Manual:
Citric Access Gateway VPX 5.04 Essentials

Citric Access Gateway VPX 5.04 Essentials
A practical step-by-step guide to provide secure remote access using the Citrix Access Gateway VPX

Chapter 1: Getting Started with the Citrix Access Gateway Product Family
Chapter 2: Licensing the Citrix Access Gateway
Chapter 3: The Citrix Access Gateway Initial Setup
Chapter 4: Configuring a Basic Logon Point for XenApp/XenDesktop
Chapter 5: Creating Authentication Profiles
Chapter 6: Beyond the Basics
Chapter 7: Address Pools
Chapter 8: Device Profiles and Endpoint Analysis
Chapter 9: Defining Network Resources
Chapter 10: SmartAccess Logon Points
Chapter 11: Linking It All Together with SmartGroups
Chapter 12: Connecting to SmartAccess Logon Points
Chapter 13: Monitoring the Citrix Access Gateway
Chapter 14: Command Line Management of the Citrix Access Gateway

What this book covers

Chapter 1, Getting Started with the Citrix Access Gateway Product Family, will describe the purpose of Citrix Access Gateway and the models that are available and their associated features. This chapter will serve as a good introduction to the product range and will help in choosing the correct model to meet a required business need.

Chapter 2, Licensing the Citrix Access Gateway, will walk you through Citrix licensing and its available options. You will discover the MyCitrix website, where licenses are obtained, and this will help with the assignment of hostnames to licenses. Licenses can be delivered from CAG or from a specific license server.

Chapter 3, The Citrix Access Gateway Initial Setup, will enable you to complete the first step in using CAG, which is to import it into our virtualization hosts and to configure networking, passwords, and adding SSL certificates.

Chapter 4, Configuring a Basic Logon Point for XenApp/XenDesktop, will provide guidance in the usage of the platform license, which you can use to establish unlimited connections to XenApp/XenDesktop servers and is widely used in this manner as an ICA Proxy. We will look at how to create this proof-of-concept system by creating a basic logon point and using authentication at the web interface server. This is the simplest form of CAG and provides a quick and easy start into using this system.

Chapter 5, Creating Authentication Profiles, will walk you through the authentication at the Citrix web interface, which is a simple solution but limits the usage of CAG; that is, being limited to just basic logon points. From a security perspective, passing authentication to the web interface server is allowing traffic to pass to another device that, as yet, had not been authenticated; authentication should be handled at the point of entry and nowhere else.

Chapter 6, Beyond the Basics, will introduce SmartAccess logon points and what is available with the universal licenses. Not only can we connect to XenApp and XenDesktop, but we now also have full VPN access to internal resources, such as internal e-mails, intranets, and network file shares.

Chapter 7, Address Pools, will show you how Address Pools allow your SmartAccess clients to be issued with an IP address to access internal resources. These may be required for some services that do not allow multiple connections from a single device.

Chapter 8, Device Profiles and Endpoint Analysis, will talk about using device profiles with SmartAccess, which enables us to identify different classifications of client machines the device profiles can control (which resources they can access and which policies will apply if they access XenApp or XenDesktop). Typically, we may need to be able to differentiate between corporate-managed computers and personal computers.

Chapter 9, Defining Network Resources, will walk you through CAG SmartAccess, which allows you access not only to Citrix XenApp and Citrix XenDesktop but also to internal resources, such as network file shares and e-mails. In this chapter, we will look at specifying network resources that we wish our users to have access to and those that they should not.

Chapter 10, SmartAccess Logon Points, will talk about how, when we are nearing the end of the configuration, we add SmartAccess logon points to the management console, providing full VPN access to internal networks.

Chapter 11, Linking It All Together with SmartGroups, will discuss Smart Groups that enable resources to be linked to logon points. These are added through the management console and can be described as the glue of the SmartAccess solutions.

Chapter 12, Connecting to SmartAccess Logon Points, will investigate how we can connect to our newly created SmartAccess logon points by using a web browser or the secure access plug-in.

Chapter 13, Monitoring the Citrix Access Gateway, will discuss how to monitor and maintain CAG. Having set up the gateway, it is important to be able to keep it running effectively. This will involve monitoring connections and logs, backing up the configuration with snapshots, and upgrading the firmware. Once we have this in the bag, we need to look into providing high availability using appliance failover.

Chapter 14, Command Line Management of the Citrix Access Gateway, will explain using the command line, and we will investigate some of the options available. Although most management is maintained via the web console, some elements can be managed from the command line, and we look at when and why we use this.