SlideShare a Scribd company logo

Citrix with Microsoft EMS

Download as PPTX, PDF
Marius Sandbu
Marius Sandbu

Citrix with Microsoft EMS, Intune, EMS, Azure with Citrix

Technology
1 of 17
© 2017 Citrix User Group Community Citrix and Microsoft Azure with a hint of mostly Intune EMS
© 2017 Citrix User Group Community About Marius • Cloud Tech lead @ EVRY from the land of the Vikings • Working with mostly DevOps, AWS, Google and Azure • Board member of MYCUGC SIG and Citrix User Group • Blogging and free stuff at msandbu.org
© 2017 Citrix User Group Community So what is this session about?
© 2017 Citrix User Group Community Microsoft EMS with Citrix • Moving away from other endpoints to Windows 10 • Move clients out of infrastructure • More web based applications and adopting higher level of security • Still dependant on Windows applications with Citrix • Moving towards Microsoft Azure • Anytime & Anywhere & Easy Enrollment
© 2017 Citrix User Group Community Architecture and Products Azure Subscription • Log analytics • Citrix OMS modules Microsoft EMS E5 • Azure AD Premium • Azure MFA • Intune • Windows Defender ATP • Cloud App Security Citrix XenDesktop and XenApp • Citrix FAS A Couple of NetScaler’s • NetScaler Unified Gateway NPS with MFA Storefront Citrix FAS Server NetScaler Windows PKI Citrix DDC Citrix VDA Conditional Access Intune Log AnalyticsMFA Citrix User
© 2017 Citrix User Group Community The Magic! Intune  Deploys Citrix Reciever and VPN Client  Deploys VPN Profile for Citrix  Deploys Certificate using SCEP  Conditional Access Policies Azure AD  Handles authentication to Citrix using SAML  Handles MFA as part of Conditional Access NetScaler  Handles SAML Authentication for Unified Gateway  Gateway for end-users
© 2017 Citrix User Group Community Requirements for SSO  Setup AD Certificate Services & Citrix FAS  Configure FAS Server and Group Policy  Configure Storefront with FAS authentication  Add Azure AD Application for Citrix SAML  Setup SAML Authentication rule NetScaler  Assign Application for end-users in Azure AD  Point users to NetScaler Gateway or MyApps
© 2017 Citrix User Group Community Azure AD Application Configuration • Configure Enterprise Application with SAML signup Identifier Entity: Unique name Reply URL: NetScaler Gateway FQDN /cgi/samlauth User Identifier: user.userprincipalname • Publish Application • Add Users & Group to access application - Applications published here allow for native SSO to endusers enrolled with Azure AD Join - NB: Troubleshoot using dsregcmd /status or looking Event Viewer Applications & Services  Microsoft  AAD
© 2017 Citrix User Group Community Storefront and DDC configuration • Configure Storefront Store to allow FAS Authentication PowerShell on Storefront Server & "$Env:PROGRAMFILESCitrixReceiver StoreFrontScriptsImportModules.ps1» $StoreVirtualPath = "/Citrix/Store" $store = Get-STFStoreService -VirtualPath $StoreVirtualPath $auth = Get-STFAuthenticationService -StoreService $store Set- STFClaimsFactoryNames -AuthenticationService $auth -ClaimsFactoryName "FASClaimsFactory" Set-STFStoreLaunchOptions -StoreService $store - VdaLogonDataProvider "FASLogonDataProvider« PowerShell on Desktop Delivery Controller asnp citrix.* Set-BrokerSite -TrustRequestsSentToTheXmlServicePort $true NB: Ensure that Callback is configured and Optimize Storefront to handle reconnects http://msandbu.org/citrix-fas-with-azure-ad-and-error-404-not-found/
© 2017 Citrix User Group Community NetScaler configuration • Configure SAML authentication for NetScaler Gateway idP Certificate: From Azure AD Redirect URL: Redirect to Azure AD Single Logout URL: Redirect to Azure AD User Field: userprincipalname Issuer Name: an unique identifier SAML Binding: POST Signature and Digest: SHA 256 • Bind to NetScaler Gateway as Basic Authentication • No need for specific NetScaler licenses
© 2017 Citrix User Group Community Intune configuration • Deploying Citrix Reciver and NetScaler Gateway VPN client NB: Some limitations to software deployments Either MSI based innstallation or PowerShell Scripts PowerShell scripts run every 30 minutes on endpoint Thanks you! Aaron Parker  https://github.com/aaronparker/Intune/ • Intune deployment of Citrix VPN Profiles Can be defined for Windows 10, iOS and Android Authentication Method either User/Pass or Certificate based Windows requires NetScaler 12.0.56.x
© 2017 Citrix User Group Community Azure AD Conditional Access • Configure access to applications based upon different conditions • Sign-in Risk • Device Platforms • Locations • Client Apps • Device State • Device compliance from WDATP • User risk from Azure AD • Assign Policy to User or Group and enable
© 2017 Citrix User Group Community Security architecture Azure Active Directory Identity Protection • Automated security enforcement of Azure AD based users based upon risk Windows Defender ATP • Automation security remiditation of Endpoints based upon suspicious behaviour Azure ATP • Monitoring of attacks or suspicious activities against Active Directory Cloud App Security • Cloud Access Security Broker to handle access and security policies across SaaS
© 2017 Citrix User Group Community Monitoring components • Using Log Analytics to collect and aggregate on certain events • Using Syslog Collector to get NetScaler logs • Using Custom logs to get Citrix logs from Servers • Performance Counters from Session Hosts • Using OMS Citrix modules • Using Windows 10 Telemetry • For Azure IaaS with Azure Security Center • Forward Alerts to ITSM or using WebHooks
© 2017 Citrix User Group Community So how does it look like?
© 2017 Citrix User Group Community Other deployment options • Using Azure MFA with native Active Directory and NetScaler  Only if using local Active Directory as authentication source  Using NPS Server with MFA Extension to act as Radius Server • Using OAuth and Intune integration in NetScaler to act as a Network Access Control policy  Only if using VPN Connection and to get Device Compliance using Azure AD Graph API  Requires Enterprise NetScaler license • Using Storefront with SAML Authentication against Azure AD and Native Reciever  Allow use of Conditional Access Policies and MFA for even internal access
© 2017 Citrix User Group Community Some final things to consider  Citrix + Azure AD integration easier with NetScaler 12.1  Citrix Analytics vs Conditional Access with Graph API  Conditional Access MFA < Global MFA rules  NAC agents for NetScaler supported on iOS, Android and Windows  Citrix Cloud Gateway Service native support for Azure AD with MFA  OMS Packages from Citrix or consider http://loganalytics.sepago.com/

