-
Install and configure the NetScaler Gateway appliance
-
Maintain and monitor NetScaler Gateway systems
-
Configure DTLS VPN virtual server using SSL VPN virtual server
-
Integrate NetScaler Gateway with Citrix products
-
Integrate NetScaler Gateway with Citrix Virtual Apps and Desktops
-
Configure settings for your Citrix Endpoint Management Environment
-
Configure load balancing servers for Citrix Endpoint Management
-
Configure load balancing servers for Microsoft Exchange with Email Security Filtering
-
Configure Citrix Endpoint Management NetScaler Connector (XNC) ActiveSync Filtering
-
Allow Access from mobile devices with Citrix Mobile Productivity Apps
-
Configure domain and security token authentication for Citrix Endpoint Management
-
Configure client certificate or client certificate and domain authentication
-
-
Configure SmartControl
-
NetScaler Gateway Enabled PCoIP Proxy Support for VMware Horizon View
-
Proxy Auto Configuration for Outbound Proxy support for NetScaler Gateway
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Configure SmartControl
SmartControl allows administrators to define granular policies to configure and enforce user environment attributes for Citrix Virtual Apps and Desktops on NetScaler Gateway. SmartControl allows administrators to manage these policies from a single location, rather than at each instance of these server types.
SmartControl is implemented through ICA policies on NetScaler Gateway. Each ICA policy is an expression and access profile combination that can be applied to users, groups, virtual servers, and globally. ICA policies are evaluated after the user authenticates at session establishment. To enable SmartControl, you must associate the ICA policy to a VPN virtual server.
Note:
When the client detection feature is enabled, avoid using ICA policies with rules that include authentication, authorization, and auditing expressions (such as AAA.USER, AAA.GROUP).
The following table lists the user environment attributes that SmartControl can enforce:
ConnectClientDrives | Specifies the default connection to the client drives when the user logs on. | |
ConnectClientLPTPorts | Specifies the automatic connection of LPT ports from the client when the user logs on. LPT ports are the Local Printer Ports. | |
ClientAudioRedirection | Specifies the applications hosted on the server to transmit audio through a sound device installed on the client computer. | |
ClientClipboardRedirection | Specifies and configures clipboard access on the client device and maps the clipboard on the server. | |
ClientCOMPortRedirection | Specifies the COM port redirection to and from the client. COM ports are the COMmunication ports. COM ports are serial ports. | |
ClientDriveRedirection | Specifies the drive redirection to and from the client. | |
Multistream | Specifies the multistream feature for specified users. | |
ClientUSBDeviceRedirection | Specifies the redirection of USB devices to and from the client (workstation hosts only). | |
Localremotedata |
Specifies the HTML5 file upload download capability for the Citrix Workspace app. | |
ClientPrinterRedirection | Specifies the client printers to be mapped to a server when a user logs on to a session. | |
ClientTWAINDeviceRedirection | Allows default access or disables TWAIN devices, such as digital cameras or scanners, on the client device from published image processing applications. | |
WIARedirection | Allows default access or disables WIA scanner redirection. | |
DragAndDrop | Allows default access or disables drag and drop between client and remote applications and desktops. | |
SmartCardRedirection | Allow default access or disable smart card redirection. Smart card virtual channel is always allowed in CVAD. | |
FIDO2Redirection | Allows default access or disable FIDO2 redirection. | |
Policies | Action | Access Profiles |
Add | Edit | Delete |
Show Bindings | Policy Manager | Action |
ICA Policies and Profiles
ICA policy
An ICA policy specifies an Action, Access Profile, Expression and optionally, a Log Action. You can perform the following ICA policy configurations:
Configure an ICA policy by using the GUI
- Navigate to NetScaler Gateway > Policies and click ICA.
- In the ICA Policies section, click Add. The Create ICA Policy page appears.
- In the Name field, specify a name for the ICA policy.
- Next to the Action field, do one of the following:
- Click the > icon to select an existing action.
- Click Add to create an action.
- Add an expression.
- Create a log action.
- Configure the remaining parameters as required and click OK.
Configure an ICA policy by using the CLI
add ica policy smartaccess_policy -rule TRUE -action smartaccess_action
Bind the ICA policy to a bind point by using the GUI
- Navigate to NetScaler Gateway > Policies > NetScaler Gateway > ICA Policies and Profiles > ICA Policies. Click Policy Manager.
- Select the bind point and the virtual server, and click Continue.
- In the Policy Binding section, select the ICA policy that you need to associate to a bind point.
- Click Bind and then click Done.
To verify the binding, click Show Bindings in the ICA Policies section. You can view the list of bind points associated with the ICA policy.
Bind the ICA policy to a VPN virtual server by using the CLI
bind vpn vserver vpnvserver -policy smartaccess_policy -type ICA_REQUEST -priority 10
ICA action
Configure an ICA action by using the GUI
- Go to NetScaler Gateway > Policies and then click ICA.
