MS Certificate authentication changes

This article will be updated if new information is found or something is incorrect. Backgrounds Overview The actual change is described in MS KB5014754. In a nutshell the change enforces strong mapping of certificates to an on-premises AD user object. This change will impact many (government) users that are using smart cards. For many cases MS Certificate authentication changes

Citrix Licensing changes for NetScaler

This year has been interesting with many vendors changing their licensing and Cloud Software Group has definitely stirred the pot on their own behalf. From where we’re standing, this also presents a great opportunity to get a lot more out of your investment. Overview So, what actually happened was that recently Cloud Software Group (or Citrix Licensing changes for NetScaler

NetScaler Basic on-prem authentication

As promised; here’s the first one of the three real-life authentication examples. I will post the next one tomorrow and the final one the day after tomorrow. Overview In this use case the NetScaler acts as a load balancer (aka reverse web proxy) for the web front end servers, but also enables the authenticate, authorize NetScaler Basic on-prem authentication

NetScaler Identity handling capabilities

Overview Far too often I’m facing an assumption that the NetScaler is “just a load balancer” or the Gateway for Citrix environments. Of course it’s true that NetScaler can do both of the above, but it’s capable of so much more. We here at Comping have been working on various cases around identity and NetScaler NetScaler Identity handling capabilities

Security basics, part 5 – How?

Overview You’ve gotten this far so let me wrap this series up for you. Why – Why someone tries to access the environment? Who – Who should be able to access the environment? Can we authenticate the users or identify them in another way? Where – Where are the users connecting from? From the office Security basics, part 5 – How?

Security basics, part 4 – When?

Overview Glad you’re with us still, this one is a bit shorter. Why – Why someone tries to access the environment? Who – Who should be able to access the environment? Can we authenticate the users or identify them in another way? Where – Where are the users connecting from? From the office network? Some Security basics, part 4 – When?

Security basics, part 3 – Where?

Overview Now that we’ve discussed about who, we can move to the next one, which is where? In this post I’m trying to stay more on the conceptual level and bearing in mind that the audience remains the same. Topics Why – Why someone tries to access the environment? Who – Who should be able Security basics, part 3 – Where?

Security basics, part 2 – Who?

Overview Let’s continue on the basics and scratch the surface a bit harder this time :). The post get’s a bit more technical and has some acronyms in it, but still very much on high level. Applying these measures requires a better understanding of who, where, when and how. Topics Why – Why someone tries Security basics, part 2 – Who?