Citrix sb 0707-lowres


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Citrix sb 0707-lowres

  1. 1. RSA Solution BriefSecuring Citrix®-basedAccess Infrastructure withTwo-factor AuthenticationRSA Solution Brief
  2. 2. 22Easy Connections to Applications and Information from AnywhereCitrix Systems®provides flexible access infrastructure that makes it easy to connect peopleto applications and information from any location, with any device, over any network withthe best possible access experience. As a member of the RSA Secured®Partner Program,Citrix has incorporated RSA technology into its Citrix Access Platform™so organizations cangain the benefits of two-factor authentication to protect information and access to businessapplications.RSA Solution BriefProviding Streamlined Access to EnterpriseApplicationsThe Citrix Access Platform is a unique approach thatrecognizes the convergence of networking,management and security technologies required todeliver applications on-demand. Citrix accessinfrastructure includes software, services andappliances that bridge the key elements in theinformation supply chain, built around applicationdelivery and access security and control.Over 180,000 customers use Citrix products to deliveran efficient access experience to the applications andinformation people need - from anywhere and toanywhere - with fast performance, high security andlow cost. Citrix is helping companies transform theirbusinesses and industries, not just simplifying accessand saving money, but actually changing the way andspeed at which they conduct their businesses. Citrixcustomers include all of the Fortune 100 companiesand 98% of the Fortune Global 500, as well ashundreds of thousands of small businesses andindividuals. Citrix has offices in 22 countries, andmore than 6,200 channel and alliance partners inmore than 100 countries. The Citrix Access Platformdelivers dividends over and over again, helpingbusinesses to:– Simplify access for all users and improveproductivity for employees, partners, contractorsand customers - whether they are local, remote ormobile.– Close security gaps by leveraging CitrixSmartAccess™technology that provides identity-driven access tailored to any use environment andby partnering with RSA to enable two-factorauthentication for local, remote or mobile access.– Increase visibility by enabling the management,measurement and observability of all dimensionsof access, so management can clearly see whoaccessed what resources for how long.– Ensure business continuity through continuous,reliable access regardless of business or technicaldisruptions, corporate expansion, technologyevolutions or organizational changes.– Protect investments through a flexible platformbuilt for IT leverage and extensibility. It works withexisting systems and is adaptable to support futurerequirements.Gaining Access Through the CitrixPresentation ServerThe Citrix Presentation Server is a key element of theCitrix Access Platform, and it enables IT to centrallydeploy and manage line of business applicationswhile providing secure, on-demand access to theseresources and delivering a low total cost of ownershipand superior performance and scalability. It runs onMicrosoft®Windows Server™and UNIX operatingsystems, and extends the base Windows TerminalServices platform by enhancing the end-userexperience as well as increasing manageability,compatibility and scalability to address business-critical environments.Presentation Server expands the range of supportedapplications to include legacy software and Web-based, UNIX and Java™solutions. It also enables anydevice or operating system - including those runningon Macintosh and Linux platforms - to accessvirtualized applications.
  3. 3. 33Fast, Simple and Secure Access to EnterpriseApplicationsThe Citrix Presentation Server makes it easy to give allusers across the organization fast, simple and secureaccess to business-critical applications. With itscentralized model, Presentation Server enables IT toimplement and deploy applications much morequickly than if they had to be installed and configuredon each computer. It allows the enterprise tocentralize control of enterprise applications, simplifyaccess to information and reduce the cost ofpurchasing and maintaining access devices.Virtualizing Enterprise ApplicationsTo virtualize applications, Presentation Serverabstracts the user interface from the applicationprocessing that occurs on a centralized server. This“thin client” technology is ideal for virtualizingapplications because it eliminates the complexities ofdeploying, managing and updating a vast array ofsoftware on each individual user’s access device.Instead, a single instance of the client application isinstalled on Presentation Server within the secureconfines of the data center. When connected to thePresentation Server, the thin client essentiallybecomes a terminal accessing information that isstored and processed on central servers.Applications are then “virtually” delivered to all thelocal, remote and mobile users, regardless of device,network or location. Maintaining critical businessapplications centrally in the data center ensures thatthe applications are deployed faster with less testingand are best protected and controlled by IT. Thissignificantly reduces deployment costs and aids inensuring regulatory compliance with data protectionrequirements. Desktop, remote and mobile PCs can bedeployed with minimal investment in memory andhard disks, allowing the organization to reduce thecost of computing while enabling anywhere, anytimeaccess to applications.With Presentation Server application virtualizationcapabilities, users access applications running on theserver the exact same way they would if theapplications were running on the local device, makingthis process transparent. Meanwhile, IT administratorsbenefit from a far more cost-effective, easy-to-manageand secure method for deploying and managingbusiness applications.Lowering Bandwidth Use While Delivering FasterPerformanceBy virtualizing applications and having both client andserver components running together in the datacenter, organizations typically lower bandwidth usewhile delivering faster application performance.During this process, 100% of the application’s logic(for both the client and server components) executeson the server. Regardless of whether the application isWindows, UNIX, Java or web based, the applicationcan then be accessed from any device and locationover any network.Protecting Access Via Two-FactorAuthenticationCitrix provides a computing architecture that allowscompany information to be accessed from anywhere,anytime, and two-factor authentication enhancessecurity for Citrix solutions by creating an end-to-endtrusted and secured solution for an enterprise. Butwhile the Citrix family of products has made it easierfor users to access critical information, simply usingpasswords to authenticate Citrix users can be costlyand can put a company at risk.RSA Solution BriefThe combination of the Citrix®Access Platformand RSA SecurID®authentication can be leveragedto protect web-based applications.
