NetScaler App Delivery and Security service

Data Governance

August 29, 2023

Contributed by:

C C S

NetScaler App Delivery and Security service is a part of Citrix Cloud services, and it uses Citrix Cloud as the platform for signup, onboarding, authentication, administration, and licensing. We collect and store data in Citrix Cloud as part of the NetScaler App Delivery and Security service. This document describes what data is collected and methods of data collection, storage, and transmission. The information supplements Citrix Cloud services Data Protection Overview.

This information is for Security Officers, Compliance Officers, Information Auditors, Network Infrastructure and Operations administrators, and line-of-business owners.

Customer Content

Configuration

NetScaler App Delivery and Security service stores the following data provided by you:

User information (email, user name, and region).
IAM roles, VPC networks, and Route 53 zones in an AWS environment.
Azure service principal, VNets, and Azure DNS zones in an Azure environment.
Application delivery configurations. It includes origin server IP addresses, SSL certificates and keys.

Multi-site Applications

NetScaler App Delivery and Security service consumes data from the (ITM) service using APIs. For more information about data collection, storage, and retention on ITM service, see .

Analytics

NetScaler App Delivery and Security service collects L3-L7 details from the NetScaler instances provisioned in your premises as follows:

Application Dashboard - Applications’ URL, request method, response code, total bytes, web app server details, virtual server IP addresses, client details, browser, client OS, client device, SSL protocol, SSL cipher strength, SSL key strength, ADC instance IP address, timestamp of server flaps, response content type.
Application DNS - FQDN, site IP or FQDN, client subnet or resolver details.
Web Insight - Virtual server IP address, clients, URLs, browsers, operating systems, requests methods, response statuses, domains, Web app server IP address, SSL certificates, SSL cipher negotiated, SSL key strength, SSL protocol, SSL failure front end.
Security Insight - Client IP, URL, security violations, attack geolocation, attack timestamp, transaction ID, WAF, and ADC security configuration status.

You can view and use this information to troubleshoot the applications that are delivered through the NetScaler App Delivery and Security service.

Logs

For troubleshooting NetScaler instances that are provisioned by NetScaler App Delivery and Security service, the following data are periodically collected from NetScaler instances:

Tech-support bundle from NetScaler instances.
SNMP traps providing alerts on the state and performance of the NetScaler instances.
Syslog of Web transactions traversing through NetScaler instances and network state information.
SMTP server details for email configuration.
SSL certificates, SSL key, SSL CSR, CA issuer, signature algorithms of the Web apps optimized by the NetScaler App Delivery and Security service.
Data Tracking for NetScaler Configuration Audit changes pertaining to the ADC instances, which include Web app server IP address and NetScaler IP address details.
NetScaler configurations stored as a template, which includes Web app server IP address details.
IP address of the NetScaler instances, instance type, config backup, critical events, number of apps associated, geolocation of the data center where the NetScaler instances are deployed.
Citrix Analytics logs. For more information, see Data Governance in Citrix Analytics.

How do we collect, store, and transmit data?

NetScaler App Delivery and Security service collects data from the NetScaler instances (NetScaler App Delivery and Security ADC and agent instances). These instances are deployed in your virtual private cloud (VPC) and data is transmitted from the instances securely over an SSL channel encrypted using the TLS 1.2 protocol to the cloud service.

Data is stored in the Relational database and as files in an Elastic File System (EFS) hosted in the AWS cloud. For more information on the commercial regions that Citrix Cloud uses and the presence of the NetScaler App Delivery and Security service within each region, see Geographical Considerations.

Passwords, SNMP community strings, SSL certificates, and ADC config backup are encrypted using an AES 256 key.

References

For more information on how we access the collected data, see Citrix Services Security Exhibit.
For more information on how long the collected data is kept, see Citrix Cloud services Data Protection Overview.
Citrix Cloud Technical Security Overview.
Citrix Cloud Technical and organizational data security measures.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

Data Governance

August 29, 2023

Contributed by:

C C S

August 29, 2023

Contributed by:

C C S

Data Governance

Customer Content

Configuration

Multi-site Applications

Analytics

Logs

How do we collect, store, and transmit data?

References

In this article