hardware security in addtional to user /password for remote citrix connection

Posted on 2011-05-10
Last Modified: 2012-05-11
I am looking for a hardware key / or biometric solution for a few of my remote users of citrix applications which will provide additional security beyond user name /password. Detailed info will be appreciated .
Question by:leop1212
    LVL 8

    Expert Comment

    The DoD uses smartcards with digital certificates on them, & it works pretty darn well. You will need a smart card reader & some middleware on each client accessing your system in addition to running a Certificate Authority (an installable roll on Windows). The digital certificate aspect is very standardized & well supported across many platforms & applications.

    The other main player is the RSA keyfobs, I haven't administered them in years, but as a user, they annoy me. Typically they aren't that hard to install the server side authentication pieces you need.

    I don't have that much faith in biometrics, there are just to many problems with error rates. Also, how do you force a user to "change their password" cut off their finger?

    Author Comment

    are there vednors for Smartcard with complete solution?
    Would be nice to hear  comments from current users of hardware solutions .
    LVL 8

    Accepted Solution


    They make the middleware most of the DoD uses & have complete system offerings as well.

    As a sysadmin, I deal with the front side & back side of Active Directory authentication, various website authentication & digital signing/encryption in E-mail using the CAC's all the time. They aren't perfect, but generally pretty robust & not that hard to configure (as long as you have somebody who has a decent understanding of PKI).

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
    As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now