BJ
Uploaded byBenjamin Jolivet
372 views

Citrix security booklet

The document discusses the evolving landscape of cyber threats in the context of digital transformation and the Internet of Things (IoT). It emphasizes the need for a comprehensive cybersecurity strategy that includes not only defensive measures but also offensive capabilities to address the advanced persistent threats posed by modern attackers. The proposed security architecture model (SAM) aims to deliver user-centric, interoperable, secure, and cost-effective application services in a multi-device, multi-network environment.

Embed presentation

Facing tomorrow’s Cyber Threats: a perspective from Citrix
Citrix.com3 David Cenciotti Citrix Systems Sales Engineer & Security Evangelist Rome, Italy david.cenciotti@citrix.com Aknowledgements: The Author wishes to thank all those people who helped prepare this booklet. Among them, special credits go to Antonio Marotta, who provided continuous advice and feedbacks, and to Massimiliano Grassi and Benjamin Jolivet, who supported the whole project. Roger Howell reviewed the initial draft whilst Emanuele Mornini, Aldo Amati, Lorenzo Di Palma and Davide Bassani provided valuable details and hints.
4Citrix.com 1. Foreword 2 2. Background 4 3. Introduction to the Model 5 3.1 Building blocks 10 4. “User Centric” 14 4.1 The App Store 15 4.2 Optimized User Experience 16 4.3 BYOD-ready 17 5. “Interoperable” 18 6. “Secure” 19 6.1 Centralized Application execution 20 6.2 Application Delivery Controller 24 6.3 Facing the “Mobility threat” 26 6.3.1 Sandboxed platforms 26 7. “Cost Effective” 29 8. A use case: the Ransomware kill chain 31
Citrix.com2 1. Foreword Wearables used to monitor activity level and individuals’ health state. Collaboration software used to create virtual conference rooms and messaging tools connecting people through dynamic software- defined wide area networks. Data increasingly moving from on-premise to Cloud hosting environments. Software and applications provisioned on-the- fly and made available through virtualized remote sessions regardless of connecting device’s originating network and OS (Operating System). Drones feeding real-time videos to their remote operators and aircraft engines streaming TB (Terabyte) of data to remote maintenance systems. Those mentioned above are just a few examples of how technology influences everyday business and personal life. The impact of “pervasive technologies” on today’s society is often referred to as “Digital Transformation”, part of the so-called “Revolution 4.0”, where fusion of technologies is blurring the lines between the physical, digital, and biological spheres. Whilst a large mix of digital technologiesismakingtheworldfully connected to improve collaboration, learning, information sharing and decision-making, companies around the world continue to invest in research and development and seek new technologies that can give them an advantage on their market. More or less what their old and new “enemies” are doing at the same speed, or faster. For instance,today’s joint operations on the battlefield require reliable information gathered through a wide variety of sensors aboard drones, spyplanes or provided by troops operating in the field around the world to decision makers oceans apart. The digitized information is collected at the tactical edge and delivered via the secure network connections to the data center where it can be “transformed” through analytics and machine learning to generate critical insight and gain the so-called “Information Superiority”. Such insights can be then shared back to the deployed soldiers at the edge in real-time.You can “translate” the above use case into any one you like. Whilst not simple to achieve, the transformation of images and signals to data, data to knowledge, and knowledge to decision, heavily relies on technology and end-to-end secure fabric. A network of networks that APTs (Advanced Persistent Threats) may try to infiltrate by any means including the new devices interconnected at the edge as part of the continued growth of the (IoT) Internet of Things. Moreover, a growing reliance on technology implies new advanced
3Citrix.com adversaries to face: in fact, the so- called Revolution 4.0 has already completely changed the geopolitical landscape requiring Defense and National Security to evolve and include the Cyber domain because even smaller economies, organizations or individuals (backed by some intelligence service or not) can pose a significant threat to larger nations today. So, Digital Transformation is today about using mobile devices and remote sensors to collect data at the edge, transfer it to where is needed (including a private cloud), process it to get actionable intelligence, and send the orders back to the user/operator deployed abroad in the shortest time possible: a process that requires cutting edge technologies developed by companies that are today more exposed than ever to the new emerging threats, and increasingly in the need to show their ability to comply with new security standards if they want to continue working on the most advanced (hence targeted) programs. Attackers have been trying to intrude Government and Private Sector’s firms’ networks, often with real cyber weapons, for years. “Software-based” weapons systems, IoT capabilities, Big Data, Cloud Computing and digitization will simply expand the attack surface they can target, making them even more aggressive and dangerous than ever before thanks to the speed of the 5G connectivity that will be the driver for more services as well as more powerful attacks. Therefore, a Cybersecurity strategy covering the whole technological domain will be the key to address new and existing risks and threats before these can give the enemy an edge both in the cyberspace and in the battlefield.And such strategy will not have to cover “defensive” cyber operations only but also “offensive” ones. For instance, companies that have designed and developed “legacy” EW (Electronic Warfare) systems and pods are increasingly working on Cyber EW capabilities too: indeed, EW aircraft are already embedding (or are about to embed) in-flight hacking capabilities to conduct malware attacks by air- gapping closed networks.
Citrix.com4 2. Background Personal computers, laptops and more recently smartphones and tablets have become the standard means humans use today to interact one another. People rely on services delivered and made available to their device to socialize, study, work or communicate. Moreover, new un- traditional devices are continuously connected to Internet to perform activities in an autonomous way. On the other side, organizations make devices and app available to their employees to enhance productivity, collaboration and convenience. Each time users start an app on any of the above- mentioned platforms, they want the service to be accurate, properly formatted with a designed-for- their-device look and feel, optimized for delivery through unreliable connections, with an acceptable response time. Regardless to whether they are using the device to send an email, to check the balance on their e-banking account, to make a purchase on eBay, or to transmit sensitive data to their home base during an intelligence gathering mission, users heavily rely on the apps on their device with confidence that it will perform as expected. Depending on the scenario, the consequences of a failure could be significant: whilst the inability to send an email could cost an organization the closure of an important deal, the lack to deliver a sensitive geo-location data to the app used by a military involved in Crisis Support Operation could cost a nation human lives. Needless to say while apps set high expectations on the user side, organizations which make those apps available to their employees have to deal with a series of issues: the presence of legacy servers which support core applications, that can be difficult to update without affecting production services; budget constraints that prevent or limit the investments required to update or migrate existing applications; the number and diversity of user devices, that make monitoring,patching,updating difficult and costly to implement; the lack of hi-bandwidth networks to support interactive and streaming services. Furthermore, last but not least, organizations have to be sure they deliver the service in a timely fashion, optimizing the user experience, while preventing compromise of both remote devices and backend data. A population of several different devices, can become the vector of an immense number of modern attacks capable to pose a significant threat to the organizations most important assets, and capable to affect the Confidentiality, Integrity and Availability properties of the information. Hence the need to deliver applications in such a way to meet the organizations requirements while ensuring the
5Citrix.com expected user experience and, last but not least, protecting data end- to-end in order to prevent data theft and compromise, service disruptions. 3. Introduction to the Model Although several different logical and physical components co- exist and cooperate on the same hardware with different features, limits, performance, etc., user devices are usually considered as a whole: monolithic units with their own form factor, operating system, apps and network interfaces. In fact, most of today’s systems were designed & built in the PC Era and are based on some core assumptions: • That people use application services (made available through Public or Private networks) from their office, hence from devices interconnected to a hi-speed wired network. • That services that IT delivers are largely designed as premise-based,built in a monolithic way and offered in suites of apps. Over time, these assumptions have become anachronistic, forcing organizations to over-invest in terms of money and effort to manage exceptions. Mobile workers were exceptions; complex web pages with hundred objects, javascripts and large images were an exception; personal devices were an exception; wireless connectivity was an exception; cloud-based services were exceptions; and apps downloadable through an app store? Exceptions as well. In other words, the exceptions of the PC Era have become the assumptions of the Cloud Era: regardless to the type of their “core business”, companies and organization have to deal with a workforce where everyone is assumed to be mobile and enabled with multiple personal devices. These employees connect over wireless networks and use Apps delivered as cloud services, in the form of private, hybrid or public clouds. Social networks have become the tools to deliver new online services. Then, there is something more to consider: the growing importance of the Internet of things (IoT). The IoT is the inter-networking of physical devices equipped with electronics,
Citrix.com6 software, sensors, actuators, and network connectivity which enable these objects (referred to as “connected things”) to collect and exchange data. Drawing representing the Internet of things (IoT). (Credit: Wilgengebroed on Flickr via Wiki)
7Citrix.com Based on some recent estimates, there will be about 30 Billion devices connected to the IoT by 2020. Almost every device that is able to connect to the Internet can be considered as a “connected thing”: smartphones, wearables, personal computers, refrigerators, smart meters, cars, buildings and, why not, aircraft can be considered IoT devices that communicate with one another. Smart homes are enabled by IoT devices. Just think to this scenario: a user arrives home and his car autonomously communicates with the garage to open the door. The thermostat is already adjusted to his preferred temperature, due to sensing his proximity. He walks through his door as it unlocks in response to his smart phone or RFID implant. The home’s lighting is adjusted to lower intensity and his chosen color for relaxing, as his pacemaker data indicates that it’s been a stressful day. The raise of IoT Devices (credit: BI Intelligence http://www.businessinsider.com/internet-of-everything-2015-bi-2014-12)
Citrix.com8 A map of internet outages in Europe and North America caused by the Dyn cyberattack (as of 21 October 2016 1:45pm Pacific Time). Credit: Wiki What is somehow worrisome about the proliferation of IoT devices is the fact that most of these are poorly protected and hackable. Between September and October 2016, a botnet made of hundreds thousands under-secured IoT devices (mainly CCTV cameras) was used to perform one of the largest distributed denial of service (DDoS) attacks ever: a malware dubbed “Mirai” identified vulnerable IoT devices and turned these networked devices into remotely controlled “bots” that could be used as part of a botnet in large-scale network attacks. On Oct. 21 2016, the so-called “Mirai IoT botnet”remotely instructed 100,000 devices to target the DNS services of DNS service provider Dyn. As a result, much of America’s internet was brought down by the cyber- attack, because it prevents the accessibility of several high-profile websites.
9Citrix.com A Model built around this new set of assumptions and a completely new and ever-changing scenario is ready to serve at no incremental cost for the organization anyone who works at office, using a corporate- provided device, connecting to a wired LAN to use premise-based legacy apps: in other words, in the new Model, exceptions are free. The SAM described in this paper is based on a layered approach. Whilst every device is made of several different components we can consider it as made by several homogeneous abstraction layers. The layers envisioned by the Model are: User, App (Applications), OS (Operating System), HW (Hardware), Net (Network). From top to bottom, layers represent device’s internal or external entities with strong ties with the rest of the stack but almost independent one another in terms of requirements: for instance, higher on the stack in the User which includes humans and their needs to obtain the best, optimized experience from the underlying layers. The User layer will ask for the required services at the expected degree of efficiency, regardless to the type of Operating System or Network he/she is using. To make it simple, each layer relies on the underlying ones even though it does not “know” anything about their existence, details, specifications, requirements, etc. The following paragraphs will explain how the SAM can address such requirements through a layered approach. The SAM’s layered approach overcomes the limits imposed by a monolithic model providing a tool to deliver applications in the Cloud- era in such a way they are: 1. User Centric 2. Interoperable 3. Secure 4. Cost effective
