Duration 45:02
16+
Play
Video

Citrix Synergy TV - SYN219 - Access Control solution deep dive

Praveen Raghuraman
Director, Product Management at Citrix
+ 1 speaker
  • Video
  • Table of contents
  • Video
Citrix Synergy Atlanta 2019
May 22, 2019, Atlanta, GA, United States
Citrix Synergy Atlanta 2019
Video
Citrix Synergy TV - SYN219 - Access Control solution deep dive
Available
In cart
Free
Free
Free
Free
Free
Free
Add to favorites
484
I like 0
I dislike 0
Available
In cart
Free
Free
Free
Free
Free
Free
  • Description
  • Transcript
  • Discussion

About speakers

Praveen Raghuraman
Director, Product Management at Citrix
Bala Swaminathan
Sr. Manager - Product Development at Citrix

About the talk

Access Control is the new solution for upleveling your access strategy. Join us as we uncover easy and secure SSO capabilities to all apps, specifically SaaS and web applications, and security controls to help govern SaaS and web app usage. Learn how to improve security for all of your apps and put web filtering and browser isolation security policies in place for internet access. Plus, get tips on integration with Citrix Analytics and for providing your end users with an easy and seamless experience for accessing all of their applications and data.Note: This session will be available for on-demand viewing post-event on Citrix Synergy TV.

Share

How do you want? I'm coming to Ramen address of product management responsible for the access control and Gateway Solutions. And. My name is Bella Swami Norton senior manager in the engineering and work on some parts of Fort Worth going to talk about and also in the Citrix virtual apps and desktops surface pen works and how you can actually implemented in your deployment before we proceed. Just a quick disclaimer. Work now. All right, then. What do you want to do is just provide you a quick overview of the solution talk about how we can address all the core you kisses and what are the

capabilities like that be having the access control solution. You really going to four years cases which are part of the overall solution and then we'll do the few demos and can we bring it all together? Don't be a few features that are on our road map and Randy 8, so we'll be also giving you a glimpse into that. Would that flips into the solution or Rio? So before we going to actually water solution is I like I just wanted to say I love you in the picture around what are the core needs that our customers have been telling us which is driving really the

point of the solution for a leader of Porky requirements when it comes to delivering secure access to apps and it's a very important experience feature. But at the same time it also reduces the overall check pedometer because you don't have to now login to 50 different sites and your passwords that requirement and being able to do that along with having the quadratic equation mechanisms. The second thing is when you are dealing with sass applications of applications are different kinds of applications that your employees may be using for work protecting IP and

providing governments around how does applications are actually consumed is Accused case and links that maybe actually within even sank. Applications that are now becoming a tax collectors. So how do we actually provide the ability to do you know how isolated Continental Plaza right controls in the food thing is being able to gain visibility and inside so you really can manage this key behavior from user perspective and then drywall that to closed-loop control

within the solution. So that customers have been telling us and what that maps to is this for critical capabilities, which is around authentication being able to do the characters in single sign-on enforcing policy can call and then bringing analytics to help with the arousal and what did he actually integrate all these capabilities into one Mystic solution and deliberate so that you can use the same single solution whether you're in or tell ring size applications. Posted Enterprise applications. Are you have in OU's it's going to the internet for sanctions on Iran sanction content

and capability is around from an unusual perspective being able to tell about that single sign-on experience. He'll be basically use the word space app as the as a main or unified peanut single-pane-of-glass and being able to use that on any device and under different sort of a locations. Where is Officer remote? The actual core capabilities of security control are part of what axis controlled really delivers in here will be going into acting all these capabilities in depth and so it is making sure we have the visibility and the analytics particularly much

really detailed understanding of user risk, or you could scores and being able to get our detailed reports and what kind of data and contents actually being access. We launched Access Control last year and in August and ever since we've actually been getting a lot of requests from customers. So I just wanted to give you a quick view of all the new capabilities that we've actually added does a lock that has been happening and there are a few items that are actually on our road map is very excited about in further enhancing you overall solution. I'll be

covering all of this going into the details of how long the presentation. Let's now look into how it works. So the solution actually is delivered from an admin perspective through these four key tile. So when you log into your Citrix Cloud console account, you will see what I do have different tiles access control is a solution that is also a child go when you request a trial you actually get entitled to all of these four different tiles. And I think that's a very important distinction because many customers are all prospects have asked us. How do I get, you know, the overall Solution

on all of these times actually composed that the broader solution that were talking about attacks control. Now let's talk about some of the other core capabilities in the first one. We really want to dresses multi-factor authentication. So what is the roadmap and what are the capabilities we have with multi-factor Arts today? So excited to announce that we have native two-factor auth built into Citrix Cloud using the 80-plus token mechanism and, and use of perspective. It's a fairly simple three-step process where they went to log into that

work space. They will be presented with a token challenge that they have to enter the process to pre-register their device using any third-parties SSO app either can be a citric acid or a third-party authenticator like Google or Microsoft token that they have from that authenticator app into the application and they get single signed in. So this is a solution is fully delivered. Florence available right now in GA For more advanced use cases, what you've done is we've actually got a lot of feedback from some of

our customers and partners where they actually want to leverage that existing Investments have only made with their Gateway on friends. So we also announcing the availability of this gateway to be something that you can actually connect and use that Confederate to all other Advanced mechanisms. So things like being able to we don't connect to Google are akhtar any of the other third-party IDP or even being able to use ping or a r s a r s a Duo for doing second factor out using radius of any of these mechanisms already supported on from today and you can now use

it along with work space. And what shelter does it typically allows you to leverage your existing Investments and help unblock the Migration by moving on the clock Journey. Looks like you have your on-premises gateway that you may be using all ready for two-factor on Advanced multi-factor. And what we've done is from an inducer perspective, you can configure gateway to be really annoy PC server and you make an arrow ID. So what policy on your gateway once you do that configuration when end-users connect to your workspace, they will get redirected

for that request back into the gateway and they're depending on what particular configuration is there for two-factor multi-factor that will execute and when the result comes back we're now able to authenticate unlock the user into their work space does a fairly easy process from an endurance perspective and it allows you to leverage your existing on Furman. so this capability obviously allows you now to interoperate with an ecosystem of third-party providers like the likes of 200 and Addison and what have you and obviously we have things like smart

card authentication integrated Windows authentication and several other capabilities which now instantly become available in the context of what state Flex. Review how single sign-on what have you done in single sign-on and you know how the process works so it's all about and so all of these common applications that can you see a supported as P define template within the access control console. So when you going to the three step process to publish these applications and configure them so that

end users can use them and in this picture. I also have that the blob on the on the left 2009 certificate which is available also for you to download and then upload resume to XML file or being able to copy paste into the service provider that you have the family straightforward auction, and I'm close to 300 Alberton templates and if you have any applications that you Using and you would like us to add that, you know, you can let us know or do you also have the option to be

able to better to configure life with and set up your own app as well? So let's walk through house as IQ. How does style single sign-on actually work? So here I am this picture on the left the workspace app. And as you notice the workspace app has evolved from what used to be your own privacy work with an embedded engine built into it as a network incline which and risk management API that actually send all the data into search analytics. So when the last time when a user has logged in and they connect two separate Cloud,

it sends the list of all the applications that list now populated with an event space app connection Listen to Let's play one of the tiles in one of the tank and apps and then we do the single sign-on sam'l assertion based on the configuration that's already been provided. This could be us for that Office 365 any of these commonly used application. Do you have the cookie which is not used for the session to continue and the user is not directly London. So they're single

sign-on we continue to use that token and keep asserting it and we can you know seamlessly give them the experience pain in word space. The other important thing here to notice is that we send all the data from the workspace app and search analytics for being able to collect my brother a visibility and give you Insight on what kind of behavior is happening so that the process and what about say you have a application you have applications like Outlook web access or share point or sap or any of these different applications that you may be hosting internally within your own

Enterprise in your data center. So you can now use Gateway service actually to be able to provide the same simplified experience using the word space without actually requiring to have a VPN. So this is really how much more simpler easiest painless way from an end-user experience perspective. So we have a service tech preview and we will be available in GA very soon by hopefully by the end of the end of this quarter in Q2. So the main requirement for a being able to do this is you have to use one of the you

know, supported a single sign-on a methody have we currently support capitalist firms based and Direction and we're also working on some of the new are mechanisms and also one other thing that's important is that you need what is called as a Gateway connector and think of this as a fully managed appliance that we sent that you actually can download and deposit your data center and a common best practice is to be able to use to use this Gateway connector in a cheap ammo so that you have full Brazilian Samba tendency in terms of funeral connections. Some details about disconnected. It actually

