Jump to content
Updated Privacy Statement
  • 0

Possible to use CVAD without Netscaler?

Raul Gonzalez


My company is trying to design a NIST 800-171 compliant environment that uses CVAD a key component.  However committee members looking to design the environment are convinced that Netscaler can be replaced with a VPN solution from Palo Alto for example.  

Is this possible to do?  Will what is being proposed break functionality in CVAD?   I did read a 10yr old blog article that XenDesktop without Netscaler is not supported?

Link to comment

1 answer to this question

Recommended Posts

  • 0

It is "possible" but every connection from a Citrix perspective would look like an internal connection as presumably users would come in via the VPN and go to StoreFront directly. You would lose a lot of security functionality given the requirement to develop a NIST 800-171 compliant environment here, including smart access policies (defining different policies for internal vs external) and would have to have users login with credentials directly to StoreFront (SAML, AD). If you are doing load balancing (in particular with Citrix related monitors) you would lose that capability as well for SF and XDC. The VPN would have to be the SSL proxy as well as the traffic from the VDA (by default at least) would be 1494/2598 TCP/UDP ports. 

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...