Host checks/EPA scans are not for everyone – #Citrix, #NetScaler, #AccessGateway
This is an interesting blog post from Citrix… It captures a scenario that I know one of my previous customers was thinking of, so have a look at it!
The main thing that think of when reading this though is that EPA scans are NOT for everyone, I agree. And please also read my earlier posts on why it cannot be done with todays products from Citrix.
#Citrix #SmartAccess = A complete story or not? – #NetScaler #AGEE #EPA
Even though the latest Receiver Receivers changed some scenarios and enables host checks/EPA scans it still doesn’t provide the full picture. But I’ll be publishing a more detailed picture on why later, some late night I’ll be able to complete it! 😉
Here you have the blog post from Tobias Frigger:
A customer of one of my Citrix Consulting colleagues recently came up with an interesting request.
Like many others they are using Citrix NetScaler’s Access Gateway Enterprise Edition module to grant remote secure remote access to applications and desktops.
Additionally, they use a client management and software distribution solution to deploy the EPA plugin to client computers and therefore wanted to suppress Access Gateway offering the EPA scan plugin for download through the browser. This introduces some additional level of control over which client is entitled to connect through Access Gateway.
An approach restricting certain user groups from logging in by using group memberships is a more common scenario, but in this case the customer intended to restrict the end points and not the users. When end users lack administrative permissions to install custom software, preventing the download is indeed an effective measure.
A job for Citrix Consulting!
As you know, Access Gateway Enterprise Edition offers two ways of running Endpoint Analysis (EPA) scans – before and after authentication. Consequently, there are two procedures.
The formal requirements
- Remove the download button displayed when accessing the AGEE virtual server and the plugin is not detected by the browser or if the plugin is outdated
- Alter the message text such that it refers user to contact their system administrator if they think the plugin should be installed.
- When using a post-authentication EPA scan, add a “logout” button.
Backup
As a precaution, we want to make backup copies…
Continue reading here!
//Richard
My twittering…
- RT @ConfigMgrDogs: Troubleshooting mode for Microsoft Defender for Endpoint now in public preview: Troubleshooting mode for Microsoft Defen… 6 days ago
- RT @cstalhood: The #Citrix VDA Cleanup Utility is UNSUPPORTED with VDA Versions beyond 1912. DO NOT run the VDA Cleanup Utility on a VDA Ma… 1 week ago
- RT @ConfigMgrDogs: Tamper Protection is now available on macOS: As we continue to invest in Microsoft Defender for Endpoint capabilities fo… 1 week ago
- RT @rnabmitra: It’s coming! Temporary Access Pass to join a device to Azure AD. #TAP #AAD #AADJ techcommunity.microsoft.com/t5/azure-activ… https://t.co/2T8qQ… 2 weeks ago
- RT @bjornaxell: Running a Small Business (up to 300 employees)? We now have a security products for you - Microsoft announces general avail… 2 weeks ago
Recent Posts
- GPO and PowerShell support in #AzureAD and #Intune? Tech Preview released – #EnvokeIT Workspace Client
- #Azure November newsletter
- #AzureAD a leader in the 2016 Gartner IDaaS MQ! – #EnvokeIT
- Microsoft Azure IaaS Operations Guidance – #AAD, #RBAC, #ARM, #Microsoft, #Azure
- Microsoft announcing SQL Server on Linux – #SQL, #Microsoft, #DB, #PaaS

Azure
- RT @msdev: Following best practices will help you maintain a foundation for your workflow. Get started with this learning path as we guide… 12 hours ago
- Simplify your Azure migration with documentation, guidelines, and assessment tools in this e-book from Microsoft an… twitter.com/i/web/status/1… 17 hours ago
- Learn how to get the full power of Azure with Java apps and use idiomatic libraries to interact with your preferred… twitter.com/i/web/status/1… 1 day ago
- RT @msdev: How are YOU getting ready for #MSBuild? Let’s see how Albert Dankwa does it😎 Register for Microsoft Build today to gain full ac… 1 day ago
- RT @msdev: You're going to learn so much at this year's #MSBuild! Make sure to keep the learning momentum going after the live event is ove… 1 day ago
CitrixBlogs
Error: Please make sure the Twitter account is public.
Categories
- Access Gateway
- Active Directory (AD)
- All
- Amazon
- App-V
- AppDNA
- Application Insights
- AppSense
- Azure
- Azure Stack
- BYOD
- Citrix
- Client Services
- Cloud
- CloudBridge
- CloudGateway
- CloudStack
- CloudStack
- Collaboration
- Configuration Manager
- Development
- Device Management
- Enterprise Architecture
- EnvokeIT
- Exchange
- ExpressRoute
- GotoMeeting
- Hyper-V
- Infrastructure
- Innovation
- Internet Explorer
- Intune
- Linux
- Lync
- Management – Leadership
- Microsoft
- MobileSolutions
- Mobility
- NetApp
- NetScaler
- Networking
- Nutanix
- Office 365
- Office365
- OpenStack
- Outlook
- Podio
- Project Management
- Provisioning Services
- Receiver
- Remote Desktop Services (RDS)
- RemoteApp
- RES
- Security
- Service Management
- Service Manager
- ShareFile
- SharePoint Server 2013
- Storage
- StoreFront
- Surface
- System Center
- Uncategorized
- VDI-in-a-Box
- VMWare
- Webroot
- Windows 8
- Windows RT
- Windows Server 2012
- XenApp
- XenDesktop
- XenMobile
- XenServer