For IT administrators and security professionals, Citrix wants to make managing cloud security both simpler and more proactive, and it is using artificial intelligence and analytics to get there, along with a little help from its friends.
This week at the Citrix Synergy 2017 conference in Orlando, Fla., Citrix unveiled an update to its NetScaler Management and Analytics System (MAS), which leverages machine learning and adds new behavior detection, insights and proactive risk resolution capabilities.
Security has long been a hallmark of Citrix’s virtualization and cloud offerings, and Citrix Consulting Services is formalizing a Security Practice that will provide security consulting for customers, though it will likely remain small.
Citrix CEO Kirill Tatarinov said the company will remain focused on its technology, and that the new solution will allow companies to “see how data is being moved” and how “people are accessing information on devices — or misusing it.”
“With security analytics, there is a wealth of protection we can give you,” he said. “We know, unfortunately, that those attacks are going to come.”
Tatarinov placed the new emphasis on security squarely on the shoulders of his company, a responsibility that comes with being a mature player in the digital security realm. “We think it’s our responsibility to invest more, to redirect resources, and to help our customers” defend against attacks, he said.
The new NetScaler MAS solution is part of Citrix’s efforts to deliver secure, proactive infrastructure that secures organizations by default, he said, and does it in a way that reduces complexity.
Companies often bolt on dozens of security tools to help them address vulnerabilities and issues after attacks occur, Tatarinov said. “Our job is to help organizations lay down the infrastructure that will stop those attacks from happening, period,” he said.
A New Approach to Security Through Analytics
Why is a new approach to security needed? As companies deploy more endpoints, apps, networks and clouds, they need more policies to govern them, and then enforce those policies. These controls form what Citrix calls a “software-defined perimeter of the digital workspace.”
Citrix Analytics, which the company says is “a new, holistic security and behavior analytics offering that extends the capabilities” of NetScaler MAS, analyzes data sets across the Citrix product portfolio — XenApp/XenDesktop, XenMobile, ShareFile and NetScaler.
It uses machine-learning algorithms and can detect anomalies in how apps are being used that deviate from normal traffic patterns. For example, it can detect if a user is using too much memory or prohibited apps. Then, the technology allows IT staff to find and quickly troubleshoot application infrastructure performance issues.
Abhishek Chauhan, vice president and Citrix technical fellow, said during a separate keynote on Tuesday that Citrix alone cannot provide all of the data that powers the analytics. The company is working closely with Microsoft to get data from its Intelligent Security Graph, which analyzes vast amounts of security information from devices and data centers. “ISG is the mother lode of upper-layer context,” Chauhan said.
Citrix is also partnering with Cisco Systems to get access to Cisco Tetration, which provides deep analytics of networks. “Together, we can build the comprehensive context that helps us enforce security more effectively,” Chauhan said.
In a company blog post, Citrix’s George McGregor notes that NetScaler MAS now “automates administrative tasks, such as provisioning, configuration management and certificate management to save time and eliminate human errors.” McGregor, senior director of product management for NetScaler service providers and cloud, also says that NetScaler MAS integrates easily with cloud orchestration and software-defined networking software.
NetScaler MAS maintains an application-centric view across all delivery infrastructure, he says. Further, it also introduces application health scores to “summarize how well an application is performing, based on industry standard APDEX scoring of user satisfaction as well as other performance metrics and assessment of security threats,” he says.