize performance, minimize risk and enable workforce productivity, anywhere, on any device.

During our Citrix Launchpad: Security event, we announced Citrix Secure Private Access, which provides existing and new customers with capabilities like zero trust network access (ZTNA) to all apps, adaptive authentication, adaptive security controls, and many features that make our Citrix Secure Access solutions more powerful than ever before. We also announced our new joint initiative with Google that enables a zero trust environment to help you reduce cyber threats and minimize your organization’s attack surface. And, Citrix Web App and API Protection now includes bot management that provides comprehensive, up-to-date security for all your apps, no matter their architecture or where they’re deployed.

The Citrix Ready Workspace Security Program further enhances our capabilities with a comprehensive partner ecosystem of tested, validated, and trusted security solutions. Our essential partner solutions from companies like Microsoft, Google, Cisco, Okta, and Splunk have zero trust principles built-in and are integrated with Citrix Workspace. While no one vendor can provide all the security you need, this collective approach makes it easy to select the right security vendors to help your organization proactively secure its endpoints, data, applications, and workspaces.

Zero Trust, SASE, and Citrix Ready

As applications move into the hybrid cloud, security approaches must evolve with them. A zero trust security framework is a big part of this because it doesn’t allow any single user or device to have default access to an organization’s network, workspace, or other resources. Zero trust implies a fully adaptive and context-aware system rather than depending on firewalls, virtual private networks (VPNs), or even strong authentication alone. Zero trust systems can grant access based on identity, time of access, device posture, and other factors.

The Citrix Ready Workspace Security Program is evolving to help you implement zero trust and solutions based on SASE architecture, combining the latest Citrix technology with innovative partner solutions that enable you to build a comprehensive security posture. As usual, all these partner offerings have been tested and verified as Citrix Ready to work with Citrix Workspace, allowing organizations to adopt a singular framework for zero trust security while customizing their strategy to meet their own specific needs.

Citrix Secure Internet Access and Google

Securing the endpoint has never been more critical. Now Chrome OS incorporates native Citrix Secure Internet Access support to protect your digital workspace with cloud-delivered security. Installed with only a few clicks, Google Chromebooks with Chrome Enterprise let you secure access to all your apps while protecting against threats entering from the Internet and app access.

Citrix Secure Internet Access is a cloud-delivered service that provides secure access to web and software-as-a-service (SaaS) applications globally. The service offers a complete stack of security capabilities, including Secure Web Gateway, Cloud Access Security Broker, Malware Protection with Sandboxing, Intrusion Prevention and Detection systems, and Data Loss Prevention.

Chrome Enterprise support for Citrix Secure Access lets you:

  • Block access to any inappropriate content based on 81 pre-defined web categories such as Adult, Weapons, Games, Piracy, and Remote Access tools
  • Block specific URLs or URLs containing particular keywords
  • Block connections from potentially dangerous countries, IP addresses, and ports, including Command and Control connections
  • Isolate and test suspicious URLs in a cloud sandbox, without affecting the Chromebook or the user
  • Block access to personal accounts for Gmail, Slack, and others
  • Block file uploads to storage accounts such as Box and Dropbox, including from virtual desktops on Chromebooks
  • Detect sensitive data in-flight (e.g., credit card numbers) to or from external storage attached to Chromebooks
  • Restrict social media apps with granular control, such as blocking Facebook comments for everyone except marketing teams.

Citrix ADM Service and Splunk

Most security operations are well-versed in traditional security, protecting networks from internal and external threats and validating remote-device access. Unfortunately, they often miss new threats leveled at the application layer, which have become increasingly common. Worse, hackers exploit the large attack surface of the application layer to evolve their strategies rapidly. Citrix Application Delivery Management (ADM) service closes this gap by providing advanced network, web application firewall (WAF), and bot security violation detection.

Citrix ADM now has added integration with Splunk, allowing application-layer security violations detected by Citrix ADM to be forwarded to Splunk Enterprise dashboards. With this integration, operators gain access to the powerful analytics in Citrix ADM service without leaving the Splunk Enterprise dashboard that they’re already using. Citrix ADM service creates live models that are unique to each application environment, providing:

  • Application security and anomaly detection including extensive network, WAF, and bot security violations
  • Application usage anomaly detection

Download our whitepaper here.

Zero Trust Network Authentication with Citrix Adaptive Authentication Service

Citrix Adaptive Authentication Service, currently in preview, allows Citrix Cloud customers to use Citrix Workspace to enable advanced authentication to Citrix Virtual Apps and Desktops, and also extend to SaaS and Internal Web Apps. Azure Active Directory, Duo Security, Okta, and Google IdP have already achieved Citrix Ready validation with Citrix Adaptive Authentication service on Citrix Cloud with many more on the way.

The capabilities of adaptive authentication include:

  • Multifactor authentication
  • Device posture scans
  • Conditional authentication based on network location, device posture, user group, time of day, etc.
  • Contextual access to Citrix Virtual Apps and Desktops
  • Logon page customization

Citrix Workspace App for Windows and FIDO2 Passwordless Authentication

Citrix Workspace app is the easy-to-install client software that provides seamless, secure access to everything workers need to get work done. With a single download, users get instant access to all applications, desktops, and data from any device, including smartphones, tablets, PCs, and Macs.

Citrix Workspace App for Windows now supports fast identity online (FIDO2) based authentication mechanism, allowing for passwordless authentication using security keys and biometric devices from multiple vendors. Citrix Ready validated solutions include:

SAML 2.0 support in Citrix Workspace

SAML 2.0 support means organizations can use a broad range of identity and authentication providers, such as Google, Imprivata, Ping, and many more for secure login into Citrix Workspace. Some newer technologies enabled by SAML 2.0 support include:

  • Risk-based multifactor authentication
  • Passwordless authentication
  • Contextual policies
  • Biometrics

Check out the official support announcement and all the Citrix Ready validated SAML 2.0 vendors here. Download this infographic to view all the identity options supported by Citrix Workspace, including all the Citrix Ready validated partner solutions.

Coupled with the Citrix Ready Workspace Security Program, these partnerships and others can help you move forward with zero trust security and improve your organization’s security posture.

To learn more about the Citrix Ready Workspace Security Program and to see who’s in our growing security ecosystem please visit us here.

If you are a vendor with a security application and want to join our program please visit us here.