Citrix Blogs

Thwart Insider Threats! Introducing Citrix Analytics Service

Citrix Analytics provides valuable insights to improve security, productivity, performance, and availability of Digital Workspaces by gathering and analyzing data across Citrix products. Specific to Digital Workspace security, Citrix Analytics offers key insights to combat modern day threats.

The analytics engine offers a turn-key, closed-loop, autonomous system that continuously monitors users, devices, applications, networks to detect anomalous or malicious behavior and offers precise actions to mitigate and prevent them, delivering the most secure workspace in the industry.

Advent of Security Analytics

Enterprises are rapidly adopting a variety of new paradigms — mobile devices, bring your own device (BYOD), SaaS applications, and public clouds — that boost employee productivity while offering more choice & flexibility. This, however, has adverse consequences on Security. The most notable one is that the traditional well-defined security perimeter around the data center is no longer valid and this renders traditional solutions aimed at defending that perimeter insufficient. Also, the attacks and the attack vectors are becoming highly sophisticated and the traditional threat detection techniques based on signatures and known patterns have limited effect. The majority of the recent breaches, for example, were based on ‘Compromised Insider Threats’, where attackers conduct malicious activities by compromising the employee credentials. The perimeter-based security solutions are completely ineffective against such threats.

However, the rise of Big Data coupled with rapid advances in Artificial Intelligence & Machine learning (AI/ML) algorithms has led to the creation of Security Analytics, a novel approach in enterprise security to detect, predict and avert threats by aggregating and analyzing data from different sources. Security Analytics has quickly evolved into a key tool in the Security organizations’ arsenal to address the threats inside the perimeter.

Citrix & Security Analytics

Citrix will deliver a comprehensive Security Analytics solution to combat advanced security threats based on user & entity behavior. Citrix can now track all aspects of user behavior and by leveraging advanced Machine Learning algorithms distinguish normal employee behavior from that of a malicious attacker.

For a good analytics solution, having access to key data that is both accurate and authentic is paramount. Citrix solutions are deployed in over 400,000 customer sites at strategic vantage points giving Citrix Analytics a powerful edge in gathering data from a variety of sources, critical to forming a rich and complete user behavior profile without any additional instrumentation. Citrix Analytics leveraging Citrix product portfolio – XenApp, XenMobile ShareFile & NetScaler – can track all aspects user behavior including access behavior, application, data usage behavior and network traffic behavior including the ability to tap into encrypted traffic.

By employing a wide set of machine learning algorithms,  Citrix Analytics correlates and analyzes this cross-product data to detect and isolate risky user activities whether they stem from a negligent internal employee or malicious external attacker. These risky user activities are combined to create an aggregate risk profile for the user.

Once risky user activities are identified, Citrix Analytics employs a variety of granular policy controls to mitigate the threat or stop it entirely. Enabling multi-factor authentication, recording user sessions, setting tighter data access thresholds, blocking suspicious apps and even quarantining users are a few examples of available policy controls.

Citrix already provides a variety of functionality for enterprises to defend against ‘External Threats’, through NetScaler Application Delivery Controller (ADC), Web Application Firewall (WAF), Distributed Denial of Service (DDoS) features and the upcoming Secure Web Gateway (SWG).

Citrix Analytics, by providing compelling functionality to defend ‘Insider Threats’, augments these existing offerings to create a security solution from Citrix which is truly unique and comprehensive.

While Security is a huge focus for Citrix Analytics, there are other areas such as performance and availability where Citrix Analytics provides tremendous value to our customers. In fact, there are several existing analytics modules as part of NetScaler MAS (Management and Analytics System) that deliver great value in network operations, application performance and availability, etc. These modules are also aggregated as part of Citrix Analytics enabling our customers to have one combined view of Analytics independent of the product and independent of deployment architectures.

Citrix Analytics will be delivered as a Citrix Cloud Service. To sign up for early access please visit https://now.citrix.com/analytics

Exit mobile version