Citrix PowerPoint Master (Widescreen) April 2007
Download
Report
Transcript Citrix PowerPoint Master (Widescreen) April 2007
Citrix Access Gateway 5.0
Customer Presentation
Speaker Name and Title
Date of Presentation
What problems are organizations facing?
• They must support an increasing number of contractors
and remote workers.
• Users expect easy access to apps regardless of location.
• IT must keep employees productive during prolonged
office closures caused by disasters or epidemics.
• Levels of corporate governance are increasing.
• Failure to protect sensitive data over the network costs an
average of $6.6 Million USD per incident.
The Citrix Vision is a world where anyone can work from anywhere
Introducing HDX SmartAccess
Delivers simple and seamless secure access
Anywhere Access
Allows users to securely access desktops and
applications using any device in any location,
including home computers and mobile devices.
Introducing HDX SmartAccess
Delivers simple and seamless secure access
Anywhere Access
Network and device roaming
Enables users’ sessions to transparently and
securely move between networks and devices by
dynamically adapting access.
Introducing HDX SmartAccess
Delivers simple and seamless secure access
Anywhere Access
Network and device roaming
Single sign-on
Improves the user’s experience by reducing
unnecessary authentication prompts and the
number of passwords users need to remember.
Introducing HDX SmartAccess
Delivers simple and seamless secure access
Anywhere Access
Network and device roaming
Single sign-on
Turbo-charged access
Empowers users with high performance access to
their desktops, applications and data by integrating
security and acceleration delivered by Citrix Branch
Repeater in a single client with Citrix Receiver.
Secure access to Citrix app and desktop virtualization
An integrated delivery infrastructure
Citrix
Receiver
Citrix
Access
Gateway
Citrix
Branch
Repeater
XenApp
XenDesktop
XenServer
NetScaler
Delivery
Network
What is Citrix Access Gateway?
Citrix Access Gateway™ is the only secure application and desktop
access solution that provides administrators with application-level
control while empowering users with access from anywhere.
HDX SmartAccess
Adaptive
Policy Control
Best Performance
& Flexible Deployment
Seamless access through Citrix Receiver
Broad Platform Support
•Windows
•Mac
•Linux
•iPhone and iPad
•Android
•Blackberry
•Java
Citrix Confidential - Do Not Distribute
Adaptive Policy Control
Other SSL VPNs only go this far
Who and
Where?
Which
User
What
Device
What
Authentication
What
Location
Endpoint Analysis
Authentication
What
Resources?
Web and
File
Resources
Mail
Servers
How?
VPN
Access
Clientless
Access
XenApp
XenDesktop
•Applications
•Desktops
•Virtual
Channels
•Virtual
Channels
Networks
Applications
Access Control
Citrix Confidential - Do Not Distribute
Application-level
Control
Appliance Options
NetScaler MPX 7500 or higher
Access Gateway MPX 5500
Access Gateway 2010
Access Gateway VPX
•Multi-function appliance (secure access, load-balancing, acceleration)
•Highest capacity (10,000+ users per appliance)
•Most reliable hardware
•Ideal for business continuity across multiple datacenters
•Designed for secure access
•High capacity (5,000 users per appliance)
•Upgradable to NetScaler for additional functionality
•Ideal for secure access to XenApp and XenDesktop
•Designed to upgrade Secure Gateway
•Capacity for medium-size deployments (500 users per appliance)
•Virtual appliance with same functionality as Access Gateway 2010
•Designed to upgrade Secure Gateway
•Capacity for medium-size deployments (500 users per appliance)
•Available for Citrix XenServer or VmWare ESX (NEW!) hypervisors
Which Appliance To Choose
NetScaler MPX 7500 or higher
• How many users?
• What form factor?
• Physical or Virtual appliance?
Access Gateway MPX 5500
Access Gateway 2010
Access Gateway VPX
• Will the appliance be dedicated for
remote access?
• Multi-function appliance required?
• How many sites need to be supported?