Recommended

State of the EUC - 2020 What's new in End-User Computing
State of the EUC - 2020 What's new in End-User ComputingState of the EUC - 2020 What's new in End-User Computing
State of the EUC - 2020 What's new in End-User ComputingMarius Sandbu
 
Migrate to WVD and Beyond
Migrate to WVD and BeyondMigrate to WVD and Beyond
Migrate to WVD and BeyondMarius Sandbu
 
State of the EUC - 2020 What's new in End-User Computing
State of the EUC - 2020 What's new in End-User ComputingState of the EUC - 2020 What's new in End-User Computing
State of the EUC - 2020 What's new in End-User ComputingMarius Sandbu
 
Delivering and optimizing citrix from microsoft azure
Delivering and optimizing citrix from microsoft azure Delivering and optimizing citrix from microsoft azure
Delivering and optimizing citrix from microsoft azure Marius Sandbu
 
Citrix Cloud XL - Running Ctirix in Public Cloud
Citrix Cloud XL - Running Ctirix in Public CloudCitrix Cloud XL - Running Ctirix in Public Cloud
Citrix Cloud XL - Running Ctirix in Public CloudMarius Sandbu
 
Netscaler and system center
Netscaler and system centerNetscaler and system center
Netscaler and system centerMarius Sandbu
 
Azure with citrix by bipeen sinha
Azure with citrix by bipeen sinhaAzure with citrix by bipeen sinha
Azure with citrix by bipeen sinhaBipeen Sinha
 
Application layering vs Application Isolation
Application layering vs Application IsolationApplication layering vs Application Isolation
Application layering vs Application IsolationMarius Sandbu
 

Recommended

State of the EUC - 2020 What's new in End-User Computing
State of the EUC - 2020 What's new in End-User ComputingState of the EUC - 2020 What's new in End-User Computing
State of the EUC - 2020 What's new in End-User ComputingMarius Sandbu
 
Migrate to WVD and Beyond
Migrate to WVD and BeyondMigrate to WVD and Beyond
Migrate to WVD and BeyondMarius Sandbu
 
State of the EUC - 2020 What's new in End-User Computing
State of the EUC - 2020 What's new in End-User ComputingState of the EUC - 2020 What's new in End-User Computing
State of the EUC - 2020 What's new in End-User ComputingMarius Sandbu
 
Delivering and optimizing citrix from microsoft azure
Delivering and optimizing citrix from microsoft azure Delivering and optimizing citrix from microsoft azure
Delivering and optimizing citrix from microsoft azure Marius Sandbu
 
Citrix Cloud XL - Running Ctirix in Public Cloud
Citrix Cloud XL - Running Ctirix in Public CloudCitrix Cloud XL - Running Ctirix in Public Cloud
Citrix Cloud XL - Running Ctirix in Public CloudMarius Sandbu
 
Netscaler and system center
Netscaler and system centerNetscaler and system center
Netscaler and system centerMarius Sandbu
 
