11 All rights reserved to Ceedo. Ceedo - Flexible Computin Certificate-Based Authentication (CBA - 2FA) • The organization MUST be able to positively determine users’ ID for security • CBA requires Public Key Identification (PKI) hardware (USB smart card chip) and middleware Installation and Configuration Issues • Citrix Installation might suffer conflicts and related issues (incompatibility, conflicting versions, etc.) • If the connection runs through VPN SSL – users will require plug-ins and/or specific browser version • Additional plug-ins might be required for organizational portal (.net, Java, etc.) • If a self-signed certificate (server certificate) is used, users have to configure end- point’s browser Data Leakage • Hard to manage where users export data to (machines/media) and how they use it • A misconfigured machine might be used by unauthorized personal for accessing sensitive data Citrix Receiver – The Challenge
Citrix Receiver – The Challenge. Certificate-Based Authentication (CBA - 2FA) The organization MUST be able to positively determine users’ ID for security CBA requires Public Key Identification (PKI) hardware (USB smart card chip) and middleware Installation and Configuration Issues - PowerPoint PPT Presentation
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Device architecture (varies)Flash memory on 2FA device or regular USB drivePartitioned to Read Only and Read/WriteRead Only: Ceedo workspace, 2FA Middleware or software and all other applications and components.Read/Write: User Data and customizations.
Virtual Runtime
Environment
Ceedo EnterpriseManager (CME)
Management SystemCEM: Creates Ceedo workspaces and their policies.CPC: Creates application packages.CCMS: Assigns users and groups with devices, workspaces, edits and creates policies, aggregates usage data, and more (web-based)…Ceedo Package
Creator (CPC) Ceedo ClientManagement (CCMS)
Virtual Runtime EnvironmentActs as a surrogate OSRuns all components within a sandboxWorks entirely in User ModeNo admin rights or installation requiredCross windows platforms