Presentation is loading. Please wait.

Presentation is loading. Please wait.

Citrix CloudGateway™ Technical Overview Sept, 2012.

Published byMiranda Crawford Modified over 9 years ago

Similar presentations

Presentation on theme: "Citrix CloudGateway™ Technical Overview Sept, 2012."— Presentation transcript:

1 Citrix CloudGateway™ Technical Overview Sept, 2012

2 + Context Content across all types of apps, data, devices and users
Single point of Access & Self-service Single point of Aggregation & Control Any device pc mac smartphone tablet thin client + Any App & Data data mobile SaaS web windows across all types of apps, data, devices and users The Bring Your Own (BYO) movement, the proliferation of cloud services and the increase in workshifting have made mobility the #2 priority among CIOs. Today, the average employee uses three devices a day to get work done, and on average, owns at least one of them. At the same time, there has been an explosion in the number and type of applications created for and used on these devices. In a recent survey, Citrix found that most enterprises today support more than 200 applications in their increasingly diverse portfolios. In the near future, half of these are expected to be web, SaaS and mobile applications. In addition, personal cloud-sharing services are used by nearly every employee to store files outside the corporate firewall. Collectively, these trends have prompted IT departments to seek a way to securely support and control employees who are increasingly choosing where, when and how they want to work. What businesses need is a solution that supports these new devices, applications and services with appropriate security and policy controls. Specifically, IT wants to: 1) Mobilize their corporate Intranet and web applications, 2) Securely deliver native and HTML5 mobile apps from a central location, 3) Provide single sign-on for SaaS and web apps, and 4) Secure the corporate data on BYO devices. Existing mobile device management solutions – today’s primary alternative for solving this problem – focus purely on the security needs of IT without factoring in the employee, who increasingly owns his or her own device and demands a better user experience. A more effective solution allows employees to choose their own devices, access the content they need for their jobs from a self-service store and use their apps and data wherever and whenever they choose to work. At the same time, the solution enables IT to retain control over all corporate apps and data in use by employees. To balance the employees’ desire for flexibility and a consistent experience with the security and control requirements of IT, Citrix offers an end-to-end enterprise mobility solution that includes three Citrix products: Citrix CloudGateway, Citrix Receiver, and Citrix ShareFile. CloudGateway is the centerpiece of this solution and includes: An enterprise app store Follow-me apps and data A secure mobile container Scenario-based controls Identity-based provisioning

3 Citrix CloudGateway™ Unified storefront for mobile, Web, SaaS and Windows apps Follow me apps & data on any device with federated SSO Control access polices for apps, data and devices Wipe apps & data remotely Unified SLA and license compliance for SaaS apps Clientless secure remote access Citrix™ CloudGateway™ is an enterprise mobility management solution that securely delivers mobile, Intranet, Web, SaaS and Windows® apps and data to any device, anywhere. It empowers users with a self-service enterprise app store that provides access to business apps and data, leveraging the consistent, rich user experience of Citrix Receiver™. CloudGateway also provides identity-based provisioning and control for all apps, data and devices, including employee-owned devices. These capabilities enable IT to protect enterprise apps and data with policy-based controls, such as restriction of application access to authorized users, automatic account de-provisioning for terminated employees and remote wipe for data and apps stored on lost devices.

4 CloudGateway Express Windows apps & desktops
FREE! For XenApp & XenDesktop Receiver -- Storefront Services

5 Express Citrix CloudGateway StoreFront™ services
Follow-Me Apps from a unified enterprise app store User self-service and federated SSO Modern replacement for legacy Web Interface Enables self-service upgrade to Receiver Supports both browser and native experience ‘Follow-Me’ Windows apps & desktops Supports all versions of XenApp & XenDesktop Easy installs in minutes Runs simultaneously with legacy Web Interface Easy upgrade to CloudGateway Enterprise Citrix CloudGateway Express

