« October 2007 | Main | January 2008 »

December 13, 2007

Access Gateway Enterprise Edition Deployment Guide

Slowly but surely, Secure Gateway and SmartAccess features have made it onto the NetScaler platform. Today Citrix posted a new maintenance build of the Access Gateway, Enterprise Edition firmware (build which brings a few new capabilities to the Enterprise Edition of Access Gateway:

  1. Client Choices - You can offer the user a choice page where they decide whether to launch the Secure Access Client and initiate a full VPN tunnel, or just go with Presentation Server access via Web Interface. You can also make it so that when the user fails to meet some endpoint analysis criteria, the only choice they get is Web Interface.
  2. Access Method Fallback - Without showing a client choice page you can simply fall back from VPN access to Web Interface access if the client fails an endpoint analysis scan. Presentation Server is used as a quarantine access method.
  3. Windows Vista VPN Client (Beta) - Build includes a beta Vista VPN client. It lacks a few features but for basic tunnelling it works fine.

If you want more technical detail on how to configure AG-E and get the SmartAccess hooks into Presentation Server that allow you to control which apps a user can launch and which ICA virtual channels they can use based on endpoint analysis, then you should download my SmartAccess Deployment Guide for AG-E. The guide has step-by-step instructions for setting up a basic deployment, from installing the license and certificate to configuring AG and CPS policy settings. Once you get the basic configuration steps done, tweaking the deployment for your needs is a lot easier.