Monday, July 28, 2014

Architecting a Citrix Virtualization solution-Assessment:Security and operation

Lets refresh where we are! We are discussing  about architecting a Citrix environment from Architects perspective. There are 2 parts to it:
  1)    Assessment
  2)    Design

Assessment is further divided into
·   Security and personalization
·   Operation and Support
·   Conceptual Architecture

In this blog, we will discuss assessment of security and operation. Each topic will be covered in separate blog.

Most organizations spend significant amounts of money for security. When assessing enterprise security, an architect should gather information about the environment in regard to physical security including restrictions, permissions, the management of systems and personalization settings implemented through profiles and policies.
Enterprise Security
Security concerns with desktops include viruses and malware, persistent cache and employees sending confidential information by way of the backend infrastructure. Assessing security in an virtualization environment is essential to ensure that the environment is as secure is possible.
During the security assessment, an architect should also inspect the following topics in an environment:
  • Administrator access
  • Application and server security
  • Network security
  • Remote access security
  • Password change policies
  • Password security issues
  • Antivirus security
  • Service pack updates
  • Server certificates
  • Event logs
A best practice is to never grant anonymous access unless absolutely necessary, require authentication to the desktop and require application-level passwords.

Security Assessment
Architects should ask the following questions:
  • For existing XenApp environments, is ICA encryption used?
  • How do external users access their desktop data?
  • Is there a dedicated security team?
  • If Web Interface is implemented, are security certificates installed on the Web Interface servers?
If not, passwords are transmitted in plain text and can be easily accessed by an internal administrator.
  • Are internal or third-party certificates being used?
  • Are endpoint analysis scans being run or is the organization performing any other type of endpoint analysis?
Endpoint analysis should be performed in most environments, even if the organization is running a non-Citrix appliance, such as Cisco or Juniper.
  • Do users have the ability to perform all of their required tasks?
  • Does any sensitive data leave the network?
  • Is accessing applications and resources safe?
  • Do any security measures negatively affect performance?
  • Is VPN access from a PC allowed?
  • Can users access mapped drives through a VPN?
  • Is Single Sign-on being used?
  • What are the audit policies?
  • Are there security considerations between internal and external networks?
  • What are the enterprise-wide password policies?
  • Are Service Pack updates performed? What is the process?
  • Are server security logs monitored by administrators?
  • How much retention exists in the security logs?
Assessing each area of security is helpful to the architect during the design phase, in order to recommend a solution that is secure for the organization and its users.
Browsers and Encryption
During the security portion of the assessment, architects also gather information related to browsers and encryption levels.
Architects should ask the following questions:
  • Which browsers are supported by the organization?
  • What are the browser security settings?
  • Are any applets, such as ActiveX or Java, blocked?
  • Which encryption level does the business require?
General recommendations include the following:
  • Standardize on a supported browser that meets the business requirements. Using multiple browser types can result in inconsistent access between devices.
  • Ensure that browser settings do not block Java applets. Strict security settings might result in launch failures.
  • Ensure that encryption standards can be met by all supported client devices. Not using encryption is a security risk.
User Authentication and Authorization
An architect should examine the user authentication process during the assessment. Authentication is usually based on one of the following:
  • Explicit
  • Pass-through
  • Smart Card
  • Pass-through with Smart Card
For example, if explicit authentication is used for accessing desktops and local applications, an architect must determine whether that process is ideal or recommend an alternate type of authentication in the design.
Explicit authentication is usually recommended in Citrix environments.
User authentication also incorporates access to subsequent resources. For example, if Smart Card authentication is used for the desktop, access to an application may or may not support that type of authentication. In addition, an authentication tool such as Citrix Single Sign-on (formerly Password Manager) may be used to address subsequent authentication requirements.
User authorization involves assessing the permission levels for the categorized user types. Architects should ask the following questions:
  • Which user types are power users?
  • Which user types are allowed to install their own applications?
  • Do users have administrator status on their local desktops?
  • Are any users using Single Sign-On?
  • What are the user permissions on the XenApp servers, if applicable?
  • Are there any applications that require less restrictive or modifying the registry?
An understanding of user authorization in the environment will help the architect determine if any special security templates or modifications will need to be made in the design phase.
External Access Scenarios
To appropriately design a secure access solution for external users, architects must identify the various external access scenarios either currently used or required. These scenarios describe which users will be connecting to the environment externally and which resources those users will be able to access. For example, employees connecting externally to the environment from managed laptops might be granted full VPN access, which provides access to all the same resources those employees get when connecting from within the office. However, contractors might be granted limited VPN access or access only to published applications available through Web Interface. When identifying an organization's access scenarios, architects should answer the following types of questions:
  • Is external access currently provided for any users?
  • Who are the external users? Are they employees, contractors or vendors?
  • Are the client devices used for external access managed or unmanaged? Are they laptops or desktops?
  • How are ICA connections from external users secured? Does the organization currently have an SSL VPN solution such as Access Gateway or Secure Gateway?
  • How are users authenticated? Is Active Directory or two-factor authentication required?
    • Is Windows single sign-on to the Access Gateway plug-in required?
    • Is automatic single sign-on to web applications required?
  • Do any users require full SSL VPN access into the environment or can secure access be limited to XenDesktop and XenApp resources?
  • Are endpoint analysis scans (EPAs) needed to verify client device requirements, such as the anti-virus version, a Registry setting or the presence of an internal certificate? Will users that fail the endpoint analysis scans be quarantined or provided with limited access?
Policy Management
Policy management is important to assess in a virtualization environment.
Architects should ask the following questions:
  • What are the organization's policy settings?
  • Which resultant policies have been implemented?
  • Which group policies exist?
  • Which Citrix-specific policies have ben implemented, if applicable?
  • How are policies generally applied in the environment?
In an environment containing Citrix XenApp or XenDesktop, there are a number of ways to apply a configuration or security setting onto a group of servers. Policies can be applied through numerous methods and impact different aspects of the environment.
For more information, see the Citrix Consulting white paper "How Policies Impact XenApp Environments" on the web site.

No comments:

Post a Comment

Featured Post

Amazon Route 53

Amazon Route 53 is a highly available and scalable Domain Name System (DNS) web service.Route 53  perform three main functions in any...