The concept of a
Demilitarized Zone (DMZ) in security architectures has been around for a long time. A DMZ essentially provides a separate network in front of a firewall to only allow connections into the web portal in the private network; in our case, the StoreFront server. When you set up a DMZ, you create an additional layer of security, or zone, that hackers have a hard time penetrating, and you only let in the specific connections on the port numbers that need to gain access, such as HTTP on port 80
or HTTPS on port 443
. When you set up a DMZ to secure XenDesktop, you will need to use HTTPS or port 443
and SSL certificates. The best way to do this is to install NetScaler running SSL and a load balancing service in the DMZ connected to StoreFront and the remaining XenDesktop components behind the second firewall. You open port 443
on the outside firewall, and only open the required ports for XenDesktop on the second firewall. Now, for an additional layer of security beyond...
Getting Started with XenDesktop 7.x
By :
Getting Started with XenDesktop 7.x
By:
Overview of this book
Table of Contents (27 chapters)
Getting Started with XenDesktop 7.x
Credits
Notice
About the Author
About the Reviewers
www.PacktPub.com
Preface
Free Chapter
Designing a XenDesktop Site
Installing XenDesktop
Managing Machine Catalogs, Hosts, and Personal vDisks
Managing Delivery Groups
Managing Policies
Managing Printing
Virtualizing USB Support
Virtualizing Storage and Backup
High Definition Experience (HDX)
Application Delivery
Working with the XenDesktop SDK
Working with Citrix ReceiverTM and Plugins
Securing XenDesktop
Managing and Monitoring XenDesktop
VDI in the Cloud
Creating a Domain Certificate Authority
XenDesktop Policy Settings Reference
Creating Self-signed Certificates for NetScaler Gateway
Using Public CA-signed SSL Wildcard Certificates on NetScaler Gateway
Index
Customer Reviews