Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

NFuse+CSG / VPN / Both...???

Status
Not open for further replies.
Highland

Highland

MIS
Jul 4, 2001
451
GB
We are about to look at implementating a Remote Access solution to our Citrix Environment....

Anyone got any opinions on the best/most secure way to protect Systems from Intrusion......what methods have you used to provide Remote Access to Citrix...???

Any info appreciated....

thanks
 
Sort by date Sort by votes
VPN is the highest security you can get.
CSG is the next best thing, and involves zero configuration on the clientside (with nfuse), making it very popular in the citrix cummunity.

Free citrixprinting support
 
Upvote 0 Downvote
Yeah, I want to push for the CSG solution, mostly because of the zero config on the client, but I need to justify it over VPN in terms of security....???

Any advice/pointers etc...???

thanks
 
Upvote 0 Downvote
As ai said; VPN is top of the bill in security, and CSG is the next best thing, and for you installing it, a lot less headaches. But i can't say that CSG security is better then VPN.

CSG uses 128 bits SSL security, with a 1024 bits encrypted key, and a correct configuration, makes it almost invunerable. What more can i say.


Free citrixprinting support
 
Upvote 0 Downvote
OK, maybe not justify CSG as better than VPN, but can anyone tell me how they implemented a secure solution using NFuse/CSG...??



 
Upvote 0 Downvote
>>can anyone tell me how they implemented a secure solution using NFuse/CSG...??

Can you be more exact in what you want to know?

The normal way of implementing, is an nfuse box running https, and the CSG in the DMZ, and the citrix boxes and the sta in the local lan.
From lan to DMZ, only port 1494 for citrix, and 80 for sta and nfuse.
From DMZ to internet just port 443.
Just go through the admin guide on CSG for a more detailed explanation:
Free citrixprinting support
 
Upvote 0 Downvote
Thanks for your reply again xs4citrix...

Yeah, was really looking for a brief over-view of how you have set-up an external access solution for your users and why you preferred NFUSE to a VPN solution...???

Basically the scenario I envisaged was for our current dial-in users to set-up Internet access with their preferred ISP, they then connect to a secure web-site, they are authenticated and allowed access from only this site via our Firewall to a DMZ containing CSG/NFuse (can this also be set-up with secure ID/password..??), upload client if required and then a "normal" logon to our Citrix Farm...???

Is this a typical scenario....???

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SpenceWaller
  • Locked
  • Question
Citrix CSG - Allow users to change password
Replies
0
Views
245
SpenceWaller
SpenceWaller
spi200
  • Locked
  • Question
CSG and RSA secuid question
Replies
0
Views
199
spi200
spi200
smokey7244521
  • Locked
  • Question
Citrix Published apps thru VPN
Replies
0
Views
160
smokey7244521
smokey7244521
bran2235
  • Locked
  • Question
HOW? Setting up CSG and Web Interface
Replies
0
Views
116
bran2235
bran2235
bran2235
  • Locked
  • Question
How to update Web Client on CSG box?
Replies
0
Views
108
bran2235
bran2235

Part and Inventory Search

Sponsor

Back
Top