Citrix.com10 Session Virtualization: centralized execution of any application made available to the users (regardless to their location, network or device) through a secure presentation protocol. An App Store is used to provision, download and/or launch the desired app. Application Delivery Controller:the Front End for thevirtualized applications. It’s where the policies (authentication, security, optimizations, etc.) are implemented. The ADC publishes an enterprise “App Store” from where the user can download or select the required App. It is also used to balance sessions towards the backend servers ensuring availability of the services. Since the ADC is the network element used to access the applications, it will provide security features (content filtering, anti-DDoS, Web Application Firewall, IPS controls, etc.). SD-WAN: is the technology used to improve and optimize performance of the remote users who need to use the apps through unreliable or low- bandwidth connections. SD-WAN can also be used to “build” hybrid cloud infrastructures with local appliances interconnecting to the virtual ones provisioned through the marketplace of the main Cloud Service Providers. Mobile Store: it’s the controller of the apps installed on the mobile devices within a BYOD scenario. It enables the organizations to perform centralized provisioning and management of the corporate applications running on personal devices. 3.1 Building blocks Before explaining the reasons why the Security Architecture Model is User Centric, Interoperable, Secure and Cost Effective, let’s see which are the main building blocks of the framework. Such building blocks can be either on premises or cloud- based. Although their features and role will become clearer in the subsequent paragraphs, these are the building blocks of the SAM:
11Citrix.com Unified Management and Analytics plane: the SAM leverages on unified management, reporting and collecting tools, as well as machine learning to provide IT managers the tools to manage all the components, devices, and to monitor the performance of the entire infrastructure. Deployed either on premise or in the Cloud, the Analytics tools help IT and security professionals to gain complete visibility into what’s throughout the entire environment. It is based on the best algorithms to provide a complete view of user behavior, track irregularities in their behavior, and deliver automated remedies that are appropriate for a given security policy. Citrix’s SAM to secure app delivery These are the main architectural components of the SAM. Complementary components can be deployed as well: for instance, an Enteprise File Sync and Share System can be used to secure data sharing operations, implement DLP policies etc. This paper will focus on the benefits that the framework may bring to organizations that opt for a Security Architecture Model rather than providing product specifications or in-depth overviews of the technologies that can be used to implement it.
Citrix.com12 In Citrix’s “lingo”: • Application Virtualization (that implements session virtualization) is deployed using XenApp (Virtual Desktops are similarly deployed using XenDesktop) • The App Store is published using Storefront • The Application Delivery Controller is NetScaler ADC while the SD- WAN technology for WAN Optimization and WAN Virtualization is NetScaler SD-WAN. • TheMobileStoreispartoftheEMM(EnterpriseMobilityManagement) suite XenMobile. • The Unified Management and Visibility Plane is the Citrix Analytics Service as well as the NMAS (NetScaler Management and Analytics System). Organizations can opt for Citrix technologies to be deployed either in the Cloud or on-premises.
13Citrix.com What’s unique for Citrix is the actual data that our tools bring from the environment. NetScaler gives visibility into networking levels four through seven. ShareFile understands what’s happening with content – how it is being downloaded and how it is being moved. XenMobile, XenApp, and XenDesktop provides visibility into what’s happening at the endpoint, how people are accessing information, and what tasks they are actually performing. Only Citrix has this kind of complete integration across the entire workspace. Citrix’s vision is to collect data from just about every point in the enterprise to provide a complete 360-degree view into the enterprise. This will then allow use to proactively react to any threats as the come.
Citrix.com14 4. “User Centric” Applications are designed around humans and their need to use software to perform any kind of task. This means that myriad apps have been developed to meet everyone’s requirements. There are apps for Business and Productivity, Collaboration and Sharing, Engineering, Scheduling, Health and Wellness as well as Gaming, Simulation, Music, Photo-editing, etc. In a certain sense, people have become apps-dependent and User perspective has become increasingly important. The access of a virtual, secure workspace where a user is able to self-provision the apps he/she needs to use, over any network and any device - and wherever the service is hosted - has become a new requirement. An application delivery solution must be defined using technologies that set the users at the center, leveraging their common use habits with both personal and professional devices and networks. IT Organizations have to provide their users with a secure access to Corporate Applications (Windows, Web, SaaS and mobile) seamlessly and they allow these business- critical assets to securely co-exist with personal content on the same device. We can set a mandatory list of features, based on the previous statement, that define a user centric application delivery: • Users must be able to move between heterogeneous devices and networks to access the same applications. • Users need to access all of the content through a secure, simple interface (an Application Store or “App Store”) • Users need to access services with an optimized experience (in terms of performance)
15Citrix.com 4.1 The App Store Users expect to access applications with the same easiness they open a video on Youtube and with the same level of security ensured within the context of an online credit card payment. The user interface in a SAM must remove complexity and make interaction between users and backend systems simple and secure. Moreover, the user interface must ensure easiness and security, regardless to the location from which the user accesses the application, hence the need for a unified application store, available on an encrypted connection, where the user, after proper authentication (one or two factors, with OTP, certificates, biometrics etc.), can download the preferred apps, using an interface that remains user- friendly and with the same look and feel on every device. Users must be given the possibility to subscribe to applications or data services from any device and have access to those same services, even when already in use, from any other device for a seamless and simple experience. Needless to say, the App Store (and similarly, the “Mobile Store” for mobile apps delivered to personal mobile devices) can be made available through a Private, Hybrid or Public Cloud, making it Cloud- ready. This is how the “App Store” can look like using Storefront
Citrix.com16 4.2 Optimized User Experience The other requirement of an optimal user experience is the comparison with applications installed on local endpoints. A User-centric application delivered to a mobile, through a public or private network, via a SAM which presents users a sort-of “App Store”, must be able to deliver the same performance, in terms of multimedia content, real-time audio and video collaboration, graphics (2D and 3D) and peripheral support, so as that of local applications delivered at LAN speeds. For this reason, when particular conditions are matched (es: high latency networks, packet loss, low bandwidth etc.), embedded WAN optimization capabilities play an important role in the SAM to ensure acceptable performance and efficiency where traditional distributed application architecture would certainly fail. If multiple links interconnect the datacenter to the branch office from where a user is accessing the application, WAN virtualization can be used to create a network overlay and improve the user experience by using aggregate throughput, per- packet routing decisions as well as QoS (Quality of Service) policies. SD-WAN sample architecture
17Citrix.com Whilst WAN Optimization can be performed per single link, when more than one link is used WAN Virtualization becomes available. In the above image, the organization leverages SD-WAN to optimize and route ICA virtual channels so that the most demanding ones use the best connectivity. 4.3 BYOD-ready Willing or not, organizations have already embraced or will soon be forced to embrace Bring-your- own-device (BYOD) programs that let employees use their personal devices to access corporate information or perform work tasks. The opportunity to use their iPhone, Android phone, tablet of choice for their daily activities, offers productivity as well as satisfaction benefits. Employees, executives, but also military on the field: everyone increasingly expects to use the mobile hardware and software they feel works best for them. Thanks to an approach that decouples the devices into several independent layers, organizations can manage the access to the corporate environments to a “Mobile Apps Store” from personal devices regardless of the device’s hardware, operating system and existing apps. However, BYOD has “cons” because using personal devices in corporate environments brings security risks. Whilst corporate devices are usually managed through an
Citrix.com18 MDM (Mobile Device Management) solution, organizations embracing BYOD policies can manage “just” the corporate applications without knowing the exact device where they are running into by means of MAM (Mobile Application Management) solutions. Most of these solutions rely on “containerization”techniques to put the enterprise applications and data within a sandbox on the device, preventing personal applications from interacting with them and vice-versa, thus mitigating the risk of data leakage or malware infection. We will discuss further on this topic in the specific chapter about security. 5. “Interoperable” Our SAM model separates each of the components into different containers, isolating the delivery and management of apps from the underlying devices, making it easier to meet the demands of IT without adding additional complexity. Application delivery no longer has to be directly related to the physical device. Apps can be delivered on-demand, to any type of device, regardless of the underlying operating system and form factor, enabling users to get access to what they need when SAM model allows Organizations to deliver Apps as secure mobile services. And the IT can mobilize the business - increasing user productivity, while reducing costs by centralizing control and security of intellectual property. In this model, we can deliver high-performance apps (even legacy ones, that may be difficult to update) to any PC, Mac, laptop, tablet or smartphone that enable the delivery of a native experience that is optimized for the type of device, as well as the network. We can build a hybrid cloud- ready platform that separates the management plane from the workload to enable IT to securely deliver published apps on-premises, and manage workers and mobile workspaces either on-premises or in the cloud. The model leverages application virtualization allowing organizations to install applications on a server and then access those applications without having to install anything on the client apart from the client software. All the processing is
19Citrix.com done by the server. All data passing between the client and the server is mouse clicks / movement and keystrokes; and all the passes between the server and the client is screen refreshes. To the users, it (mostly) looks and feels like the application is running locally on their client operating system. 6. “Secure” While it ensures an optimized user experience from any device, any place and any network, and plain interoperability with the existing environments, the application delivery architecture must ensure information security. We live in times of cyberwar, with daily headlines announcing data breaches, zero- day attacks, new malware and widespread disruptions. Modern work styles, with increasing mobile employees using their own devices from remote offices, home offices, hotel rooms or Internet kiosks, make it particularly challenging to protect organization’s most important assets from the nowadays attack vectors. For this reason, the SAM must ensure Confidentiality, Integrity and Availability of organization’s data.
Citrix.com20 6.1 Centralized Application execution As already mentioned, the SAM is based on application session virtualization to dramatically simplify critical security tasks (access control, data protection, etc.). Besides the advantages related to cost reductions, simplified IT operations and the ability to deliver new services for users, application and session virtualization has a huge impact on information security as well: whilst client access centralized services using an optimized and secure presentation protocol, applications are executed in the datacenter where data security policy can be enforced. As far as the applications (clients) and their backend (es: databases) reside in the same datacenter, security and performances are granted even if user access is from remote, distant or uncontrolled locations.The security advantages of a centralized application model are extremely relevant; the architecture is intrinsically secure because the amount of data transferred outside the organization datacenter highly decrease, without the need of implement complex security features or products. This approach leverages a secure presentation protocol (ICA) where only screen variations, mouse and keyboard inputs are transmitted between the datacenter and the user device. Data is never transferred over the network; if data transfer is allowed, data is encrypted so as to prevent Data-leakage or eavesdropping, man-in-the-middle attacks, and mitigate all kind of “data in motion” threats. With application centralization, the focus of security moves from the endpoint (where no sensitive data resides) to the datacenter itself: network and host security solutions are more powerful and effective than the local security software installed on the endpoints. Also, the operational aspects of data protection would benefit from a centralized approach; backup and monitoring are simpler and more efficient in a centralized environment. Actually, the centralized application execution can be seen from two different standpoints. The most common use case is the one described above of users from an Untrusted zone who require to use applications delivered from inside a Trusted zone (the datacenter).
21Citrix.com The standard Virtual App /Virtual Desktop (VDI) paradigm The other use case, that leverages the very same centralized application execution, is the Secure Browsing: give access to the Internet (Untrusted environment) from internal workstations (thus located in a Trusted environment). Although this is the reverse paradigm of the most frequent use case, the Secure Browsing scenario, where the Browser is the published App used to navigate the Web, may provide many benefits to the organizations: by preventing the direct access to the Internet by the users, it protects internal machines from ransomware and other malware that can be downloaded from malicious websites. The Secure Browsing scenario
Citrix.com22 Considered that the 90% of malware is today delivered via web- browsing, the Secure Browsing is a rather innovative approach than the “legacy” one that would imply the use of standard browsers, with all the recommended patches, through a proxy that enforces restrictive policies leading to over-configuration and poor user experience. With the Secure Browsing architecture (that can be part of the SAM) the malware can only infect the VM where the virtual browser is running without reaching the actual workstation, safeguarding the entire organization from ransomware. Moreover, if the hypervisor used to host the virtual apps supports the HVI (Hypervisor Introspection), this can be used to monitor the critical memory access within the Guest VM from the hypervisor’s level of privilege. This is an example of SAM to support Secure Browsing
