Citrix ShareFile Enterprise: a technical overview citrix.com



Similar documents
Citrix ShareFile Enterprise technical overview

ShareFile Enterprise technical overview

Provisioning ShareFile on Microsoft Azure Storage

Secure Data Sharing in the Enterprise

Powering Real-Time Mobile Access to Critical Information With Citrix ShareFile

Safeguard Protected Health Information With Citrix ShareFile

Powering real-time mobile access to critical information with ShareFile

ShareFile for enterprises

Enabling mobile workstyles with an end-to-end enterprise mobility management solution.

Mobility and cloud transform access and delivery of apps, desktops and data

Citrix NetScaler and Microsoft SharePoint 2013 Hybrid Deployment Guide

White Paper. Protecting Mobile Apps with Citrix XenMobile and MDX. citrix.com

Citrix desktop virtualization and Microsoft System Center 2012: better together

Mobilize with Enterprise-Grade Security and a Great Experience

Single Sign On for ShareFile with NetScaler. Deployment Guide

Microsoft Dynamics CRM 2015 with NetScaler for Global Server Load Balancing

ShareFile Enterprise. Jaan Feldmann Sergei Sokolov

Bring-Your-Own-Device Freedom

Advanced Service Desk Security

Safeguard protected health information with ShareFile

A Secure, IT-approved Alternative to Personal File Sharing Services in the Enterprise

Comprehensive Enterprise Mobile Management for ios 8

The Office Reinvented: Mobile Workspaces are the Future of Work

Bring your own device freedom

How To Use Netscaler As An Afs Proxy

Solutions Guide. Deploying Citrix NetScaler with Microsoft Exchange 2013 for GSLB. citrix.com

Design and deliver cloudbased apps and data for flexible, on-demand IT

Citrix Lifecycle Management

Get the Most from Your EMM Deployment with Secure File Sharing

Top Three Reasons to Deliver Web Apps with App Virtualization

Citrix Enterprise Mobility Report

Modernize your business with Citrix XenApp 7.6

Effective hosted desktops

Enterprise- Grade MDM

Solutions Guide. Deploying Citrix NetScaler for Global Server Load Balancing of Microsoft Lync citrix.com

Top Five Requirements for Secure Enterprise File Sync and Sharing

The Always-on Enterprise: Business Continuity Scenarios that Work

The fastest, most secure path to mobile employee productivity

Secure SSL, Fast SSL

The falling cost and rising value of desktop virtualization

icrosoft TMG Replacement with NetScaler

ShareFile Enterprise for healthcare

How To Get Cloud Services To Work For You

Guide to Deploying Microsoft Exchange 2013 with Citrix NetScaler

The top 5 truths behind what the cloud is not

Citrix Solutions. Overview

Desktop virtualization for all

Microsoft SharePoint 2013 with Citrix NetScaler

Desktop virtualization for all

Security Overview Enterprise-Class Secure Mobile File Sharing

Cisco and Citrix: Building Application Centric, ADC-enabled Data Centers

Redefining IT for federal healthcare agencies

Secure remote access

Trend Micro InterScan Web Security and Citrix NetScaler SDX Platform Overview

RSA Adaptive Authentication and Citrix NetScaler SDX Platform Overview

Citrix Workspace Cloud Apps and Desktop Service with an on-premises Resource Reference Architecture

Fullerton India enhances its employee productivity and efficiency with Citrix XenDesktop

Citrix XenServer Industry-leading open source platform for cost-effective cloud, server and desktop virtualization. citrix.com

Data Center Consolidation for Federal Government

Deploying NetScaler Gateway in ICA Proxy Mode

SolidFire SF3010 All-SSD storage system with Citrix CloudPlatform Reference Architecture

Taking Windows Mobile on Any Device

Using Vasco IDENTIKEY Server with NetScaler

Mobile app containers with Citrix MDX

10 Essential Elements for a Secure Enterprise Mobility Strategy

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

VDI and Beyond: Addressing Top IT Challenges to Drive Agility and Growth

Solution Brief. Deliver Production Grade OpenStack LBaaS with Citrix NetScaler. citrix.com

BlueCat Networks Adonis and Proteus on Citrix NetScaler SDX Platform Overview

Websense Data Security Gateway and Citrix NetScaler SDX Platform Overview

Cisco and Citrix: Building Application Centric, ADC-enabled Data Centers

Optimizing service assurance for XenServer virtual infrastructures with Xangati

NetScaler: A comprehensive replacement for Microsoft Forefront Threat Management Gateway

BlueCat IPAM, DNS and DHCP Solutions on Citrix NetScaler SDX Platform Overview

Enterprise mobility management: Embracing BYOD through secure app and data delivery

Eight steps to fill the enterprise mobile application gap

Citrix OpenCloud Access. Accelerate cloud computing adoption and simplify identity management.

