The internet: friend or foe?
In my career as a field consultant, I’ve worked in a lot of different environments with a lot of different customers, from a very small hospital in Qatar with just a few employees to Russia and one of the largest companies in the world. I’ve always been a regional consultant, never anchored to a single country, always on the road, with a different country and culture seemingly every week.
There was, however, one constant that carried through all of these different companies and environments and projects: the web browser was always one of the most critical components of every deployment. In the old days, most requirements were actually pretty simple: Internet Explorer only and one version (often with a specific plugin) that was being used for a couple of years. Yet even then, providing a consistent and secure browsing experience was very challenging. And? Not surprisingly, the browser was — and still is — the most common published application in XenApp.
Today, the situation is very different. A combination of different operating systems (including mobile ones), many new browsers and their plugins and extensions results in an almost infinite number of possibilities for deployments. At the same time, attacks are becoming more sophisticated and more commonplace, which is not surprising, as 89% of breaches had a financial or espionage motive. And browsers are right in the center of this new security mayhem; 90% of fully undetected malware was delivered via web browsing. For attackers, this is a truly wonderful combination: having a target that is hard to secure, exists in every customer environment and can be used as a threat gateway.
Secure browsing with Citrix and Bitdefender
Citrix XenApp — together with Citrix XenServer with Direct Inspect APIs — and Bitdefender Hypervisor Introspection (HVI) provide a method of enhancing security without sacrificing the end-user experience. The Secure Browser solution is, in concept, fairly straightforward:
- Centralize browser functionality in a XenApp site
- Run the XenApp servers on XenServer, which is secured using HVI
- Leverage HVI to provide security at the XenServer infrastructure level
There are three primary components of the Secure Browser solution. The first is XenApp, which centralizes the browser application execution on one or more host. The second is Bitdefender Hypervisor Introspection (HVI), which leverages the third component: Citrix Direct Inspect APIs in XenServer.
The novelty of the solution lies in the Bitdefender HVI technology, protecting the XenApp-hosted browser. With HVI, organizations gain insight into the security posture of the hosted browser. Bitdefender HVI is a unique solution and perfect fit for secured browsing:
- HVI targets techniques, not signatures and can protect against known and unknown attacks
- HVI is not impacted by rootkits or kernel-mode attacks
- HVI inspects the raw memory of guests, at the hypervisor layer
Simplified architecture of Hypervisor Introspection and Direct Inspect APIs
Summary
Citrix solutions have been used to secure access to the Internet for a very long time – across the globe, by different customers, for different use cases. Now we are able to bring you an even more secure solution, thanks to our friends at Bitdefender. XenApp is great. XenServer is great. Bitdefender HVI is great. Put them all together and these three solutions are really about to show their full potential.
So, stop waiting, download the whitepaper and secure your Internet access today.