Citrix Secure Private Access Hybrid Deployment

What’s new

October 28, 2024

Contributed by:

October 2024

Initial release

Citrix Secure Private Access for hybrid deployment allows customers to implement a Zero Trust Network Access (ZTNA) solution using on-premises StoreFront and NetScaler Gateway components and use the Citrix Cloud for managing the configuration, administration, and monitoring functions.

The following are some of the key features of the Citrix Secure Private Access for hybrid deployment.

Web/SaaS and TCP/UDP support:

Citrix Secure Private Access for hybrid deployment supports Web/SaaS and TCP/UDP apps. For details, see the following topics:

Supported apps

Enhanced access restriction options:

While creating access policies for applications, you can select access restrictions that must be enforced on the applications. These security restrictions are predefined in the system. Admins cannot modify or add other combinations. For details, see Access restriction options.
Secure Private Access integration with DaaS Monitor:

Secure Private Access is integrated with Monitor, the monitoring and troubleshooting console for Citrix DaaS. Administrators and help-desk personnel can monitor and troubleshoot Web/SaaS and TCP/UDP app sessions and events from the DaaS Monitor. For details, see Secure Private Access integration with DaaS monitor.
Application Discovery:

The Application Discovery feature helps an admin get visibility into the external and internal applications (HTTP/HTTPS and TCP/UDP apps) that are being accessed in an organization. This feature discovers and lists all the domains/IPs addresses, published or unpublished. Thus, admins can see what domains/IP addresses are getting accessed, by whom, and decide if they want to publish them as applications, providing access to those users. For details, see Discover domains or IP addresses accessed by end users.
Policy modeling tool:

The policy modeling tool (Access policies > Policy modeling) provides the administrators full visibility into the expected application access result (allowed/allowed with restriction/denied). Admins can check the access results for specific users and add a user condition for contextual tags. For details, see Policy modeling tool.
Support for Unsanctioned websites:

Applications (intranet or internet) that are not configured within Secure Private Access are regarded as “Unsanctioned Websites”. By default, Secure Private Access denies access to all intranet web applications if there are no applications and access policies configured for those applications. For all other internet URLs or SaaS applications that do not have an app configured, admins can use the Settings > Unsanctioned Websites tab from the admin console to allow or deny access via Citrix Enterprise Browser. For details, see Unsanctioned websites.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

What’s new

October 28, 2024

Contributed by:

October 28, 2024

Contributed by:

What’s new

October 2024

Initial release

In this article