Windows XP Application Migration Checklist

Mobile Application Management with XenMobile and the Worx App SDK

Solution Guide for Citrix NetScaler and Cisco APIC EM

White Paper. Secure Mobile Collaboration with Citrix XenMobile and ShareFile. citrix.com

Securing virtual desktop infrastructure with Citrix NetScaler

Citrix OpenCloud Access. Enabling seamless delivery of cloud-hosted applications.

Solve the application visibility challenge with NetScaler Insight Center

Solution Guide. Optimizing Microsoft SharePoint 2013 with Citrix NetScaler. citrix.com

Configuring Citrix NetScaler for IBM WebSphere Application Services

Virtual desktops in hospitals: streamlining clinical workflows

Solutions Brief. Citrix Solutions for Healthcare and HIPAA Compliance. citrix.com/healthcare

Maximizing Flexibility and Productivity for Mobile MacBook Users

ShareFile provides effective collaboration and file access wherever and whenever you need it. WHITE PAPER ShareFile by Citrix.

Deploying XenApp on a Microsoft Azure cloud

Move to the cloud without compromising security

What is an application delivery controller?

Building success in the cloud

White Paper. Securing Mobile Applications and Data with Citrix XenMobile EMM. citrix.com

Trend Micro Cloud Security for Citrix CloudPlatform

Secure remote access

Defend hidden mobile web properties

Transcription:

Citrix ShareFile Enterprise: a technical overview White Paper Citrix ShareFile Enterprise: a technical overview

2 The role of IT organizations is changing rapidly as the forces of consumerization pose new challenges. IT is transitioning from the sole provider of user services to an aggregator and administrator for both in-house and third-party services, devices and applications. In the wake of this transition, IT must be prepared for everything that employees are bringing to work, including personal devices and applications. Mobile workstyles the notion that employees should be able to work from the most optimal location prompted IT to look for solutions that could support flexible working while ensuring employees remained productive. Employees also started using personal devices at work, which led some IT organizations to adopt a formal bring your own device (BYOD) strategy. These trends, along with continued growth in dispersed and global workforces, clientele and operations, drove the need for instant access to data for easy collaboration. However, the lack of an IT-managed data sharing and syncing service led employees to turn to unsecure, consumer-style file sharing products for self-service access to their files, as well as the ability to share those files with others within and outside their organization. Such solutions, unfortunately, put sensitive corporate data, regulated data and intellectual property at risk. Simply blocking these unsecure services without providing a secure and ITmanaged alternative will result in user frustration and lower productivity. It will also be regressive for IT, which is emerging as a strategic organization that fosters change to increase business productivity. To help IT regain control over employee file sharing, Citrix offers Citrix ShareFile an enterprise-class, IT-managed, followme-data service. ShareFile Enterprise ShareFile is a secure and robust enterprise follow-me data solution that enables IT to meet the mobility and collaboration needs of all users. ShareFile empowers users to securely share files with anyone and to sync files across all of their devices. ShareFile seamlessly integrates with workflow tools such as Microsoft Outlook and provides a rich user experience on any device to enhance productivity. Unlike consumer-style file sync and sharing tools, ShareFile provides management and control functionality that allows IT to deliver a secure service and store enterprise data in the optimal locations to meet corporate data policies and unique compliance requirements. ShareFile is a powerful service that is simple for IT to implement and manage, requires no additional investment and can be fully integrated with existing security infrastructure and policies.

3 With ShareFile, IT can: Empower users with instant access to data in sync across all of their devices Improve collaboration and business productivity through secure file sharing with people inside and outside the organization Meet corporate data security and compliance standards via a secure service and the flexibility to store data on or off premises, or both Deliver an enterprise-class service that seamlessly integrates with the IT environment and meets mobility requirements to provide a rich experience on any device. Deliver a managed service that helps IT retain control over the way corporate data is accessed, stored and shared Product architecture The current ShareFile product architecture is a pure Software as a Service (SaaS) model and consists of two key components: Control Plane and StorageZones. The client device can request access to the follow-me data service through a native ShareFile application or tool, Citrix Receiver or any browser. Figure 1: Citrix Managed StorageZones Control Plane The Control Plane stores all user files, folders and account information and performs functions such as user authentication, access control and all other brokering functions. The Control Plane is hosted in Citrix datacenters and managed by Citrix as a service.

4 Following are the components of the Control Plane: Web servers for ShareFile web interface/web portal access. The web servers are also known as Main App. Web servers for client devices using the HTTPS API, including all native ShareFile apps and tools The clustered database stores user account information, access right information for all file and folder metadata and hashed user passwords.the database in the Control Plane does not contain any user files or user/corporate data. The database is also securely replicated to a secondary datacenter location for backup and recovery in case of a failover. Citrix NetScaler appliances are used to load balance all client requests across the web servers. The NetScaler appliances and web servers run in the demilitarized zone (DMZ) and the database cluster runs in the production network behind the firewall. All traffic from a client device, the web interface or a native tool connects to the Control Plane using 256-bit encryption. The NetScaler appliances then begin to load balance the traffic/requests across the various web servers. Once the connection with the web servers is made, they communicate with the clustered database for retrieval of requested information. Citrix-managed StorageZones StorageZones are where the customer data and files are hosted. The Citrixmanaged StorageZones are hosted in Amazon Web Services (AWS) datacenters today, with an option to store data in various AWS worldwide locations including the United States, Ireland (EU), Brazil, Japan and Singapore. The actual storage servers run on Amazon EC2 while the backend storage resides in Amazon S3. The data is stored on EC2 servers as elastic block storage (EBS) for caching and on S3 servers for persistent storage. Amazon EC2 hosts various components of StorageZones. ShareFile Storage Center is the main component managing all file operations. Other components include the utility servers responsible for antivirus, thumbnailing, full text index and backup functions. To support file transfer using FTP and FTPS, the Citrix-managed StorageZones also host dedicated FTP servers. Uploading and downloading data When a user uploads a file to his or her account, the client device first requests authorization from the Control Plane and then connects to the Storage Center using 256-bit encryption. If a file is being uploaded through FTP or FTPS, the client first connects to one of the FTP servers, which then communicates with a Storage Center server. Thereafter, the Storage Center server encrypts the file and places it in its local cache. Simultaneously, the file is put in queue for persistent storage in S3 servers. The file remains encrypted during this entire process.

5 The utility servers communicate with the Control Plane and learn about the new file that is being uploaded. They begin to fill up their respective queues for the files that require antivirus scans, thumbnail creation, full-text indexing and backup. All files on S3 are processed according to their position in the queue. When a client device requests a file, the file is delivered from the local EBS if it is in cache; otherwise it is delivered from the S3 storage. The file is decrypted by Storage Center and delivered to the client over an encrypted connection. If the downloaded file is requested through FTP or FTPS, it is delivered to the client through the FTP servers. Citrix has a service level agreement (SLA) with AWS to ensure high availability for ShareFile even in the case of hardware failures. ShareFile also creates a backup of all encrypted file data that resides in a third-party datacenter. This backup server communicates with special backup utility servers in EC2 and with backup files from S3. It is important to note that client devices communicate with both the Control Plane and the StorageZones and there is interaction between the Control Plane and the StorageZones; however, customer files never travel from the StorageZones to the Control Plane. On-Premises StorageZones Thanks to an innovative new capability, IT will soon have the flexibility to leverage On-Premises StorageZones within a private cloud, as well as to use Citrixmanaged StorageZones in multiple worldwide locations. IT will also be able to build its own solution with a customized storage model leveraging the benefits of both Citrix managed and On-Premises StorageZones. The On-Premises StorageZones option will allow IT to store data within the datacenter to meet compliance and data sovereignty requirements. With the flexibility to store data both on and off premises, IT can optimize user performance by storing data in desired proximity. Multiple storage options allow IT to build the most cost-effective solution. With the on-premises option, Citrix envisions being able to support any sort of CIFS- or NFS-based network storage system and enable access to existing on-premises file stores, such as Windows network shares and Microsoft SharePoint, to eliminate cumbersome data migration.

6 Figure 2: On-Premises StorageZones Regardless of the customer s choice of StorageZones, the Control Plane will reside in Citrix-managed secure datacenters, making this a hybrid model. The On-Premises StorageZones can have one or more Storage Center servers running on Windows Server 2008 with Internet Information Services (IIS) and can utilize local network-attached storage (NAS). The StorageZones components run inside the customer s datacenter, allowing IT to build a fully customized solution. The ability to store highly regulated data in their own datacenters and the rest in Citrixmanaged StorageZones will help organizations meet compliance requirements while benefiting from secure and effortless administration. Client connectivity and communication run the same way as for the Citrixmanaged StorageZones: customer data will not go through the Control Plane. With On-Premises StorageZones, IT can also generate encryption keys. StorageZones can be set at the user level or root folder level, allowing IT to store data based on user profile or type of data. The On-Premises StorageZones feature is now available in tech preview at StorageZones Tech Preview and will soon be generally available. Security features ShareFile architecture is secure by design. It also provides additional robust features that IT can use to control, manage and audit the use of data. Secure architecture All datacenters containing ShareFile servers are certified to SSAE 16, demonstrating high standards for security. The servers are firewall protected and regularly updated to ensure that all of the latest security patches and updates are in place. Files are transferred to and from ShareFile servers using 256-bit SSL encryption and all files are stored with AES 256-bit encryption at rest.