Azure with citrix by bipeen sinha
Azure with citrix by bipeen sinhaAzure with citrix by bipeen sinha
Azure with citrix by bipeen sinhaBipeen Sinha
 
Application layering vs Application Isolation
Application layering vs Application IsolationApplication layering vs Application Isolation
Application layering vs Application IsolationMarius Sandbu
 
Citrix on Azure
Citrix on AzureCitrix on Azure
Citrix on AzureMustafa
 
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!ITCamp
 
Microsoft azure pack overview
Microsoft azure pack overviewMicrosoft azure pack overview
Microsoft azure pack overviewAlexandre Verkinderen
 
Digitally Transform (And Keep) Your On-Premises File Servers
Digitally Transform (And Keep) Your On-Premises File ServersDigitally Transform (And Keep) Your On-Premises File Servers
Digitally Transform (And Keep) Your On-Premises File ServersAidan Finn
 
04 Azure IAAS 101
04 Azure IAAS 10104 Azure IAAS 101
04 Azure IAAS 101Herman Keijzer
 
IaaS vs. PaaS: Windows Azure Compute Solutions
IaaS vs. PaaS: Windows Azure Compute SolutionsIaaS vs. PaaS: Windows Azure Compute Solutions
IaaS vs. PaaS: Windows Azure Compute SolutionsIdo Flatow
 
Microsoft Azure
Microsoft AzureMicrosoft Azure
Microsoft AzureNovosco
 
Ingram Micro IaaS Playbook
Ingram Micro IaaS PlaybookIngram Micro IaaS Playbook
Ingram Micro IaaS PlaybookStephanie Sorrentino
 
Scu2016 Azure Best practices
Scu2016 Azure Best practicesScu2016 Azure Best practices
Scu2016 Azure Best practicesAlexandre Verkinderen
 
Cnam cours azure zecloud mobile services
Cnam cours azure zecloud mobile servicesCnam cours azure zecloud mobile services
Cnam cours azure zecloud mobile servicesAymeric Weinbach
 
Microsoft azure - the cloud for modern business
Microsoft azure - the cloud for modern businessMicrosoft azure - the cloud for modern business
Microsoft azure - the cloud for modern businessVinh Nguyen Quang
 
Azure Stack - Azure Nights User Group
Azure Stack - Azure Nights User GroupAzure Stack - Azure Nights User Group
Azure Stack - Azure Nights User GroupMichael Frank
 
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...DynamicInfraDays
 
70 533 - Module 01 - Introduction to Azure
70 533 - Module 01 - Introduction to Azure70 533 - Module 01 - Introduction to Azure
70 533 - Module 01 - Introduction to AzureGeorges-Emmanuel TOPE
 
Introduzione al cloud computing e microsoft azure
Introduzione al cloud computing e microsoft azureIntroduzione al cloud computing e microsoft azure
Introduzione al cloud computing e microsoft azureAngelo Gino Varrati
 
Comparing Cloud-Based Infrastructure Services
Comparing Cloud-Based Infrastructure ServicesComparing Cloud-Based Infrastructure Services
Comparing Cloud-Based Infrastructure ServicesCDW
 
E2EVC Copenhagen What’s New With Microsoft Virtualization
E2EVC Copenhagen What’s New With Microsoft VirtualizationE2EVC Copenhagen What’s New With Microsoft Virtualization
E2EVC Copenhagen What’s New With Microsoft VirtualizationAidan Finn
 
Digital transformation with Azure & Azure Stack
Digital transformation with Azure & Azure StackDigital transformation with Azure & Azure Stack
Digital transformation with Azure & Azure StackAymen Mami
 
Azure News Slides for October2017 - Azure Nights User Group
Azure News Slides for October2017 - Azure Nights User GroupAzure News Slides for October2017 - Azure Nights User Group
Azure News Slides for October2017 - Azure Nights User GroupMichael Frank
 
Azure Stack Fundamentals
Azure Stack FundamentalsAzure Stack Fundamentals
Azure Stack FundamentalsCenk Ersoy
 
Citrix solutions - How on earth, as in heaven
Citrix solutions - How on earth, as in heavenCitrix solutions - How on earth, as in heaven
Citrix solutions - How on earth, as in heavenMarketingArrowECS_CZ
 
Citirx Day 2013: Citrix Enterprise Mobility
Citirx Day 2013: Citrix Enterprise MobilityCitirx Day 2013: Citrix Enterprise Mobility
Citirx Day 2013: Citrix Enterprise MobilityDigicomp Academy AG
 

More Related Content

What's hot

Citrix on Azure
Citrix on AzureCitrix on Azure
Citrix on AzureMustafa
 
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!ITCamp
 
Digitally Transform (And Keep) Your On-Premises File Servers
Digitally Transform (And Keep) Your On-Premises File ServersDigitally Transform (And Keep) Your On-Premises File Servers
Digitally Transform (And Keep) Your On-Premises File ServersAidan Finn
 
