Extending the range of Citrix – securely and cost-effectively.
Citrix is the world’s leading server-based computing platform. However, securing mobile Citrix users can often end up being complex and expensive. Using Citrix for remote access is implemented either via IPSec VPN or by using Citrix Access Gateway which is a SSL based web front end for Citrix. Depending on the chosen implementation, it is necessary to complement with products like 2-factor authentication, end-point scanning, network access control, and traffic inspection. In addition, it should be recognized that Citrix web access is based on an Internet facing web server vulnerable to attacks and requires a DMZ infrastructure - or protection by a solution such as G/On.
Rather than dealing with multiple components, G/On is an effective alternative for securing Citrix remote access. G/On integrates fully with Citrix to provide connectivity in a complete end-to-end, secure Citrix remote access solution.
The most common method of configuring is to integrate with the Citrix Web client and let the G/On Server forward the connection to a simple web server (no need for Citrix Access Gateway) behind the G/On Server effectively protecting the web server from the Internet. In addition, G/On provides 2-factor authentication, option for single sign-on, logging as well as the other benefits of G/On.
G/On lets you securely deploy the Citrix client on the G/On USB key, giving you the flexibility to run Citrix from virtually any Windows PC. More importantly, in just one single product, G/On’s comprehensive set of features will address all your connectivity and security needs.
Combining Citrix and G/On gives yet a very important benefit: While Citrix gives you remote access to Citrix applications G/On will give you remote access to OTHER applications without the need for adding the complexity of a VPN. So, in addition to Citrix enabled applications G/On will also give you support for running local Outlook on your laptop, give you direct access to all your server consoles, give you secure upload and download capabilities, and you can enable any other client/server application is addition to running Citrix.
Download this document to get an idea how G/On can save you money:
G/On makes Terminal Services more secure, more mobile and less expensive.
G/On integrates elegantly with Windows Terminal Services and provides a complete end-to-end secure direct access solution with:
- The option to give users the convenience of single sign on
- Direct access to full Terminal Server (TS) desktop
- Direct access to specific applications in locked down sessions
- TS sessions to be configured in G/On to allow mapping of local drives on the remote PC, mapping of local printers, and copy/paste and other features of the TS.
The security features included with Windows® Terminal Services are very limited with no real protection on the remote PC and nothing for the protection of the Terminal Server. Integrating G/On and Terminal Services provides a simple, yet powerful and very secure remote access solution.
Further, choosing G/On USB to secure users’ access to Terminal Services means they can connect from any Windows PC without having to download, install or configure anything.
The most simple, the most elegant, and the most affordable solution in the World
Businessses are already providing their employees a PC in the office and almost all of them are installed with professional versions of Windows. G/On can be configured in such a way that it knows exactly which office PC to connect to when a user logs in via G/On from a remote PC. Getting remote access directly to your office PC means that you can work exactly as if you are physically sitting in the office.
Since most organizations have already invested in office PCs for all employees, G/On is probably the simplest solution available to give every employee the opportunity to work securely from their home PC by connecting to their office PC through G/On. So, without any additional investment G/On will give all employees the opportunity to enjoy the flexibility and productivity of working from home or from any other place with an Internet connected PC.
G/On will support access to physical office PC (desktops, laptops), virtual desktops, Intranets, Portals, and directly to specific applications.
Click here to see the cost saving you can achieve with G/On:
G/On secures access to sensitive financial data “anywhere, anytime”
ERP systems like Microsoft Dynamics are used to handle business critical data – financial records, sales, warehouse inventory, CRM and so on. Using G/On to make these functions available from any location increases the value of Microsoft Dynamics solution by:
- Enabling your administrative staff to work from home, providing them increased flexibility, increased productivity and increased job satisfaction.
- Making it easier, faster and less expensive to give external accountants and payroll agencies “self-service” access to Dynamics.
- Enabling employees to work from customer sites, thereby streamlining business processes by making data move faster and more efficiently.
- Allowing supply chain collaboration by giving suppliers access to manufacturers’ database so they can meet their Just in Time (JIT) agreements by managing the inventory themselves i.e. Vendor Managed Inventory (VMI).
Microsoft Dynamics NAV is just one example of an ERP solution supported by G/On. The Microsoft Dynamics NAV client can be enabled in alternative configurations:
- The most effective way to gain remote access to your ERP is to have it enabled through employees’ existing desktop PC, through Microsoft Terminal Server (TS) or through Citrix. You can get direct access to your ERP by launching the application yourself on the office PC, on the TS Desktop or Citrix Desktop or you can launch it directly from your G/On Menu.
- If you use G/On to give administrative users direct access from their home PC directly to their office PC they will be able to work just as if they are physically in the office and they have access to the same tools and the same file share as they have in the office.
- If your company is offering Laptops for employees with the application client installed directly on the Laptop (such as the Microsoft Dynamics NAV client) it is possible to let the client connect directly and securely through G/On to the database server.
- In some cases (i.e. MS Dynamics NAV) it is possible to configure the ERP client to run off the G/On USB key. Consequently, it is possible to bring along the MS Dynamics NAV client for full flexibility and full client user experience or if the NAV client is built to interface directly with local peripheral equipment.
Flexible mobile access to Outlook - without comprising on security
E-mail remains the single most popular application on the Internet after the browser and its business value is paramount. This makes it all the more important to ensure employees can access their E-mail anywhere, anytime from any PC.
G/On provides a high degree of flexibility when it comes to how users can have secure remote access Outlook to get to their mail:
- A locally installed Outlook client on the user’s PC. This is typically relevant for users with a company provided Laptop and where the Outlook client is already installed on the Laptop. In this configuration, users will continue to have access to their personal folders and offline folders in Outlook.
- Outlook Web Access
- Microsoft Terminal Services or Citrix
- Direct Access to office PC
G/On can be configured to provide E-mail access via any of these methods depending on how and where the user is connecting from. For instance, if the user is logging into G/On from a company managed Laptop, the user will be able to launch the locally installed Outlook client and the user can work with Outlook as if the user is sitting inside the office connected to the LAN.
If the user is logging into G/On from an unknown PC the user will not get the option to launch local Outlook, but will get an option to launch Outlook via a Terminal Server session or a Citrix session. And depending on company policies, the user may be prevented from any form of copy/paste and local printing.
However, the company may allow users to connect from their home PC in which case the company may give access to Outlook Web Access (OWA) with the ability for the user to do copy/paste and the ability to attach and detach documents.
The different options are centrally configured and managed in G/On and can be changed dynamically by the IT administrators.
G/On is a cost-efficient tool for securing access to Microsoft CRM
The value of a CRM system depends largely on the accuracy of the data it contains and its availability. G/On provides an efficient way of ensuring Microsoft CRM users can easily access the system anywhere, anytime from any PC – without requiring heavy investments in security solutions.
With G/On, Microsoft CRM users are always protected by:
- 2-factor user authentication
- Mutual client/server authentication to prevent phishing
- A nodeless connection this is “locked to process” to prevent malware exploiting the connection
For IT Administrators, G/On reduces the need for Network Access Control (NAC) solutions, Intrusion Detection Systems (IDSs) and Identity Management Systems (IMSs) as G/On only requires one port to be open on the firewall and the G/On server only responds to requests for access from authentic G/On clients i.e. those that know its shared secret.
Further, G/On only provides application-level access, avoiding the risk of giving users access at the network layer.
G/On can also be used to enable access to many other applications – all controlled via the same solution.
Combined, these features let IT Departments reduce the cost and complexity of their network by replacing multiple security solutions from different vendors with one “all-in-one” secure access solution.
Easy, secure access to web applications, portals, and Intranets
Many companies have built web based portals for employees and external contractors to get access to internal applications and services.
Remote access to such portals is typically provided by exposing the portals directly to the Internet protected by a SSL-based VPN and some authentication solution based on either a token or some other one time password solution.
G/On is a very attractive alternative for establishing the remote, direct access to web based portals. G/On provides a complete connectivity and security solution that avoids the need for an Internet facing web server and prevents any unauthorized access to the portals. The web server hosting the portal is securely protected by the G/On Server.
In addition, the G/On USB offers the possibility to customize a special configuration of a browser that can run off the USB and possibly even run off the CD Read-Only partition of the G/On USB. So, rather than relying on an Internet browser installed on a remote, unknown PC, it is possible to provide users with a pre-configured browser stored securely on the G/On USB to access your company portal.
File Transfer (Secure Upload & Download)
Most organizations have the need to manage, control and audit data leaving and entering the company network. Integrating G/On with a FTP server gives the option to force all data file tranfers through G/On directly to a secure FTP file server constantly monitored for virus, trojans, and other malware. Such a Single Point of Data Transfer for all data going in and out of the company enables full monitoring and logging of every transfer event. And, multiple file transfer options can be configured in the users' G/On menu for direct access to different types of files and for public and private files.
Reduce the cost and complexity of securing hosted solutions
G/On helps Application Service Providers (ASPs) consolidate their network infrastructure by replacing multiple security solutions – secure tokens, VPNs, end-point security software and so on – with G/On’s “all-in-one” secure access solution.
Everyday, ASPs face the challenge of letting employees, customers and partners from many different companies secure access to specific applications. Keeping customers satisfied means offering them a user-friendly way of doing this, while ensuring “anywhere, anytime” availability and convenience. Being able to minimize operating costs without limiting customers’ 24/7 360º access is essential for success.
That’s why G/On is the perfect match for ASPs. G/On’s unique combination of security features lets ASPs offer customers an easy to use way of accessing their applications from any PC – while only having to administer one security solution to ensure:
- 2-factor authentication to verify user identity
- Mutual client/server authentication to prevent phishing
- Avoid malware while giving users the flexibility to connect from any PC
- Network access control
- Application access management
