Sprin VTUG citrix Solutions
-
Upload
csharney -
Category
Technology
-
view
325 -
download
4
description
Transcript of Sprin VTUG citrix Solutions
April 24, 2014
Taking Your Business, and Users, to the Cloud!VTUG: Spring Ahead 2014
Todd Smith – Citrix
© 2014 Citrix | Confidential – Do Not Distribute
© 2014 Citrix | Confidential – Do Not Distribute
© 2014 Citrix | Confidential – Do Not Distribute
© 2014 Citrix | Confidential – Do Not Distribute
© 2014 Citrix | Confidential – Do Not Distribute
© 2014 Citrix | Confidential – Do Not Distribute
© 2014 Citrix | Confidential – Do Not Distribute
Transformation
© 2014 Citrix | Confidential – Do Not Distribute
WorkplaceRedesignMobile
WorkstylesWorkforceMobility
WorkflowOptimization
© 2014 Citrix | Confidential – Do Not Distribute
A Mobile Workstylemakes people happier and more productive
© 2014 Citrix | Confidential – Do Not Distribute
Mobile Workstyles are powered by...
Mobile WorkspacesSecurely unite apps,
data and services on any device over any network or cloud
Citrix is the leader in
© 2014 Citrix | Confidential – Do Not Distribute
Collaboration & Sharing
Access & Data Security
App & Desktop Virtualization
Enterprise Mobility Management
App Networking & Cloud Orchestration
© 2014 Citrix | Confidential – Do Not Distribute© 2013 Citrix | Confidential – Do Not Distribute
Tablets expected to soon overtake PC sales*
3+ devices per employee
1.5 M Android devices activated daily
BYOD Revolution
* IDC, 2013
**Base: 9,766 Global Information Workers (17 countries)
Source: Forrsights Workforce Employee Survey Q4 2012
© 2014 Citrix | Confidential – Do Not Distribute
Mobility vs. Security
• Too many ways to lose data on mobile devices
• Mobile networks becoming the norm vs. WAN
• Data too big to move
• Confidentiality, compliance and IP protection more complex
*Wireless Intelligence report, 1, 2013
© 2014 Citrix | Confidential – Do Not Distribute
Infinite Complexity of ManagementAcross apps, devices and locations
© 2014 Citrix | Confidential – Do Not Distribute
16
Business Concerns
Device Configuration
App Configuration and Delivery
Content Support
End User Experience
Security, Integration, Vendor Consolidation, Value on Investment
© 2014 Citrix | Confidential – Do Not Distribute
17
XenMobile Enterprise
The Citrix Solution
Device Configuration
XenMobile MDM
App Configuration and DeliveryXenMobile
MAM
ContentXenMobile ShareFile
SupportRemote
Support and GoToAssist
Integrate and Leverage Existing Citrix Investment
Enable User Productivity While Maintaining Security
© 2014 Citrix | Confidential – Do Not Distribute
Citrix – The Most Complete Mobile PortfolioAny app, any device, anywhere
Mobile ROI
Mobile Device Management
SandboxedMail and Web
Mobile App Security
Secure Mobile Data Sharing
Mobile Network Control
SSO & Identity Management
Desktop & App Virtualization
Social & Web Collaboration
© 2014 Citrix | Confidential – Do Not Distribute
Mob
ile R
OI
DeviceManagement
Sandboxed mail and web
Mobile network control
Mobile app security
MDM Enterprise Mobility Management
Citrix - The Most Comprehensive Solution
SSO &Id Mgmt
Secure data control
Desktop & App Virtualization
Collaboration
GoToMeetingGoToAssist
PodioMDM Edition Enterprise
Citrix – Competitive Position
© 2014 Citrix | Confidential – Do Not Distribute
Recognized as a “Leader” by Gartner; Winner at Interop
Magic Quadrant Critical Capabilities
Source: Gartner report, Magic Quadrant for Mobile Device Management Software, May 23, 2013, Phillip Redman, John Girard, Terrence Cosgrove, Monica BassoSource: Gartner report, Critical Capabilities for Mobile Device Management Software, May 23, 2013, Phillip Redman © 2013 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. or its affiliates. For more information, e-mail [email protected] or visit gartner.com. Used with permission.
© 2014 Citrix | Confidential – Do Not Distribute
Mobile, Simple, Secure
© 2014 Citrix | Confidential – Do Not Distribute
What Do We Know?
