Secure Remote Access to
This presentation is the property of its rightful owner.
Sponsored Links
1 / 15

Secure Remote Access to Enterprise Applications RSA Adaptive Authentication and NetScaler Integration PowerPoint PPT Presentation


  • 237 Views
  • Uploaded on
  • Presentation posted in: General

Secure Remote Access to Enterprise Applications RSA Adaptive Authentication and NetScaler Integration. Business Collaboration. Employee Productivity. Information Protection . Regulatory Controls. Risk Based Access Controls. Secure Authentication. Protect Against

Download Presentation

Secure Remote Access to Enterprise Applications RSA Adaptive Authentication and NetScaler Integration

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Secure remote access to enterprise applications rsa adaptive authentication and netscaler integration

Secure Remote Access to Enterprise ApplicationsRSA Adaptive Authentication and NetScaler Integration


Enterprise authentication security balancing act

Business

Collaboration

Employee

Productivity

Information

Protection

Regulatory

Controls

Risk Based

Access Controls

Secure

Authentication

Protect Against

Emerging Threats

Ease of Use

Business Enablement

Business Challenge

Business Requirement

Enterprise Authentication Security Balancing Act

Identity sprawl

Information sprawl

Workforce Mobility

Increasing Threats

Increasing Regulation


The notion of risk

The Notion of Risk

  • Start with an “Ideal Activity”

    • Allow for some degree of variance from that “ideal”

Area of Concern

Activity D

  • Most Employee and Business actions will fall within the comfort zone

    • Opportunity to control costs if comfort zone activities can be reliably identified

Activity C

Ideal Activity

Activity A

Activity B

  • Challenge is to identify only those activities which fall outside of comfort zone

Comfort Zone


Monitor detect investigate or challenge

Monitor – Detect – Investigate or Challenge

Transparently increase security without compromising user convenience

Risk Assessment

Risk Mitigation


Rsa efraudnetwork

RSA™ eFraudNetwork™:

Expansive:

  • Thousands of contributors; ISPs, feeding partners, customers

  • Cross industry

  • International visibility

    More than “IP Blacklist”:

  • Clustering: associates and links transactions

  • Coloring: implicating clusters and accounting for proximity

  • Baits Countermeasure: “dummy” credentials

  • IP Address from Phishing Attacks: Botnets

  • Feeds to / from multiple RSA products

    Anonymous:

  • No Personally Identifying Information shared

    Proven:

  • ½ Billion Devices, gives “fraud detection a considerable lift”*

World’s Largest Online Fraud Fighting Community

Don’t fight cybercriminals alone!


Rsa adaptive authentication with citrix netscaler

RSA Adaptive Authentication with Citrix NetScaler

  • Solution Components

    • Citrix NetScaler - Version 9.2 or later

    • Identity Provider such as Active Directory or equivalent LDAP based system

    • RSA Adaptive Authentication Server for secondary authentication of users based on behavioral and other inputs


Configuring the rsa authentication adapter

Configuring the RSA Authentication Adapter

  • Start configuration wizard

  • Configure RADIUS Adapter

  • Configure AA Adapter

    • Configure behavior parameters

    • Configure Identity confirmation methods


Configuring netscaler

Configuring NetScaler

  • Create Authentication server

  • Create Authentication policy

  • Create Virtual server

  • Run management script utility to configure NetScaler with user parameters


Initial user setup

Initial User Setup

  • The user logs on to the site using the user name and password

  • The user selects the security questions and provides answers to those security questions

  • The user confirms selection to security questions


User authentication

User Authentication

  • User attempts to access a system protected by Adaptive Authentication

  • User's activity is analyzed by the RSA Risk Engine and is assigned a Risk Score

  • RSA Policy Manager determines Risk using behavioral analysis

  • User is directed to "Step-Up Authentication"


Law enforcement secure connections to help catch the bad guys

Healthcare

Cure to fraud prevention

Law EnforcementSecure connections to help catch the bad guys

  • Mobile employees who work from home or travel can access sensitive information remotely and security

  • For on-the-go doctors, multiple devices (PCs) can be registered so access can be gained seamlessly from any location

  • Helps meet compliance regulations for “stronger than password” authentication

  • Authorized law enforcement offices canutilize different PCs and still securely access sensitive information

  • Persistent security and policy enforcement only challenging the riskiest subset of activities with step-up authentication


Missouri highway patrol

Missouri Highway Patrol

  • Challenge

  • Telco costs exceeded $1m annually to deliver applications to 246 Municipalities

  • Security concerns of onboarding new Web Applications

  • Mandated standards

    • Federal Information Protection Standard 140-2

    • Two Factor Authentication

    • Global redundancy

  • Solution

  • RSA-AAA + NetScaler FIPS Platinum Edition

  • Benefits

  • $1m annual savings

  • Easy transition & Great User Experience

  • Strong Layered Security

  • Superior Web App Experience

  • Improved Application Availability

State Government


Lessons learned

Lessons Learned

  • Put the Adaptive Authentication Adapter behind a NS vServer– Optimize performance– Protect with AppFW– Load Balance

  • Use a wildcard or SAN SSL certificate– Maintain PKI integrity

  • Get installation assistance– Make the deployment stress free and on time


Secure remote access to enterprise applications

Secure, Remote Access to Enterprise Applications

RSA Adaptive Authentication Integration with Citrix NetScaler

Low Total Cost of Ownership

  • Enables user self-enrollment with no need for physical devices

    Strong Layered Security

  • Complement NetScaler’s primary authentication systems such as Active Directory or LDAP

  • Extend user identity across enterprise and SaaS applications

  • Protect against web and XML application threats like Cross-Site Scripting (XSS) , SQL Injection and DDoS attacks with Web Application Firewall

  • Numerous authentication methods with customizable risk and authentication policies provide the highest fraud detection rates

    Superior User Experience

  • Transparent authentication methods offer the lowest impact on genuine users providing a convenient online experience as users are only challenged when suspicious activities are identified and/or an organizational policy is violated


For more information

For More Information

  • Citrix NetScaler Blogs

    • http://community.citrix.com/display/ocb/2011/05/19/Adaptive+Authentication

  • Sales Knowledgebase

    • www.citrix.com/skb - Search tag “RSA Adaptive Authentication”

  • Citrix TV

    • www.citrix.com/tv- Search tag “RSA Adaptive Authentication”

  • Citrix NetScaler Resources

    • www.citrix.com/netscaler- Click “Resources and Support”

  • Citrix NetScaler Discussion Forums

    • http://forums.citrix.com/support- Click NetScaler


  • Login