Hi Admins

Proteting the IT environment from hackers has been very critical challenge for all the IT Admins and on High Priority.

We will more focus on Citrix NetScaler System protection in this section.

1. Maintain Latest Ciphers: please perform your Citrix website security analysis now in case you have not done. 

https://www.ssllabs.com/ssltest/

TLS 1.0, TLS 1.1 , SSL 2 , SSL3 and some of the TLS 1.2 weak Cipehers should be removed from VIP Ciphers list in order to keep A rating for your website. its important to perform Citrix Client , Browsers analysis before removing Ciphers from VIP Ciphers Group otherwise Handshake will break in case users are using unsupported old browsers or Clients on their machine. (Keep updated).

SECURITY Come 1st and Users should use supported products.

2.  Configure ACL list for NetScaler : its important to strict NetScaler access to all the ports & limit to identified source by using ACL List. even though Mallicious conditates can reach to your netscaler network but cant establish connection by using any port scanner or analyze if you are maintaining ACL list.

3. Perform CIS analysis for NS Devices: its important to perform CIS analysis report for NS device and fillup the GAPS as per vendor recommednation.

4. Configure APPFLOW:- configure the APPFLOW logs collection and analysis in case you are using Syslog Server or any other analysis tool.

5. Upgrade firmware ontime: Citrix Vendor is too much active in identifying the GAPS and filling up them with new firmware versions & more new features so upgrade the NS firmware ontime.

6. Citrix NMAS: its beneficial to use Citrix NMAS integration with NS devices to analyze all the security attacks and get 365 Degree reports for your NS envrionment. lots of automation and better control over NS devices.

Remember Single Loop hole is enough to destroy the environment.

Some Good links from other blogers: https://neil.spellings.net/2014/01/12/penetration-testing-tips-netscaler/

https://docs.citrix.com/en-us/netscaler/12/application-firewall/security-checks-overview.html

 

Amit Kumar Gupta

Certified: CCA-XenApp/XenDesktop/XenServer, Google Cloud Architect, MCSE, ITIL, Vmware Certified , AWS Fundamentals. AWS Pratitioner

Microsoft certified - Enterprise Cybersecurity Fundamentals & Planning for Security Incident response.

https://www.linkedin.com/in/amit-gupta-5321a527/