Application Delivery Management

Application Security Dashboard

December 31, 2023

Contributed by:

The App Security dashboard provides you the overview of security metrics for the discovered/licensed applications. This dashboard displays the security attack information for the discovered/licensed applications, such as sync attacks, small window attacks, DNS flood attacks, and so on.

To view the security metrics on app security dashboard:

Navigate to Applications > App Security Dashboard.
Select the instance IP address from the Instance list.

The reports include the following information for each application:
- Threat index. A single-digit rating system that indicates the criticality of attacks on the application. The more critical the attacks on an application, the higher the threat index for that application. The values range from 1 through 7.
  
  The threat index is based on attack information. The attack-related information, such as violation type, attack category, location, and client details, gives an insight into the attacks on the application. Violation information is sent to Citrix ADM only when a violation or attack occurs. A large number of breaches and vulnerabilities lead to a high threat index value.
- Safety index. A single-digit rating system that indicates how securely you have configured the Citrix ADC instances to protect applications from external threats and vulnerabilities. The lower the security risks for an application, the higher the safety index. The values range from 1 through 7.
  
  The safety index considers both the application firewall configuration and the Citrix ADC system security configuration. For a high safety index value, both configurations must be strong. For example, if rigorous application firewall checks are in place, but Citrix ADC system security measures, such as a strong password for the nsroot user is not provided, then applications are assigned a low safety index value.

You can view the discrepancies reported on the App Security Investigator.

Threat index details

App-security

1 - Displays the Citrix ADC instance IP address for which you can view details.

2 - Displays details such as threat index score, total violations occurred, and total violations blocked.

3 - Displays the virtual server of the selected instance.

4 - Displays the security violations based on clients. The App Security Investigator graph is displayed for each client. You can click each client IP to view the results.

5 - Displays the violations in map view and tabular view.

6 - Displays the violation details. When you hover the mouse pointer on the graph, the details such as violation type, time of the attack, and total events are displayed.

When you click a bubble graph, the details are displayed in the App Security Violation Details page. For example, if you want to further view details for cross-site scripting (cross-site script) violation, click the graph populated for XSS in App Security Investigator.

The App Security Violation Details is displayed with violation details such as attack time, attack category, severity, URL, and so on.

app-security-details

You can also click the Settings option to select the options that you want to get it displayed.

app-settings

Safety index details

After reviewing the threat exposure of an application, you want to determine what application security configurations are in place and what configurations are missing for that application. You can obtain this information by drilling down into the application safety index summary.

The safety index summary gives you information about the effectiveness of the following security configurations:

Application Firewall Configuration. Shows how many signature and security entities are not configured.
Citrix ADM System Security. Shows how many system security settings are not configured.

To view the Safety Index details, select a virtual server/application and click the Safety Index tab.

safety-index

The details are displayed.

safety-index-details

1 - Displays the detailed information for Application Firewall configurations.

2 - Displays the detailed information for System Security. Click each security group to get details on current status and Citrix recommendations.

3 - Displays the summary for Security Check and Signature Violation.

You can also view summary of the threat environment by enabling the security insight for virtual servers and then navigating to Analytics > Security Insight. For more information on safety index use case, see security insight

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Application Security Dashboard

December 31, 2023

Contributed by:

December 31, 2023

Contributed by:

Application Security Dashboard

Threat index details

Safety index details

In this article