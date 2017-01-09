Citrix Project Silverton – Citrix XenDesktop, NetScaler, FAS and Google – Part 7
We can now move onto Part 7 and the final part of this series, The Nice Bits
The previous parts in this series can be found by using the below links.
Part 1 – Summary of NetScaler, XenDesktop, FAS and Google
Part 2 – Pre-Reqs
Part 3 – Google oAuth Setup
Part 4 – Citrix Federated Authentication Services
Part 5 – NetScaler Configuration
Part 6 – StoreFront Configuration
The purpose of this last post if to streamline the user experience and make sure that everything works exactly as you want it to. I will cover 2 additional NetScaler Configurations that I think are essential when deploying any publicly facing web service.
- Security
- HTTP to HTTPS redirection
Harden Your NetScaler Unified Gateway and Content Switch
The following steps will need to be taken on BOTH your non-addressable NetScaler Gateway vServer AND your SSL Content Switch
Disable SSL 3 and Create Diffie-Hellman Key
First create a Diffie-Hellman key by going to Traffic Management and SSL. On the right you will see the option to create a Diffie-Hellman Key. Click that and give the key a new file name on the NetScaler and set the DH Parameter Size to 2048
Read the entire article here, Project Silverton – Citrix XenDesktop, NetScaler, FAS and Google – Part 7
via Dave Brett at bretty.me.uk
