CategoryNetScaler Gateway

A proper DOS- Protection for Citrix Gateway

A

One of the main concerns that my large customers have is that the Citrix Gateway could fall victim to a DOS or DDOS attack. Linked to this, of course, is the concern that – after a successful attack – it might be possible to bypass authentication or compromise the gateway or the appliance. We have to distinguish between attacks that happen before and those that happen after...

Securing Citrix Gateway using Citrix ADC Bot Management, Citrix Web Application Firewall and DOS-Protection

S

last update: February 21st 2022 Recently, I had been asked, how to protect a gateway from threads. It’s easy, I thought, Citrix ADC has everything needed in good quality: A Bot Management, Web Application Firewall (WAF), and AppQoE (Application quality of experience, a DOS protection feature). So nothing easier than that: Create the policies desired and bind them to the gateway. Shortly...

Costumizing a NetScaler Gateway 10.5 using policies

C

There are several guidelines out there how to do this. I want to dig a bit deeper. Why do I want to use NetScaler policies to rewrite and pimp this webpage? There are two reasons: A NetScaler is there and it is possible. And it will survive all (or near to all, there will never be a guarantee!) upcoming NetScaler updates! So where do we start? This is a German version of a NetScaler Gateway...

Virtual Apps and Desktops (XenApp) can’t connect through Citrix Gateway (NetScaler)?

V

It’s a problem coming up every now and then: I can’t connect to a certain Citrix VDA, but can connect to all/some others. If your problem is a more general one, continue reading here My first guess would always be a L4 problem, but “I opened up all firewalls”. Never open too much, and maybe it’s not an issue about firewalls. First of all, it’s not the STA...

Why do I love HDX on UDP in Citrix XenDesktop and XenApp?

W

Why do I love HDX on UDP in Citrix XenDesktop and XenApp? (HDX Enlightened Data Transport EDT) Well, I’m mainly a network guy. So I’ll take a look at this brand new feature from networking perspective.I’ll start from scratch, so I don’t assume you understand network protocols. But let me tell you a joke about UDP first: I got a short joke about UDP, and I don’t care...

Trouble shooting Citrix NetScaler Gateway connection issues

T

One of the most annoying issues in Citrix NetScaler is ICA / HDX connection issues. The reason for this is the way connection issues are reported. There are two potential sources of trouble: Citrix StoreFront and Citrix NetScaer Gateway. So I will divide my blog into three sections: How to find the source of trouble, Troubleshooting Citrix StoreFront and Troubleshooting Citrix NetScaler Gateway...

Setting up StoreFront 3.0 for NetScaler 11

S

As soon as our NetScaler Gateway is up and running we need to set up StoreFront to use it. It’s more a kind of introducing the NetScaler Gateway to StoreFront. Other than WebInterface¬†StoreFront is designed to use a NetScaler Gateway, so it’s a rather easy thing to do. Enabling Pass-Through authentication from NetScaler Gateway We open up StoreFront management console and click...

Making a NetScaler Gateway on NetScaler 11 a bit more secure

M

last update February 7th 2017 There are never versions about SSL-settings We have previously created a NetScaler Gateway on our NetScaler 11. That’s great! Time to check if it’s secure. I usually use SSL labs SSL test, a widely used tool to test the security of a website. I have an other blog about NetScaler virtual servers (contentswitching and loadbalancing SSL offloading servers)...

Setting up a NetScaler Gateway on NetScaler 11

S

It is quite easy to set up a NetScaler Gateway on NetScaler 11. It’s¬†quite similar to NetScaler 10.5, but the wizard is much more powerful now! I’ll show you how to do it. Prerequisites I assume you have: a certificate in place. This certificate should be a valid certificate created by a trusted certificate authority. If you don’t know how to get or create a certificate: there...

Automatically forward users of a loadbalanced StoreFront server to /Citrix/StoreWeb

A

This question was asked by one of my students during one of my last NetScaler CNS 207 classes. It should not be a difficult problem. So what do we need to do? rewrite requests to /Citrix/StoreWeb. filter on requests without URL specified. bind it to the load balancing server. (there is also a 2nd way using a responder policy, but I preferred the rewrite policy) The rewrite action: we locate...

Recent Posts

Recent Comments