is actually a washing machine and runs in a single IP mode with DHCP all communication from the connector off to the cloud is fully encrypted with the other thing is so similar to what you may have known about how to get rid of this world like a proxy the same mechanism is used here. Now these connectors are fully managed by Citrix. So these are automatically updated and you can also monitor their health by actually looking at a pretty simple dashboard which gives you a view into the

health and status of that object connector. I'm going to show you a quick demo sort of how what the admin experience in a New Direction. It looks like. I'm going to log in first in into Citrix cloud. And here we go to the Gateway service child and you see these options. You'll see an option to add avocado salsa that your list of all the applications. What I'm going to do is choose inside. My network has the option and we're going to configure Outlook web access. So we enter the

name of the actual fqdn on that you that would be used to reach this application within your corporate Network. And obviously you can customize anything to set up an icon when it shows on the workspace enhanced security before the new capability. As I mentioned. We were added this year and you have to publish the Gateway connector. So I just selected died. And what we're going to do is just go ahead and configure all the different parameters like the assertion the actual URL the username password. He wants to be complete that process.

Your application will be ready to be then made available on the workspace. So now it's available and the user that can actually go ahead and use this application. So you see that out the way back since she was up here and I don't know what he's got is a manic subscribers option where you can select a user or a domain of users have selected music group Indianapolis published in the end user logs into their work space. They were actually seems like on when I click on it. It stated exactly the way we've Creek

Retreat any other classification. I have the security controls enable. So when your launch Outlook you see that the watermark appears also enabled pepper drink, so that's why you see if there's a bad link or any form of malicious link that is going to get blocked. So pretty much all the controls & Security capability. That we've had with access control for stats are now available also for your hole straight on from apps. So I'm going to hand it over to Bala who's going to walk us to some of the policy control mechanism. Thank you. All right. So once the users

have logged on then comes to most fun park every administrators dream job how to keep your security department happy how to keep your end-users happy right, security perspective boat sinks single sign-on for a consistent experience, but after that you want to make sure your intellectual property is being protected you want to make sure that any browsing that is going on and that's not bringing any sort of vulnerability into the into the corporate Network. And what kind of information

are induced verse about Cinco de Mayo be inadvertently going to start in places. So those are compliance issues right to handle these three types of challenges. You need Cloud app controls. We're going to talk a little bit about how to control the inducer Behavior so that they don't inadvertently caused any kind of for IP challenges when they don't think you want to make sure that they're all the texts that are out there are being isolated. So we'll talk a little bit about browser isolation. And the last part is about content filtering. So in the earlier demo that

Caribbean walkthrough, he click this enhanced security button really what happens behind the scenes with that one click you control and use her behavior you control what kind of contract they cannot produce and in addition to that you also control the ability to look at the various sites without bringing in any type of malware any kind of notice. There is clipboard access can be restricted printing can be Restricted certain types of navigation. Maybe you just want them to be in a particular section that maybe it's just getting there do your sap work or

do you work in a work day and then you're out right and restrict downloads and they're in the in the previous launch. You are so at Watermark display right to all of these capabilities come with one click. This is controlling inducer what they can do and cannot go in addition to this behind us there to other things that happen. All the content goes through a web filtering mechanism. And in addition to that dynamically depending on the situation the entire browsing can be completely isolated out of your corporate Network. So talking about content

filtering, right? Somebody may go into a class happen to be working on something and there's a link that leads to one thing which leads to another and inadvertently that users may end up in a place where they should not but I thought today certex offers almost a hundred ninety plus categories that you can you can restrict. So these are done by category is every website and web sites have a reputation Score says what so you had the ability to see and you search can only produce external unsanctioned website that have a reputation of four or

you can only go to certain sites that are safe from my browsing protector. Are most products give you a black and white list, but cervix is the only company that offers you a turd mechanism called redirecting to secure browser. This is where you keep your end users happy as well because if they wanted photos social media and other acceptable forms of accepted media, right you can let them but just not inside your car at the airport. So Access Control in in in conjunction to secure dresser offers you that unique capability.