23Citrix.com Bitdefender HVI (Hypervisor Introspection) can be used on XenServer to monitor activities inside the Guest VMs (such as XenApp) CitrixXenServerisusedasapreferred hypervisor in this architecture as it includes a new unique security feature called XenServer Hypervisor Introspection, which enables third party security companies to leverage memory introspection techniques: partner vendors, such as Bitdefender, can integrate with XenServer and work with the raw memory and without any in-guest (VM) agents. The use of XenServer and Bitdefender HVI protects in-guest memory for real-time analysis: the hypervisor provides isolation if the VM instance is compromised. HVI relies on detecting attack techniques rather than relying on a pre-existing pattern file. Moreover, working outside the Guest VM is can detect malware that may hide itself from in-guest anti-viruses.
Citrix.com24 6.2 Application Delivery Controller As already mentioned,an Application Delivery Controller (ADC) is required to “publish” virtualized services to the users.The purpose of these ADCs is to proxy encrypted sessions from the clients to the backend services and, if needed to load balance real servers in order to ensure availability of the information requested by the users. Modern ADCs can significantly improve application security, not only by ensuring services are always available, but also by providing anti-DDoS and content filtering capabilities. Moreover, the ADCs, acting at the Aggregation and Brokering layer of an IoT architecture, can act as an IoT gateway, enforcing device pre- authentication, surge protection, IoT Load Balancing, Filtering and Firewalling. Citrix NetScaler’s Next-Gen ADC supports features required to prevent and mitigate IoT attacks.
25Citrix.com In the SAM framework, ADC enforce Web Application protection by means of a Web Application Firewall, whose role is to complement the policies enforced by a perimeter Firewall with Application-specific controls aimed at protect the “App Store” and the other Web-based and XML services from zero-day and known attacks. Furthermore, within any network infrastructure, unlike “traditional” Firewalls and Intrusion Prevention Systems, ADCs are the only devices which constantly “talk” with the backend services and monitor their health state: this means that they can also protect datacenter applications from surges of legit traffic by detecting overloaded server CPUs and redirecting traffic to less loaded server before backend systems collapse. ADCs are obviously particularly importantwhenitdealswithDisaster Recovery and Business Continuity: DNS-based Load Balancing in active-active or active-standby modes ensures FQDNs of services published through the ADC can be reached on the primary datacenter or DR site. If a service disruption occurs at the primary datacenter, ADC with DNS authority, will respond to query for a specific service with the address of the DR datacenter, preventing the loss of availability of organization’s information and data. Moreover, within the context of a SAM, the ADC provides a single point of management for controlling access and limiting actions allowed to users. Access can be limited based on security posture of the endpoint determined by scanning remote device to check whether the antivirus is updated, the hard drive is encrypted or the personal firewall is enabled. Based on the security scan, the device can be allowed to access internal applications, otherwise it can be restricted to a sub-set of apps, or redirected to a remediation site.
Citrix.com26 In Citrix’s SAM, NetScaler ADCs act as Layer 4 and Layer 7 proxies that feed the Management and Analytics System so that real-time analysis and machine learning can deliver automated remedies. 6.3 Facing the “Mobility threat” Mobility and BYOD scenarios present significant challenges, the most significant of which is most probably security. Enterprises that open their gates to personal devices and applications must find ways to protect the organization from unknown or “rogue” devices connecting to their corporate network; malware spread by mobile applications and websites that infect the enterprise network; personal mobile applications that gain access to corporate content such as contacts, business applications and data; unprotected public WiFi networks used to transmit sensitive enterprise information; leakage of sensitive enterprise information via personal or enterprise mobile email and social networking sites; and so on.
27Citrix.com Securing mobile devices and their connections from these threats requires a comprehensive enterprise mobile management strategy employing a raft of powerful tools, including mobile device management (MDM), mobile application management (MAM), secure file-sharing and mobile data loss prevention (DLP) solutions. MDM tools allow IT teams to discover, track and manage mobile devices and applications throughout their life cycles, much as they do with corporate issued devices. MAM solutions create a barrier between personal and corporate applications and data so the latter are protected from the vulnerabilities and hazards of the former. Secure file-sharing solutions let users access and collaborate on the latest versions of their most important files,much like Dropbox and other consumer file-sharing services, but ensure that sensitive enterprise information is not compromised. DLP solutions prevent users from divulging sensitive enterprise information to the wrong people, either intentionally or unintentionally. Mobile application management was born quite recently, focusing on securing and managing an application as an individual component, offering a quite similar set of policies and user experience management, but only active when the particular application is accessed.This in turn has evolved to contain app level control of secured “MicroVPNs”, inter-container communication and encrypted sandbox containers: an integral part of any mobile solution should include an application delivery controller used to terminate such MicroVPNs.
Citrix.com28 6.3.1 Sandboxed platforms The definition of sandbox is quite intuitive, running untrusted code in an area with controlled resources. The consumerization is demanding software delivered in any platforms, anywhere, as fast as possible. This behavior could let the software to be prone to security issues. The sandbox could be the answer. Sandbox concept is out for a while. In 2000, the NSA was already working on SELinux and during that period SELinux was released to the open community. Today SELinux is present in almost all Linux enterprise distributions. SELinux is just one example of sandbox. Sandbox term is often used in almost IT areas but in the “anyness” concept that this paper is talking about the sandbox is the primary importance. Actually, Sandbox is “high level” term, how to implement can be very various. Nowadays EMM approach is to use a mix of cryptographic layer and syscall proxy. Cryptography is usually used for separate the personal data and Mobile users can use mobile applications made available by a Store that is optimized for smartphones or tablets. The above image shows the Mobile Store and MDM client (dubbed “Citrix SecureHub”) in an iPAD.
29Citrix.com the enterprise data: data at rest is usually encrypted with a symmetric algorithmic like AES-256 (FIPS 140- 2 compliant) for his relative low computation and robustness; data in motion for enterprise app is made secure by means of microVPNs. Data in motion: micro-vpn are used for sandbox this kind of data. micro-vpn is a VPN exclusive for a single enterprise app. Syscall Proxy is instead a technique implemented long time ago. The main idea is to create layer between OS and the App that let IT admins manage any single syscall. For example, when the mobile app try to store data the syscall proxy will intercept the action and stored the data in cipher text and viceversa. 7. “Cost Effective” The Security Architecture Model offers several benefits. First of all, it reduces the complexity and effort required to manage apps, infrastructure and devices and lets organization manage heterogeneous IT environment, as if they were homogeneous. By centralizing the application delivery, organizations simplify the way they manage software deployment obtaining several advantages: • There is no need to install an application on hundreds or thousands of computers or devices. The application is installed in the datacenter and delivered to all the clients. • There is no need to update apps on all desktops as only the virtualized applications at the central datacenter must be patched or upgraded, with significant savings in terms of effort, downtime, etc. • The entire application lifecycle is centrally managed: when it’s time to retire an app, organization can simply delete the virtual app, as there is no need to uninstall it. • Apps can be used on unmanaged client devices with no impact on internal teams. • Apps can be easily restored or reset, reducing the effort required by help desk and support teams managing trouble-tickets opened by users.
Citrix.com30 • The computational power required to run the app is minimal, as all what the user needs on his device is a client to launch the virtualized session towards the centralized application. • Legacy apps can run on more modern devices without the compatibility issues. • Modern Application Delivery Controllers provide security features (as the already mentioned Web Application Firewall and Anti-DDoS checks); this means customers can consolidate reverse-proxy, web application security and load balancing features on a single (sometimes multi-tenant) box. • WAN acceleration may improve user experience by optimizing the existing bandwidth and without the need to improve the links. • WAN virtualization features that are increasingly available on WAN Optimization platforms, enable organizations to bind several different links into a single tunnel (transparent for servers and users) and select the best link (either xDSL, MPLS, 3G/4G/5G etc.) on a packet-per-packet fashion. This means that organizations can increase the bandwidth available to datacenters by binding different links instead of improving the existing (sometimes costly) ones. • There are also some “hidden” benefits induced by the improved security: since corporate apps are sandboxed and separated from the rest of the device, malware can’t spread to corporate data preventing loss of confidentiality and integrity of core information, whose leakage could cost much to the organization.
31Citrix.com 8. A use case: the Ransomware kill chain Beginning on Friday May 12th 2017, several organizations were affected by a new Ransomware strain based on the EternalBlue exploit developed by NSA in the U.S. Several large organizations worldwide are known to be affected. While large enterprises made the news, small business users and home users may be affected as well. Since then several more waves of ransomware attacks have hit organizations with Wannacry, variants like Petya or PetrWrap.How did they get infected? The attack included three phases: Infection, Distribution and Extortion. 1. Some organizations suggest that the initial Infection originated from e-mail attachments, but little is known about the e-mails. It is easily possible that other malware was confused with WannaCry. Anyway, a spear phishing attack or unsafe navigation brought the user to a web site where the malware was downloaded.The malware started encrypting the data on the workstation. 2. The Distribution occurred via network: ransomware distributed to all local machines through network reachability: an unpatched workstation reachable through SMB could be attacked and infected. 3. The Extortion occurred after all data was encrypted and ransom demanded to get the key required to decrypt it.
Citrix.com32 How would Citrix technologies have helped in case of ransomware attack? In order to prevent Infection and distribution, Secure Browsing using XenApp running on XenServer with Bitdender HVI would be extremely effective. Citrix XenApp has been used by many customers worldwide to provide access to the Internet resources with the appropriate level of segmentation: even if malware is successful during initial infection, it will reside in a non-persistent, isolated zone where it can be easily destroyed. Moreover, Hypervisor Introspection would prevent the initial exploit to be executed making the initial attack and infection unsuccessful. This protection would work even on unpatched system or against another zero- day exploit that is using similar method. If such measures were not enough to prevent the infection and distribution of the ransomware, an enterprise data sync service like Citrix ShareFile can be great advantage in recovering from a successful attack. The versioning functionality keeps previous versions of each file, so IT can revert impacted files to the last known version from a centralized backup.
33Citrix.com Sharefile can help recover from an attack by replacing the encrypted file with the previous version, stored in a centralized back up. In case of infection, the IT manager could simply apply the patch, release new image to all machines, reset the whole environment to the last known state, and then simply recover the last known version of the files. ShareFile would also be useful in preventing the attack: • supporting various antivirus vendors that can automatically scan all uploaded files and data • providing APIs for third-party cloud security platform partner access for advanced anti-malware checks • by means of a server-side detection feature that detects when file extensions are changed and can prevent the client from overriding the server data. Moreover, Citrix App Layering provides the ability to quickly patch large numbers of computers with few clicks, enabling fast recovery and improving response times in case of malware attack.
References [1] David Cenciotti, “Application Delivery Controller”, Atti del Simposio Cyber Defence, RID Rivista Italiana Difesa, 2014, pp. 62-67 [2] Citrix Systems, “Secure by Design”, pp. 1-7 [3] Citrix Systems, “Securing the mobile enterprise”, pp. 1-8 [4] Martin Zugec, Citrix Systems, “WannaCry: Why Citrix Customers Are Not Crying Today”, blog.
© 2017 Citrix Systems, Inc. All rights reserved. Citrix, the Citrix logo, and other marks appearing herein are property of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered with the U.S. Patent and Trademark Office and in other countries. All other marks are the property of their respective owner(s). Whilst Information Systems evolve to embrace the “as-a-Service” and “Cloud-based” paradigms, the request to ensure Security, Compliance to national and international standards, High Performance, Optimization of User Experience, Cost Reduction, grows, forcing organizations to continuously adapt their applications to an ever-changing scenario where addressing multiple, conflicting needs while maximizing the existing investments may be quite challenging. This paper presents Citrix Security Architecture Model (SAM) that organizations can use to deliver legacy as well as new services through a Secure Cloud-like and Software-defined architecture in a business or operative context. The SAM aims to provide a standard framework to build user-centric, interoperable, secure and sustainable IT architectures, leveraging on virtualization, enterprise mobility management and cloud networking concepts. The model’s components can be on-premises or in Cloud.

