May 09 2018

Citrix Synergy 2018: Why Network Functions Enable Security, Productivity

Citrix views its approach to networking as an essential element in application delivery and IT security.

Citrix wants to make it easier for workers to securely access their apps and data from anywhere, but doing so requires a lot of network technology running behind the scenes.

Several network functions make the Citrix Workspace app’s features possible, including gateway functions, URL filtering and secure web browsing, said George McGregor, senior director of product marketing for networking and cloud at Citrix. Many small and medium-sized businesses can use the Citrix Service Provider program to manage these network functions for them, McGregor said on May 8 at the Citrix Synergy 2018 conference in Anaheim, Calif.

As businesses move to a multicloud world, with several different public clouds in their IT environments, they can also rely on tools such as Citrix’s NetScaler Management and Analytics System to help them manage cloud sprawl, McGregor added.

SIGN UP: Get more news from the BizTech newsletter in your inbox every two weeks!

How Network Functions Enable the Citrix Workspace App

The Workspace app is designed to give IT teams the ability to allow users to securely access their web, Software as a Service (SaaS), Windows, Linux and mobile apps, desktops and files from anywhere and across any device. The app uses single sign-on to give users access to all their applications and content via a consistent and unified experience across all devices. For added security, the app can intelligently redirect internet browsing tasks to a cloud-hosted web browser completely isolated from the corporate network.

McGregor said that a number of network functions make all of that possible. Software that could be deployed in the cloud or on a network appliance in a data center enables the gateway function, which enables the single sign-on. “That’s basically managing the traffic” and presenting one URL to the user to enable them to log on once. The context can change based on what kind of device is being used. Users will need to interface with whatever identity management systems their organizations are using, McGregor said, but the gateway function is a network function that manages the identity.

Another key network function is URL filtering, or the secure web gateway, McGregor said. That polls a service that is kept constantly updated with blacklists and whitelists of URLs. When a user decides to visit a website, the gateway decides whether to allow the users to access the site based on whether it is on the approved whitelist. “It’s really contributing to the Workspace [app] experience,” McGregor said.

Secure web browsing is a function that can be initiated by the policies around the URL filtering, McGregor added. “Let’s say you try to access a website that is defined as being slightly dangerous as opposed to a total no-go area,” he said. Secure web browsing “can divert you to a secure browser service where there’s no way anything can go wrong with your environment.” The user is essentially quarantined outside their corporate network.

Citrix Analytics sits above all of that and accesses all of those services, components and user behavior, McGregor said. The platform allows network and system administrators to put their own rules in place for what to do if the platform detects anomalous behavior. For example, when a user reaches a risk threshold based on their behavior, admins can remove their access to certain files automatically.

McGregor said the way he envisions much of this being delivered, especially to small and medium-sized businesses is via Citrix’s Service Provider program, in which Citrix partners can deliver, as a service, the access to secure SaaS applications. “There are partners who have a history of delivering Microsoft applications, our Desktop as a Service to SMBs,” he added. “Increasingly they are adding to that” offerings like Software-Defined Wide Area Networking as a Service.

SMBs pay an annual or monthly subscription fee to the service provider based on the services they want. “Service providers could install the platforms in their data center and provide that as a service or resell our service,” McGregor said.

Managing Apps and Data in a Multicloud World

How does all of this happen at a moment in which companies are adding more cloud services to their IT environments? One of the key pieces, McGregor said, is NetScaler Management and Analytics System (which is being renamed to Citrix Application Delivery Management).

The solution provides admins with a way to maintain control as workloads are moved to different cloud environments. It enables them to “get back in the driver’s seat in terms of managing the customer experience,” McGregor said.

Currently, organizations are facing cloud sprawl as users easily buy and add SaaS applications. The Management and Analytics System, or MAS, serves as a unified management system that can perform automation and orchestration, and provide different views for different members of the organization, according to McGregor.

Citrix's NetScaler Management and Analytics System. Photo: Citrix 

Admins can see all of their applications as tiles of different sizes depending on the traffic going through them, and can see them in different colors based on the app’s performance.

MAS also gives admins powerful tools to drill down and get visibility into app usage. Admins can also map the apps to the underlying infrastructure independent of where they are deployed.

“That’s the key piece,” McGregor said. “If we have the NetScaler network functions in different clouds or in the data center,” MAS “can just collect data from wherever they are.”

Phil Goldstein

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.