All right. So how does how do you decide what's allowed and what's not allowed and where to where to direct the inducer second things work properly. Those are by default alarm and the second thing is if it's a supplication that you published like the example you saw in the previous demo. Those are allowed Everything else by default takes on the extreme security posture where they're blocked, but then if they're not blocked if this is not part of your Blacklist, then we look at how to redirect it into the secure browser safe. Maybe that in your pipe. There's a link that

leads you into into a LinkedIn or Facebook or something like that. Those are immediately launched into a sandbox. So I've been mentioning second dress for a couple of times. So let me just give you a quick idea of how this architectural Works what really we do behind the scenes as we have isolated browser that runs in Citrus Club. We managed it be instantiated and it offers three important functionality isolation containment and privacy what I mean by isolation is whatever the inducer does is happening in a browser that is

outside your corporate Network and happening within such a club that is isolation. If inadvertently a user enter in a place where they should know. It's all contained within the secure browser in my neck. So it has no zero impact to your corporate networks on 3rd. When I say what I mean by privacy is what happens at the end of the session is the interior contacts deleted and completely reset. So every time somebody logs him you are guaranteed to start in the known king skate. You cannot even be connect back there. So with that black round, let's talk a little bit about how is

this being used in the access control context? Right? So here's the inducer that login into their workspace app. They have the recipe type install on their medicine device login and they are about to launch their space app the test app when you have the enhanced security enabled is going to go through the web filtering when it notices that the application or or the user is clicking on a link that is not sanction. Then what it does. Into the particular status application you happen to click into a URL that does not sanction. It's going to be that into secure

browser service. Now you may be well is Desert mean the inducer is now able to produce any side not at all because what happens if even the security services intelligent enough to know that this needs to be redirected back into the web printing services available as part of the access control and then it goes to some of these normal highly-decorated sites in which you control. I think you control Bedford drink and you also control isolation. But the most more common case may be that some of your inducers may be launching a native

browser. So what happens when they launched a little browser and login into Citrix workspace? We noticed that this is coming from an infant that is not a subject work space and the intersection into secure browser. And so one way or the other end users and that within a certain Sports pizza because we have a version of Citrix workspace app that also danced with insecure browser. Is there a town near manage device or it's in the Citrix secure browser service one way or the other you have a trip from here the same lettering happens and going out to any of this unsanctioned

URS will continue to the right ovary covered. This is the way in which Access Control offers you the capability to protect your IP. Isolate any kind of browsing and also make sure the content that is being produced is complaint with the regulations that use it in place. At this point, how do I understand? You know, what is my user Behavior? How do I understand the risk? And you know, what can I do to control their behavior of the service indicator into my organization

even bringing together the different policy control? And what we do is tie it all together with search analytics to give you the visibility so you can actually no one Monica and then we ghost policies so that they weren't the best based on your security pass chain requirements station score that information is actually used and send two separate analytics and along with that all the information that is used in terms of what types of yous are adding access virus by different user. That is used in by Sabaton lyrics to create border collie service code to

quantify potential risk. It's a number between 0 200. I mean, you know broadly speaking it it can vary there's an obvious piano in the background on how it works. But what we see on the dashboard is this tiles on the top where each of the websites that I'm being accessed based on the desk or directly categorize. So if you have websites that are highly that are known to be malicious that are known to be back there obviously going to show up in those red and yellow tiles and anything that supposed to be clean sanction going to show up

in the green and explicitly blocked. You are lucky to get a very good sentence using this dashboard on what kind of posture or what is your overall assessment of risk from the standpoint of people using applications. You can always turn down and go back in time and actually look at all the different, you know transactions. If you will visit sites that uses of actually access for the easy for you to be able to you know, use the ad in government policy and all of this data analytics to do

that. If you click on a specific you can get pretty detailed timeline view of how that users risk actually progressed. And what is the basis on which this restore his computer one thing to note here beside the date has not only coming from axle control code is computer Based on data that is coming from across the surface of ecosystem. So do you have any point management or if you have shared file and many other other products deployed all of those I can you contribute to the overall overall I can get score. When are the new edition that has been added to

Olympics and particularly for Access Control? Is this new search and filter base troubleshooting. So when you have the ability to actually go in and launch this very easy and simple search my stool and there's a drop-down for Access or that what that does is now it allows you to search all the data and all the log II just saw very quickly and you can use a very simple and easy filter mechanism in Fast 6 on the left side. Like I can quickly filter based on the category of a book websites that I mean access or things like whether it is

what type of content it belongs to and reputation and so on and so forth need troubleshooting tool. Let's view today goes all the admin capabilities. Right? We we can review the four core component of how the solution is buried. Let's look at what is the end-user going to experience based on their different, you know policies that we actually set up in face and all the single sign-on the first show you a better browser you typically install it on your desktop and when it tries to go to one of the