6 CloudGateway Enterprise
Windows apps & desktops, Web & SaaS apps CloudGateway Enterprise Receiver – Access Gateway – Storefront Services – AppController

7 Enterprise Citrix CloudGateway StoreFront™ services
Follow-Me Apps from a unified enterprise app store User self-service and federated SSO Flexible content controllers Connect to Windows apps & desktops Aggregate web & SaaS apps Distribute enterprise mobile apps Integrate with enterprise & cloud data services Powerful gateway services SSL encryption & advanced access control Mobile app isolation and data encryption App SLA performance monitoring License compliance & optimization Citrix CloudGateway Enterprise

8 Virtual Desktops & Apps
Mobile Apps CloudGateway Access Gateway Storefront Services Receiver AppController Web & SaaS Apps ShareFile Data Virtual Desktops & Apps

9 Citrix Receiver

10 Access Your Apps and Data From Any Device
Intro: This scenario helps illustrate how powerful it is to allow users to leverage any device, either corporate or personal, to gain access to their personalized app store. Key Points: Citrix Receiver provides this capability. Native Receivers are available for many different devices and operating systems, and even devices without a native Receiver can leverage Receiver for Web to access their same app store with the same look and feel as a native Receiver. Mark: Installs Receiver and configures it with a single click on his iPad and iPhone Notices immediately that all his apps and files are available to him on both devices. Pulls up his iPad while in the hotel and is immediately editing his PowerPoint presentation from where he left off the day before on his laptop.  Heads back to the app store to pickup the expense reporting  app that he didn’t download on his first day. Supporting Data and/or Stories: Transition: Now let’s take a look at the IT perspective – obviously Mark is happy he didn’t have to drag his big heavy laptop on his business trip.

11 Citrix Receiver Follow-me apps and data Auto provisioned apps
Self Service Application Request VPN-less Remote Access Single Sign on in base Receiver One-click configuration Coherent UI & UX Citrix Receiver provides a unified workspace with all of a user’s apps and data Once apps are selected on one of the user’s devices, those apps will be available on all of the user’s devices. Users get single-click (single sign-on) access to any app – Intranet, Web, SaaS and Windows® – with no additional passwords once they’ve logged into User data is available from any device.

12 CloudGateway Application Administration
Web, SaaS, and Mobile

13 The CloudGateway Way Application Stores Application Stores StoreFront
StoreFront Services Server extends the store concept to include app subscription AppController is just another application store like XenDesktop and XenApp Application Stores StoreFront Server AppController DS Protocol HTTP(S) Application Stores XenDesktop Web Interface (the old way) PNAgent XenApp With CloudGateway – the configured SaaS and Web applications get “published” to the new StoreFront Services layer – so that these apps are readily available on the user’s desktop – either via the Citrix Receiver or the Web Interface. Unlike the published Windows apps however, these SaaS and Web apps are still launched from within the user’s browsers – except that the sign-on experience becomes entirely seamless. Going beyond automatically making the apps become available from the user’s desktops – users can also request access for additional applications which invokes configurable workflows and user approvals.

14 Federated Single Sign-on
Active Directory AppController Web/SaaS Administration Define Roles Roles map to AD groups Extracts “memberof” attribute Configure Applications Connectors for federated access or user accounts Long list of built-in connectors Wizards for custom federated access MAP Web / SaaS Mappings specifically AD groups to online identities Create new online identities without giving end-users physical credentials

15 Role-based User Account Management
Standard enterprise provisioning systems create user accounts on AD AppC supports programmatic integration with PeopleSoft, SAP, Oracle HRMS and other systems, in addition to LDAP sync Sync to identify user-group association Create user accounts with associated privileges on external applications If user is disabled on AD, all external accounts can be disabled too Active Directory Workflow and Provisioning Engine Master Employee List Sync AppController

