Home Data Center Building a Citrix NetScaler Gateway from Scratch (SSL Labs A Grade)

Building a Citrix NetScaler Gateway from Scratch (SSL Labs A Grade)

0
Building a Citrix NetScaler Gateway from Scratch (SSL Labs A Grade)
0

I was recently asked about building a NetScaler Gateway from scratch for ICA only connections.  I know this can be done using a wizard but if you want to know a little more about how it all hangs together or to name things how you want instead of the names given by the wizards then a manual build is the way to go.  The following article will walk you through building your NetScaler Gateway from the ground up and ending with a secure, working remote access solution.

This article assumes that you have LDAP Bind Credentials, All your SSL Certificates to hand and also have the appropriate firewall / NAT rules in place to access your gateway from the outside world.

The way I like to build a NetScaler Gateway is a similar approach to how I like to cook.  Get everything ready first then put it all together at the end.  I may seem that things are a little weird at first but not creating the gateway and building it out from there but trust me – it will all work in the end !

To have a working NetScaler thats secure you will need the following

  • LDAP Methods (I know you should use 2Fa but in this case i am only binding LDAP)
  • A Diffie Hellman Key
  • Certificates
  • A Custom Cipher Group
  • Session Policies and Profiles for Web and Receiver access
  • A Secure Transport Session Rewrite Policy
  • Custom SSL Settings for SSL3
  • TCP Profile for XenDesktop
  • Secure Renegotiation only enabled for Secure Connections
  • Secure Ticketing in place

So, lets get going.

Read the entire article here, Building a NetScaler Gateway from Scratch (SSL Labs A Grade)

via Dave Brett at bretty.me.uk

Categories:
Dave Brett Dave Brett (@dbretty) is an End User Computing, Cloud and Mobility Technical Architect based in the UK with a passion for delivering solutions that are innovative, resilient and most importantly great for the end user to work on and use. He has recently been awarded as one of the founding member for the Citrix Technology Advocate (CTA) program and leads the Citrix Networking Special Interest Group on myCUGC with a fellow CTA and one of the CTP’s. You can find Dave blogging about App and desktop delivery, mobility and networking on his personal blog at http://bretty.me.uk as well as on twitter using the handle @dbretty

Share your view, leave a comment below:

Featured Resources:

Related Articles:

| LATEST FEATURED RESOURCES

White Papers

    Application Lifecycle Management with Stratusphere UX – White Paper

    Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]

    Downloads

      Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

      Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

      On-Demand Webinars

        What’s Going on in EUC Printing – A Technical Deep Dive!

        The IGEL Community and ThinPrint invite you to watch the following technical deep dive webinar. The agenda is to technically bring you up to speed on what’s going on in the EUC Printing space today along with a deep dive into new methods, technologies, printing scenarios and a discussion on why printing still matters. You […]

        Latest Videos

          deviceTRUST Contextual Security – Use Case (Conditional Access based on Security State) Video

          We show how the status of the security components on the endpoint (firewall, anti-spyware, anti-virus, Windows updates, etc.) can be used to control access to the virtual session. This video is from the fine folks at deviceTRUST.

          Views All IT News on DABCC.com
          Views All IT Videos on DABCC.com
          Win big $$, visit ITBaller.com for more info!

          Visit Our Sponsors

          Close