Citrix OpenCloud Access. Accelerate cloud computing adoption and simplify identity management. www.citrix.com



Similar documents
Citrix OpenCloud Access. Enabling seamless delivery of cloud-hosted applications.

Citrix XenDesktop with FlexCast technology. Citrix XenDesktop: Desktop Virtualization For All.

Citrix desktop virtualization and Microsoft System Center 2012: better together

Advanced virtualization management for Hyper-V and System Center environments.

Simplicity is power.

White paper. Microsoft and Citrix VDI: Virtual desktop implementation scenarios

AppFlow: next-generation application performance monitoring.

Executive summary. Introduction Trade off between user experience and TCO payoff

The complete solution for enabling BYO.

Citrix XenClient. Extending the benefits of desktop virtualization to mobile laptop users.

Building a better branch office.

Five reasons why you need Citrix Essentials for Hyper-V now

WHITE PAPER. Pay-as-You-Grow Licensing. Pay-as-You-Grow: Flexible Capacity in the Datacenter with On-Demand Licensing.

Accelerating Microsoft Windows 7 migrations with Citrix XenApp

Optimizing with Citrix NetScaler. Three keys to building the best front-end network for virtual desktop delivery.

Extending Microsoft Hyper-V with Advanced Automation and Management from Citrix

Citrix Receiver for Enterprise Applications The technical detail

NetScaler SQL Intelligent Load Balancing. Scaling the Data Tier with.

Better virtualization of. XenApp and XenDesktop with XenServer

BYO Rethinking your device strategy.

WHITE PAPER. Citrix XenDesktop. Cost savings with centralized virtual desktops.

Deployment Guide ICA Proxy for XenApp

High availability and disaster recovery with Microsoft, Citrix and HP

DEPLOYMENT GUIDE XenApp, Avaya 1X Agent. Deployment Guide. Avaya 1X Agent. XenApp.

Staying Ahead of the Hacker Curve Turn-key Web Application Security Solution

Design and deliver cloudbased apps and data for flexible, on-demand IT

Cisco and Citrix: Building Application Centric, ADC-enabled Data Centers

The Benefits of Virtualizing Citrix XenApp with Citrix XenServer

Mobility and cloud transform access and delivery of apps, desktops and data

Features of a comprehensive application security solution

Citrix XenApp, MDOP, and Configuration Manager

Windows 7 easier with Citrix XenDesktop.

How To Use Netscaler As An Afs Proxy

Virtual desktops: preparing the enterprise for growth.

TCO Savings with Desktop Virtualization

Citrix ShareFile Enterprise: a technical overview citrix.com

Advanced virtualization management for Hyper-V and System Center environments

Best practices for implementing

The falling cost and rising value of desktop virtualization

SOLUTION BRIEF Citrix Cloud Solutions Citrix Cloud Solution for Disaster Recovery

SOLUTION BRIEF Citrix Cloud Solutions Citrix Cloud Solution for On-boarding

Cisco and Citrix: Building Application Centric, ADC-enabled Data Centers

Citrix Lifecycle Management

Fullerton India enhances its employee productivity and efficiency with Citrix XenDesktop

Citrix NetScaler and Microsoft SharePoint 2013 Hybrid Deployment Guide

2048-bit SSL. Best practices for implementing.

Desktop virtualization and the branch office. Optimizing virtual desktops and applications to the branch office VDI.

Citrix MetaFrame Password Manager 2.5

Building success in the cloud

Data Center Consolidation for Federal Government

Windows XP Application Migration Checklist

Top Three Reasons to Deliver Web Apps with App Virtualization

Application Template Deployment Guide

How To Install A Citrix Netscaler On A Pc Or Mac Or Ipad (For A Web Browser) With A Certificate Certificate (For An Ipad) On A Netscaler (For Windows) With An Ipro (For

AppSense User Virtualization

Citrix Password Manager 4.1

How To Get Cloud Services To Work For You

The Office Reinvented: Mobile Workspaces are the Future of Work

Desktop virtualization for all

Microsoft SharePoint 2013 with Citrix NetScaler

Consolidation without compromise.