16 Role-based User Account Management

17 Automatic Account Provisioning
Active Directory What privilege on application? Any app specific security rules? Additional approvals required before creating account? Sync Auth Create Users AppController Log Reporting Systems Identity-based provisioning Provision and deliver apps and data based on user and user role Automatically provision new and de-provision terminated users leveraging standard in-house directory management processes. Automated workflows allow quick, easy user account creation and installation, updates and deletion for all apps using existing directories and security mechanisms. Ensure only authorized users have accounts for 3rd-party SaaS apps. Provide single sign-on to SaaS apps so users never have to know their username and passwords Reduce help desk calls thanks to users no longer having to remember passwords AppC synchronizes with AD and automatically picks up new users added to groups Min 15-min Sync interval (configurable) or manual sync Automatic provisioning of apps associated with your role De-provision users as well

18 Automatic Account Provisioning

19 Workflow and Provisioning Engine
Workflow Management User self-service application request All app requests and subscriptions consolidated on the Citrix Receiver Request triggers AppC workflows Approvers get mail notifications – and approve request Application account gets provisioned for user 1 Workflow and Provisioning Engine Approver 2 3 Approver 4 AppController Approver Optional Approvers / Sequential Approvals / Hierarchal / Escalation Manual Provisioning if connector doesn’t exist Scheduled de-provisioning

20 Workflow Management

21 Scenario-based controls
Define access and use policies based on employee’s role, device, location and connectivity Define comprehensive access and control policies that use endpoint analysis to determine which apps to deliver and what levels of access should be provided. Set mobile application use policies based on device characteristics, such as if a device is jailbroken, if the device is on a Wi-Fi network or if a user has incorrectly entered a password a pre-configured number of times. Simple and secure desktop and application access from anywhere via client-less Access Gateway

22 Mobile Application Management
App Wrapping and containerization

23 Citrix Mobile App Management
Full support for both personal and corporate usage (BYOD) Corporate apps and data secure even on employee-owned devices New consumer-driven devices supported immediately No risk of corporate data loss or compliance exceptions when: Device is lost or stolen or employee leaves organization Collaboration / file sharing apps used on the device Governance is built-in Policies can be updated on hundreds of apps with no requirement to change source code No requirement for developers to change the way they develop apps or learn mobile security standards

24 Mobile App Management Storefront Services Receiver Access Gateway
AppController

25 Native Mobile Apps Management
App secured by policy Local storage encrypted Network access secured User auth required Allow local storage Offline access allowed Restrict doc sharing Restrict APIs Control network ipa or .apk file with standard libraries Receiver app data containers vpn 3rd party apps in-house apps gateway services StoreFront Policy Engine MAM server CloudGateway

26 App Preparation Process
Secure app with App Preparation Tool App available as a secure, managed app Upload app to CloudGateway Download via Citrix Receiver App is visible on iOS “home screen” QuickOffice Enterprise QuickOffice Enterprise QuickOffice.ipa QuickOffice

27 ShareFile & Follow-Me-Data

28 The IT Balancing Act Standardization Consumerization Features for IT
Encryption Granular permissions Remote wipe AD integration Audit trail / reporting Configurability Features for end users Mobile tools Single sign on File sync Easy to use Outlook plug-in

29 Citrix CloudGateway & ShareFile
Advanced Authentication & Provisioning XenApp Integration Data protection – Encrypt, Lock & Wipe Policy-based Control Offline Access and 2 way Synchronization Single Sign On AD / Role based provisioning Now that we have discussed the end-user interface via Receiver, let’s switch gears to talk about the administrative interface and enterprise controls that you can exercise via CG. There 3 key areas that CG addresses First is around authentication and user provisioning Second, is enabling SSO between your Windows apps and Data cloud - so that users can launch use XA hosted Windows based apps like Word to open docs form the ShareFile cloud And the last piece, which is something we are building as part of the next rev of CloudGateway – not the one slated for July this year – are policies around document access across multiple dimensions -

30 “Follow-Me Data” Local | Cloud Datacenter

31 Receiver with Follow-me Data
Unified UX Any Data Cloud Personal On-premise Centralized Control share | collaborate | sync | backup | encrypt | remote wipe | policy