© 2014 Citrix | Confidential – Do Not Distribute
Entire desktopJust the apps
Windows apps and data secured and delivered… Within a virtual desktop
Optimized for:• Large Screen Footprint - Multi-window• Keyboard and mouse• Persistent workspace
Windows apps and data secured and delivered…
Optimized for:• Smaller screen, mobile• Touch interface• Non-persistent workspace
Apps and Desktops with Ease
Seamless Transitions
© 2014 Citrix | Confidential – Do Not Distribute
Central or local executionFlexCast delivery technology
Physical PCsApps and Desktops
HDX 3D Pro-enabled workstations or Remote PC access technology
Central ManagementImage management | Application management | User data profiles | Access policies
Central Execution Local Execution
Hosted VDIApps and desktops
Dedicated or pooled desktop virtual
machines
Hosted SharedApps and Desktops
Windows Server session-based desktop
or apps
Local HypervisorDesktops
Type 1 Hypervisor for PCs and Laptops with
XenClient Synchronizer
© 2014 Citrix | Confidential – Do Not Distribute
Desktops and Apps as-a-Service
© 2014 Citrix | Confidential – Do Not Distribute
XenDesktop 7
Single Site
Director 2.1
Site A Site B Site C
Help Desk and Troubleshooting / Environment health
Director
© 2014 Citrix | Confidential – Do Not Distribute
EdgeSight Performance management
Director and EdgeSight
XenDesktop 7
Site A Site B Site C
Director
Tim
e
Historical Trends and AnalyticsManaging and optimizing capacity
TM
TM
TM
© 2014 Citrix | Confidential – Do Not Distribute
EdgeSight Network analysis
Director and EdgeSight
XenDesktop 7
Site A Site B Site C
Tim
e
HDX InsightIsolating and managing network performance
Network - Deep Packet Analysis
TM
TM
© 2014 Citrix | Confidential – Do Not Distribute
Let’s Go Mobile!
© 2014 Citrix | Confidential – Do Not Distribute
ShareFile
• SSO to all MDX apps• User support for MDX apps
• Integrated email, contacts and calendar• Designed for work
• Internet and intranet browsing• Supports file download
• All your files available anywhere• Sharing integrated into other MDX apps
WorxMail
WorxWeb
WorxHome
© 2014 Citrix | Confidential – Do Not Distribute
System Overview
Access Gateway
App Controller
Device Manager
ShareFile
WorxStore
StorageZone ShareFileControl Plane
XenMobileEnterprise
© 2014 Citrix | Confidential – Do Not Distribute
User authorization required
Mobile device access
Allow local storage
Offline access allowed
Restrict document sharing
Printing allowed
Edit data
SmartAccessPolicy Controls
Enrollment & App Store
© 2014 Citrix | Confidential – Do Not Distribute
Unified Corporate App Store
• Available on 3B+ devices
• Mobile apps native on device
• Seamless delivery of Windows, datacenter and web apps
• Any device – smartphone, tablet, PC and Mac
© 2014 Citrix | Confidential – Do Not Distribute
AuthenticationAuthentication and SSO
• Strongly authenticates usersoNetScaler Gateway is primary authentication pointo Permits combinations of AD credentials with certificates, tokens, and
other second factors
• Registers devices to userso Permits lock and wipe of corporate data/apps on selected devices
• Serves as access manager for MDX managed appso Strongly identifies managed appsoDetermines app entitlements and policies for authenticated userso Brokers permitted data exchanges between managed apps
WorxHome
© 2014 Citrix | Confidential – Do Not Distribute
Single Sign-OnAuthentication and SSO
• SSO for all managed appsoHosted HDX apps and desktopsoWeb/SaaS appsoMDX managed mobile apps
Various online and offline modes selected by app policy
• MDX apps can use derived credentials oGateway tickets for micro-VPN accessoAutomatic HTTP auth challenge responses
(NTLM today, Kerberos coming soon)oCertificates for PKI protected web sitesoSpecialty credentials eg
(SAML token for Sharefile access)