- In the ICA Actions tab, click Add. The Create ICA Action page appears.
- In the Name field, specify a name for the ICA policy.
- Next to the ICA Access Profile field, do one of the following:
- Click the > icon to select an existing ICA access profile.
- Click Add to create an ICA access profile.
- Create an ICA latency profile to associate it to the ICA action.
- Click Create.
Configure an ICA action by using the CLI
add ica action smartaccess_action -accessProfileName smartaccess_profile
ICA access profile
An ICA profile defines the settings for user connections. Access profiles specify the actions that are applied to a user’s Citrix Virtual Apps and Desktops environment ICA if the user device meets the policy expression conditions. You can use the GUI to create ICA profiles separately from an ICA policy and then use the profile for multiple policies. You can only use one profile with a policy.
You can create access profiles independent from an ICA policy. When you create the policy, you can select the access profile to attach to the policy. An access profile specifies the resources available to a user.
Starting from release 14.1-8.x, NetScaler Gateway extends the capabilities of the SmartControl feature to more ICA virtual channels of Citrix Virtual Apps and Desktops. This extension improves the interaction between NetScaler Gateway and the ICA virtual channels.
To leverage the capability of the extended SmartControl feature, you can configure the following settings on the ICA access profile.
- ClientTWAINDeviceRedirection
- WIARedirection
- DragAndDrop
- SmartCardRedirection
- FIDO2Redirection
Configure an ICA access profile by using the GUI
- Navigate to NetScaler Gateway > Policies > NetScaler Gateway ICA Policies and Profiles > Access Profiles and click Add. The Create ICA Access Profile page appears.
- Provide a name for the ICA access profile, configure the following parameters, and click Create.
- Connect Client LPT Ports: Allow or block the automatic connection of Line Print Terminal (LPT) ports from the client when the user logs on.
- Client Audio Redirection: Allow or block applications hosted on a server to play sounds through a sound device installed on the client computer. This setting also allows or blocks users from recording audio inputs.
- Local Remote Data Sharing: Allow or block file or data sharing through the Citrix Workspace app for HTML5.
- Client Clipboard Redirection: Allow or block the clipboard on the client device to be mapped to the clipboard on the server.
- Client COM Port Redirection: Allow or block the Communication (COM) port redirection to and from the client.
- Client Drive Redirection: Allow or block the drive redirection to and from the client.
- Client Printer Redirection: Allow or block printers to be mapped to a server when a user logs on to a session.
- Multistream: Allow or block the multi-stream feature for the specified users.
- Client USB Drive Redirection: Allow or block the redirection of USB devices to and from the client.
- Client TWAIN Device Redirection: Allow or block TWAIN devices, such as digital cameras or scanners, on the client device from the published image processing applications.
- WIA Redirection: Allow or block the Windows Image Acquisition (WIA) scanner redirection.
- Drag and Drop: Allow or block the drag and drop action between client and remote applications and desktops.
- Smart Card Redirection: Allow or block the smart card redirection. Smart card virtual channel is always allowed in Citrix Virtual Apps and Desktops.
- FIDO2 Redirection: Allow or block Fast Identity Online 2 (FIDO 2) redirections.
Configure an ICA access profile by using the CLI
add ica accessprofile <name> [-ConnectClientLPTPorts ( DEFAULT | DISABLED )] [-ClientAudioRedirection ( DEFAULT | DISABLED )][-LocalRemoteDataSharing ( DEFAULT | DISABLED )][-ClientClipboardRedirection ( DEFAULT | DISABLED )][-ClientCOMPortRedirection ( DEFAULT | DISABLED )][-ClientDriveRedirection ( DEFAULT | DISABLED )][-ClientPrinterRedirection ( DEFAULT | DISABLED )] [-Multistream (DEFAULT | DISABLED )][-ClientUSBDriveRedirection ( DEFAULT | DISABLED)] [-ClientTWAINDeviceRedirection ( DEFAULT | DISABLED )][-WIARedirection ( DEFAULT | DISABLED )] [-DragAndDrop ( DEFAULT | DISABLED )] [-SmartCardRedirection ( DEFAULT | DISABLED )]
[-FIDO2Redirection ( DEFAULT | DISABLED )]
<!--NeedCopy-->
ICA latency profile
Configure an ICA latency profile by using the GUI
- Navigate to NetScaler Gateway > Policies > NetScaler Gateway ICA Policies and Profiles > ICA Latency Profiles.
- Update the required fields and click Create.
Configure an ICA latency profile by using the CLI
add ica latencyprofile [-l7LatencyMonitoring ( ENABLED | DISABLED )] [-l7LatencyThresholdFactor ] [-l7LatencyWaitTime ] [-l7LatencyNotifyInterval ] [-l7LatencyMaxNotifyCount ]
Share
Share
In this article
This Preview product documentation is Cloud Software Group Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Cloud Software Group Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Cloud Software Group product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.