Secure Browser service
The Citrix Secure Browser service isolates web browsing to protect the corporate network from browser-based attacks. Secure Browser service delivers consistent, secure remote access to internet hosted web applications, with no need for user device configuration. Administrators can rapidly roll out secure browsers, providing instant time-to-value. By isolating internet browsing, IT administrators can offer end users safe internet access without compromising enterprise security.
Users log on through Citrix Workspace (or Citrix Receiver) and can open web apps in the configured web browser. The website does not directly transfer any browsing data to or from the user device, so the experience is secure.
The Secure Browser service can publish secure browsers for use with:
Shared Passcode external web apps. If you publish a browser with shared passcode authentication, users must enter the passcode to launch an app.
Authenticated external web apps. When you publish authenticated external web apps and launch the apps using Citrix Workspace, the Secure Browser service requires a resource location containing at least one Cloud Connector (two or more are recommended). For details, see Citrix Cloud Connector. For authenticated apps, you must add users with Citrix Cloud Library.
Unauthenticated external web apps. When you publish unauthenticated external web apps and launch the apps using Citrix Workspace, the Secure Browser service requires a resource location containing at least one Cloud Connector (two or more are recommended). For details, see Citrix Cloud Connector.
Although typically not recommended, unauthenticated external web apps might be used for a simple proof of concept.
For more information, see Publish a secure browser.
The service also offers:
- Integration of published apps with Citrix Workspace
- Integration of published apps with on-premises StoreFront
- Simple URL allow list function for security
- Usage monitoring
- Controls for clipboard use, printing, kiosk mode, region failover, and client drive mapping
Secure Browser supports authentications for all apps with Azure Active Directory.
- Users can now sign in to any Secure Browser app from Citrix Workspace using Azure Active Directory credentials.
- When Secure Browser users sign in, they use the Workspace sign-in page that you configured for your site. For more information, see Integration with Citrix Workspace.
- Secure Browser supports bidirectional audio. Bidirectional audio is available in Secure Browser.
- Secure Browser launches from launch.cloud.com are authenicated by Citrix Cloud authentication. When users launch Secure Browser apps using the launch.cloud.com URL, Citrix Cloud authentication handles their credentials. This enhances security but does not change the user experience.
- Secure Browser supports authentication with Azure Active Directory. Users can now sign in to Secure Browser apps from Citrix Workspace using Azure Active Directory credentials. For more information, see Integration with Citrix Workspace.
- Secure Browser lets you monitor and log off users’ active sessions. Secure Browser provides user name, session ID, client IP, authentication type, application name, session start time, and session duration information about users’ active sessions. You can view basic information about each active session and disconnect the session if needed. For more information, see Monitor active sessions.
Releases in 2020
All releases of 2020 contain enhancements that help improve overall performance and stability.
For developers: Preview API for Secure Browser Service