-
Selecting the Citrix Gateway plug-in for Users
-
-
Configuring Preauthentication Policies and Profiles
-
Configuring Security Preauthentication Expressions for User Devices
-
AlwaysOn VPN before Windows logon (Formally AlwaysOn service)
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Configuring Preauthentication Policies and Profiles
Warning:
Authentication, authorization, and auditing preauthentication policy is deprecated from NetScaler 12.0 build 56.20 onwards and as an alternative, Citrix recommends you to use the nFactor authentication. For more information, see Multi-Factor (nFactor) Authentication](/en-us/netscaler/12/aaa-tm/multi-factor-nfactor-authentication.html) topic.
You can configure Citrix Gateway to check for client-side security before users are authenticated. This method ensures that the user device establishing a session with Citrix Gateway conforms to your security requirements. You configure client-side security checks by using preauthentication policies specific to a virtual server or globally, as described in the following two procedures.
Preauthentication policies consist of a profile and an expression. You configure the profile to use an action to allow or deny a process to run on the user device. For example, the text file, clienttext.txt, is running on the user device. When the user logs on to Citrix Gateway, you can either allow or deny access if the text file is running. If you do not want to allow users to log on if the process is running, configure the profile so the process is stopped before users log on.
You can configure the following settings for pre-authentication policies:
- Expression. Includes the following settings to help you to create expressions:
- Expression. Displays all of the created expressions.
- Match Any Expression. Configures the policy to match any of the expressions that are present in the list of selected expressions.
- Match All Expressions. Configures the policy to match all the expressions that are present in the list of selected expressions.
- Tabular Expressions. Creates a compound expression with the existing expressions by using the
OR (||) or AND (&&) operators
. - Advanced Free-Form. Creates custom compound expressions by using the expression names and the
OR (||) and AND (&&) operators
. Choose only those expressions that you require and omit other expressions from the list of selected expressions. - Add. Creates an expression.
- Modify. Modifies an existing expression.
- Remove. Removes the selected expression from the compound expressions list.
- Named Expressions. Select a configured named expression. You can select named expressions from the drop-down list of expressions already present on Citrix Gateway.
- Add Expression. Adds the selected named expression to the policy.
- Replace Expression. Replaces the selected named expression to the policy.
- Preview Expression. Displays the detailed client security string that is configured on Citrix Gateway when you select a named expression.
To configure a preauthentication profile globally by using the configuration utility
- In the configuration utility, on the Configuration tab, in the navigation pane, expand Citrix Gateway and then click Global Settings.
- In the details pane, under Settings, click Change pre-authentication settings.
- In the Global Pre-authentication settings dialog box, configure the settings:
-
In Action, select Allow or Deny.
Denies or allows users to log on after endpoint analysis occurs.
-
In Processes to be canceled, enter the process.
This specifies the processes to be stopped by the Endpoint Analysis plug-in.
-
In Files to be deleted, enter the file name.
This specifies the files to be deleted by the Endpoint Analysis plug-in.
-
- In Expression you can leave the expression ns_true or build an expression for a specific application, such as antivirus or security software and then click OK.
To configure a preauthentication profile by using the configuration utility
- In the configuration utility, on the Configuration tab, in the navigation pane, expand Citrix Gateway > Policies > Authentication/Authorization, and then click Pre-Authentication EPA.
- In the details pane, on the Profiles tab, click Add.
- In Name, type the name of the application to be checked.
- In Action, select ALLOW or DENY.
- In Processes to be canceled, type the name of the process to be stopped.
- In Files to be deleted, type the name of the file to be deleted, such as c:\clientext.txt, click Create and then click Close.
Note:
If a file is to be deleted or a process stopped, users receive a message asking for confirmation. Steps 5 and 6 are optional parameters.
If you use the configuration utility to configure a preauthentication profile, you then create the preauthentication policy by clicking Add on the Policies tab. In the Create Pre-Authentication Policy dialog box, select the profile from the Request Profile drop-down list.
Share
Share
This Preview product documentation is Cloud Software Group Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Cloud Software Group Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Cloud Software Group product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.