Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


hardware security in addtional to user /password for remote citrix connection

Posted on 2011-05-10
Medium Priority
Last Modified: 2012-05-11
I am looking for a hardware key / or biometric solution for a few of my remote users of citrix applications which will provide additional security beyond user name /password. Detailed info will be appreciated .
Question by:leop1212
  • 2

Expert Comment

ID: 35733632
The DoD uses smartcards with digital certificates on them, & it works pretty darn well. You will need a smart card reader & some middleware on each client accessing your system in addition to running a Certificate Authority (an installable roll on Windows). The digital certificate aspect is very standardized & well supported across many platforms & applications.


The other main player is the RSA keyfobs, I haven't administered them in years, but as a user, they annoy me. Typically they aren't that hard to install the server side authentication pieces you need.

I don't have that much faith in biometrics, there are just to many problems with error rates. Also, how do you force a user to "change their password" cut off their finger?

Author Comment

ID: 35737622
are there vednors for Smartcard with complete solution?
Would be nice to hear  comments from current users of hardware solutions .

Accepted Solution

devinnoel earned 2000 total points
ID: 35739278

They make the middleware most of the DoD uses & have complete system offerings as well.

As a sysadmin, I deal with the front side & back side of Active Directory authentication, various website authentication & digital signing/encryption in E-mail using the CAC's all the time. They aren't perfect, but generally pretty robust & not that hard to configure (as long as you have somebody who has a decent understanding of PKI).

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
2017 was a scary year for cyber security.  Hear what our security experts say that hackers have in store for us in 2018.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question