This blog post was co-authored by Mathew Varghese, Director of Product Analytics at Citrix.
Companies everywhere responded to the COVID-19 pandemic boldly, as they rapidly and successfully enabled entire organizations to work remotely, almost overnight. But shortcuts and tactical responses exposed vulnerabilities. On top of that, cloud and mobility have expanded the attack surface, and cyberattacks are on the rise and becoming more sophisticated as they move up the stack to exploit app vulnerabilities and target individual users. That’s where Citrix Web App and API Protection and Citrix Workspace can help.
Securing Your Apps with Citrix Web App and API Protection Service
Web applications and APIs are among an organization’s most valuable and most vulnerable assets. Modern web app architectures might help speed innovation, but they are more fragmented and accompanied by more distributed deployment models across multi-cloud environments. This significantly adds complexity making them more difficult to secure. A cloud-delivered security solution, Citrix Web App and API Protection service provides comprehensive security to all your web apps and APIs regardless of architecture or where they are deployed in multi-cloud.
Citrix Web App and API Protection service provides holistic, layered protection for all your applications. The solution is simple to set up and scales with your app requirements to help you achieve a consistent security posture by maintaining compliance and governance across multi-cloud environments.
Citrix Web App Firewall protects your applications from all attack types highlighted as the most critical security risks by OWASP. Volumetric DDoS mitigation is always-on and ensures that you maintain your online presence and keep your applications up, running, and always available. And our planned bot management capability enables admins to quickly detect and filter bots and reduce strain on infrastructure.
Deployment is fast and easy with simple, intuitive onboarding of apps. Simple point-and-click dashboards make configuring rules and policies easy. And because it’s delivered from the cloud, there’s no installation and no operational overhead, and the latest protections are always available without a software update.
It’s easy to monitor and troubleshoot security incidents with Citrix Web App and API Protection service’s intuitive analytics interface. You get a quick summary of total incoming traffic and clean traffic delivered, as well as the amount of mitigated traffic. Summarized events provide actual roll-ups of incidents. For Citrix Web App Firewall and Layer 7 policies, detailed logs including the reason for incidents and action taken. You can also see a country-by-country and continent-by-continent distribution of violations and traffic.
Citrix Web App Firewall protections can be configured with just a few simple clicks, and centralized learning with a positive security model helps to reduce false positives. To support SecOps, we also have robust alerting, which can be configured from the management portal.
With scalable DDoS protections; differentiated behavior-based learning for Citrix Web App Firewall; intuitive onboarding and no infrastructure to deploy; and bot management (coming soon!) it is easy to get started and scale with Citrix Web App and API Protection.
Check out our solution brief and watch our overview below to learn more. And on our Citrix Security Summit page, you can find out how Citrix Web App and API Protection delivers comprehensive security against today’s threats and can safeguard any app in the cloud on a simple and predictable consumption model.
Securing your workforce
Citrix Workspace is where employees get work done. IT admins need the workspace to be simple to configure and easy to provision on corporate managed, unmanaged, and BYO devices. For employees to be productive, a workspace needs to be secure and provide the best end-user experience. Citrix Workspace offers it all.
Provisioning Citrix Workspace is easy for IT admins. We have templates to help with configuring SaaS and web apps, and our cloud gateway connector makes it simple to configure web apps with our VPN-less solution.
Getting employees set up with the SaaS and internal web apps they need just involves adding the employee to the right user group in the company’ user directory, which can be an on-prem Active Directory, Azure AD, Okta, Google or any other third-party user directory. Admins can enable geo-fencing to limit access to an employee’s documents. And all an admin needs to do to ready a device is install the Citrix Workspace app. There’s no need to provision a VPN plugin, a third-party SSO plugin, and, if you are a traditional Citrix customer, a separate storefront plugin for your employee laptops. The device doesn’t need to be managed, either.
Citrix Workspace also provides secure access across devices, giving employees flexibility they need. Take, for example, an iPad. An employee just opens a browser to log in to Citrix Workspace, which provides password-less access on the iPad, too. The iPad isn’t connected to the corporate network, just the application. And with the new Secure Workspace Access browser extension, employees can just click a URL to get VPN-less, single sign-on access to web apps deployed in the corporate datacenter.
And with Citrix Analytics, IT admins get the visibility they need to protect the workspace and the employee. For example, if an employee logs in from an unusual location, Citrix Analytics can alert the admin, who can manually log off the employee (this action can also be automated, too). Admins can also create custom risk indicators and policies in Citrix Analytics for Security to alert the team when someone outside a specified region attempts to access protected files.
That’s not all, though. Citrix Workspace secures employees against keyloggers, scrambling keystroke signals and and making text indecipherable. Data in SaaS apps like Workday are protected by watermarks and restrictions on copying. And Citrix Workspace can protect against malicious URLs, preventing bad actors from accessing sensitive information and resources.
Go to the Citrix Security Summit page and check out our demo on securing your workspace and see how Citrix Secure Workspace Access, together with Citrix Analytics for Security, can ensure always-on security of the workspace that is invisible to employees and that empowers IT.
For Citrix Investors
This release contains forward-looking statements which are made pursuant to the safe harbor provisions of Section 27A of the Securities Act of 1933 and of Section 21E of the Securities Exchange Act of 1934. The forward-looking statements in this release do not constitute guarantees of future performance. Those statements involve a number of factors that could cause actual results to differ materially, including risks associated with the impact of the global economy and uncertainty in the IT spending environment, revenue growth and recognition of revenue, products and services, their development and distribution, product demand and pipeline, economic and competitive factors, the Company’s key strategic relationships, acquisition and related integration risks as well as other risks detailed in the Company’s filings with the Securities and Exchange Commission. Citrix assumes no obligation to update any forward-looking information contained in this press release or with respect to the announcements described herein. The development, release and timing of any features or functionality described for our products remains at our sole discretion and is subject to change without notice or consultation. The information provided is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making purchasing decisions or incorporated into any contract.