32 Follow-me apps + data: XenApp Integration
Open in XA Rich Content editing experience High performance (no client-drive mapping)

33 Access Gateway

34 What is Access Gateway? Citrix Access Gateway™ is the only secure application and desktop access solution that provides administrators with application-level control while empowering users with access from anywhere. Secure Single Sign-on to StoreFront Services Ticket-based Connection Authorization VPN-less Remote Access from Any Device Endpoint Analysis & SmartAccess Citrix Access Gateway is an SSL VPN designed specifically to securely deliver Applications and Virtual Desktops. Regardless of the type of application and how it is implemented within the datacenter, Access Gateway provides a secure single point of access that makes it easy for users to gain access to applications and data and easy for administrators to deploy the necessary security to protect sensitive data. Granular application-level policies can be set using SmartAccess technology and Access Gateway provides the highest levels of performance and scalability in the industry – our enterprise-class appliances can support up to 10,000 concurrent users per appliance.

35 Introducing Access Gateway
Access Gateway and StoreFront Services verify the existence of each other to ensure credentials are passed from a trusted source Connections are authorized using a secure single-use ticket. This prevents man-in-the-middle as well as replay attacks Allows users to securely access desktops and applications using any device in any Application, including home computers and mobile devices Endpoint analysis and session policy controls allow for server-side filtering of resource lists are passed from a trusted source Allows users to access network resources using a traditional SSL VPN with strict authorization policies and split tunneling controls Enables secure remote access to critical web applications from users’ browsers without requiring additional client components Trusted Single Sign-on SmartAccess Secure Ticketing Network Access Anywhere Access VPN-less Access

36 Presentation Title Goes Here
Insert Version Number Here What Is SmartAccess? Single logon experience to Web Interface Secure Application and Desktop Virtualization Delivery applications and desktops based on trust Dynamically filter Virtual Channels based on endpoint conditions Automatically deploy client components with Citrix Receiver EPA plug-in collects evidence on the user’s workstation. The evidence is sent to AG and consumed in SmartAccess policies (better known as Session policies). These determine which resources the user will have access to and how they can interact with it. However, they are also sent to SFS during SSO. They are specifically sent as the session policy name and the originating vserver name during the SFS callback. SFS sends the policy information along with the user’s credentials to the XenApp ZDC / XenDesktop DDC when it requests the list of applications available for that user. The list of applications returned is filtered based on the policies sent. When the user launches an app the same basic process takes place, the session policies associated with that user are sent to XenApp and applied to the farm polices as “Access Control Filters”. Therefore the virtual channels such as printing and drive mapping are controlled at the server. When the ICA connection is established, it is strictly controlled by server-side policies. © 2003 Citrix Systems, Inc.—All rights reserved. 36

37 Secure Ticketing XenDesktop AppController XenApp Access Gateway
SFS sends XenApp info to STA and receives ticket Policy Inspection User clicks an app AppController Browser invokes ICA plug-in and sends ticket info to AG SFS sends ICA file with STA ticket and AG info to client AG validates ticket info and sets up ICA tunnel XenApp Access Gateway StoreFront Services Receiver 1) User clicks on an application icon which sends an HTTPS request to Web Interface via Access Gateway for the selected application, Web Interface sends the request to the XenApp ZDC via the XML Relay which responds with the server and port of the least loaded XenApp server in the farm 2) Web Interface sends the servername and port information to the Secure Ticketing Authority and receives a one time use ticket in return. 3) Web Interface then builds the ICA file with the STA ticket in place of the servername and the FQDN of Access Gateway. This file gets sent to the browser in response to the request in step 9. 4) The ICA file has a MIME type of application/x-ica, so when the browser receives it, it sends it to the ICA client via content redirection. 5) The ICA client sees the STA ticket and the gateway information and sends an HTTPS request to the Gateway to validate the ticket (this must happen within 100 seconds by default). 6) Access Gateway sends the STA ticket to the same STA that generated the ticket to validate it. If it is still valid, it returns the servername / port of the XenApp server. 7) The Access Gateway notifies the ICA Client that the ticket is valid and negotiates a secure SOCKS or CGP tunnel between the ICA Client and AG. The ICA client establishes an ICA connection through the tunnel to the XenApp server and the XenApp server begins sending ICA packets to the ICA Client.