More Related Content

PDF
IT Security Trends in 2012
byIcomm Technologies
 
PDF
MIST Effective Masquerade Attack Detection in the Cloud
byKumar Goud
 
PDF
There's No Such Thing As "Downtime" In a Hospital
byNETSCOUT
 
PDF
BlackBerry Enterprise of Things presentation - Gartner IT Expo
byBlackBerry
 
PDF
Mobile Security: Preparing for the 2017 Threat Landscape
byBlackBerry
 
PDF
The Vigilant Enterprise
byBooz Allen Hamilton
 
PDF
Cybersecurity in the Age of Mobility
byBooz Allen Hamilton
 
PDF
Strategic Information Management Through Data Classification
byBooz Allen Hamilton
 
IT Security Trends in 2012
byIcomm Technologies
 
MIST Effective Masquerade Attack Detection in the Cloud
byKumar Goud
 
There's No Such Thing As "Downtime" In a Hospital
byNETSCOUT
 
BlackBerry Enterprise of Things presentation - Gartner IT Expo
byBlackBerry
 
Mobile Security: Preparing for the 2017 Threat Landscape
byBlackBerry
 
The Vigilant Enterprise
byBooz Allen Hamilton
 
Cybersecurity in the Age of Mobility
byBooz Allen Hamilton
 
Strategic Information Management Through Data Classification
byBooz Allen Hamilton
 

What's hot

PDF
188
byvivatechijri
 
PDF
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...
byBlackBerry
 
PDF
Is Your Organization in Crisis?
byBlackBerry
 
PDF
Challenges and Security Issues in Future IT Infrastructure Components
byMubashir Ali
 
PDF
Smart Computing Mobile Cloud
byijtsrd
 
PDF
A Proposed Solution to Secure MCC Uprising Issue and Challenges in the Domain...
byIJERD Editor
 
PDF
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
byKarel Van Isacker
 
PDF
Mobility, Security and the Enterprise: The Equation to Solve
byIcomm Technologies
 
PDF
PulseSecure_Report_HybridIT_120715
byJim Romeo
 
PDF
SecurityWhitepaper 7-1-2015
byFrancisco Anes
 
PDF
J3602068071
byijceronline
 
PDF
Class activity 4
byJeewanthi Fernando
 
PDF
Trust in the mobile internet of things
byAntonio Gonzalo
 
PDF
Securing mobile devices_in_the_business_environment
byK Singh
 
PDF
How the Internet of Things Leads to Better, Faster Crisis Communication
byBlackBerry
 
PDF
The Essential Ingredient for Today's Enterprise
byReadWrite
 
PDF
Business-Class Productivity Meets Certified Security: BlackBerry Enterprise M...
byBlackBerry
 
PDF
Enterprise Mobility Applications: Addressing a Growing Gap
byBlackBerry
 
PDF
Cloud Computing Security: Government Acquisition Considerations for the Cloud...
byBooz Allen Hamilton
 
188
byvivatechijri
 
BlackBerry Unified Endpoint Manager (UEM): Complete Multi-OS Control for Secu...
byBlackBerry
 
Is Your Organization in Crisis?
byBlackBerry
 
Challenges and Security Issues in Future IT Infrastructure Components
byMubashir Ali
 
Smart Computing Mobile Cloud
byijtsrd
 
A Proposed Solution to Secure MCC Uprising Issue and Challenges in the Domain...
byIJERD Editor
 
VET4SBO Level 2 module 6 - unit 4 - v0.9 en
byKarel Van Isacker
 
Mobility, Security and the Enterprise: The Equation to Solve
byIcomm Technologies
 
PulseSecure_Report_HybridIT_120715
byJim Romeo
 
SecurityWhitepaper 7-1-2015
byFrancisco Anes
 
J3602068071
byijceronline
 
Class activity 4
byJeewanthi Fernando
 
Trust in the mobile internet of things
byAntonio Gonzalo
 
Securing mobile devices_in_the_business_environment
byK Singh
 
How the Internet of Things Leads to Better, Faster Crisis Communication
byBlackBerry
 
The Essential Ingredient for Today's Enterprise
byReadWrite
 
Business-Class Productivity Meets Certified Security: BlackBerry Enterprise M...
byBlackBerry
 
Enterprise Mobility Applications: Addressing a Growing Gap
byBlackBerry
 
Cloud Computing Security: Government Acquisition Considerations for the Cloud...
byBooz Allen Hamilton
 