Publix applications, this is going to open a browser. If no enhanced security is turned on about the enhanced security check. Bots in this in this case since we haven't enforced any policies, they get single sign-on, they can actually access that but if you have enhanced security turned on then depending on the specific browser controls as well as the cloud controls, you will actually see different Behavior. Turn down the Walmart and it's open. It opens up in the embedded browser. That's local installed. And they say you now try to access Salesforce everything

since what you have your applications, then you continue to be within that app. This is all allowed. So, you know, you'll be allowed to go to the site if there is a sign that it's malicious or bad. It's in the block and you'll see this access first page and for everything else that wasn't that great category that really bad. I was explaining that lawn mowing to secure browser and all this is seamlessly happening without you know, you having to go and change too many things that we too many things at your end user is using a machine that does not have workspace app installed that say they're

working from you know, home or some other place and they have to get some stuff done and they say they have to login to their work application today web version when you are a lot of work space and it's very similar Behavior. What if you remember one thing that I mentioned it if we don't have what? Is Apple local install instantiate a secure browser session automatically in the cloud. So what the access control services doing is it actually detect that this particular user session is coming from outside of workspace app. So we need to enforce it and Yaki

automatically create a very very important point that you have bought you kisses you have the ability to enforce policy control and take appropriate actions. And anything that is obviously within the secure browser Service as a reader can be only have themselves. So we'll just go ahead and you know that. No, one other use case is sp initiated flow. That's what it really means is you if you wanted directly access the SAS application outside of the workspace app icon.

And let's see you directly use the link that is published by the service provider than what you can do with similar behavior. In this case. You would go and use your carpet photos pretty common lot of people in bed that you are alive and make it easy and convenient for people to use access to this as that user me directly go and type that URL. Not depending on whether single sign-on is turned on or not. You will see you again some different Behavior. Then we will instantiate the secure browser again same behavior. Right one thing. You notice your desired.

What for the single sign-on we do need to make sure that you're up or your service provider has turn the login URL. So it's typically something that you would do us part of your configuration, but it's an important requirement if it's allowed to deny the same quality of life. So you access your sanction applications. You can get these policy control enforcement. No, I thought it would be helpful to just get a compare and contrast these different browsers and what their experience really looks like and this is a very common question you get from a

lot of people so he can be heroes. If you're using the embedded browser, obviously you have a very full native experience and also this this runs and all the policy control is as far as in control second third and fourth locally on the device in the cloud and very soon as of now, we don't have access controller in the accounting equation for need a browser. But that is something we're working on in the roadmap and it'll be available soon. So when one status available your

browser and still get the web filtering controls. So today we have the Cloud app controls. Let's play Espina headed Droid shown you but web filtering and that will actually be available. On it. That's all I have a small demo on that. I'll show you how it how it looks. So one other really nice capabilities that many people have asked us is you know, I like workspaces great all the capabilities of nice, but what if I'm you don't want to transition to the cloud on my journey to the cloud are we have significant Investments a storefront and go

to let how do we actually know still consume some of this thing and embark on the journey. So this would be your typical front front end end bike and depending on where you're coming from be able to access in applications using workspace app to in this is actually the storefront user interface control which gives you the ability to connect to all these tears after enforce quality control functionality which will be available in touch with you soon and what to do with a likely sync all the stars have been real bad definitions that we have put into

work space and present them as icons. On your button on the storefront photos that you have to run that actually runs on your DVC and it basically does a periodic sink and pulls all those definition to be created using the public in hybrid deployment. This was obviously announced yesterday the keynote and what what's important here is you will need to have entitlement to access control to be able to use this functionality result of access the bridge and overtime, you know, if you can consume everything in between workspace. Let me show you a demo of how this thing works and how

Holly I can experience looks like. Do I have the cell phone corner here? We have published Salesforce as a secure app with all the policy control. When you log in the very first time what you would actually sees that Watermark appear. I'll be back to be disabled cut copy paste and we're putting download and intersections. So let's say you can actually try to go in and it shows up but you know, you still see that you can actually try and copy face anyting download is prevented as well.