38 How Does SmartAccess Work?
XenDesktop 1. EPA Scans Collect Evidence EPA Result AppController XenApp Access Gateway StoreFront Services Receiver EPA plug-in collects evidence on the user’s workstation. The evidence is sent to AG and consumed in SmartAccess policies (better known as Session policies). These determine which resources the user will have access to and how they can interact with it. However, they are also sent to SFS during SSO. They are specifically sent as the session policy name and the originating vserver name during the SFS callback. SFS sends the policy information along with the user’s credentials to the XenApp ZDC / XenDesktop DDC when it requests the list of applications available for that user. The list of applications returned is filtered based on the policies sent. When the user launches an app the same basic process takes place, the session policies associated with that user are sent to XenApp and applied to the farm polices as “Access Control Filters”. Therefore the virtual channels such as printing and drive mapping are controlled at the server. When the ICA connection is established, it is strictly controlled by server-side policies.

39 How Does SmartAccess Work?
XenDesktop 2. Evidence Evaluated by AG Policies Policy AppController XenApp Access Gateway StoreFront Services Receiver EPA plug-in collects evidence on the user’s workstation. The evidence is sent to AG and consumed in SmartAccess policies (better known as Session policies). These determine which resources the user will have access to and how they can interact with it. However, they are also sent to SFS during SSO. They are specifically sent as the session policy name and the originating vserver name during the SFS callback. SFS sends the policy information along with the user’s credentials to the XenApp ZDC / XenDesktop DDC when it requests the list of applications available for that user. The list of applications returned is filtered based on the policies sent. When the user launches an app the same basic process takes place, the session policies associated with that user are sent to XenApp and applied to the farm polices as “Access Control Filters”. Therefore the virtual channels such as printing and drive mapping are controlled at the server. When the ICA connection is established, it is strictly controlled by server-side policies.

40 How Does SmartAccess Work?
XenDesktop 3. AG Policies Used in XenApp or XenDesktop Policies AppController XenApp Policy App List Access Gateway StoreFront Services Receiver EPA plug-in collects evidence on the user’s workstation. The evidence is sent to AG and consumed in SmartAccess policies (better known as Session policies). These determine which resources the user will have access to and how they can interact with it. However, they are also sent to SFS during SSO. They are specifically sent as the session policy name and the originating vserver name during the SFS callback. SFS sends the policy information along with the user’s credentials to the XenApp ZDC / XenDesktop DDC when it requests the list of applications available for that user. The list of applications returned is filtered based on the policies sent. When the user launches an app the same basic process takes place, the session policies associated with that user are sent to XenApp and applied to the farm polices as “Access Control Filters”. Therefore the virtual channels such as printing and drive mapping are controlled at the server. When the ICA connection is established, it is strictly controlled by server-side policies.

41 How Does SmartAccess Work?
XenDesktop 4. List of Apps & Desktops Dynamically Generated App List AppController XenApp Access Gateway StoreFront Services Receiver EPA plug-in collects evidence on the user’s workstation. The evidence is sent to AG and consumed in SmartAccess policies (better known as Session policies). These determine which resources the user will have access to and how they can interact with it. However, they are also sent to SFS during SSO. They are specifically sent as the session policy name and the originating vserver name during the SFS callback. SFS sends the policy information along with the user’s credentials to the XenApp ZDC / XenDesktop DDC when it requests the list of applications available for that user. The list of applications returned is filtered based on the policies sent. When the user launches an app the same basic process takes place, the session policies associated with that user are sent to XenApp and applied to the farm polices as “Access Control Filters”. Therefore the virtual channels such as printing and drive mapping are controlled at the server. When the ICA connection is established, it is strictly controlled by server-side policies.