IaaS vs. PaaS: Windows Azure Compute Solutions
IaaS vs. PaaS: Windows Azure Compute SolutionsIaaS vs. PaaS: Windows Azure Compute Solutions
IaaS vs. PaaS: Windows Azure Compute SolutionsIdo Flatow
 
Microsoft Azure
Microsoft AzureMicrosoft Azure
Microsoft AzureNovosco
 
Cnam cours azure zecloud mobile services
Cnam cours azure zecloud mobile servicesCnam cours azure zecloud mobile services
Cnam cours azure zecloud mobile servicesAymeric Weinbach
 
Microsoft azure - the cloud for modern business
Microsoft azure - the cloud for modern businessMicrosoft azure - the cloud for modern business
Microsoft azure - the cloud for modern businessVinh Nguyen Quang
 
Azure Stack - Azure Nights User Group
Azure Stack - Azure Nights User GroupAzure Stack - Azure Nights User Group
Azure Stack - Azure Nights User GroupMichael Frank
 
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...DynamicInfraDays
 
70 533 - Module 01 - Introduction to Azure
70 533 - Module 01 - Introduction to Azure70 533 - Module 01 - Introduction to Azure
70 533 - Module 01 - Introduction to AzureGeorges-Emmanuel TOPE
 
Introduzione al cloud computing e microsoft azure
Introduzione al cloud computing e microsoft azureIntroduzione al cloud computing e microsoft azure
Introduzione al cloud computing e microsoft azureAngelo Gino Varrati
 
Comparing Cloud-Based Infrastructure Services
Comparing Cloud-Based Infrastructure ServicesComparing Cloud-Based Infrastructure Services
Comparing Cloud-Based Infrastructure ServicesCDW
 
E2EVC Copenhagen What’s New With Microsoft Virtualization
E2EVC Copenhagen What’s New With Microsoft VirtualizationE2EVC Copenhagen What’s New With Microsoft Virtualization
E2EVC Copenhagen What’s New With Microsoft VirtualizationAidan Finn
 
Digital transformation with Azure & Azure Stack
Digital transformation with Azure & Azure StackDigital transformation with Azure & Azure Stack
Digital transformation with Azure & Azure StackAymen Mami
 
Azure News Slides for October2017 - Azure Nights User Group
Azure News Slides for October2017 - Azure Nights User GroupAzure News Slides for October2017 - Azure Nights User Group
Azure News Slides for October2017 - Azure Nights User GroupMichael Frank
 
Azure Stack Fundamentals
Azure Stack FundamentalsAzure Stack Fundamentals
Azure Stack FundamentalsCenk Ersoy
 

What's hot (20)

Citrix on Azure
Citrix on AzureCitrix on Azure
Citrix on Azure
 
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
 
Microsoft azure pack overview
Microsoft azure pack overviewMicrosoft azure pack overview
Microsoft azure pack overview
 
Digitally Transform (And Keep) Your On-Premises File Servers
Digitally Transform (And Keep) Your On-Premises File ServersDigitally Transform (And Keep) Your On-Premises File Servers
Digitally Transform (And Keep) Your On-Premises File Servers
 
04 Azure IAAS 101
04 Azure IAAS 10104 Azure IAAS 101
04 Azure IAAS 101
 
IaaS vs. PaaS: Windows Azure Compute Solutions
IaaS vs. PaaS: Windows Azure Compute SolutionsIaaS vs. PaaS: Windows Azure Compute Solutions
IaaS vs. PaaS: Windows Azure Compute Solutions
 
Microsoft Azure
Microsoft AzureMicrosoft Azure
Microsoft Azure
 
Ingram Micro IaaS Playbook
Ingram Micro IaaS PlaybookIngram Micro IaaS Playbook
Ingram Micro IaaS Playbook
 
Scu2016 Azure Best practices
Scu2016 Azure Best practicesScu2016 Azure Best practices
Scu2016 Azure Best practices
 
Cnam cours azure zecloud mobile services
Cnam cours azure zecloud mobile servicesCnam cours azure zecloud mobile services
Cnam cours azure zecloud mobile services
 
Microsoft azure - the cloud for modern business
Microsoft azure - the cloud for modern businessMicrosoft azure - the cloud for modern business
Microsoft azure - the cloud for modern business
 
Azure Stack - Azure Nights User Group
Azure Stack - Azure Nights User GroupAzure Stack - Azure Nights User Group
Azure Stack - Azure Nights User Group
 
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...
ContainerDays NYC 2016: "Containers in Azure: Understanding the Microsoft Con...
 
70 533 - Module 01 - Introduction to Azure
70 533 - Module 01 - Introduction to Azure70 533 - Module 01 - Introduction to Azure
70 533 - Module 01 - Introduction to Azure
 
Introduzione al cloud computing e microsoft azure
Introduzione al cloud computing e microsoft azureIntroduzione al cloud computing e microsoft azure
Introduzione al cloud computing e microsoft azure
 
Comparing Cloud-Based Infrastructure Services
Comparing Cloud-Based Infrastructure ServicesComparing Cloud-Based Infrastructure Services
Comparing Cloud-Based Infrastructure Services
 
E2EVC Copenhagen What’s New With Microsoft Virtualization
E2EVC Copenhagen What’s New With Microsoft VirtualizationE2EVC Copenhagen What’s New With Microsoft Virtualization
E2EVC Copenhagen What’s New With Microsoft Virtualization
 
Digital transformation with Azure & Azure Stack
Digital transformation with Azure & Azure StackDigital transformation with Azure & Azure Stack
Digital transformation with Azure & Azure Stack
 
Azure News Slides for October2017 - Azure Nights User Group
Azure News Slides for October2017 - Azure Nights User GroupAzure News Slides for October2017 - Azure Nights User Group
Azure News Slides for October2017 - Azure Nights User Group
 
Azure Stack Fundamentals
Azure Stack FundamentalsAzure Stack Fundamentals
Azure Stack Fundamentals
 

Similar to Citrix with Microsoft EMS

Citrix solutions - How on earth, as in heaven
Citrix solutions - How on earth, as in heavenCitrix solutions - How on earth, as in heaven
Citrix solutions - How on earth, as in heavenMarketingArrowECS_CZ
 
Citirx Day 2013: Citrix Enterprise Mobility
Citirx Day 2013: Citrix Enterprise MobilityCitirx Day 2013: Citrix Enterprise Mobility
Citirx Day 2013: Citrix Enterprise MobilityDigicomp Academy AG
 
Getting the Most Value from Your Aviatrix Controller & Gateways
Getting the Most Value from Your Aviatrix Controller & GatewaysGetting the Most Value from Your Aviatrix Controller & Gateways
Getting the Most Value from Your Aviatrix Controller & GatewaysKhash Nakhostin
 
TechWiseTV Workshop: Intercloud Fabric
TechWiseTV Workshop: Intercloud FabricTechWiseTV Workshop: Intercloud Fabric
TechWiseTV Workshop: Intercloud FabricRobb Boyd
 
WVD Partner Event 17 feb 2020 - Citrix Slides
WVD Partner Event 17 feb 2020 - Citrix SlidesWVD Partner Event 17 feb 2020 - Citrix Slides
WVD Partner Event 17 feb 2020 - Citrix Slideskiefter
 
Csp hosted-desktop-on-windows-azure-design-guide
Csp hosted-desktop-on-windows-azure-design-guideCsp hosted-desktop-on-windows-azure-design-guide
Csp hosted-desktop-on-windows-azure-design-guideNuno Alves
 
eG Express Cloud for Citrix Workspaces
eG Express Cloud for Citrix WorkspaceseG Express Cloud for Citrix Workspaces
eG Express Cloud for Citrix WorkspaceseG Innovations
 
Citrix xa xd cloud provisioning webinar
Citrix xa xd cloud provisioning webinarCitrix xa xd cloud provisioning webinar
Citrix xa xd cloud provisioning webinarCitrix
 
Building Azure RemoteApp - Microsoft Campus Days 2014
Building Azure RemoteApp - Microsoft Campus Days 2014Building Azure RemoteApp - Microsoft Campus Days 2014
Building Azure RemoteApp - Microsoft Campus Days 2014Morgan Simonsen
 
Citrix Cloud - Architecture Diagrams.pptx
Citrix Cloud - Architecture Diagrams.pptxCitrix Cloud - Architecture Diagrams.pptx
Citrix Cloud - Architecture Diagrams.pptxARUNACHALAM S
 
Citrix Day 2013: CloudPlatform & Cloud Portal Business Manager
Citrix Day 2013: CloudPlatform & Cloud Portal Business ManagerCitrix Day 2013: CloudPlatform & Cloud Portal Business Manager
Citrix Day 2013: CloudPlatform & Cloud Portal Business ManagerDigicomp Academy AG
 
Support Software Defined Networking with Dynamic Network Architecture
Support Software Defined Networking with Dynamic Network ArchitectureSupport Software Defined Networking with Dynamic Network Architecture
Support Software Defined Networking with Dynamic Network ArchitectureZivaro Inc
 
Common Pitfalls when Setting up a NetScaler for the First Time
Common Pitfalls when Setting up a NetScaler for the First TimeCommon Pitfalls when Setting up a NetScaler for the First Time
Common Pitfalls when Setting up a NetScaler for the First TimeDavid McGeough
 
Citrix Day 2014: XenMobile Enterprise Edition
Citrix Day 2014: XenMobile Enterprise EditionCitrix Day 2014: XenMobile Enterprise Edition
Citrix Day 2014: XenMobile Enterprise EditionDigicomp Academy AG
 
