What’s new

December 2024

  • Support for Secure Private Access hybrid solution on FIPS platform

    The Secure Private Access hybrid solution is now supported on NetScaler platforms that comply with Federal Information Processing Standards (FIPS) and running the 13.1-37.219 and later FIPS builds. For more information, see Federal Information Processing Standards.

October 2024

Initial release

Citrix Secure Private Access for hybrid deployment allows customers to implement a Zero Trust Network Access (ZTNA) solution using on-premises StoreFront and NetScaler Gateway components and use the Citrix Cloud for managing the configuration, administration, and monitoring functions.

The following are some of the key features of the Citrix Secure Private Access for hybrid deployment.

Supported apps

  • Enhanced access restriction options:

    While creating access policies for applications, you can select access restrictions that must be enforced on the applications. These security restrictions are predefined in the system. Admins cannot modify or add other combinations. For details, see Access restriction options.

    Access restrictions

  • Secure Private Access integration with DaaS Monitor:

    Secure Private Access is integrated with Monitor, the monitoring and troubleshooting console for Citrix DaaS. Administrators and help-desk personnel can monitor and troubleshoot Web/SaaS and TCP/UDP app sessions and events from the DaaS Monitor. For details, see Secure Private Access integration with DaaS monitor.

    Application topology of a launched app

    Application topology of an access denied app

  • Application Discovery:

    The Application Discovery feature helps an admin get visibility into the external and internal applications (HTTP/HTTPS and TCP/UDP apps) that are being accessed in an organization. This feature discovers and lists all the domains/IPs addresses, published or unpublished. Thus, admins can see what domains/IP addresses are getting accessed, by whom, and decide if they want to publish them as applications, providing access to those users. For details, see Discover domains or IP addresses accessed by end users.

    App discovery page

  • Policy modeling tool:

    The policy modeling tool (Access policies > Policy modeling) provides the administrators full visibility into the expected application access result (allowed/allowed with restriction/denied). Admins can check the access results for specific users and add a user condition for contextual tags. For details, see Policy modeling tool.

    Policy modeling

  • Support for Unsanctioned websites:

    Applications (intranet or internet) that are not configured within Secure Private Access are regarded as “Unsanctioned Websites”. By default, Secure Private Access denies access to all intranet web applications if there are no applications and access policies configured for those applications. For all other internet URLs or SaaS applications that do not have an app configured, admins can use the Settings > Unsanctioned Websites tab from the admin console to allow or deny access via Citrix Enterprise Browser. For details, see Unsanctioned websites.

    Configure rules

What’s new