Basic High Availability
Appliance Failover avoids a single point of failure
Single
External
IP Address
Primary
Single
Internal
IP Address
Secondary
•Available with all appliance models (New! on Model 2010 and VPX)
•Avoid single points of failure in Access Gateway deployments
(including Access Controller servers)
Achieve Business Continuity with
NetScaler & Global Server Load Balancing
•Enable multiple site deployments transparently to users
•Route users to the nearest and most available datacenter
Simple & Intuitive Administration
A New, Redesigned Console
•
•
•
Simplifies common configuration tasks
Provides more visibility to administrators
Update to “Standard” admin interface
SmartGroups
•
Simplifies policy control over users,
devices, and resources
Configuration Snapshots
•
•
Citrix Confidential - Do Not Distribute
Backup and restore configuration states
Quickly recover from admin errors
New! Access Gateway VPX for VMWare ESX
Access Gateway VPX
Citrix Access Gateway VPX
• Same features as the Model 2010 physical appliance
• Supported on Citrix XenServer and VMWare ESX
Supports up to 500 concurrent users
List price $995
• Same as XenServer version
• Includes 1 yr Subscription Advantage
Free 5-user VPX Express Edition
• www.citrix.com/tryaccessgateway
Choose a virtual appliance when…
Limited rack space or infrastructure is available
Agility and rapid recovery is important
Citrix Access Gateway VPX
•
•
Virtual appliances enable fast deployment and provisioning
Downtime is minimized through hardware independence
Cost-cutting is a requirement
•
•
Energy consumption reduced through consolidation
Standardizing hardware creates a pricing advantage with server vendors
A low-cost training & testing environment is needed
Citrix Confidential - Do Not Distribute
XenDesktop / XenApp-only licenses on all AG products
Universal Licenses
SmartAccess
Full Network &
Clientless VPN
Appliances
Included with
appliance
Secure Access for
XenDesktop & XenApp
(Access Gateway and
NetScaler models)
VPX
(500 users)
MPX 5500 (5000 users)
2010 (500 users)
Platinum or
Standalone
Best SSL VPN to use within Citrix environments
Secure Gateway Upgrade
• Seamless support for Citrix Receiver and Dazzle
• Adaptive Policy Control
• Single point of secure access for all Citrix solutions
• Cost-effective (No user licenses required)
Flexible deployment options
• Hardened physical appliance
• Virtual appliance
• Business continuity options available
Use Access Gateway with XenDesktop and XenApp
Cost Analysis
Access Gateway delivers more value than Secure Gateway and saves 50%
Year 1
Secure Gateway
Dell PowerEdge R200 with Intel E 3110 and Win 2K8
Year 2
Year 3
$1,665
Total
$1,665
Software Cost
$0
$0
$0
$0
Annual Hardware Maintenance
incl
incl
incl
$0
$1,200
$1,200
$1,200
$3,600
$0
$400
$400
$800
$2,865
$1,600
$1,600
$6,065
Year 1
Year 2
Year 3
Total
Monthly patch review (1hr @ $100/mo)
Annual review of SG releases (4 hrs)
Total
Access Gateway VPX
Dell PowerEdge R200 with Intel E 3110 (no Win 2K8)
$866
$866
Access Gateway VPX cost
$995
$995
Annual Hardware Maintenance
incl
incl
incl
$0
Annual Subscription Advantage renewal
incl
$129
$129
$258
Annual review of VPX releases (4 hrs)
$0
$400
$400
$800
$1,861
$529
$529
$2,919
Total
Citrix Confidential - Do Not Distribute
Citrix Access Gateway
Citrix Access Gateway™ is a secure desktop and
application access solution that provides
administrators granular application-level control while
empowering users with access from anywhere.
Feature Overview
Citrix Confidential - Do Not Distribute
Feature
Platform Feature
Requires
Universal License
Secure access to XenApp and XenDesktop
Provides secure access to XenApp and XenDesktop sessions without
requiring a VPN connection. Support for Citrix Receiver, Dazzle, and
Merchandising Server is also available and provides a strong reason to
upgrade from Secure Gateway.
Secure network access
Full VPN support enables network-level access to any server within the
protected network.
Easy Application & Desktop Access
Secure browser-only access
Provide secure access to all applications and data from Provide secure access to web applications and file shares using only a
browser (no additional client components required).
any device with a single point of access that simplifies the
Single point of access
user experience.
Provides a robust landing page for users to easily access all their
applications, files, email, and other IT resources.
End-user localization
User interfaces are localized to English, Spanish, French, German, and
Japanese.
Broad client support
Client support for major platforms including Windows 32 and 64-bit operating
systems (including Windows 7) and Mac Os X.
Integrated Endpoint Scanning
Continually scan client devices to determine if client security products (antivirus, personal firewall, or other mandatory corporate programs) are active.
Enhanced machine identity scans
Endpoint Analysis
Determine machine identity by scanning for known corporate images on client
devices.