42 How Does SmartAccess Work?
XenDesktop 5. Secure ICA Session Established with Filtered Virtual Channels SSL SSL SSL SSL AppController XenApp Access Gateway StoreFront Services Receiver EPA plug-in collects evidence on the user’s workstation. The evidence is sent to AG and consumed in SmartAccess policies (better known as Session policies). These determine which resources the user will have access to and how they can interact with it. However, they are also sent to SFS during SSO. They are specifically sent as the session policy name and the originating vserver name during the SFS callback. SFS sends the policy information along with the user’s credentials to the XenApp ZDC / XenDesktop DDC when it requests the list of applications available for that user. The list of applications returned is filtered based on the policies sent. When the user launches an app the same basic process takes place, the session policies associated with that user are sent to XenApp and applied to the farm polices as “Access Control Filters”. Therefore the virtual channels such as printing and drive mapping are controlled at the server. When the ICA connection is established, it is strictly controlled by server-side policies.

43 SmartAccess Device Validation
Anti-virus updated? Malware Present? XenDesktop Request Resource Send Results Pass / Fail Initiate Scan Connect Grant Access (PASS) AppController Firewall active? Device Identiy Check? XenApp Access Gateway StoreFront Services Receiver

44 SmartAccess – Corporate Laptop
XenDesktop Policy Inspection Request Resource Policy Result MS Word Financial App SAP Win7 Desktop MS Word Financial App SAP Win7 Desktop AppController XenApp Access Gateway StoreFront Services Receiver

45 SmartAccess – Public Kiosk
XenDesktop Policy Inspection Request Resource Policy Result MS Word SAP MS Word SAP AppController XenApp Access Gateway StoreFront Services Receiver

46 VPN-less Remote Access
XenDesktop Policy Inspection Request Resource Request Resource SSL SSL 00 AppController SSL SSL SSL Secure Connection to requested resource only XenApp Access Gateway StoreFront Services Receiver

47 StoreFront Services

48 StoreFront Services Search to quickly find, subscribe to, or launch apps, documents or services Role based “Follow-me” Subscriptions for applications and data Request applications Single authentication Integrated with Citrix Online “GoTo” Products Apps can be: Hosted Streamed (App-V or Citrix) Web (SaaS) Enterprise app store. The market-leading CloudGateway enterprise app store gives users the mobility and flexibility they crave. IT can securely advertise and deliver apps and data based on an employee’s role, location and connectivity to any device. Users can access all of their data, self-select their mobile, Intranet, Web, SaaS and Windows® apps from the administrator-provided list of approved applications and request access to apps not currently approved for their use. StoreFront detects the connecting device and automatically presents a link to download the device-specific native Receiver. Delivers a secure, consistent app store that presents users all their authorized apps – mobile, SaaS, intranet, web and Windows – and data on any device. Users have the flexibility to self-select their desired apps from the administrator-provided list Aggregate and control all apps – mobile, Intranet, Web, SaaS and Windows® – using the same infrastructure for a holistic application delivery system Users can request access to applications not currently approved for their use App wrapping capabilities support any .ipa or .apk (iOS and Google, respectively) app to be wrapped and imported to CloudGateway with no additional development needed

49 Enterprise-ready Storefront Infrastructure
Credential Wallet Replicated Centralized administration Leverages SQL Server Easy to scale out StoreFront StoreFront Central Subscription Database SQL

50 Auth System – with Access Gateway
AG Storefront Services Auth Service Detects call is via AG Includes information in call context 5 - Present auth token 6 - Returning Store information & list of Apps 1 - EPA & Auth 3 - Give me a token for Store 4 - Here is a Token for Store 2 - Authentication User Directory Foundation for “always on” SmartAccess claims-based approach covers “who you are”, “where you are”, “what device you’re using” etc input into policy decisions regarding access rights Foundation for Cloud Gateway, BYOID link external BYO identities to corporate identities (AD or lightweight non-AD accounts) authenticate/federate in to corporate identity, apply access policies, federate out to SaaS etc Foundation for mixed on-premise and cloud hosting corporate authentication and access policies kept on premise cloud hosted apps trust corporate auth / policy hub