Cisco Connect Ottawa 2018 multi cloud
Cisco Connect Ottawa 2018 multi cloudCisco Connect Ottawa 2018 multi cloud
Cisco Connect Ottawa 2018 multi cloudCisco Canada
 
Azure PTA vs ADFS vs Desktop SSO
Azure PTA vs ADFS vs Desktop SSOAzure PTA vs ADFS vs Desktop SSO
Azure PTA vs ADFS vs Desktop SSOCoLaboraDK
 
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSOColabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSOPeter Selch Dahl
 
Data Center, Private Cloud/IT transformation
Data Center, Private Cloud/IT transformationData Center, Private Cloud/IT transformation
Data Center, Private Cloud/IT transformationCisco Canada
 
Citrix Portfolio Updates
Citrix Portfolio UpdatesCitrix Portfolio Updates
Citrix Portfolio UpdatesPawel Serwan
 

Similar to Citrix with Microsoft EMS (20)

Citrix solutions - How on earth, as in heaven
Citrix solutions - How on earth, as in heavenCitrix solutions - How on earth, as in heaven
Citrix solutions - How on earth, as in heaven
 
Citirx Day 2013: Citrix Enterprise Mobility
Citirx Day 2013: Citrix Enterprise MobilityCitirx Day 2013: Citrix Enterprise Mobility
Citirx Day 2013: Citrix Enterprise Mobility
 
Getting the Most Value from Your Aviatrix Controller & Gateways
Getting the Most Value from Your Aviatrix Controller & GatewaysGetting the Most Value from Your Aviatrix Controller & Gateways
Getting the Most Value from Your Aviatrix Controller & Gateways
 
TechWiseTV Workshop: Intercloud Fabric
TechWiseTV Workshop: Intercloud FabricTechWiseTV Workshop: Intercloud Fabric
TechWiseTV Workshop: Intercloud Fabric
 
WVD Partner Event 17 feb 2020 - Citrix Slides
WVD Partner Event 17 feb 2020 - Citrix SlidesWVD Partner Event 17 feb 2020 - Citrix Slides
WVD Partner Event 17 feb 2020 - Citrix Slides
 
Csp hosted-desktop-on-windows-azure-design-guide
Csp hosted-desktop-on-windows-azure-design-guideCsp hosted-desktop-on-windows-azure-design-guide
Csp hosted-desktop-on-windows-azure-design-guide
 
eG Express Cloud for Citrix Workspaces
eG Express Cloud for Citrix WorkspaceseG Express Cloud for Citrix Workspaces
eG Express Cloud for Citrix Workspaces
 
Citrix xa xd cloud provisioning webinar
Citrix xa xd cloud provisioning webinarCitrix xa xd cloud provisioning webinar
Citrix xa xd cloud provisioning webinar
 
Building Azure RemoteApp - Microsoft Campus Days 2014
Building Azure RemoteApp - Microsoft Campus Days 2014Building Azure RemoteApp - Microsoft Campus Days 2014
Building Azure RemoteApp - Microsoft Campus Days 2014
 
Citrix Cloud - Architecture Diagrams.pptx
Citrix Cloud - Architecture Diagrams.pptxCitrix Cloud - Architecture Diagrams.pptx
Citrix Cloud - Architecture Diagrams.pptx
 
Citrix Day 2015 Cloud Bridge 7.3 and WSA v10
Citrix Day 2015 Cloud Bridge 7.3 and WSA v10Citrix Day 2015 Cloud Bridge 7.3 and WSA v10
Citrix Day 2015 Cloud Bridge 7.3 and WSA v10
 
Citrix Day 2013: CloudPlatform & Cloud Portal Business Manager
Citrix Day 2013: CloudPlatform & Cloud Portal Business ManagerCitrix Day 2013: CloudPlatform & Cloud Portal Business Manager
Citrix Day 2013: CloudPlatform & Cloud Portal Business Manager
 
Support Software Defined Networking with Dynamic Network Architecture
Support Software Defined Networking with Dynamic Network ArchitectureSupport Software Defined Networking with Dynamic Network Architecture
Support Software Defined Networking with Dynamic Network Architecture
 
Common Pitfalls when Setting up a NetScaler for the First Time
Common Pitfalls when Setting up a NetScaler for the First TimeCommon Pitfalls when Setting up a NetScaler for the First Time
Common Pitfalls when Setting up a NetScaler for the First Time
 
Citrix Day 2014: XenMobile Enterprise Edition
Citrix Day 2014: XenMobile Enterprise EditionCitrix Day 2014: XenMobile Enterprise Edition
Citrix Day 2014: XenMobile Enterprise Edition
 
Cisco Connect Ottawa 2018 multi cloud
Cisco Connect Ottawa 2018 multi cloudCisco Connect Ottawa 2018 multi cloud
Cisco Connect Ottawa 2018 multi cloud
 
Azure PTA vs ADFS vs Desktop SSO
Azure PTA vs ADFS vs Desktop SSOAzure PTA vs ADFS vs Desktop SSO
Azure PTA vs ADFS vs Desktop SSO
 
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSOColabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
 
Data Center, Private Cloud/IT transformation
Data Center, Private Cloud/IT transformationData Center, Private Cloud/IT transformation
Data Center, Private Cloud/IT transformation
 
Citrix Portfolio Updates
Citrix Portfolio UpdatesCitrix Portfolio Updates
Citrix Portfolio Updates
 

More from Marius Sandbu

Securing Virtual Machines in Microsoft Azure
Securing Virtual Machines in Microsoft AzureSecuring Virtual Machines in Microsoft Azure
Securing Virtual Machines in Microsoft AzureMarius Sandbu
 
Hackcon - Ransomware
Hackcon - RansomwareHackcon - Ransomware
Hackcon - RansomwareMarius Sandbu
 
EUC State of the Union 2021
EUC State of the Union 2021EUC State of the Union 2021
EUC State of the Union 2021Marius Sandbu
 
Ransomware - Hvordan beskytte seg mot slike angrep?
Ransomware - Hvordan beskytte seg mot slike angrep? Ransomware - Hvordan beskytte seg mot slike angrep?
Ransomware - Hvordan beskytte seg mot slike angrep? Marius Sandbu
 
Ransomware erfaringer 2021
Ransomware erfaringer 2021Ransomware erfaringer 2021
Ransomware erfaringer 2021Marius Sandbu
 
Windows Virtual Desktop
Windows Virtual DesktopWindows Virtual Desktop
Windows Virtual DesktopMarius Sandbu
 

More from Marius Sandbu (7)

Securing Virtual Machines in Microsoft Azure
Securing Virtual Machines in Microsoft AzureSecuring Virtual Machines in Microsoft Azure
Securing Virtual Machines in Microsoft Azure
 
Hackcon - Ransomware
Hackcon - RansomwareHackcon - Ransomware
Hackcon - Ransomware
 
EUC State of the Union 2021
EUC State of the Union 2021EUC State of the Union 2021
EUC State of the Union 2021
 
Ransomware - Hvordan beskytte seg mot slike angrep?
Ransomware - Hvordan beskytte seg mot slike angrep? Ransomware - Hvordan beskytte seg mot slike angrep?
Ransomware - Hvordan beskytte seg mot slike angrep?
 
Ransomware erfaringer 2021
Ransomware erfaringer 2021Ransomware erfaringer 2021
Ransomware erfaringer 2021
 
Windows Virtual Desktop
Windows Virtual DesktopWindows Virtual Desktop
Windows Virtual Desktop
 
Azure sentinel
Azure sentinelAzure sentinel
Azure sentinel
 

Recently uploaded

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

Citrix with Microsoft EMS

  • 1. © 2017 Citrix User Group Community Citrix and Microsoft Azure with a hint of mostly Intune EMS
  • 2. © 2017 Citrix User Group Community About Marius • Cloud Tech lead @ EVRY from the land of the Vikings • Working with mostly DevOps, AWS, Google and Azure • Board member of MYCUGC SIG and Citrix User Group • Blogging and free stuff at msandbu.org
  • 3. © 2017 Citrix User Group Community So what is this session about?
  • 4. © 2017 Citrix User Group Community Microsoft EMS with Citrix • Moving away from other endpoints to Windows 10 • Move clients out of infrastructure • More web based applications and adopting higher level of security • Still dependant on Windows applications with Citrix • Moving towards Microsoft Azure • Anytime & Anywhere & Easy Enrollment
  • 5. © 2017 Citrix User Group Community Architecture and Products Azure Subscription • Log analytics • Citrix OMS modules Microsoft EMS E5 • Azure AD Premium • Azure MFA • Intune • Windows Defender ATP • Cloud App Security Citrix XenDesktop and XenApp • Citrix FAS A Couple of NetScaler’s • NetScaler Unified Gateway NPS with MFA Storefront Citrix FAS Server NetScaler Windows PKI Citrix DDC Citrix VDA Conditional Access Intune Log AnalyticsMFA Citrix User
  • 6. © 2017 Citrix User Group Community The Magic! Intune  Deploys Citrix Reciever and VPN Client  Deploys VPN Profile for Citrix  Deploys Certificate using SCEP  Conditional Access Policies Azure AD  Handles authentication to Citrix using SAML  Handles MFA as part of Conditional Access NetScaler  Handles SAML Authentication for Unified Gateway  Gateway for end-users
  • 7. © 2017 Citrix User Group Community Requirements for SSO  Setup AD Certificate Services & Citrix FAS  Configure FAS Server and Group Policy  Configure Storefront with FAS authentication  Add Azure AD Application for Citrix SAML  Setup SAML Authentication rule NetScaler  Assign Application for end-users in Azure AD  Point users to NetScaler Gateway or MyApps
  • 8. © 2017 Citrix User Group Community Azure AD Application Configuration • Configure Enterprise Application with SAML signup Identifier Entity: Unique name Reply URL: NetScaler Gateway FQDN /cgi/samlauth User Identifier: user.userprincipalname • Publish Application • Add Users & Group to access application - Applications published here allow for native SSO to endusers enrolled with Azure AD Join - NB: Troubleshoot using dsregcmd /status or looking Event Viewer Applications & Services  Microsoft  AAD
  • 9. © 2017 Citrix User Group Community Storefront and DDC configuration • Configure Storefront Store to allow FAS Authentication PowerShell on Storefront Server & "$Env:PROGRAMFILESCitrixReceiver StoreFrontScriptsImportModules.ps1» $StoreVirtualPath = "/Citrix/Store" $store = Get-STFStoreService -VirtualPath $StoreVirtualPath $auth = Get-STFAuthenticationService -StoreService $store Set- STFClaimsFactoryNames -AuthenticationService $auth -ClaimsFactoryName "FASClaimsFactory" Set-STFStoreLaunchOptions -StoreService $store - VdaLogonDataProvider "FASLogonDataProvider« PowerShell on Desktop Delivery Controller asnp citrix.* Set-BrokerSite -TrustRequestsSentToTheXmlServicePort $true NB: Ensure that Callback is configured and Optimize Storefront to handle reconnects http://msandbu.org/citrix-fas-with-azure-ad-and-error-404-not-found/
  • 10. © 2017 Citrix User Group Community NetScaler configuration • Configure SAML authentication for NetScaler Gateway idP Certificate: From Azure AD Redirect URL: Redirect to Azure AD Single Logout URL: Redirect to Azure AD User Field: userprincipalname Issuer Name: an unique identifier SAML Binding: POST Signature and Digest: SHA 256 • Bind to NetScaler Gateway as Basic Authentication • No need for specific NetScaler licenses
  • 11. © 2017 Citrix User Group Community Intune configuration • Deploying Citrix Reciver and NetScaler Gateway VPN client NB: Some limitations to software deployments Either MSI based innstallation or PowerShell Scripts PowerShell scripts run every 30 minutes on endpoint Thanks you! Aaron Parker  https://github.com/aaronparker/Intune/ • Intune deployment of Citrix VPN Profiles Can be defined for Windows 10, iOS and Android Authentication Method either User/Pass or Certificate based Windows requires NetScaler 12.0.56.x
  • 12. © 2017 Citrix User Group Community Azure AD Conditional Access • Configure access to applications based upon different conditions • Sign-in Risk • Device Platforms • Locations • Client Apps • Device State • Device compliance from WDATP • User risk from Azure AD • Assign Policy to User or Group and enable
  • 13. © 2017 Citrix User Group Community Security architecture Azure Active Directory Identity Protection • Automated security enforcement of Azure AD based users based upon risk Windows Defender ATP • Automation security remiditation of Endpoints based upon suspicious behaviour Azure ATP • Monitoring of attacks or suspicious activities against Active Directory Cloud App Security • Cloud Access Security Broker to handle access and security policies across SaaS
  • 14. © 2017 Citrix User Group Community Monitoring components • Using Log Analytics to collect and aggregate on certain events • Using Syslog Collector to get NetScaler logs • Using Custom logs to get Citrix logs from Servers • Performance Counters from Session Hosts • Using OMS Citrix modules • Using Windows 10 Telemetry • For Azure IaaS with Azure Security Center • Forward Alerts to ITSM or using WebHooks
  • 15. © 2017 Citrix User Group Community So how does it look like?
  • 16. © 2017 Citrix User Group Community Other deployment options • Using Azure MFA with native Active Directory and NetScaler  Only if using local Active Directory as authentication source  Using NPS Server with MFA Extension to act as Radius Server • Using OAuth and Intune integration in NetScaler to act as a Network Access Control policy  Only if using VPN Connection and to get Device Compliance using Azure AD Graph API  Requires Enterprise NetScaler license • Using Storefront with SAML Authentication against Azure AD and Native Reciever  Allow use of Conditional Access Policies and MFA for even internal access
  • 17. © 2017 Citrix User Group Community Some final things to consider  Citrix + Azure AD integration easier with NetScaler 12.1  Citrix Analytics vs Conditional Access with Graph API  Conditional Access MFA < Global MFA rules  NAC agents for NetScaler supported on iOS, Android and Windows  Citrix Cloud Gateway Service native support for Azure AD with MFA  OMS Packages from Citrix or consider http://loganalytics.sepago.com/