This blog post was co-authored by Sanyukta Nadkarni, Senior Product Manager at Citrix.
Did you know there’s an attack by a hacker every 39 seconds and that hackers steal 75 data records every second?
No matter how good software developers are and how carefully they follow security guidelines to ensure their code is solid, there will always be hackers who are trying to break in. It’s critical for organizations to be proactive with their infrastructure by keeping it up to date and making sure security is layered throughout all the environments where traffic flows.
What does it mean to be proactive with Citrix ADC?
Citrix Application Delivery Management (ADM) service helps manage and monitor Citrix ADC and Citrix Gateway instances. This service receives telemetry data from all managed ADC instances across all your environments and collates it centrally. It also analyzes the traffic passing through the managed ADCs and can tell what’s happening to the applications that sit behind them.
Recently, we added security advisory features to Citrix ADM service. These features highlight Citrix CVEs that may put your ADC instances at risk and recommend mitigations/remediation.
By default Citrix ADM scans your Citrix ADC systems once a week, and you can initiate a manual scan (which is on-demand) when required to assess the current security posture. This is especially useful after you’ve applied a remediation, so you can check that your security fixes are up to date.
It also supports an ADC configuration scan for CVE vulnerability assessments. In some cases, a CVE may require both an upgrade of your Citrix ADCs, as well as configuration changes. This Citrix ADM capability provides a CVE remediation workflow that shows where an ADC needs an upgrade, as well as recommended configuration changes.
Figure 1 below shows that the Citrix ADM service is aware of all the CVEs that affect the Citrix ADCs and maintains a CVE repository, which is updated with new items automatically once they are announced in Citrix security bulletins. The CVE repository tab in the Citrix ADM service GUI gives a detailed view of all the ADC-related CVEs announced by Citrix since December 2019. From here, you can understand the CVEs under security advisory scope and get more details about the remediation and mitigation of each.
After the ADM service scans through your managed ADC instances, it will highlight the CVEs to which your ADC instances are vulnerable and also highlight the remediation.
Figure 2 below shows the Current CVEs tab highlighting the impact of all the CVEs on your infrastructure and all the vulnerable ADC instances and suggests suitable remediation. Use this information to review and follow through on the remediation workflow as suggested in the “remediation” column to fix the security risks. The remediation workflow can either be a one-step remediation requiring only an upgrade of the ADC firmware image or a two-step remediation requiring an upgrade and a config job execution.
Figure 3 shows how easy it is to take action. You can select one or more CVEs and click on View affected instances to see which ADC instances are vulnerable to the selected CVEs.
Now that you know which ADCs are affected, you can select one or more ADC instances, click Proceed to upgrade workflow, as shown in Figure 4, and initiate the remediation upgrade.
Depending on the remediation steps suggested for the specific CVE, you might need to complete the additional step related to configuration job execution on the vulnerable ADC instance(s).
Leveraging the new security advisory features in Citrix ADM service will not only help you be more proactive with the security posture in your infrastructure, it will also give you peace of mind that you have the latest protection from attacks.
Check out our ADC best practice guide for security for additional guidance on strengthening your security. Learn more about Citrix ADM’s security advisory features in our documentation.
If you’re not using Citrix ADM service yet, check out this documentation to get started. With a Citrix ADM service Express account, you don’t need an additional license. Learn more about the Citrix ADM Service Express account.
