citrix access gateway

BarepAssets
BarepAssets used Ask the Experts™
on
Hi,
   Just want get more info in regard to citrix access gateway solution. Basically i need a solution for 10 users could be more eventually to access remotely there desktops. I am considering using citrix access gateway solution. We are small branch office that route through our head office for internet but we need a remote access solution that they can not provide. SO what we are considering is the installation of 10 mbs broadband line connected into citrix access gateway device then connected into citrix xenserver which would have published desktop(we may remote from the published desktop to users actually machine). From a security point of view is the
citrix access gateway solution good enough security measure for the internet access point ( it will only be used for vpn our internet browsing will still go through our main office) or will we need to use in conjuction with asa  or juniper firewall.


Thks,



Eoghan    
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
Hey,

The only thing your access gateway does is make sure that external users can acce3ss the internal Citrix servers by using port 443 (SSL https). You normally set up your CSG (Citrix Secure Gateway) in your DMZ, then users access this server using port 443. Your CSG will then set up a connection to your internal Citrix famr using port 1443 (the Citrix ICA port), thus meaning users don;t need to access Citrix and the internal network using port 1443.

Still, i'd suggest setting up a firewall in front of the Secure Gateway cause you would still be having a machine connected to the outside world.. It will also depend on the budget you have.. When you only have 10 users, how picky are they on security on the internal network? And at what price?

BarepAssetsSys Admin

Author

Commented:
the solution would probably initial for 10 users but this could change security would be essential the access  could potential to the larger  network so it be important. So i am trying to figure out exactly what i need for this

i am thinking a

internet connection ( is 10 mbs too high ??)

small bussiness model of the asa\juniper firewall

a csg device with secure gateway standard edition ( what model csg device would you recomment)

a mid range server with licence for zen server

is this all that would be required or would you recommend anymore

thks,
Commented:
Hey,

10 mbs is waaaay too large.. Every ICA session needs about 20 kbps, so if you have 10 users you might need 200 kpbs, also you will be sending data over the line, like files being openend locally or print jobs e.g. i'd say a 2Mbit connection will do just fne for starters..

The firewall is a must have then if you need to have security in place.. Regardig the CSG i'd go for the cheapest model, it will work just fine for what you need.. The larger models are more for larger companies.. And you can also install the Secure Gateway on a normal Windows machine (software is free is you use Citrix). I have no idea which one is cheaper tbh..


The server you are going to buy for Xen is totally up to you.. I would go for a good amount of memory tbh, you will need it with multiple users on it..

Besisdes that, you are going to need Microsoft TS CAL's.. You are still using Microsofts Terminal server solution and they need to see money too :) :)
BarepAssetsSys Admin

Author

Commented:
thanks for you help excellent

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial