CASE STUDY FOR A CITRIX ACCESS GATEWAY DEPLOYMENT

Previous page
Table of content
Next page

Our case study, CME Corporation, has defined requirements for external access regarding traveling sales staff, home users, Internet kiosks , and wireless Internet WANs (Sprint, Verizon, T-Mobile, and others), supporting everything from dial-up to broadband connection speeds. Additionally, CME will provide limited access to non-CME employees under certain conditions.

In order to support these requirements, CME has chosen to implement Citrix Access Gateway to create an access center, and to enforce additional security with Advanced Access Controls. The initial deployment will be as a baseline replacement for their SG/WI deployment, primarily for CME users. Additional features will be enabled incrementally.

CME's secure access center deployment runs on the Citrix Access Gateway (CAG) appliance, with Microsoft Internet Information Server Version 6.0 on Windows Server 2003, AAC on Windows Server 2003, and a backend Microsoft SQL 2000 database.

CME evaluated four possible deployment scenarios as depicted in Figure 16-1. Based on a variety of design considerations, CME determined that existing IPS/IDS systems could monitor the CAG traffic on the internal interface if necessary, and that the resiliency, simplicity, and capability benefits of an external filtered implementation outweighed other concerns. CME also decided to plan for future implementation of a Citrix NetScaler Application Switch to "front-end" redundant access gateway devices for load balancing and assured availability. As an added benefit, the "front end" (external interfaces) of the Access Gateway will benefit from the NetScaler's ability to protect against common denial of service attacks and probes. Based on Citrix's migration plans, the CAG and the NetScaler product lines will share a common hardware form factor and will ultimately aggregate on a single dual-purpose platform. CME's initial implementation will deploy a single CAG with additional expansion to follow.

Figure 16-2 diagrams the infrastructure components and services that make up CME's secure access center.

image from book
Figure 16-2: The CME secure gateway diagram
Note 

In Figure 16-2, the Access Gateway implementation will start with a single CAG appliance with a second appliance slated for deployment in the future. Figure 16-2 does not show every server involved in the deployment; existing resources such as the Citrix Licensing Server are omitted.


Previous page
Table of content
Next page
Citrix Access Suite 4 for Windows Server 2003. The Official Guide
Citrix Access Suite 4 for Windows Server 2003: The Official Guide, Third Edition
ISBN: 0072262893
EAN: 2147483647
Year: 2004
Pages: 137
Authors: Steve Kaplan, Tim Reeser, Alan Wood
BUY ON AMAZON
The CISSP and CAP Prep Guide: Platinum Edition
Java for RPG Programmers, 2nd Edition
Cisco IOS Cookbook (Cookbooks (OReilly))
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
Python Programming for the Absolute Beginner, 3rd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy