Link to home
Start Free TrialLog in
Avatar of Pau Lo
Pau Lo

asked on

CAG checklist

Are there any security benchmarks/checklists for citrix access gateway?
ASKER CERTIFIED SOLUTION
Avatar of Anuroopsundd
Anuroopsundd
Flag of India image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Pau Lo
Pau Lo

ASKER

Is it possible to have a CAG without SSL and without 2-factor? Or are they part of the package, i.e. part of the hardened appliance? I am struggling to see what vulnerabilities you could have with CAG, if any? Whats your view?
SOLUTION
Avatar of jvr006
jvr006
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Pau Lo
Pau Lo

ASKER

If you were doing a top level security/configuration audit of a CAG what would your top 5 checks be? ... Perhaps with some notes on the vuln of the issue if not secured/configured properly..
Avatar of Anuroopsundd
Anuroopsundd
Flag of India image
Please go through the best practice document. this will help in knowing also what is best practice vs what is configured. this is what the auditor checks for
http://www.dabcc.com/thinsol/CSG/Docs/Best%20Practices%20for%20Securing%20a%20Citrix%20Secure%20Gateway%20Deployment.pdf
Avatar of Pau Lo
Pau Lo

ASKER

But thats for secure gateway, not CAG. They arent the same are they?
SOLUTION
Avatar of joharder
joharder
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Pau Lo
Pau Lo

ASKER

So.... are there any audit/vulnerability checks that can be performed on access gateway? I find it hard to think theres non.
Avatar of Pau Lo
Pau Lo

ASKER

Thatll be a no then...