Use case: Configure an access policy to allow selective access to apps

Some organizations want to restrict access to web based email or social networking sites, as a policy, for security or other reasons. To configure this, they can select strict preset in the website filter categories. Strict preset minimizes the risk of accessing unsecured or malicious websites. End users can still access websites with low risk.

If your organization policy mandates strict preset, but wants to allow selective access to apps that are not productivity related, but are required for social interaction, follow these steps to configure settings in the Citrix Secure Private Access service. In the following configuration, the strict preset is selected, but is customized so that access to Facebook groups is allowed, and access to the instagram is through a secure browser.

  1. Log on to Citrix Cloud.

  2. On the Citrix Secure Private Access tile, click Manage.

  3. Click Configure Content Access.

    Configure content access

  4. Enable Filter website categories.

    Enable filter website categories

  5. Select Strict Preset.

    Strict Preset

  6. In the allowed categories section, click Add. In Add Categories, select Facebook Groups. Click Add. Select Facebook groups as allowed category

  7. In the redirected to secure browser categories section, click Add. In Add Categories, select Instagram. Click Add.

    Select Instagram as redirect category

  8. Your settings appear in the allowed and redirect categories. Click Save.

    Final settings

Validation

To validate your configuration, you can publish a SaaS app for https://www.google.com with single sign-on disabled and have some users subscribed to the app.

  • Launch the SaaS app from Citrix Workspace app (or Citrix Workspace web).
  • After the app opens, search for Facebook, and click the link returned in the search. You must see the app launch.
  • Search for Instagram, and click the link returned in the search. You must see the app launch in a secure browser.
  • Search for any URL in the blocked category, and click the link returned. You must get access denied.
Use case: Configure an access policy to allow selective access to apps