Desktop virtualization for all

Deliver the Next Generation Intelligent Datacenter Fabric with the Cisco Nexus 1000V, Citrix NetScaler Application Delivery Controller and Cisco vpath

SolidFire SF3010 All-SSD storage system with Citrix CloudPlatform Reference Architecture

Citrix ShareFile Enterprise technical overview

Powering Real-Time Mobile Access to Critical Information With Citrix ShareFile

Citrix Ready Solutions Brief. CA Single Sign-On and Citrix NetScaler: Quickly Adapt to Your Dynamic Authentication Demands. citrix.

Citrix Solutions. Overview

Virtual desktops in hospitals: streamlining clinical workflows

Trend Micro Cloud Security for Citrix CloudPlatform

Microsoft Dynamics CRM 2015 with NetScaler for Global Server Load Balancing

Bring your own device freedom

Deploying XenApp on a Microsoft Azure cloud

Single Sign On for ShareFile with NetScaler. Deployment Guide

BlueCat Networks Adonis and Proteus on Citrix NetScaler SDX Platform Overview

Solution Brief. Deliver Production Grade OpenStack LBaaS with Citrix NetScaler. citrix.com

BlueCat IPAM, DNS and DHCP Solutions on Citrix NetScaler SDX Platform Overview

Safeguard Protected Health Information With Citrix ShareFile

Achieving the lowest server virtualization TCO

RSA Adaptive Authentication and Citrix NetScaler SDX Platform Overview

Deploying NetScaler Gateway in ICA Proxy Mode

Guide to Deploying Microsoft Exchange 2013 with Citrix NetScaler

Solve the application visibility challenge with NetScaler Insight Center

Citrix Access Gateway

Taking Windows Mobile on Any Device

Secure Data Sharing in the Enterprise

Transcription:

Citrix OpenCloud Access White Paper Citrix OpenCloud Access Accelerate cloud computing adoption and simplify identity management www.citrix.com

Executive summary Cloud-hosted application delivery models have many compelling advantages when compared with hosting applications in house. These include faster time to value, lower total cost of ownership and the ability to efficiently and cost-effectively address fluctuating levels of application demand. Still, the pace of enterprise adoption for both software-as-a-service (SaaS) and infrastructure-as-a-service (IaaS) solutions has been slowed by the challenges of having to create, use and manage yet another set of identities for each new service-based offering. This paper explains how Citrix OpenCloud Access removes identity as an obstacle to enterprise adoption of cloud-hosted application delivery models. OpenCloud Access completes the job started by traditional single sign-on (SSO) and identity management tools by making identities and their management part of the application delivery network and essentially establishing a trust fabric. With OpenCloud Access, coverage for SSO and capabilities such as provisioning and workflow management can efficiently and cost-effectively be extended to SaaS applications and IaaS cloud implementations, and to many of the enterprise and legacy applications that have historically remained beyond the scope of traditional identity management solutions due to technical or financial limitations. OpenCloud Access is also solidly aligned with the enterprise objective of achieving a single pane of glass for application access. In conjunction with Citrix XenDesktop for desktop virtualization and Citrix Receiver, the first self-service storefront for enterprise applications, OpenCloud Access delivers a superior user experience, providing secure, streamlined access to all of the applications that users require to get their jobs done. Diverse identities and their management remain problematic Most organizations today are confronted with the challenge of having to manage numerous pockets of identity. Each new application or service requires the implementation of a new set of credentials and privileges. Users are hindered by inconsistencies in the rights that they are assigned and the need to remember multiple passwords, while IT is subjected to steadily increasing complexity, administrative costs and risks due to unsafe user practices, such as writing passwords down and selecting ones that are easy to remember and, therefore, weak. Even organizations that have made substantial investments in traditional SSO and other identity management solutions are not immune. The problem is that integrating new applications into these solutions is often expensive, or simply too cumbersome. For web SSO, agents must be licensed and implemented on each application server. For enterprise SSO, agents are required for each user computing device. Incomplete identity management support for all of an organization s applications, platforms and devices is another major limitation. 2

