Last update: Sept. 26 2018 I recently had to set languages, using my Citrix ADC (NetScaler), for a website. My customer has several similar web-pages in different subdirectories. Naming scheme is like this: for English for German … There is currently a total of 12 languages. There had been several requirements, and I had to create a set of responder policies to meet the requirements: if an...
Last update: 12/2020
This blog post had been very outdated, there are better ones. Continue reading here!
Recently I had several requests related to NITRO. NITRO is Citrix NetScaler’s API. Any device may communicate to a NetScaler using NITRO. Even a browser! Citrix exposes several settings and counters and even allows changes. NITRO is the central source for scripting NetScalers. I, being rather an administrator than a programmer, am not that much interested in using NITRO with C++/C#, Java...
How to protect your cookies using Citrix NetScaler Remark: Citrix ADC (NetScaler) firmware version 13 contains cookie theft protection. I recently did a web application firewall (WAF) project for a big company owning and hosting hundreds of websites. They did several penetration tests. One of them focussed on cookies. Citrix NetScaler did a great job protecting cookies, cookie tampering was...
Last update: Nov 21th, 2018 tested using firmware 11.1 If you read about slowloris, you always read about NetScaler doing a great job. Tests in our lab environment show: NetScaler will successfully block these attacks. And there is hardly anything we have to do about it: It’s built into the system. Great news indeed! The only thing we have to do is reduce client idle timeout to a lower...
All of us are always a bit shy looking at Citrix Synergy: What will it bring? Well, this time, Citrix comes up with brand new names for all products. It’s the first time Citrix is renaming the product. Until now the mane resisted all renaming by marketing departement. Citrix aquired NetScaler back in 2005. The original company “NetScaler” was founded by Michel K Susai in 1997...
Let’s talk about a WAF, a Web Application Firewall on a Citrix NetScaler. What’s to be concerned off? Is it worth while considering a NetScaler to be your WAF? I do work for several companies, including Citrix Consulting Services. Recently I worked on some Web Application Firewall projects, so I have some experience on it. Usual concerns will a Citrix NetScaler be really safe WAF? How...
last update: April 16th 2018 I had been asked recently: Johannes, how can we log data about NetScaler Application Firewall policy hits in detail? The standard NetScaler Web Application Firewall log-files NetScaler’s Web Application Firewall logs to /var/log/ns.log. These logs are fine for trouble shooting. There is a good description about these logs here. This is a sample log, stolen from...
last update: 2023/02/03 Tested with NetScaler 11, Citrix ADC 12.1 and 13.0 I needed to use a Citrix ADC (NetScaler) both, as a SAML identity provider (IDP) and service provider (SP). So I set up my test environment accordingly. What my test environment looked like: You see, I created two admin partitions on my Citrix NetScaler ADC, one for the service provider (SP partition), containing both, the...
What’s an IP address calculator? I’m pretty sure it’s something you won’t need. It will help understanding IP addresses. It does calculations on IP addresses and will tell you, if the address is valid (or a network / broadcast address), and if two addresses are on the same subnet. Why did I create an IP address calculator like that? My daughter started studying informatics...