51 Provisioning Files eastgw.citrix.com westgw.citrix.com
emeagw.citrix.com Part of the intelligence of the system is that Storefront creates a ‘service record’ or provisioning file that lists the address of the store but crucially also lists information about Access Gateway routes to reach the store when the client is remote. To help Receiver determine if it is remote, the provisioning file must also define internal and external beacons, which are highly available reference points for the corporate network and Internet respectively. Receiver uses this reference points to triangulate its position. Multiple gateways can be listed to allow for geographic access points if desired.

52 Roaming eastgw.citrix.com emeagw.citrix.com westgw.citrix.com Illustration of how Receiver uses beacons to recognize when it has roamed between internal and external locations, and automatically use the appropriate route to reach the store. When there is a choice of gateway, Receiver does not attempt to choose the ‘best’ route (as that may depend on many factors). The user can manually change which gateway is used through a Receiver preference.

53 Recommended Deployment
Scale-out cluster with web LB Access Gateway Storefront Services Site 1 HA Pair or scale-out cluster Site 2 Most important diagram – Storefront Services is intended to be a single (logical) aggregation point that serves all users regardless of which device they are using and whether they are local or remote. The system has intelligence to determine and understand the context for each request and act accordingly. For instance, remote requests coming through AG will then launch ICA connections through AG automatically.

54 Hands on lab overview Configure AppController Configure StoreFront
Configure AG Policies Enduser setup and experience Enduser experience

55 Architectural Topology
Private Cloud Services Architectural Topology Virtual desktops and apps Web Apps Mobile Apps Citrix CloudGateway StoreFront Subscribe Request Access Launch Access Gateway AppController SaaS Apps Firewall Identify Secure Optimize Aggregate Control Monitor Public Cloud Services Firewall

56 AppController Identify Secure Optimize Aggregate Control Monitor
Private Cloud Services AppController Virtual desktops and apps Web Apps Mobile Apps Citrix CloudGateway StoreFront Subscribe Request Access Launch Access Gateway AppController SaaS Apps Firewall Identify Secure Optimize Aggregate Control Monitor Public Cloud Services Firewall

57 StoreFront Identify Secure Optimize Aggregate Control Monitor
Private Cloud Services StoreFront Virtual desktops and apps Web Apps Mobile Apps Citrix CloudGateway StoreFront Subscribe Request Access Launch Access Gateway AppController SaaS Apps Firewall Identify Secure Optimize Aggregate Control Monitor Public Cloud Services Firewall

58 AccessGateway Identify Secure Optimize Aggregate Control Monitor
Private Cloud Services AccessGateway Virtual desktops and apps Web Apps Mobile Apps Citrix CloudGateway StoreFront Subscribe Request Access Launch Access Gateway AppController SaaS Apps Firewall Identify Secure Optimize Aggregate Control Monitor Public Cloud Services Firewall

59 User experience Identify Secure Optimize Aggregate Control Monitor
Private Cloud Services User experience Virtual desktops and apps Web Apps Mobile Apps Citrix CloudGateway StoreFront Subscribe Request Access Launch Access Gateway AppController SaaS Apps Firewall Identify Secure Optimize Aggregate Control Monitor Public Cloud Services Firewall

60 Launch your browser and type
Lab Environment Login Launch your browser and type Your session code is: “ANZ20-CGENT-SEP20” Session code: Each day you will have to update this with the new session code that will be provided to the instructors. Note: Place this at the end of you presentation.