Ensure that devices are safe to connect to the network
Quarantine Groups / Remediation
and users have a method to easily update their devices to Provides clients that fail end-point analysis scanning with limited access to
remediation sites to bring client devices into compliance with the
meet established policies.
(MPX 5500 or NetScaler)
organization’s security policies.
Extensible Endpoint Analysis
Endpoint analysis capabilities can be extended using industry-standard
development tools.
(Requires Advanced
Access Control server)
Feature
Platform Feature
Adaptive access control
Provide access control on resources based on endpoint analysis results.
Scenario-based Policy Control (SmartAccess)
Provides control to configure the most secure access to
data and applications by dynamically adjusting access
based on device configuration, location, and identity.
Adaptive access control for virtual hosted applications and
desktops
Provide adaptive access control to applications and desktops controlled by
XenApp and XenDesktop.
Adaptive application and action control
Control the behavior of XenDesktop and XenApp sessions by preventing
operations that may compromise data to unsecure devices.
Adaptive session policies
Dynamically adjust the user’s session based on the endpoint analysis results.
Standards-based security
Application and Data Security
All data transmitted between the client and gateway is
kept private and protected.
Requires
Universal License
Ensure all communications are secure with SSL/TLS encryption.
Extensive authentication support
Provide strong authentication with 2-factor methods and authenticate users
against LDAP and RADIUS servers to leverage existing directories within the
organization.
Branch Repeater Integration
When used together with the Citrix® Branch Repeater™ and Citrix
Acceleration plug-in, Citrix Access Gateway can optimize connections to
XenDesktop, XenApp, and other traffic within a VPN connection to ensure the
best performance over a WAN and overcome common usability problem that
exist as a result of network issues.
Accelerated Secure Access
Client certificate support
Validate certificates prior to granting access to protected resources in order to
verify managed client devices.
A unique solution that ensures users has an access
experience that is both secure and optimized to avoid
common networking performance issues.
Basic Split Tunneling control
Disables access to all network resources not hosted on the protected network.
Enhanced Split Tunneling control
Split tunneling can be disabled on clients to shut down direct Internet access
but still permit access to resources on the client’s local subnet.
Browser cache cleanup
Removes objects and data stored on the local browser during the SSL VPN
session.
(MPX 5500 or NetScaler)
(MPX 5500 or NetScaler)
Feature
Platform Feature
Requires
Universal License
Basic high availability configuration
Fault Tolerance
Create secure access deployments that guarantee a
high-level of availability and reliability.
Link appliances to create an active/passive pair, ensuring sessions remain
active if the master fails.
Optional Global Server Load-balancing (GSLB)
Route client connections to the best VPN site based on availability, health,
proximity, and responsiveness.
Centralized administration
Configure and manage Access Gateway appliances from a single
management console.
Wizard-driven configuration
Provides an intuitive series of click-through screens and simple instructions to
guide administrators through installation and configuration.
Multiple Virtual VPN Servers
A single appliance can emulate multiple SSL VPNs by hosting one or more
virtual servers each with a unique IP, FQDN, and certificate.
Simplified Administration
Maximizes efficiency of the IT organization by simplifying
common installation and management tasks.
Historical Charting
Provides administrators with a graphical view of system and user activities.
Administrative Auditing
Monitor all configuration changes made by administrators to ensure
accountability and easy roll-back of configuration errors.
(requires NetScaler)
(MPX 5500 or
NetScaler)
(MPX 5500 or
NetScaler)
(MPX 5500 or NetScaler)
Auto-downloading / Auto-updating client plug-in
Automatically downloads the Citrix Secure Access plug-in when the user
connects to Citrix Access Gateway and ensures they always receive the latest
version of the client software.
Support for automated distribution of Access Gateway Plug-in
Simplify client installation by allowing deployment of the Access Gateway
Plug-in through systems and client management solutions.
What’s What?
Access Gateway & NetScaler
NetScaler Application Delivery Networking Platform
EdgeSight
App Firewall
AppCache
Access Gateway
SSL VPN
GSLB
AppCompress
SSL Acceleration
Load Balancing
Content Switching
NetScaler Functional Modules
Not Enabled
NetScaler Application Delivery Networking Platform
EdgeSight
App Firewall
AppCache
Access Gateway
SSL VPN
GSLB
AppCompress
SSL Acceleration
Load Balancing
Content Switching
Access Gateway Functional Modules