WorxHome
© 2014 Citrix | Confidential – Do Not Distribute
WorxMail
Mail, calendar, contactsEnterprise class security
Beautiful native experienceFull inter-app integration
MDX-secured
• Secure email body and attachment• “Open in” control to provide data leak
protection• No Exchange server exposure to internet• Send email with ShareFile attachments• Integrated calendars and Exchange GAL
© 2014 Citrix | Confidential – Do Not Distribute
Sandboxed Email, Calendar and Contacts App
• Secure email app with a great user experience
• Attach files to emails and save attachments
• Full calendar with access to free/busy information
• Directly opens web links to any site, including intranet sites
WorxMail
© 2014 Citrix | Confidential – Do Not Distribute
Secure Document Sharing, Sync & Editing
• Both cloud and on-premises data storage options
• Capable of accessing SharePoint and network drives
• “Open-in” capabilities can be restricted to other Worx-enabled apps
ShareFile
© 2014 Citrix | Confidential – Do Not Distribute
WorxWeb
42
Secure browserInternal web app accessFull inter-app integration
Consumer experienceMDX-secured
• iOS and Android device intranet web
browsingo Easy access to SharePoint, Intranet Portal etc
• Similar look/ feel as native browsero Safari on iOS; Chrome on Android
• Single sign-on via NetScalero Respond to HTTP 401
© 2014 Citrix | Confidential – Do Not Distribute
Secure Mobile Web Browser
• Full-featured consumer-like browser
• Secure access to internal, external and HTML5 web apps
• URL whitelisting and blacklisting
• Access to enterprise resources with a Micro VPN
WorxWeb
© 2014 Citrix | Confidential – Do Not Distribute
ShareFile Platform
Storage Zones
Network Shares
SharePoint
ShareFile.com
© 2014 Citrix | Confidential – Do Not Distribute
Follow-me data with ShareFile
• Enables file sharing with anyone
• Syncs data across all devices
• Online file sharing spaces for virtual teams
• Selective offline access on mobile devices
• Data protection ᵒ Encryptionᵒ Device lockᵒ Remote wipeᵒ Poison-pill
Store
Sync
Share
Secure
© 2014 Citrix | Confidential – Do Not Distribute
ShareFile Enables Mobile Workstyles
• Access, share and sync files from any device
• Apps for mobile devices
• Mobile-optimized ShareFile web site
• Access data residing in existing network shares & SharePoint*
• Offline access and editing
• Built-in mobile editor for rich content editing on-the-go
• PDF annotation
© 2014 Citrix | Confidential – Do Not Distribute
Mobile content
editor for Microsoft
Office
© 2014 Citrix | Confidential – Do Not Distribute
Workflow Integration with Microsoft Outlook
Attachmentconversion
Unclog mail servers
Overcome file size restrictions
Better control and visibility
Request large files
© 2014 Citrix | Confidential – Do Not Distribute
ShareFile with StorageZones
Citrix-managed StorageZone (AWS)
Customer-managed StorageZone (example)
• Choose where your data is stored
• Designated zones in public clouds
• Manage StorageZones on-premises
© 2014 Citrix | Confidential – Do Not Distribute
On-Demand Sync
+
Data Optimized for Virtual Desktops
Instant access, share and sync Reduce storage costs
MDX Technology
© 2014 Citrix | Confidential – Do Not Distribute
AppApp App
MDX Technologies
• Encrypted local storage
• Micro (app specific) VPN
• App specific lock and wipe
• Inter-app communication
• Conditional access policies
• Federated identity and SSO
App
App Preparation Tool
© 2014 Citrix | Confidential – Do Not Distribute
Information Containment
• Control data exchange with other apps and devices:ᵒ Cut/Copy/Pasteᵒ Document exchange (Open-In)ᵒ Inter-app communicationsᵒ Network APIs
Quick Look EvernoteMail
Facebook OfficeHDBox
Quick Look OfficeHD
without containment with containment
What happens in MDX apps stays in MDX apps….
