Skip to main content

Save up to 30% on Elsevier print and eBooks with free shipping. No promo code needed.

Save up to 30% on print and eBooks.

Securing Citrix XenApp Server in the Enterprise

  • 1st Edition - June 24, 2008
  • Author: Tariq Azad
  • Language: English
  • Paperback ISBN:
    9 7 8 - 1 - 5 9 7 4 9 - 2 8 1 - 2
  • eBook ISBN:
    9 7 8 - 0 - 0 8 - 0 5 6 9 9 8 - 7

Citrix Presentation Server allows remote users to work off a network server as if they weren't remote. That means: Incredibly fast access to data and applications for users, no… Read more

Securing Citrix XenApp Server in the Enterprise

Purchase options

LIMITED OFFER

Save 50% on book bundles

Immediately download your ebook while waiting for your print delivery. No promo code is needed.

Institutional subscription on ScienceDirect

Request a sales quote
Citrix Presentation Server allows remote users to work off a network server as if they weren't remote. That means: Incredibly fast access to data and applications for users, no third party VPN connection, and no latency issues. All of these features make Citrix Presentation Server a great tool for increasing access and productivity for remote users. Unfortunately, these same features make Citrix just as dangerous to the network it's running on. By definition, Citrix is granting remote users direct access to corporate servers?..achieving this type of access is also the holy grail for malicious hackers. To compromise a server running Citrix Presentation Server, a hacker need not penetrate a heavily defended corporate or government server. They can simply compromise the far more vulnerable laptop, remote office, or home office of any computer connected to that server by Citrix Presentation Server.
All of this makes Citrix Presentation Server a high-value target for malicious hackers. And although it is a high-value target, Citrix Presentation Servers and remote workstations are often relatively easily hacked, because they are often times deployed by overworked system administrators who haven't even configured the most basic security features offered by Citrix. "The problem, in other words, isn't a lack of options for securing Citrix instances; the problem is that administrators aren't using them." (eWeek, October 2007). In support of this assertion Security researcher Petko D. Petkov, aka "pdp", said in an Oct. 4 posting that his recent testing of Citrix gateways led him to "tons" of "wide-open" Citrix instances, including 10 on government domains and four on military domains.