Similar to Citrix security booklet

PPTX
Forcepoint Corporate Presentation_Short.pptx
bycaesar92
 
PDF
Security & Privacy Considerations for Advancing Technology
byJohn D. Johnson
 
PDF
IT Security Trends 2013
byIMC Institute
 
PPTX
ppt on cybersecurity and why its necessary
byvaanimunjal2005
 
PPT
The Future of Cyber Security
byStephen Lahanas
 
PPTX
Art Hathaway - Artificial Intelligence - Real Threat Prevention
bycentralohioissa
 
PDF
Cyber Security in Manufacturing
byCentraComm
 
PDF
201308 Deloitte Tech Trends 2013 - Elements of Post Digital.pdf
byFrancisco Calzado
 
PDF
2014 the future evolution of cybersecurity
byMatthew Rosenquist
 
PDF
Security annual report_mid2010
bythaiantivirus
 
PDF
Fall2015SecurityShow
byAdam Heller
 
PPTX
U nit 4
byIntegral university, India
 
PDF
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
byMatthew Rosenquist
 
PDF
From Identity to Ownership Theft
byUniversity of Hertfordshire
 
PDF
CSE 2016 Future of Cyber Security by Matthew Rosenquist
byMatthew Rosenquist
 
PDF
2017 InfraGard Atlanta Conference - Matthew Rosenquist
byMatthew Rosenquist
 
PDF
Shift Toward Dynamic Cyber Resilience
byDarren Argyle
 
PPTX
Iurii Garasym. The future crimes and predestination of cyber security. Though...
byIT Arena
 
PDF
Us en wp_techtrends_26062013
byJiongzhe Fu
 
PPTX
Core security utcpresentation962012
bySeema Sheth-Voss
 
Forcepoint Corporate Presentation_Short.pptx
bycaesar92
 
Security & Privacy Considerations for Advancing Technology
byJohn D. Johnson
 
IT Security Trends 2013
byIMC Institute
 
ppt on cybersecurity and why its necessary
byvaanimunjal2005
 
The Future of Cyber Security
byStephen Lahanas
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
bycentralohioissa
 
Cyber Security in Manufacturing
byCentraComm
 
201308 Deloitte Tech Trends 2013 - Elements of Post Digital.pdf
byFrancisco Calzado
 
2014 the future evolution of cybersecurity
byMatthew Rosenquist
 
Security annual report_mid2010
bythaiantivirus
 
Fall2015SecurityShow
byAdam Heller
 
U nit 4
byIntegral university, India
 
Top 10 cybersecurity predictions for 2016 by Matthew Rosenquist
byMatthew Rosenquist
 
From Identity to Ownership Theft
byUniversity of Hertfordshire
 
CSE 2016 Future of Cyber Security by Matthew Rosenquist
byMatthew Rosenquist
 
2017 InfraGard Atlanta Conference - Matthew Rosenquist
byMatthew Rosenquist
 
Shift Toward Dynamic Cyber Resilience
byDarren Argyle
 
Iurii Garasym. The future crimes and predestination of cyber security. Though...
byIT Arena
 
Us en wp_techtrends_26062013
byJiongzhe Fu
 
Core security utcpresentation962012
bySeema Sheth-Voss
 

Recently uploaded

PDF
Day 2 - Network Security ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
by2nd Sight Lab
 
PPT
software-security-intro in information security.ppt
byismaeelsahib032
 
PPTX
Protecting Data in an AI Driven World - Cybersecurity in 2026
byYasir Naveed Riaz
 
PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PPTX
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
PPTX
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
PPTX
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
PDF
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
PPTX
cybercrime in Information security .pptx
byismaeelsahib032
 
PPTX
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 
PDF
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
DOCX
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
PPTX
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
PPTX
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PPTX
Chapter 3 Introduction to number system.pptx
byGetachewAbera9
 
Day 2 - Network Security ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
by2nd Sight Lab
 
software-security-intro in information security.ppt
byismaeelsahib032
 
Protecting Data in an AI Driven World - Cybersecurity in 2026
byYasir Naveed Riaz
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
cybercrime in Information security .pptx
byismaeelsahib032
 
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Chapter 3 Introduction to number system.pptx
byGetachewAbera9
 