7 Comprehensive disaster recovery mechanisms protect against loss of data. Files are frequently backed up to a disaster recovery datacenter and mirrored in real time to a secondary server location to ensure that service can be quickly resumed in case of a disruption at the primary server location. In the event of accidental deletion of files by a user, the files can be recovered within 28 days through the lazy file deletion option. Additional security features In addition to providing a secure architecture, ShareFile offers IT a granular level of control over sensitive corporate data. Remote wipe: This feature allows both users and IT to wipe all ShareFile stored data and passwords on any device in case it is lost or stolen. In the event of a security breach, IT can remove the device from the list of devices that can access ShareFile accounts, lock the device to restrict use for a specified period or completely wipe all ShareFile data that resides on that device. End-user and IT reporting: Users can receive reports on file sharing activity within their workspaces. IT can also track and log all user activity. Users and IT can create custom reports on account usage and access. Poison pill: The poison pill feature enables IT to prescribe data expiration policies for mobile devices and activate audit controls to track user logging activity. This feature is now available in the new ShareFile app for ipad. Provisioning and authentication ShareFile offers multiple options for seamless integration with Microsoft Active Directory. CloudGateway integration: Enterprise directory integration with Citrix CloudGateway is recommended for all Citrix customers. The integration simplifies and accelerates role-based: provisioning and de-provisioning and enforces two-factor authentication with NetScaler Access Gateway. It also provides Citrix Receiver integration for a rich content editing experience through hosted applications and helps monitor service levels and license usage. SAML 2.0 support: Support for Security Assertion Markup Language (SAML) 2.0 integration is available to customers with existing SAML solutions such as Microsoft ADFS. This integration allows users to authenticate using their Active Directory credentials without passing those credentials through ShareFile. Citrix Receiver integration The combination of ShareFile, CloudGateway and Receiver provides a seamless experience as users move from device to device. These components together provide a single pane of glass along with single sign-on to all enterprise resources (apps and data). Enterprise directory integration with CloudGateway and Receiver is recommended for all Citrix customers. The integration simplifies and accelerates role-based account provisioning and de-provisioning, enforces two-factor authentication with NetScaler Access Gateway and provides a rich content editing experience on mobile devices through virtualized applications.

8 Conclusion To embrace workforce mobility and users demands for instant access to data, ShareFile Enterprise helps IT organizations retain control while improving collaboration, mobile workstyles and productivity. Citrix has long provided IT the power to deliver a rich and powerful follow-me desktops and apps experience. Now, ShareFile completes the mobility story with a rich, enterprise-ready, follow-me data solution. Enterprise follow-me data service: ShareFile Enterprise offers best-in-class follow-me data service with features that enterprise IT and users expect Flexible storage options: The innovative StorageZones feature gives IT the flexibility to choose between using Citrix-managed, secure StorageZones in multiple worldwide locations and leveraging On-Premises StorageZones within their private cloud, or to combine the two options. Managed and secure data sharing: ShareFile Enterprise is a secure, managed service with robust security features that allow IT to determine how sensitive data is stored, accessed and shared Optimized for mobile workstyles: ShareFile Enterprise helps IT embrace user mobility requirements by enabling employees to work and collaborate from anywhere, on any device Citrix understands the importance of data from the perspectives of the end user and the IT organization. Citrix continues to drive innovation by investing in new features that make the user experience more delightful and support IT goals by simplifying management, enhancing control and helping IT retain its strategic role in the organization.

9 Corporate Headquarters Fort Lauderdale, FL, USA Silicon Valley Headquarters Santa Clara, CA, USA EMEA Headquarters Schaffhausen, Switzerland India Development Center Bangalore, India Online Division Headquarters Santa Barbara, CA, USA Pacific Headquarters Hong Kong, China Latin America Headquarters Coral Gables, FL, USA UK Development Center Chalfont, United Kingdom About Citrix Citrix Systems, Inc. (NASDAQ:CTXS) is the company transforming how people, businesses and IT work and collaborate in the cloud era. With market-leading cloud, collaboration, networking and virtualization technologies, Citrix powers mobile workstyles and cloud services, making complex enterprise IT simpler and more accessible for 260,000 enterprises. Citrix touches 75 percent of Internet users each day and partners with more than 10,000 companies in 100 countries. Annual revenue in 2011 was $2.21 billion. Learn more at www.. 2012 Citrix Systems, Inc. Citrix, NetScaler, Citrix ShareFile, Citrix Receiver, CloudGateway and NetScaler Access Gateway are trademarks of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered in the United States Patent and Trademark Office and in other countries. All other trademarks and registered trademarks are property of their respective owners. 0712/PDF

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information