Home > Access Gateway, Citrix, NetScaler, Receiver, Uncategorized > Host checks/EPA scans are not for everyone – #Citrix, #NetScaler, #AccessGateway

Host checks/EPA scans are not for everyone – #Citrix, #NetScaler, #AccessGateway

This is an interesting blog post from Citrix… It captures a scenario that I know one of my previous customers was thinking of, so have a look at it!

The main thing that think of when reading this though is that EPA scans are NOT for everyone, I agree. And please also read my earlier posts on why it cannot be done with todays products from Citrix.

#Citrix #Receiver 3.4 and 11.7 = is the #SmartAccess story more real now? – #CloudGateway, #AGEE, #NetScaler, #StoreFront

#Citrix #SmartAccess = A complete story or not? – #NetScaler #AGEE #EPA

Even though the latest Receiver Receivers changed some scenarios and enables host checks/EPA scans it still doesn’t provide the full picture. But I’ll be publishing a more detailed picture on why later, some late night I’ll be able to complete it! 😉

Here you have the blog post from Tobias Frigger:

A customer of one of my Citrix Consulting colleagues recently came up with an interesting request.

Like many others they are using Citrix NetScaler’s Access Gateway Enterprise Edition module to grant remote secure remote access to applications and desktops.
Additionally, they use a client management and software distribution solution to deploy the EPA plugin to client computers and therefore wanted to suppress Access Gateway offering the EPA scan plugin for download through the browser. This introduces some additional level of control over which client is entitled to connect through Access Gateway.

An approach restricting certain user groups from logging in by using group memberships is a more common scenario, but in this case the customer intended to restrict the end points and not the users. When end users lack administrative permissions to install custom software, preventing the download is indeed an effective measure.

A job for Citrix Consulting!

As you know, Access Gateway Enterprise Edition offers two ways of running Endpoint Analysis (EPA) scans – before and after authentication. Consequently, there are two procedures.

The formal requirements

  • Remove the download button displayed when accessing the AGEE virtual server and the plugin is not detected by the browser or if the plugin is outdated
  • Alter the message text such that it refers user to contact their system administrator if they think the plugin should be installed.
  • When using a post-authentication EPA scan, add a “logout” button.

EPA Scan dialogue

Backup
As a precaution, we want to make backup copies…

Continue reading here!

//Richard

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: