Jump to content
Welcome to our new Citrix community!
  • 0

Citrix DaaS reduce access from different geolocation


Mislav Novacic1709163391

Question

Hello,

We have Citrix DaaS implemented within Citrix Cloud in Europe region.

For external connectivity within Workspace configuration we use built-in Gateway service.

Hosting environment is in Azure in West Europe region.

Authentication is Azure AD based by using MFA.

There is no ADC implemented.

We receive request from our security team that our users can only access to Citrix resources while they are at European Union location. If, for example, user travel to Japan, he will not be able to access to Citrix resources.

Is there a way how to achieve this just by using builtin Citrix tools (policies, settings within Citrix Cloud environment)?

I know that Microsoft Azure offering similar solutions with Conditional access, but I would rather configure that boundary access within Citrix environment if that is possible.

 

Thank you in advance.

Link to comment

4 answers to this question

Recommended Posts

  • 1

As Carl already wrote, Adaptive Auth (Infos also on https://www.julianjakob.com/citrix-daas-adaptive-authentication/) but in your setup (already using AAD as IdP) I would highly recommend to use a simple geolocation AAD conditional access policy, bound to the Citrix Cloud AAD enterprise application. Why? Because the geolocations get automatically updated by Microsoft, so there's nothing you have to maintain.

  • Like 2
Link to comment
  • 0
13 minutes ago, Julian Jakob said:

As Carl already wrote, Adaptive Auth (Infos also on https://www.julianjakob.com/citrix-daas-adaptive-authentication/) but in your setup (already using AAD as IdP) I would highly recommend to use a simple geolocation AAD conditional access policy, bound to the Citrix Cloud AAD enterprise application. Why? Because the geolocations get automatically updated by Microsoft, so there's nothing you have to maintain.

Hi Julian... Yes, I was thought so to utilize AAD Conditional access policy for geo-location boundry, but before that I was wondering if there is something within Citrix that I could might use... Since I'm using AAD as ldP, I think I will proceed that way...

Thank you..

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...