Citrix security booklet

  • 1.
    Facing tomorrow’s Cyber Threats: aperspective from Citrix
  • 2.
    Citrix.com3 David Cenciotti Citrix Systems SalesEngineer & Security Evangelist Rome, Italy david.cenciotti@citrix.com Aknowledgements: The Author wishes to thank all those people who helped prepare this booklet. Among them, special credits go to Antonio Marotta, who provided continuous advice and feedbacks, and to Massimiliano Grassi and Benjamin Jolivet, who supported the whole project. Roger Howell reviewed the initial draft whilst Emanuele Mornini, Aldo Amati, Lorenzo Di Palma and Davide Bassani provided valuable details and hints.
  • 3.
    4Citrix.com 1. Foreword 2 2.Background 4 3. Introduction to the Model 5 3.1 Building blocks 10 4. “User Centric” 14 4.1 The App Store 15 4.2 Optimized User Experience 16 4.3 BYOD-ready 17 5. “Interoperable” 18 6. “Secure” 19 6.1 Centralized Application execution 20 6.2 Application Delivery Controller 24 6.3 Facing the “Mobility threat” 26 6.3.1 Sandboxed platforms 26 7. “Cost Effective” 29 8. A use case: the Ransomware kill chain 31
  • 4.
    Citrix.com2 1. Foreword Wearables usedto monitor activity level and individuals’ health state. Collaboration software used to create virtual conference rooms and messaging tools connecting people through dynamic software- defined wide area networks. Data increasingly moving from on-premise to Cloud hosting environments. Software and applications provisioned on-the- fly and made available through virtualized remote sessions regardless of connecting device’s originating network and OS (Operating System). Drones feeding real-time videos to their remote operators and aircraft engines streaming TB (Terabyte) of data to remote maintenance systems. Those mentioned above are just a few examples of how technology influences everyday business and personal life. The impact of “pervasive technologies” on today’s society is often referred to as “Digital Transformation”, part of the so-called “Revolution 4.0”, where fusion of technologies is blurring the lines between the physical, digital, and biological spheres. Whilst a large mix of digital technologiesismakingtheworldfully connected to improve collaboration, learning, information sharing and decision-making, companies around the world continue to invest in research and development and seek new technologies that can give them an advantage on their market. More or less what their old and new “enemies” are doing at the same speed, or faster. For instance,today’s joint operations on the battlefield require reliable information gathered through a wide variety of sensors aboard drones, spyplanes or provided by troops operating in the field around the world to decision makers oceans apart. The digitized information is collected at the tactical edge and delivered via the secure network connections to the data center where it can be “transformed” through analytics and machine learning to generate critical insight and gain the so-called “Information Superiority”. Such insights can be then shared back to the deployed soldiers at the edge in real-time.You can “translate” the above use case into any one you like. Whilst not simple to achieve, the transformation of images and signals to data, data to knowledge, and knowledge to decision, heavily relies on technology and end-to-end secure fabric. A network of networks that APTs (Advanced Persistent Threats) may try to infiltrate by any means including the new devices interconnected at the edge as part of the continued growth of the (IoT) Internet of Things. Moreover, a growing reliance on technology implies new advanced
  • 5.
    3Citrix.com adversaries to face:in fact, the so- called Revolution 4.0 has already completely changed the geopolitical landscape requiring Defense and National Security to evolve and include the Cyber domain because even smaller economies, organizations or individuals (backed by some intelligence service or not) can pose a significant threat to larger nations today. So, Digital Transformation is today about using mobile devices and remote sensors to collect data at the edge, transfer it to where is needed (including a private cloud), process it to get actionable intelligence, and send the orders back to the user/operator deployed abroad in the shortest time possible: a process that requires cutting edge technologies developed by companies that are today more exposed than ever to the new emerging threats, and increasingly in the need to show their ability to comply with new security standards if they want to continue working on the most advanced (hence targeted) programs. Attackers have been trying to intrude Government and Private Sector’s firms’ networks, often with real cyber weapons, for years. “Software-based” weapons systems, IoT capabilities, Big Data, Cloud Computing and digitization will simply expand the attack surface they can target, making them even more aggressive and dangerous than ever before thanks to the speed of the 5G connectivity that will be the driver for more services as well as more powerful attacks. Therefore, a Cybersecurity strategy covering the whole technological domain will be the key to address new and existing risks and threats before these can give the enemy an edge both in the cyberspace and in the battlefield.And such strategy will not have to cover “defensive” cyber operations only but also “offensive” ones. For instance, companies that have designed and developed “legacy” EW (Electronic Warfare) systems and pods are increasingly working on Cyber EW capabilities too: indeed, EW aircraft are already embedding (or are about to embed) in-flight hacking capabilities to conduct malware attacks by air- gapping closed networks.
  • 6.
    Citrix.com4 2. Background Personal computers,laptops and more recently smartphones and tablets have become the standard means humans use today to interact one another. People rely on services delivered and made available to their device to socialize, study, work or communicate. Moreover, new un- traditional devices are continuously connected to Internet to perform activities in an autonomous way. On the other side, organizations make devices and app available to their employees to enhance productivity, collaboration and convenience. Each time users start an app on any of the above- mentioned platforms, they want the service to be accurate, properly formatted with a designed-for- their-device look and feel, optimized for delivery through unreliable connections, with an acceptable response time. Regardless to whether they are using the device to send an email, to check the balance on their e-banking account, to make a purchase on eBay, or to transmit sensitive data to their home base during an intelligence gathering mission, users heavily rely on the apps on their device with confidence that it will perform as expected. Depending on the scenario, the consequences of a failure could be significant: whilst the inability to send an email could cost an organization the closure of an important deal, the lack to deliver a sensitive geo-location data to the app used by a military involved in Crisis Support Operation could cost a nation human lives. Needless to say while apps set high expectations on the user side, organizations which make those apps available to their employees have to deal with a series of issues: the presence of legacy servers which support core applications, that can be difficult to update without affecting production services; budget constraints that prevent or limit the investments required to update or migrate existing applications; the number and diversity of user devices, that make monitoring,patching,updating difficult and costly to implement; the lack of hi-bandwidth networks to support interactive and streaming services. Furthermore, last but not least, organizations have to be sure they deliver the service in a timely fashion, optimizing the user experience, while preventing compromise of both remote devices and backend data. A population of several different devices, can become the vector of an immense number of modern attacks capable to pose a significant threat to the organizations most important assets, and capable to affect the Confidentiality, Integrity and Availability properties of the information. Hence the need to deliver applications in such a way to meet the organizations requirements while ensuring the
  • 7.
    5Citrix.com expected user experienceand, last but not least, protecting data end- to-end in order to prevent data theft and compromise, service disruptions. 3. Introduction to the Model Although several different logical and physical components co- exist and cooperate on the same hardware with different features, limits, performance, etc., user devices are usually considered as a whole: monolithic units with their own form factor, operating system, apps and network interfaces. In fact, most of today’s systems were designed & built in the PC Era and are based on some core assumptions: • That people use application services (made available through Public or Private networks) from their office, hence from devices interconnected to a hi-speed wired network. • That services that IT delivers are largely designed as premise-based,built in a monolithic way and offered in suites of apps. Over time, these assumptions have become anachronistic, forcing organizations to over-invest in terms of money and effort to manage exceptions. Mobile workers were exceptions; complex web pages with hundred objects, javascripts and large images were an exception; personal devices were an exception; wireless connectivity was an exception; cloud-based services were exceptions; and apps downloadable through an app store? Exceptions as well. In other words, the exceptions of the PC Era have become the assumptions of the Cloud Era: regardless to the type of their “core business”, companies and organization have to deal with a workforce where everyone is assumed to be mobile and enabled with multiple personal devices. These employees connect over wireless networks and use Apps delivered as cloud services, in the form of private, hybrid or public clouds. Social networks have become the tools to deliver new online services. Then, there is something more to consider: the growing importance of the Internet of things (IoT). The IoT is the inter-networking of physical devices equipped with electronics,
  • 8.
    Citrix.com6 software, sensors, actuators,and network connectivity which enable these objects (referred to as “connected things”) to collect and exchange data. Drawing representing the Internet of things (IoT). (Credit: Wilgengebroed on Flickr via Wiki)
  • 9.
    7Citrix.com Based on somerecent estimates, there will be about 30 Billion devices connected to the IoT by 2020. Almost every device that is able to connect to the Internet can be considered as a “connected thing”: smartphones, wearables, personal computers, refrigerators, smart meters, cars, buildings and, why not, aircraft can be considered IoT devices that communicate with one another. Smart homes are enabled by IoT devices. Just think to this scenario: a user arrives home and his car autonomously communicates with the garage to open the door. The thermostat is already adjusted to his preferred temperature, due to sensing his proximity. He walks through his door as it unlocks in response to his smart phone or RFID implant. The home’s lighting is adjusted to lower intensity and his chosen color for relaxing, as his pacemaker data indicates that it’s been a stressful day. The raise of IoT Devices (credit: BI Intelligence http://www.businessinsider.com/internet-of-everything-2015-bi-2014-12)
  • 10.
    Citrix.com8 A map ofinternet outages in Europe and North America caused by the Dyn cyberattack (as of 21 October 2016 1:45pm Pacific Time). Credit: Wiki What is somehow worrisome about the proliferation of IoT devices is the fact that most of these are poorly protected and hackable. Between September and October 2016, a botnet made of hundreds thousands under-secured IoT devices (mainly CCTV cameras) was used to perform one of the largest distributed denial of service (DDoS) attacks ever: a malware dubbed “Mirai” identified vulnerable IoT devices and turned these networked devices into remotely controlled “bots” that could be used as part of a botnet in large-scale network attacks. On Oct. 21 2016, the so-called “Mirai IoT botnet”remotely instructed 100,000 devices to target the DNS services of DNS service provider Dyn. As a result, much of America’s internet was brought down by the cyber- attack, because it prevents the accessibility of several high-profile websites.
  • 11.
    9Citrix.com A Model builtaround this new set of assumptions and a completely new and ever-changing scenario is ready to serve at no incremental cost for the organization anyone who works at office, using a corporate- provided device, connecting to a wired LAN to use premise-based legacy apps: in other words, in the new Model, exceptions are free. The SAM described in this paper is based on a layered approach. Whilst every device is made of several different components we can consider it as made by several homogeneous abstraction layers. The layers envisioned by the Model are: User, App (Applications), OS (Operating System), HW (Hardware), Net (Network). From top to bottom, layers represent device’s internal or external entities with strong ties with the rest of the stack but almost independent one another in terms of requirements: for instance, higher on the stack in the User which includes humans and their needs to obtain the best, optimized experience from the underlying layers. The User layer will ask for the required services at the expected degree of efficiency, regardless to the type of Operating System or Network he/she is using. To make it simple, each layer relies on the underlying ones even though it does not “know” anything about their existence, details, specifications, requirements, etc. The following paragraphs will explain how the SAM can address such requirements through a layered approach. The SAM’s layered approach overcomes the limits imposed by a monolithic model providing a tool to deliver applications in the Cloud- era in such a way they are: 1. User Centric 2. Interoperable 3. Secure 4. Cost effective
  • 12.
    Citrix.com10 Session Virtualization: centralizedexecution of any application made available to the users (regardless to their location, network or device) through a secure presentation protocol. An App Store is used to provision, download and/or launch the desired app. Application Delivery Controller:the Front End for thevirtualized applications. It’s where the policies (authentication, security, optimizations, etc.) are implemented. The ADC publishes an enterprise “App Store” from where the user can download or select the required App. It is also used to balance sessions towards the backend servers ensuring availability of the services. Since the ADC is the network element used to access the applications, it will provide security features (content filtering, anti-DDoS, Web Application Firewall, IPS controls, etc.). SD-WAN: is the technology used to improve and optimize performance of the remote users who need to use the apps through unreliable or low- bandwidth connections. SD-WAN can also be used to “build” hybrid cloud infrastructures with local appliances interconnecting to the virtual ones provisioned through the marketplace of the main Cloud Service Providers. Mobile Store: it’s the controller of the apps installed on the mobile devices within a BYOD scenario. It enables the organizations to perform centralized provisioning and management of the corporate applications running on personal devices. 3.1 Building blocks Before explaining the reasons why the Security Architecture Model is User Centric, Interoperable, Secure and Cost Effective, let’s see which are the main building blocks of the framework. Such building blocks can be either on premises or cloud- based. Although their features and role will become clearer in the subsequent paragraphs, these are the building blocks of the SAM:
  • 13.
    11Citrix.com Unified Management andAnalytics plane: the SAM leverages on unified management, reporting and collecting tools, as well as machine learning to provide IT managers the tools to manage all the components, devices, and to monitor the performance of the entire infrastructure. Deployed either on premise or in the Cloud, the Analytics tools help IT and security professionals to gain complete visibility into what’s throughout the entire environment. It is based on the best algorithms to provide a complete view of user behavior, track irregularities in their behavior, and deliver automated remedies that are appropriate for a given security policy. Citrix’s SAM to secure app delivery These are the main architectural components of the SAM. Complementary components can be deployed as well: for instance, an Enteprise File Sync and Share System can be used to secure data sharing operations, implement DLP policies etc. This paper will focus on the benefits that the framework may bring to organizations that opt for a Security Architecture Model rather than providing product specifications or in-depth overviews of the technologies that can be used to implement it.
  • 14.
    Citrix.com12 In Citrix’s “lingo”: •Application Virtualization (that implements session virtualization) is deployed using XenApp (Virtual Desktops are similarly deployed using XenDesktop) • The App Store is published using Storefront • The Application Delivery Controller is NetScaler ADC while the SD- WAN technology for WAN Optimization and WAN Virtualization is NetScaler SD-WAN. • TheMobileStoreispartoftheEMM(EnterpriseMobilityManagement) suite XenMobile. • The Unified Management and Visibility Plane is the Citrix Analytics Service as well as the NMAS (NetScaler Management and Analytics System). Organizations can opt for Citrix technologies to be deployed either in the Cloud or on-premises.
  • 15.
    13Citrix.com What’s unique forCitrix is the actual data that our tools bring from the environment. NetScaler gives visibility into networking levels four through seven. ShareFile understands what’s happening with content – how it is being downloaded and how it is being moved. XenMobile, XenApp, and XenDesktop provides visibility into what’s happening at the endpoint, how people are accessing information, and what tasks they are actually performing. Only Citrix has this kind of complete integration across the entire workspace. Citrix’s vision is to collect data from just about every point in the enterprise to provide a complete 360-degree view into the enterprise. This will then allow use to proactively react to any threats as the come.
  • 16.
    Citrix.com14 4. “User Centric” Applicationsare designed around humans and their need to use software to perform any kind of task. This means that myriad apps have been developed to meet everyone’s requirements. There are apps for Business and Productivity, Collaboration and Sharing, Engineering, Scheduling, Health and Wellness as well as Gaming, Simulation, Music, Photo-editing, etc. In a certain sense, people have become apps-dependent and User perspective has become increasingly important. The access of a virtual, secure workspace where a user is able to self-provision the apps he/she needs to use, over any network and any device - and wherever the service is hosted - has become a new requirement. An application delivery solution must be defined using technologies that set the users at the center, leveraging their common use habits with both personal and professional devices and networks. IT Organizations have to provide their users with a secure access to Corporate Applications (Windows, Web, SaaS and mobile) seamlessly and they allow these business- critical assets to securely co-exist with personal content on the same device. We can set a mandatory list of features, based on the previous statement, that define a user centric application delivery: • Users must be able to move between heterogeneous devices and networks to access the same applications. • Users need to access all of the content through a secure, simple interface (an Application Store or “App Store”) • Users need to access services with an optimized experience (in terms of performance)
  • 17.
    15Citrix.com 4.1 The AppStore Users expect to access applications with the same easiness they open a video on Youtube and with the same level of security ensured within the context of an online credit card payment. The user interface in a SAM must remove complexity and make interaction between users and backend systems simple and secure. Moreover, the user interface must ensure easiness and security, regardless to the location from which the user accesses the application, hence the need for a unified application store, available on an encrypted connection, where the user, after proper authentication (one or two factors, with OTP, certificates, biometrics etc.), can download the preferred apps, using an interface that remains user- friendly and with the same look and feel on every device. Users must be given the possibility to subscribe to applications or data services from any device and have access to those same services, even when already in use, from any other device for a seamless and simple experience. Needless to say, the App Store (and similarly, the “Mobile Store” for mobile apps delivered to personal mobile devices) can be made available through a Private, Hybrid or Public Cloud, making it Cloud- ready. This is how the “App Store” can look like using Storefront
  • 18.
    Citrix.com16 4.2 Optimized UserExperience The other requirement of an optimal user experience is the comparison with applications installed on local endpoints. A User-centric application delivered to a mobile, through a public or private network, via a SAM which presents users a sort-of “App Store”, must be able to deliver the same performance, in terms of multimedia content, real-time audio and video collaboration, graphics (2D and 3D) and peripheral support, so as that of local applications delivered at LAN speeds. For this reason, when particular conditions are matched (es: high latency networks, packet loss, low bandwidth etc.), embedded WAN optimization capabilities play an important role in the SAM to ensure acceptable performance and efficiency where traditional distributed application architecture would certainly fail. If multiple links interconnect the datacenter to the branch office from where a user is accessing the application, WAN virtualization can be used to create a network overlay and improve the user experience by using aggregate throughput, per- packet routing decisions as well as QoS (Quality of Service) policies. SD-WAN sample architecture
  • 19.
    17Citrix.com Whilst WAN Optimizationcan be performed per single link, when more than one link is used WAN Virtualization becomes available. In the above image, the organization leverages SD-WAN to optimize and route ICA virtual channels so that the most demanding ones use the best connectivity. 4.3 BYOD-ready Willing or not, organizations have already embraced or will soon be forced to embrace Bring-your- own-device (BYOD) programs that let employees use their personal devices to access corporate information or perform work tasks. The opportunity to use their iPhone, Android phone, tablet of choice for their daily activities, offers productivity as well as satisfaction benefits. Employees, executives, but also military on the field: everyone increasingly expects to use the mobile hardware and software they feel works best for them. Thanks to an approach that decouples the devices into several independent layers, organizations can manage the access to the corporate environments to a “Mobile Apps Store” from personal devices regardless of the device’s hardware, operating system and existing apps. However, BYOD has “cons” because using personal devices in corporate environments brings security risks. Whilst corporate devices are usually managed through an
  • 20.
    Citrix.com18 MDM (Mobile DeviceManagement) solution, organizations embracing BYOD policies can manage “just” the corporate applications without knowing the exact device where they are running into by means of MAM (Mobile Application Management) solutions. Most of these solutions rely on “containerization”techniques to put the enterprise applications and data within a sandbox on the device, preventing personal applications from interacting with them and vice-versa, thus mitigating the risk of data leakage or malware infection. We will discuss further on this topic in the specific chapter about security. 5. “Interoperable” Our SAM model separates each of the components into different containers, isolating the delivery and management of apps from the underlying devices, making it easier to meet the demands of IT without adding additional complexity. Application delivery no longer has to be directly related to the physical device. Apps can be delivered on-demand, to any type of device, regardless of the underlying operating system and form factor, enabling users to get access to what they need when SAM model allows Organizations to deliver Apps as secure mobile services. And the IT can mobilize the business - increasing user productivity, while reducing costs by centralizing control and security of intellectual property. In this model, we can deliver high-performance apps (even legacy ones, that may be difficult to update) to any PC, Mac, laptop, tablet or smartphone that enable the delivery of a native experience that is optimized for the type of device, as well as the network. We can build a hybrid cloud- ready platform that separates the management plane from the workload to enable IT to securely deliver published apps on-premises, and manage workers and mobile workspaces either on-premises or in the cloud. The model leverages application virtualization allowing organizations to install applications on a server and then access those applications without having to install anything on the client apart from the client software. All the processing is
  • 21.
    19Citrix.com done by theserver. All data passing between the client and the server is mouse clicks / movement and keystrokes; and all the passes between the server and the client is screen refreshes. To the users, it (mostly) looks and feels like the application is running locally on their client operating system. 6. “Secure” While it ensures an optimized user experience from any device, any place and any network, and plain interoperability with the existing environments, the application delivery architecture must ensure information security. We live in times of cyberwar, with daily headlines announcing data breaches, zero- day attacks, new malware and widespread disruptions. Modern work styles, with increasing mobile employees using their own devices from remote offices, home offices, hotel rooms or Internet kiosks, make it particularly challenging to protect organization’s most important assets from the nowadays attack vectors. For this reason, the SAM must ensure Confidentiality, Integrity and Availability of organization’s data.
  • 22.
    Citrix.com20 6.1 Centralized Applicationexecution As already mentioned, the SAM is based on application session virtualization to dramatically simplify critical security tasks (access control, data protection, etc.). Besides the advantages related to cost reductions, simplified IT operations and the ability to deliver new services for users, application and session virtualization has a huge impact on information security as well: whilst client access centralized services using an optimized and secure presentation protocol, applications are executed in the datacenter where data security policy can be enforced. As far as the applications (clients) and their backend (es: databases) reside in the same datacenter, security and performances are granted even if user access is from remote, distant or uncontrolled locations.The security advantages of a centralized application model are extremely relevant; the architecture is intrinsically secure because the amount of data transferred outside the organization datacenter highly decrease, without the need of implement complex security features or products. This approach leverages a secure presentation protocol (ICA) where only screen variations, mouse and keyboard inputs are transmitted between the datacenter and the user device. Data is never transferred over the network; if data transfer is allowed, data is encrypted so as to prevent Data-leakage or eavesdropping, man-in-the-middle attacks, and mitigate all kind of “data in motion” threats. With application centralization, the focus of security moves from the endpoint (where no sensitive data resides) to the datacenter itself: network and host security solutions are more powerful and effective than the local security software installed on the endpoints. Also, the operational aspects of data protection would benefit from a centralized approach; backup and monitoring are simpler and more efficient in a centralized environment. Actually, the centralized application execution can be seen from two different standpoints. The most common use case is the one described above of users from an Untrusted zone who require to use applications delivered from inside a Trusted zone (the datacenter).
  • 23.
    21Citrix.com The standard VirtualApp /Virtual Desktop (VDI) paradigm The other use case, that leverages the very same centralized application execution, is the Secure Browsing: give access to the Internet (Untrusted environment) from internal workstations (thus located in a Trusted environment). Although this is the reverse paradigm of the most frequent use case, the Secure Browsing scenario, where the Browser is the published App used to navigate the Web, may provide many benefits to the organizations: by preventing the direct access to the Internet by the users, it protects internal machines from ransomware and other malware that can be downloaded from malicious websites. The Secure Browsing scenario
  • 24.
    Citrix.com22 Considered that the90% of malware is today delivered via web- browsing, the Secure Browsing is a rather innovative approach than the “legacy” one that would imply the use of standard browsers, with all the recommended patches, through a proxy that enforces restrictive policies leading to over-configuration and poor user experience. With the Secure Browsing architecture (that can be part of the SAM) the malware can only infect the VM where the virtual browser is running without reaching the actual workstation, safeguarding the entire organization from ransomware. Moreover, if the hypervisor used to host the virtual apps supports the HVI (Hypervisor Introspection), this can be used to monitor the critical memory access within the Guest VM from the hypervisor’s level of privilege. This is an example of SAM to support Secure Browsing
  • 25.
    23Citrix.com Bitdefender HVI (HypervisorIntrospection) can be used on XenServer to monitor activities inside the Guest VMs (such as XenApp) CitrixXenServerisusedasapreferred hypervisor in this architecture as it includes a new unique security feature called XenServer Hypervisor Introspection, which enables third party security companies to leverage memory introspection techniques: partner vendors, such as Bitdefender, can integrate with XenServer and work with the raw memory and without any in-guest (VM) agents. The use of XenServer and Bitdefender HVI protects in-guest memory for real-time analysis: the hypervisor provides isolation if the VM instance is compromised. HVI relies on detecting attack techniques rather than relying on a pre-existing pattern file. Moreover, working outside the Guest VM is can detect malware that may hide itself from in-guest anti-viruses.
  • 26.
    Citrix.com24 6.2 Application DeliveryController As already mentioned,an Application Delivery Controller (ADC) is required to “publish” virtualized services to the users.The purpose of these ADCs is to proxy encrypted sessions from the clients to the backend services and, if needed to load balance real servers in order to ensure availability of the information requested by the users. Modern ADCs can significantly improve application security, not only by ensuring services are always available, but also by providing anti-DDoS and content filtering capabilities. Moreover, the ADCs, acting at the Aggregation and Brokering layer of an IoT architecture, can act as an IoT gateway, enforcing device pre- authentication, surge protection, IoT Load Balancing, Filtering and Firewalling. Citrix NetScaler’s Next-Gen ADC supports features required to prevent and mitigate IoT attacks.
  • 27.
    25Citrix.com In the SAMframework, ADC enforce Web Application protection by means of a Web Application Firewall, whose role is to complement the policies enforced by a perimeter Firewall with Application-specific controls aimed at protect the “App Store” and the other Web-based and XML services from zero-day and known attacks. Furthermore, within any network infrastructure, unlike “traditional” Firewalls and Intrusion Prevention Systems, ADCs are the only devices which constantly “talk” with the backend services and monitor their health state: this means that they can also protect datacenter applications from surges of legit traffic by detecting overloaded server CPUs and redirecting traffic to less loaded server before backend systems collapse. ADCs are obviously particularly importantwhenitdealswithDisaster Recovery and Business Continuity: DNS-based Load Balancing in active-active or active-standby modes ensures FQDNs of services published through the ADC can be reached on the primary datacenter or DR site. If a service disruption occurs at the primary datacenter, ADC with DNS authority, will respond to query for a specific service with the address of the DR datacenter, preventing the loss of availability of organization’s information and data. Moreover, within the context of a SAM, the ADC provides a single point of management for controlling access and limiting actions allowed to users. Access can be limited based on security posture of the endpoint determined by scanning remote device to check whether the antivirus is updated, the hard drive is encrypted or the personal firewall is enabled. Based on the security scan, the device can be allowed to access internal applications, otherwise it can be restricted to a sub-set of apps, or redirected to a remediation site.
  • 28.
    Citrix.com26 In Citrix’s SAM,NetScaler ADCs act as Layer 4 and Layer 7 proxies that feed the Management and Analytics System so that real-time analysis and machine learning can deliver automated remedies. 6.3 Facing the “Mobility threat” Mobility and BYOD scenarios present significant challenges, the most significant of which is most probably security. Enterprises that open their gates to personal devices and applications must find ways to protect the organization from unknown or “rogue” devices connecting to their corporate network; malware spread by mobile applications and websites that infect the enterprise network; personal mobile applications that gain access to corporate content such as contacts, business applications and data; unprotected public WiFi networks used to transmit sensitive enterprise information; leakage of sensitive enterprise information via personal or enterprise mobile email and social networking sites; and so on.
  • 29.
    27Citrix.com Securing mobile devicesand their connections from these threats requires a comprehensive enterprise mobile management strategy employing a raft of powerful tools, including mobile device management (MDM), mobile application management (MAM), secure file-sharing and mobile data loss prevention (DLP) solutions. MDM tools allow IT teams to discover, track and manage mobile devices and applications throughout their life cycles, much as they do with corporate issued devices. MAM solutions create a barrier between personal and corporate applications and data so the latter are protected from the vulnerabilities and hazards of the former. Secure file-sharing solutions let users access and collaborate on the latest versions of their most important files,much like Dropbox and other consumer file-sharing services, but ensure that sensitive enterprise information is not compromised. DLP solutions prevent users from divulging sensitive enterprise information to the wrong people, either intentionally or unintentionally. Mobile application management was born quite recently, focusing on securing and managing an application as an individual component, offering a quite similar set of policies and user experience management, but only active when the particular application is accessed.This in turn has evolved to contain app level control of secured “MicroVPNs”, inter-container communication and encrypted sandbox containers: an integral part of any mobile solution should include an application delivery controller used to terminate such MicroVPNs.
  • 30.
    Citrix.com28 6.3.1 Sandboxed platforms Thedefinition of sandbox is quite intuitive, running untrusted code in an area with controlled resources. The consumerization is demanding software delivered in any platforms, anywhere, as fast as possible. This behavior could let the software to be prone to security issues. The sandbox could be the answer. Sandbox concept is out for a while. In 2000, the NSA was already working on SELinux and during that period SELinux was released to the open community. Today SELinux is present in almost all Linux enterprise distributions. SELinux is just one example of sandbox. Sandbox term is often used in almost IT areas but in the “anyness” concept that this paper is talking about the sandbox is the primary importance. Actually, Sandbox is “high level” term, how to implement can be very various. Nowadays EMM approach is to use a mix of cryptographic layer and syscall proxy. Cryptography is usually used for separate the personal data and Mobile users can use mobile applications made available by a Store that is optimized for smartphones or tablets. The above image shows the Mobile Store and MDM client (dubbed “Citrix SecureHub”) in an iPAD.
  • 31.
    29Citrix.com the enterprise data:data at rest is usually encrypted with a symmetric algorithmic like AES-256 (FIPS 140- 2 compliant) for his relative low computation and robustness; data in motion for enterprise app is made secure by means of microVPNs. Data in motion: micro-vpn are used for sandbox this kind of data. micro-vpn is a VPN exclusive for a single enterprise app. Syscall Proxy is instead a technique implemented long time ago. The main idea is to create layer between OS and the App that let IT admins manage any single syscall. For example, when the mobile app try to store data the syscall proxy will intercept the action and stored the data in cipher text and viceversa. 7. “Cost Effective” The Security Architecture Model offers several benefits. First of all, it reduces the complexity and effort required to manage apps, infrastructure and devices and lets organization manage heterogeneous IT environment, as if they were homogeneous. By centralizing the application delivery, organizations simplify the way they manage software deployment obtaining several advantages: • There is no need to install an application on hundreds or thousands of computers or devices. The application is installed in the datacenter and delivered to all the clients. • There is no need to update apps on all desktops as only the virtualized applications at the central datacenter must be patched or upgraded, with significant savings in terms of effort, downtime, etc. • The entire application lifecycle is centrally managed: when it’s time to retire an app, organization can simply delete the virtual app, as there is no need to uninstall it. • Apps can be used on unmanaged client devices with no impact on internal teams. • Apps can be easily restored or reset, reducing the effort required by help desk and support teams managing trouble-tickets opened by users.
  • 32.
    Citrix.com30 • The computationalpower required to run the app is minimal, as all what the user needs on his device is a client to launch the virtualized session towards the centralized application. • Legacy apps can run on more modern devices without the compatibility issues. • Modern Application Delivery Controllers provide security features (as the already mentioned Web Application Firewall and Anti-DDoS checks); this means customers can consolidate reverse-proxy, web application security and load balancing features on a single (sometimes multi-tenant) box. • WAN acceleration may improve user experience by optimizing the existing bandwidth and without the need to improve the links. • WAN virtualization features that are increasingly available on WAN Optimization platforms, enable organizations to bind several different links into a single tunnel (transparent for servers and users) and select the best link (either xDSL, MPLS, 3G/4G/5G etc.) on a packet-per-packet fashion. This means that organizations can increase the bandwidth available to datacenters by binding different links instead of improving the existing (sometimes costly) ones. • There are also some “hidden” benefits induced by the improved security: since corporate apps are sandboxed and separated from the rest of the device, malware can’t spread to corporate data preventing loss of confidentiality and integrity of core information, whose leakage could cost much to the organization.
  • 33.
    31Citrix.com 8. A usecase: the Ransomware kill chain Beginning on Friday May 12th 2017, several organizations were affected by a new Ransomware strain based on the EternalBlue exploit developed by NSA in the U.S. Several large organizations worldwide are known to be affected. While large enterprises made the news, small business users and home users may be affected as well. Since then several more waves of ransomware attacks have hit organizations with Wannacry, variants like Petya or PetrWrap.How did they get infected? The attack included three phases: Infection, Distribution and Extortion. 1. Some organizations suggest that the initial Infection originated from e-mail attachments, but little is known about the e-mails. It is easily possible that other malware was confused with WannaCry. Anyway, a spear phishing attack or unsafe navigation brought the user to a web site where the malware was downloaded.The malware started encrypting the data on the workstation. 2. The Distribution occurred via network: ransomware distributed to all local machines through network reachability: an unpatched workstation reachable through SMB could be attacked and infected. 3. The Extortion occurred after all data was encrypted and ransom demanded to get the key required to decrypt it.
  • 34.
    Citrix.com32 How would Citrixtechnologies have helped in case of ransomware attack? In order to prevent Infection and distribution, Secure Browsing using XenApp running on XenServer with Bitdender HVI would be extremely effective. Citrix XenApp has been used by many customers worldwide to provide access to the Internet resources with the appropriate level of segmentation: even if malware is successful during initial infection, it will reside in a non-persistent, isolated zone where it can be easily destroyed. Moreover, Hypervisor Introspection would prevent the initial exploit to be executed making the initial attack and infection unsuccessful. This protection would work even on unpatched system or against another zero- day exploit that is using similar method. If such measures were not enough to prevent the infection and distribution of the ransomware, an enterprise data sync service like Citrix ShareFile can be great advantage in recovering from a successful attack. The versioning functionality keeps previous versions of each file, so IT can revert impacted files to the last known version from a centralized backup.
  • 35.
    33Citrix.com Sharefile can helprecover from an attack by replacing the encrypted file with the previous version, stored in a centralized back up. In case of infection, the IT manager could simply apply the patch, release new image to all machines, reset the whole environment to the last known state, and then simply recover the last known version of the files. ShareFile would also be useful in preventing the attack: • supporting various antivirus vendors that can automatically scan all uploaded files and data • providing APIs for third-party cloud security platform partner access for advanced anti-malware checks • by means of a server-side detection feature that detects when file extensions are changed and can prevent the client from overriding the server data. Moreover, Citrix App Layering provides the ability to quickly patch large numbers of computers with few clicks, enabling fast recovery and improving response times in case of malware attack.
  • 37.
    References [1] David Cenciotti,“Application Delivery Controller”, Atti del Simposio Cyber Defence, RID Rivista Italiana Difesa, 2014, pp. 62-67 [2] Citrix Systems, “Secure by Design”, pp. 1-7 [3] Citrix Systems, “Securing the mobile enterprise”, pp. 1-8 [4] Martin Zugec, Citrix Systems, “WannaCry: Why Citrix Customers Are Not Crying Today”, blog.
  • 38.
    © 2017 CitrixSystems, Inc. All rights reserved. Citrix, the Citrix logo, and other marks appearing herein are property of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered with the U.S. Patent and Trademark Office and in other countries. All other marks are the property of their respective owner(s). Whilst Information Systems evolve to embrace the “as-a-Service” and “Cloud-based” paradigms, the request to ensure Security, Compliance to national and international standards, High Performance, Optimization of User Experience, Cost Reduction, grows, forcing organizations to continuously adapt their applications to an ever-changing scenario where addressing multiple, conflicting needs while maximizing the existing investments may be quite challenging. This paper presents Citrix Security Architecture Model (SAM) that organizations can use to deliver legacy as well as new services through a Secure Cloud-like and Software-defined architecture in a business or operative context. The SAM aims to provide a standard framework to build user-centric, interoperable, secure and sustainable IT architectures, leveraging on virtualization, enterprise mobility management and cloud networking concepts. The model’s components can be on-premises or in Cloud.