Jump to content
Welcome to our new Citrix community!
  • 0

Isolated Application for Branch Office users


EC Saw

Question

Scenario : Our Citrix 7.15 LTSR farm is located in our main office. A branch office ( in another country ) would like to access a web application hosted in the main office. We would like to isolate this web application (accessed via browser only) for their users to access. Ideally, they can only launch this application and cannot access other network shares / other browser applications etc. Access will come in via our NetScaler Gateway 5 which is published on the web. 

 

What would the be the best way of doing this? Create another Store? How do we restrict the user logins (if using AD, or is there another method). Any ideas are welcome.....thanks!

Link to comment

3 answers to this question

Recommended Posts

  • 1

Hi Saw,

 

Below article describes how to secure the published browser. Please go through the article and make the required settings to secure your browser.

 

https://www.citrix.com/content/dam/citrix/en_us/documents/white-paper/securing-the-published-browser.pdf

 

Hope I answered your follow-up query too . Please don't forget to upvote if my post helped you to resolve the issue.

 

Thanks,

Anjani

  • Like 1
Link to comment
  • 0

Hi ,

 

Limiting access to a published application for specific users or groups can be done by following the steps mentioned in the below article. 

 

https://support.citrix.com/article/CTX250083

 

You can also restrict users from accessing Published Applications and Desktops by following the steps mentioned in the below article. 

 

https://support.citrix.com/article/CTX232069

 

With these configurations you can allow or restrict AD users from accessing published applications but restricting network share access should be done through policies which can restrict share access to AD users .

 

Thanks,

Anjani 

Link to comment
  • 0

Thanks Anjani.

 

Follow up q : If the published application is a browser ( since we want the user to go to an internal web server ), 

 

Example : internalapp.contoso.com

 

They will also have access to browse to our other internal web servers such as example : intranet.contoso.com ( I don't think the browser has control and I can't block on a network level because the Citrix host will allow our normal main office users to reach all internal servers )

 

Regards,

Saw

 

 

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...