Citrix OpenCloud Access White Paper The net result is that some of the organization s pockets of identity may in fact be larger; however, there are still several of them and they are still completely independent of one another. An all-too-common scenario for enterprises is one where web SSO is implemented for only a subset of web applications; enterprise SSO is implemented for only a subset of enterprise applications; numerous legacy applications remain identity islands unto themselves; and any password reset, account management and provisioning tools that are available have been deployed in a similarly disjointed manner. Bringing cloud-hosted applications into the mix can make matters worse. Although traditional identity management solutions can provide a measure of relief for in-house applications, there is very little they can accomplish for applications that reside outside the enterprise datacenter. These tools were not architected with external use in mind, particularly ones where the enterprise has little control, if any, over the application and its supporting infrastructure. The resulting identity management complexities are a considerable obstacle to the adoption of cloud-based applications and are keeping enterprises from more fully realizing the economic advantages of this otherwise attractive delivery model. Bridging identity across enterprise and cloud applications Citrix OpenCloud Access solves the pockets of identity challenge facing today s enterprises by simplifying the administrator effort required to manage multiple identities across an ever-growing population of applications while providing the best possible user experience in the most secure manner. With OpenCloud Access, identity becomes part of the application delivery network. Instead of remaining locked into individual user systems and application servers, identity is effectively moved to a central point within the network. In conjunction with an associated set of identity management features, the resulting network-based identity forms a trust fabric and delivers single sign-on capable of spanning all of an organization s users and resources, including SaaS and IaaS cloud environments. A key component of the Citrix OpenCloud Framework 1, OpenCloud Access is a product option for the Citrix NetScaler application delivery controller that works with both MPX hardware and VPX virtual appliances. In addition to delivering comprehensive SSO for legacy, web, custom, cloud-based and next-generation applications, OpenCloud Access also addresses enterprise requirements for user provisioning, de-provisioning and self-service account management. A regularly updated library of AppConnectors and integral support for SAML, ADFS and OpenID federated access technologies helps ensure coverage across existing and future applications alike. At the same time, identity infrastructure connectors allow IT managers to fully leverage existing identity stores such 1 Citrix OpenCloud Framework lets enterprises and cloud service providers build and operate private and public clouds by providing the core logic to rapidly provision, manage and control applications deployed as cloud-based services. Additionally, it supports interoperability with popular cloud interfaces to let customers leverage their existing investments for migration to the cloud. For more information, please visit www.citrix.com. 3

as Microsoft Active Directory, and any investments that have been made in traditional SSO and identity management tools. Furthermore, a robust management interface featuring the same look and feel used for all other NetScaler capabilities and product options ensures an efficient and seamless experience for network operations personnel. The power of network-based identity OpenCloud Access makes identity available as a network-based resource. Requests to access applications are transparently intercepted by or redirected to NetScaler. OpenCloud Access then leverages existing identity stores to validate user identities and establish group memberships using records of preference. Built-in connectors also sign users in to the applications they are permitted to access, regardless of application type and location. Applications using SAML or other federated authentication technologies can be simply configured to point to OpenCloud Access as the authoritative source of identity information. Once the logon process is complete, OpenCloud Access allows direct communication between users and applications. The result is that users are automatically signed in to their applications without ever seeing the corresponding logon screens and are otherwise able to interact with applications as they normally would. The advantages of a network-based approach to identity, as compared to traditional SSO products and techniques, are: There is no need to deploy client-side agents characteristic of conventional enterprise SSO solutions There is no need for server-side agents characteristic of popular web SSO solutions Initial implementation and ongoing maintenance are considerably less complex, disruptive and expensive, and the solutions are inherently more scalable Because of its independence from client and server platforms, the SSO capability provided by OpenCloud Access is universally applicable. With OpenCloud Access, organizations have the potential to affordably engage the same uniform set of SSO and identity management capabilities for all of their web, custom and legacy applications, as well as those delivered via cloud-hosted approaches. The ability to seamlessly extend the identity of internal users into a service provider s domain not only facilitates more widespread use of SaaS applications, but also paves the way for more transformative IaaS implementations. Providing a simple way to account for user identities significantly reduces the upfront work for hybrid cloud environments, effectively eliminating the need for application or network redesign and allowing organizations to more fully realize associated economic benefits. The result particularly for IT departments that are already using NetScaler for application delivery and traffic management is a simple and economically efficient way to establish SSO for all of an organization s applications, whatever their type and wherever they are located. 4

