Host checks/EPA scans are not for everyone – #Citrix, #NetScaler, #AccessGateway
This is an interesting blog post from Citrix… It captures a scenario that I know one of my previous customers was thinking of, so have a look at it!
The main thing that think of when reading this though is that EPA scans are NOT for everyone, I agree. And please also read my earlier posts on why it cannot be done with todays products from Citrix.
#Citrix #SmartAccess = A complete story or not? – #NetScaler #AGEE #EPA
Even though the latest Receiver Receivers changed some scenarios and enables host checks/EPA scans it still doesn’t provide the full picture. But I’ll be publishing a more detailed picture on why later, some late night I’ll be able to complete it! 😉
Here you have the blog post from Tobias Frigger:
A customer of one of my Citrix Consulting colleagues recently came up with an interesting request.
Like many others they are using Citrix NetScaler’s Access Gateway Enterprise Edition module to grant remote secure remote access to applications and desktops.
Additionally, they use a client management and software distribution solution to deploy the EPA plugin to client computers and therefore wanted to suppress Access Gateway offering the EPA scan plugin for download through the browser. This introduces some additional level of control over which client is entitled to connect through Access Gateway.
An approach restricting certain user groups from logging in by using group memberships is a more common scenario, but in this case the customer intended to restrict the end points and not the users. When end users lack administrative permissions to install custom software, preventing the download is indeed an effective measure.
A job for Citrix Consulting!
As you know, Access Gateway Enterprise Edition offers two ways of running Endpoint Analysis (EPA) scans – before and after authentication. Consequently, there are two procedures.
The formal requirements
- Remove the download button displayed when accessing the AGEE virtual server and the plugin is not detected by the browser or if the plugin is outdated
- Alter the message text such that it refers user to contact their system administrator if they think the plugin should be installed.
- When using a post-authentication EPA scan, add a “logout” button.
Backup
As a precaution, we want to make backup copies…
Continue reading here!
//Richard
My twittering…
- RT @james_kindon: Some ideas and learnings around automated image builds for @citrix #DaaS and Microsoft #AVD jkindon.com/getting-starte… @stea… 1 week ago
- RT @AzureSupport: Did you know you can use Update Management in #Azure Automation to manage operating system updates for your Windows and L… 1 week ago
- RT @rspruijt: 106 brand new Azure Architecture icons This link provides access to all the @Microsoft @Azure architecture icons ⏩ https://… 2 weeks ago
- RT @samilaiho: Microsoft script recreates shortcuts deleted by bad Defender ASR rule bleepingcomputer.com/news/microsoft… 2 weeks ago
- RT @MSFTMechanics: Risk assessment in real-time. Secure app-to-app communications based on location, risk level, and access patterns —even… 2 weeks ago
Recent Posts
- GPO and PowerShell support in #AzureAD and #Intune? Tech Preview released – #EnvokeIT Workspace Client
- #Azure November newsletter
- #AzureAD a leader in the 2016 Gartner IDaaS MQ! – #EnvokeIT
- Microsoft Azure IaaS Operations Guidance – #AAD, #RBAC, #ARM, #Microsoft, #Azure
- Microsoft announcing SQL Server on Linux – #SQL, #Microsoft, #DB, #PaaS

Azure
- @VVLGK We don't have any news to share at this time, but make sure to keep an eye out on our social channels for any updates! 😀👍 4 hours ago
- @pgbnguyen We're happy to hear about your excitement for the news! 💙 4 hours ago
- Azure Synapse Link enables near real-time analytics and uses cloud capabilities to help you uncover insights. Find… twitter.com/i/web/status/1… 5 hours ago
- RT @SQLServer: Top 3 reasons to try our data and AI platform: ✨ Lower cost, more value ✨ Unified, secured, and governed ✨ Hybrid and multi… 7 hours ago
- RT @msdev: Join us for #LowCodeFebruary! Learn everything you need to know about Power Platform fundamentals, fusion teams, cloud integrat… 8 hours ago
CitrixBlogs
Error: Please make sure the Twitter account is public.
Categories
- Access Gateway
- Active Directory (AD)
- All
- Amazon
- App-V
- AppDNA
- Application Insights
- AppSense
- Azure
- Azure Stack
- BYOD
- Citrix
- Client Services
- Cloud
- CloudBridge
- CloudGateway
- CloudStack
- CloudStack
- Collaboration
- Configuration Manager
- Development
- Device Management
- Enterprise Architecture
- EnvokeIT
- Exchange
- ExpressRoute
- GotoMeeting
- Hyper-V
- Infrastructure
- Innovation
- Internet Explorer
- Intune
- Linux
- Lync
- Management – Leadership
- Microsoft
- MobileSolutions
- Mobility
- NetApp
- NetScaler
- Networking
- Nutanix
- Office 365
- Office365
- OpenStack
- Outlook
- Podio
- Project Management
- Provisioning Services
- Receiver
- Remote Desktop Services (RDS)
- RemoteApp
- RES
- Security
- Service Management
- Service Manager
- ShareFile
- SharePoint Server 2013
- Storage
- StoreFront
- Surface
- System Center
- Uncategorized
- VDI-in-a-Box
- VMWare
- Webroot
- Windows 8
- Windows RT
- Windows Server 2012
- XenApp
- XenDesktop
- XenMobile
- XenServer