Book Image

Implementing NetScaler VPX??? - Second Edition

By : Marius Sandbu
Book Image

Implementing NetScaler VPX??? - Second Edition

By: Marius Sandbu

Overview of this book

With a large demand for responsive websites and availability of services, IT administrators are faced with an ever-rising need for services that are optimized for speed. NetScaler VPX is a software-based virtual appliance that provides users with the comprehensive NetScaler feature set. Implementing apps and cloud-based services is much easier with its increased service performance and integrated security features. This book will give you an insight into all the new features that NetScaler VPX™ has to offer. Starting off with the basics, you will learn how to set NetScaler up and configure it in a virtual environment including the new features available in version 11, such as unified gateway and portal theme customization. Next, the book will cover how to deploy NetScalar on Azure and Amazon, and you will also discover how to integrate it with an existing Citrix infrastructure. Next, you will venture into other topics such as load balancing Microsoft and Citrix solutions, configuring different forms of high availability Global Server Load Balancing (GSLB), and network optimization. You will also learn how to troubleshoot and analyze data using NetScaler's extensive array of features. Finally, you will discover how to protect web services using an application firewall and will get to grips with other features such as HTTP, DOS, and AAA.
Table of Contents (10 chapters)
9
Index

Deploying VPN

In some cases, users may need to deploy a full VPN solution as it allows a client to become a part of the internal network using the NetScaler Gateway plugin. With the use of the NetScaler Gateway plugin, we also have Endpoint analysis that allows us to scan a client for specific processes, or check if the client has antivirus active and configured. In version 10.5, Citrix added OPSWAT support. OPSWAT is a library that allows us to perform granular scans of an endpoint before it is allowed access.

Configuring the use of regular VPN with NetScaler Gateway is not much different from ICA Proxy. We need the following:

  • A NetScaler Gateway vServer with a name, a port, and an IP address
  • A vServer set to non ICA-mode
  • A trusted certificate
  • An authentication policy
  • A session policy

The only difference here is that we need to set the vServer to non ICA-mode and we need to change the session policy.

We can also add a pre-authentication policy to allow NetScaler to check client-side security before...