Citrix OpenCloud Access White Paper Additional capabilities OpenCloud Access does more than establish highly leverageable and scalable network-based identity. Additional features and capabilities include: compatibility with existing SSO solutions, simple user provisioning, self-service account management, detailed usage reporting, alignment with desktop virtualization and related efforts to establish a single pane of glass for application access. SSO solution compatibility Besides providing SSO capabilities for resources not covered by existing SSO products, OpenCloud Access can also be configured to work with these solutions, thereby extending their usefulness and reducing ongoing operational effort. For instance, with an existing web SSO implementation: Coverage for new applications can be achieved by installing a single agent on OpenCloud Access, as opposed to deploying one on each individual application server There is no need to install additional agents every time a new server is added SSO and other identity management functions can easily be extended to additional resources, effectively bridging pockets of identity and leading to a uniformly smoother experience for users and less work for network and systems administrators. Simple user provisioning OpenCloud Access can transparently create new application accounts when needed. New users can be up and running with a full set of privileges in minutes, rather than days or possibly even weeks, and existing users can be assigned new roles or responsibilities with their associated privileges equally fast. System administrators need only associate these users with the corresponding groups in the enterprise directory. A request to access a resource will then lead to OpenCloud Access taking advantage of its built-in connectors and previously configured administrative privileges to automatically create a new account, after which the user will be transparently signed in to the application. De-provisioning, or the revocation of access rights, is also supported and is accomplished by removing the corresponding group associations for subject users from the enterprise directory. Security is enhanced while also achieving compliance with associated requirements of industry regulations and legislation. Self-service account management Self-service account management helps address situations where users need access to applications for which they are not yet assigned corresponding entitlements in the enterprise directory. In these cases, OCA can facilitate the initiation of a request for new privileges, and integral workflow capabilities can help automate the process of obtaining required approvals. An embedded password reset capability can also be used to reduce support desk call volume and more quickly restore locked-out users to a productive state. Detailed usage reporting Organizations can take advantage of the detailed records and usage reports available with OpenCloud Access to proactively manage their cloud-based services. Licenses and capacity allotments can be fine-tuned to reduce expenses during periods of low utilization or, 5

alternately, to ensure the availability of sufficient resources when demand rises. The same information can also be used to help cross-check vendor claims regarding consumption levels and thereby confirm the accuracy of monthly billing statements. Desktop virtualization and the single pane of glass Enterprises worldwide are steadily embracing desktop and application virtualization as a way to improve accessibility of essential resources, bolster IT security and substantially reduce application and endpoint total cost of ownership. In this regard, OpenCloud Access extends the trust fabric it creates to virtualized environments by incorporating support for XenDesktop and Citrix XenApp. Another interrelated objective for many businesses is the establishment of a single pane of glass that enables users to access all of their applications from one place and in one consistent manner. Enterprise application portals and front-end solutions such as Citrix Receiver address this growing requirement, and so does OpenCloud Access. Besides being able to also serve as a portal itself, OpenCloud Access brings further value to simple application containers and innovative subscription platforms by making access to the enumerated applications as seamless and uniform as possible. The benefits of OpenCloud Access OpenCloud Access delivers benefits to IT, to users and to the business. For IT, OpenCloud Access: Provides a robust set of SSO and privilege management capabilities that are straightforward to implement, easy to maintain, and uniformly applicable across all of an organization s applications, regardless of type and location Works with and bridges existing SSO solutions, not only preserving prior identity management investments but actually enhancing them as well Reduces call volume to the IT support desk, along with associated expenses For users, OpenCloud Access: Streamlines their experience by enabling a single identity for all application access gone are the days of having to juggle multiple passwords and the incessant process of having to log on to every application Eliminates the need to wait days, or perhaps even longer, to gain access to essential applications when on-boarding, changing roles or receiving new responsibilities Provides self-service account management and associated workflow capabilities that obviate the need for cumbersome and time-consuming processes to expand their access privileges 6