  4. 4. 4– Passwords can be easily hacked or stolen withtools readily available on the Internet.– Password security is greatly reduced by userswho frequently choose passwords that are easilyguessed or written down on notes often placednear a PC.– Inadequate password policies often fail to meetsecurity audits.– Passwords are costly to manage due to frequenthelp desk calls with password resets.RSA SecurID two-factor authentication is based onsomething you know (a PIN), and something you have(an RSA SecurID authenticator) - and it provides moresecure and cost-effective user authentication thanreusable passwords.Integrating the Citrix Access Platform withRSA SecurID AuthenticationFor years, Citrix has been a member of the RSASecured Partner Program, and has allowed theenterprise to leverage RSA SecurID solutions toprotect access to information. The RSA SecuredPartner Program works with software and hardwarevendors to integrate or establish interoperabilitybetween partner products and products from RSA.Citrix has integrated access to RSA SecurID solutionsas a configuration option on the Citrix PresentationServer™so that IT can easily protect access toenterprise infrastructure. Organizations can deployCitrix Access Platform solutions with RSA SecurIDauthentication without the need for any customsoftware development, and the integration of thesetechnologies has been tested and certified asinteroperable by RSA and this joint solution hasalready been successfully deployed by manyorganizations worldwide.Through the RSA Secured Partner Program, Citrix hasbuilt the RSA®Authentication Agent into the CitrixPresentation Server. The RSA Authentication Agentfunctions much like a security guard, standingbetween users and the Citrix Presentation Server toenforce two-factor authentication.RSA SecurID hardware tokens small enough to attachto a key chain or fit in a wallet can be distributed tousers, and upon login users are asked to enter theirPIN and the constantly changing code on their token.Access to protected information is granted only whenthe user has entered a valid RSA SecurID passcode;otherwise, access is denied.Local, Remote and Mobile AuthenticationThis integrated solution supports local, remote andmobile users. Users can be required to authenticatefrom their desktop while on the premises, and remoteusers can be required to authenticate before gainingenterprise access via a Virtual Private Network (VPN).Mobile users can login from a hotel or even a WiFi hotspot, and they will be granted secure access whenthey enter their PIN and the token code displayed atthat moment on their authenticators. Organizationscan also enable two-factor authentication via RSASecurID software authenticators integrated into PDAsor smart phones.RSA Solution BriefUsers can enter their user name and the currenttoken code to gain secure, two-factor authentica-tion to Citrix Presentation Server to access enter-prise network resources and applications.The RSA Secured®Partner Program works tointegrate or establish interoperability betweenpartner products and products from RSA.
  5. 5. 5RSA Solution BriefProtecting Enterprise ApplicationsCitrix has leveraged RSA SecurID technology to allowthe enterprise to easily deploy two-factorauthentication. The RSA SecurID solution comprisesthree components: RSA®Authentication Manager,RSA®Authentication Agent and RSA SecurIDauthenticator.To ensure the authenticity of each user accessing theprotected information, the RSA Authentication Agentsoftware will prompt the user to enter their PIN andthe token code displayed at the time on their RSASecurID authenticator. When the user enters theinformation, the RSA Authentication Agent directs it tothe RSA Authentication Manager software. Thisenterprise-class software is the managementcomponent of the RSA SecurID solution. It is used toverify authentication requests and centrally administerauthentication policies for enterprise networks. RSAAuthentication Manager will grant access toauthorized users and reject access attempts that donot provide the correct PIN and token code. Once theuser is authenticated a single time, the user is grantedsecure access to enterprise applications.Protecting Web-Based ApplicationsThe combination of the Citrix Access Platform and RSASecurID authentication can similarly be leveraged toprotect web-based applications. Users turn to theirhardware or software authenticators to get the currenttoken code, and enter the token code and theirpasswords to gain access to web-based applications.The RSA Authentication Agent resident on the CitrixPresentation Server intercepts each access requestand forwards it to the RSA Authentication Manager.If the user has entered the correct PIN and the currenttoken code, the user is provided secure access toweb-based applications available through web serversbehind the Citrix Presentation Manager in thecorporate data center.The PC used for accessing enterprise applications effectively serves as a terminal, withall processing implemented on central servers. The RSA Authentication Manager grantsaccess to users who enter the appropriate PIN and the current token code.Citrix PresentationServer with embeddedRSA AuthenticationAgentAlgorithmSeedTimeAlgorithmSeedTimeUserID:asmithPIN: 6752token code: 342138UserID:asmithPIN: 6752token code: 342138EnterpriseapplicationsRSA®Authentication Manager342138