61 From VCDC to onsite PoC Provision VCDC environment (Allow 24h for completion) Receive automated with instructions fro VCDC Usernames and Passwords Links to all documentation needed for VCDC Demo solution to customer using step by step Demo Guides Leave instruction for VCDC with customer for them to test and play with CloudGateway for 7 days Schedule onsite PoC CloudGateway Enterprise Pre-requisite check list CloudGateway Enterprise short Tech Deck

62 Documentation CloudGateway Enterprise Pre-requisite check list
CloudGateway Enterprise short Tech Deck How to configure FMD with SAML Configuration Guide Step by step guide how to wrap mobile applications for distribution from the AppController VCDC Demo guide VCDC Admin Guide

63

Download ppt "Citrix CloudGateway™ Technical Overview Sept, 2012."

Similar presentations

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
 What Is Desktop Virtualization?  How Does Application Virtualization Help?  How does V3 Systems help?  Getting Started AGENDA.

 What Is Desktop Virtualization?  How Does Application Virtualization Help?  How does V3 Systems help?  Getting Started AGENDA.
<presentation month/year>

<presentation month/year>
1.How many X86 servers do you have? Are you running any HP equipment in your data center? 2.What mission critical applications are you running on these.

1.How many X86 servers do you have? Are you running any HP equipment in your data center? 2.What mission critical applications are you running on these.
1 © Copyright 2013 EMC Corporation. All rights reserved. Online File Synchronization and Sharing for the Enterprise.

1 © Copyright 2013 EMC Corporation. All rights reserved. Online File Synchronization and Sharing for the Enterprise.
Citrix ShareFile Kevin Bland Channel Sales Director – UK, Ireland, South Africa.

Citrix ShareFile Kevin Bland Channel Sales Director – UK, Ireland, South Africa.
Confidential FullArmor Corp. 2015 Platform for SaaS and mobile apps to remotely access, migrate, and sync Active Directory resources with the cloud ADanywhere.

Confidential FullArmor Corp Platform for SaaS and mobile apps to remotely access, migrate, and sync Active Directory resources with the cloud ADanywhere.
MobileFirst Protect 1. MobileFirst Protect (MaaS360) 2 Mobile Device Management Enable and Manage Apple iOS smartphones, and tablets with Apple DEP Gain.

MobileFirst Protect 1. MobileFirst Protect (MaaS360) 2 Mobile Device Management Enable and Manage Apple iOS smartphones, and tablets with Apple DEP Gain.
ShareFile Enterprise. © 2012 Citrix | Confidential – Do Not Distribute Consumerization of IT My Workspace My Device(s) My Apps ?My Data.

ShareFile Enterprise. © 2012 Citrix | Confidential – Do Not Distribute Consumerization of IT My Workspace My Device(s) My Apps ?My Data.
Mobility Methods for document access while away from the office.

Mobility Methods for document access while away from the office.
Winter 2005-2006 Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.

Winter Consolidated Server Deployment Guide for Hosted Messaging and Collaboration version 3.5 Philippe Maurent Principal Consultant Microsoft.
Microsoft Identity and Access Solutions Market Trends and Futures

Microsoft Identity and Access Solutions Market Trends and Futures
General Presentation August 2013 1. Based out of the Netherlands 8 years of development Launched in May Sales offices in Los Angeles, Amsterdam, Hong.

General Presentation August Based out of the Netherlands 8 years of development Launched in May Sales offices in Los Angeles, Amsterdam, Hong.
Virtual techdays INDIA │ 18-20 august 2010 Secure Collaboration: All You Need to Know about Extending Active Directory Rights Management Services (AD RMS)

Virtual techdays INDIA │ august 2010 Secure Collaboration: All You Need to Know about Extending Active Directory Rights Management Services (AD RMS)
Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.

Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.
Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.

Mobility Without Vulnerability: Secure and Enable Your Mobile Users, Apps, and Devices David Clapp – Intuitive.
Managing Client Access

Managing Client Access
Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.

Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN
Your storage on the ground; Your files in the cloud.

Your storage on the ground; Your files in the cloud.

Similar presentations

Ads by Google