Citrix OpenCloud Access White Paper For business management, OpenCloud Access: Accelerates and helps maximize the financial and agility gains associated with SaaS and IaaS adoption by affordably enabling the extension of identity and trust relationships beyond the borders of the enterprise Ensures greater user productivity and enterprise agility by rapidly turning up new users and applications while also accounting for future developments, including the potential for widespread use of federated authentication technologies such as SAML or OpenID Enhances IT security by facilitating the enforcement of password strength and renewal policies, curtailing the practice of writing passwords down, incorporating single-click de-provisioning, and providing detailed insight into individual s application usage patterns and habits Conclusion Citrix OpenCloud Access, an option of NetScaler, turns identity into a network-based resource, thereby enabling the creation of a trust fabric that spans all of an organization s applications, whatever their type and wherever they are located. With OpenCloud Access, SSO capabilities can easily and affordably be implemented on a widespread basis, especially if an organization has already deployed NetScaler. OpenCloud Access also delivers the ability to extend internal user identities into a service provider s environment. This overcomes a significant limitation of traditional identity management solutions and removes identity as an obstacle to enterprise adoption of SaaS applications and IaaS-based, cloud-extended datacenter configurations. The result with OpenCloud Access is a robust solution that allows an enterprise to more fully realize the economic advantages of cloud-hosted applications, preserves and extends prior investments made in traditional identity management infrastructure, and delivers a streamlined user experience that is also completely secure. 7

Worldwide Headquarters Citrix Systems, Inc. 851 West Cypress Creek Road Fort Lauderdale, FL 33309, USA T +1 800 393 1888 T +1 954 267 3000 Americas Citrix Silicon Valley 4988 Great America Parkway Santa Clara, CA 95054, USA T +1 408 790 8000 Europe Citrix Systems International GmbH Rheinweg 9 8200 Schaffhausen, Switzerland T +41 52 635 7700 Asia Pacific Citrix Systems Hong Kong Ltd. Suite 6301-10, 63rd Floor One Island East 18 Westland Road Island East, Hong Kong, China T +852 2100 5000 Citrix Online Division 6500 Hollister Avenue Goleta, CA 93117, USA T +1 805 690 6400 www.citrix.com About Citrix Citrix Systems, Inc. (NASDAQ:CTXS) is a leading provider of virtual computing solutions that help companies deliver IT as an on-demand service. Founded in 1989, Citrix combines virtualization, networking, and cloud computing technologies into a full portfolio of products that enable virtual workstyles for users and virtual datacenters for IT. More than 230,000 organizations worldwide rely on Citrix to help them build simpler and more cost-effective IT environments. Citrix partners with over 10,000 companies in more than 100 countries. Annual revenue in 2009 was $1.61 billion. 2010 Citrix Systems, Inc. All rights reserved. Citrix, OpenCloud Access,NetScaler, Citrix Receiver, XenApp and XenDesktop are trademarks of Citrix Systems, Inc. and/or one or more of its subsidiaries, and may be registered in the United States Patent and Trademark Office and in other countries. All other trademarks and registered trademarks are property of their respective owners. 1010

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information