  6. 6. 6 RSA Solution BriefIntegrated Solutions from Citrix and RSAThe integration of RSA SecurID authentication and theCitrix Access Platform provides major businessadvantages to different organizations:– Organizations already relying on Citrix infrastructurecan easily add RSA SecurID two-factorauthentication to enhance application security.– Organizations with existing RSA SecurIDauthentication already deployed to protect accessto information can reduce bandwidth andcomputing costs by migrating to Citrix AccessPlatform while continuing to leverage already-deployed RSA SecurID authenticators.– Organizations evaluating enterprise accesssolutions can select the Citrix Access Platform toreduce the cost of computing and buttress it withRSA SecurID authentication solutions to protectaccess to enterprise applications and web-basedapplications.All organizations deploying the Citrix Access Platformand RSA SecurID authentication benefit fromapplication virtualization and applications security.This solution allows companies to:– Implement cost saving and revenue generating e-business processes with positive useridentification,– Reduce the risks and costs associated withintellectual property theft and security breaches,– Enable compliance with industry regulations andprivacy laws,– Reduce the costs associated with password-relatedhelp-desk calls and– Provide secure access to critical information andtransactions by establishing end-useraccountability.A combined implementation of the Citrix AccessPlatform and RSA SecurID authentication providessafe and secure access to corporate resources fromany location and any device around the world. Formore information, visit Two-Factor Authenticationto Web-based Applications – a Case StudyProvidence Health System-Oregon Region is part of anintegrated delivery network that extends acrossAlaska, Washington, Oregon and Southern California.The organization needed to create a web-basedaccess solution that would allow physicians, nursesand administrators to securely access criticalinformation such as patient records, lab results,diagnostic imaging and nursing charting data from anylocation, using any device.“From the outset, we recognized that rewriting legacyapplications to web-enable them would have beencostly and time-consuming and would have requiredlinking to an authentication system for eachapplication,” said Dr. Richard Gibson, Chief MedicalInformation Officer. “In contrast, the combined Citrixand RSA solution allowed us to deploy multipleapplications easily, securely and cost-effectively,without any application rewrites.”“The combined Citrix and RSAenvironment embodies the three qualitieswe were looking for in an informationaccess solution...”
  7. 7. 7RSA Solution BriefGibson noted that centralized managementcapabilities make it easy for IT to add newapplications and new users. “We can easily install andupgrade applications centrally on PresentationServers and make them immediately accessible viathe web,” he said. “Similarly, it is very easy toprovision RSA SecurID tokens for new users so theycan start taking advantage of web access right away.”This solution helps Providence Health System complywith HIPAA, which defines requirements for healthcareproviders to ensure the privacy and security ofsensitive patient information. “The combined Citrixand RSA environment embodies the three qualities wewere looking for in an information access solution: ahigh degree of convenience and mobility for our busyphysicians, a high level of security to safeguardpatient information and a total cost of ownershipthat’s consistent with today’s tight budgets.”About CitrixCitrix Systems, Inc. (NASDAQ:CTXS) is the globalleader and most trusted name in on-demand access.More than 180,000 organizations around the worldrely on Citrix to provide the best possible accessexperience to any application for any user. Citrixcustomers include 100% of the Fortune 100companies and 98% of the Fortune Global 500, aswell as hundreds of thousands of small businessesand individuals. Citrix has approximately 6,200channel and alliance partners in more than 100countries. Citrix annual revenues in 2005 were $909million. For more information, visit
  8. 8. RSA Solution BriefRSA is your trusted partnerRSA, The Security Division of EMC, is the expert ininformation-centric security, enabling the protection ofinformation throughout its lifecycle. RSA enables cus-tomers to cost-effectively secure critical informationassets and online identities wherever they live and atevery step of the way, and manage security informationand events to ease the burden of compliance.RSA offers industry-leading solutions in identity assur-ance & access control, encryption & key management,compliance & security information management andfraud protection. These solutions bring trust to millionsof user identities, the transactions that they perform,and the data that is generated. For more information,please visit and©2006-2007 RSA Security Inc. All Rights Reserved. RSA, RSA Security,RSA Secured and the RSA logo are either registered trademarks ortrademarks of RSA Security Inc. in the United States and/or othercountries. Citrix Access Platform, SmartAccess and Citrix PresentationServer are trademarks or registered trademarks of Citrix Systems.Microsoft and Windows Server are trademarks or registered trademarksof Microsoft Corporation, and Java is a trademark or registeredtrademark of Sun Microsystems.EMC is a registered trademark of EMCCorporation. All other products and services mentioned are trademarksof their respective companies.CITRIX SB 0707