© 2014 Citrix | Confidential – Do Not Distribute
Secure inter-app communication
• Restricted – Allow only trusted apps to share data with one another
• Unrestricted – No controls, “Open In” shows all apps registered to handle that file type
• Blocked – No way to share that app’s data with anything else
app one app two
mobile OS
Open-In
© 2014 Citrix | Confidential – Do Not Distribute
private data
Citrix ReceiverMDX InterApp
MDXVault
XenMobile
Native MobileApps
Deny SMSDisable iCloudDisable screenshotsForce authenticationBlock jailbroken device
MDX Policiesduring app wrapping
app private data vault
app private data vault
© 2014 Citrix | Confidential – Do Not Distribute
Enterprise-enable any mobile app with the Worx App SDK
• Simple and powerful SDK
• Enabled through a single line of code
• Apps can be wrapped post-development
• Controls like:ᵒ Data encryptionᵒ Authenticationᵒ Secure lock and wipeᵒ Inter-app policiesᵒ Micro VPNs
Any app can be a Worx app
© 2014 Citrix | Confidential – Do Not Distribute
App Behavior Restrictions
• Block mobile OS API sets and featuresᵒ Printing ᵒ iCloud ᵒ Email and SMS composeᵒ Inter-app URL dispatch and scheme handlers
(iOS)ᵒ Intent launch and content providers (Android)
• Block access to sensitive device hardwareᵒ Camera, microphone, location services, etc.
• All controls are applied at run-time based on
app policies
© 2014 Citrix | Confidential – Do Not Distribute
App Access Controls
• Block/permit app access based on policy
• User authentication (how and when)ᵒ Online versus offline, re-authentication period,
max offline time
• Device security postureᵒ Jail-broken or rootedᵒ PIN/passcode enabledᵒ Hardware enforced encryptionᵒ MDM enrolled vs unmanaged
• Network stateᵒ Internal network or externalᵒ Specific internal wifi networksᵒ Wifi Only
System Architecture
© 2014 Citrix | Confidential – Do Not Distribute
XenMobile Infrastructure DependenciesNetwork & Information Systems Infrastructure
CORE SERVICES:Active Directory / LDAP
NTP, and DNS services ready
HOST NAMES:Create FQDN’s for XenMobile Device
Manager & WorxHome VIP Addresses
FIREWALL RULES:Configure for device connections &
XenMobile servers(XDM, XAC, NetScaler)
IP Addresses:(Public & Internal)
Must have the static IP’s mapped for External NATs, NSIP, SNIPs, and VIPs
that are used by the NetScaler, XDM, XAC and other services.
Server Environment:Physical & Virtual (DMZ vs. Corporate
LAN placement of servers)
IT Security:Internal PKI, external certificate
services, and Identity Management services
© 2014 Citrix | Confidential – Do Not Distribute
Create Base PoliciesThe Must Haves
“Magic 5” MDM Policies
• End-User Terms & Conditions
• Device Passcode• Software Inventory
(where allowed / privacy concerns)
• Company WiFi (setup a secure network)
• ActiveSync Mail
Regional or User/Device Specific Policies
• Device Restrictions• Location Services• VPN• PKI / User Identity
Certificates• App Push• App Store• Device Platform Specific
(iOS 7, Samsung SAFE/KNOX)
Worx App Policies
• Clipboard (Copy & Paste)• Documents (Open In)• Device Restrictions• Login Security• mVPN Tunneling vs. Open
Networking• Network WiFi Control
© 2014 Citrix | Confidential – Do Not Distribute
Citrix – The Most Complete Mobile PortfolioAny app, any device, anywhere
Mobile ROI
Mobile Device Management
SandboxedMail and Web
Mobile App Security
Secure Mobile Data Sharing
Mobile Network Control
SSO & Identity Management
Desktop & App Virtualization
Social & Web Collaboration
© 2014 Citrix | Confidential – Do Not Distribute
Mobile, Simple, Secure
© 2014 Citrix | Confidential – Do Not Distribute
Questions?
•Todd Smith – Sales Engineering Managerᵒ [email protected]
•www.citrix.com
© 2014 Citrix | Confidential – Do Not Distribute
Want something for Free?
• The Free 350 page soup-to-nuts 'How To: BYOD Project Volume 1' e-book will teach you:
• How to install and configure Citrix DesktopPlayer for Mac 1.1, soup-to-nuts...
• How to install and configure Citrix XenClient Enterprise Synchronizer 5.1.1.
• How to install and configure Microsoft Windows Server 2012 R2
• How to install and configure Hyper-V for use with the Citrix Synchronizer.
• How to prepare the environment for installation.
• How to train end-users to use the new DesktopPlayer for Mac solutions.
• Detailed Citrix Synchronizer Policies section.
• Detailed Citrix Synchronizer administration tasks explained.
• Citrix Synchronizer backup and recovery explained.
• How to create & maintain Synchronizer virtual machines.
• 350 pages of step-by-step, soup-to-nuts, and easy as 1,2,3!
• http://docs.dabcc.com
Work better. Live better.