And all of this is happening from the accident. I started with the store front. So this is what size application now, let's see if you go back and you won't answer you do the same thing for what day was in another application you're single sign-on. I didn't have to go ahead and you know enter my password and same behavior, right depending on what policy controls have been enabled. You see all these security controls in place so that it's pretty neat for that 10-point now, King is if I if I try to let you know browse the web page that particular Watermark is going to show up front and

center. So you're actually kind of protected. Let's go in and I can try to launch another application here in this case. That's it. That's what I have and locations to all of the policy control capabilities are fully supported with this new feature. No. So that lets going in so what's what's the next ride in one of his slaves already talked about it, but I want to go into more detail in a browser also and have a consistent policy for battery. And where does it really becomes interesting and important is that sexual arousal immigration? Because what you could

do is you can obviously use of you know, other third-party solution for everything and use that to block site. What if you wanted the same cuz it's just an experience for all your sanction and work application to go through their own favorite need a browser this one so we are working on a proxy configuration Pac-12 is approached. You will definitely will need to have your machine the MGM managed or GPO manage, so It's important that you know that God

has not changed. So that is a requirement. But typically if you have one of those conditions than this solution should work fine in the first phase. We won't have some of the advantages cases like SLO bypass an exception windows are a little something worth considering for the future and has an end-user will be authenticated just like a work space and user so kind of an extra layer of security when they're accessing me out there. Thank you. So that I can look at a demo. Now. How would

this how how does it look like Find this case I have I'm going to go in and launch a lunch my favorite browser. So I first of all let me walk you through the admin experience. So this is the access control on the console and European people have a new section tornado browser settings turn on the ability to use when putting phone in the browser data pack file. It's hosted in the cloud. And what you going to do is you will typically you don't have this configuration

done to a Thule GPO. What is this use case? I'm going to actually go ahead and turn on automatic configuration buy coffee tasting that URL and that's pretty much it. Once this step is done the other requirements to actually install a certificate which obviously I don't have any requirement so I can make sure that you know, you have a trust relationship between the client and our of Prague Novena login to work space as using my you-know-what space credentials. We should be a day or night whatever you have done at that point in time. I get the same experience. If it's allowed of application

now, let's say if it was being you know, it's loaded to sanction if it's a blog site automatically block died and we didn't start from what Stacy just started from Modern native browser the same exact experience for some of the social media websites like Instagram. If you try to go to one of those sides then will automatically be able to enforce that to the secure browser. Finally I wanted to kill you start up your own give you a view into one of their capability that be announced at Keno yesterday, which is also part of the overall control solution. And this is about adding more

a protection capabilities and increasing that list of different kind of an old browser-based control that we can fly to New capabilities. One is the ability. Do you know block and obfuscate data when it's not my place app at the same time. We also have the ability to have the screen capture sort of obfuscate it so what would that look like essentially is this new to new check boxes that you will see in your workspace configuration when you go into an enhanced security and you can turn them on or off. You

do need to have the workspace app installed. These capabilities will not work in the evaporation. And main reason is that since he Lagos actually are like a local agent that might actually be off the heating and Resident on your network on your device. We do need to make sure that this can be enforced on the local machine. So that are all on the road map and we'll be announcing that availability over the next coming quarters. Weird that I kind of feel toward the end of our session. I don't want to draw your attention to a couple of other

sections where we will be coming similar content. We have an identity and access management session later in the day at 4:30. So very similar capabilities, but also give me your view of what are the other, you know, our identity capabilities that we working on entrance off, you know partners and salsa food and then, you know, don't forget to rate our session and give us feedback. She like this session. Let us know if you didn't like us to let us know whatever you think that you would like to see him in future. So with that, I think we have a few minutes to take questions.

Thank you for being a density prospective customers the night. We just use Google Authenticator to get in store for the next gas station for this is something they just do it with the Google what you would do it you would you would use the on from Gateway for now because I'm from Gateway has the ability to be able to you know Frederick. I didn't read some of the other providers and that would be the way you can bring Google ADP along with you. Don't go along with the saxophone. Sorry, I didn't catch the question.

No, I could Got a Feeling. Oh, okay. So your question is about do we support Google user directory? So not yet. That is something that is that is being considered by the identity team signed up. We can connect you to the identity project manager on timeline. Citrus cloud now has at least three different connector requirements to file UI service between a general contractor now the Gateway connection to the ATM agent consolidation across that so that we can provide customers a single and point to connect with all citrus call functionality

way more and more. So that is going on without actually being able to exactly give you a specific time line, but it's very very soon. We are working on unifying the ability to enter have one single connector. I'd like to be able to do these things and then some architectural changes will allow us to be a lot more agile and how we can rule out these capabilities from a connector standpoint. So so yes good question. any more questions Okay. So the question is what is the method required to connect storefront to the cloud? You're so what apps on desktop you would typically

use the cloud connector and at the end of how can I get essential it helps you make those outbound connections for all your data traffic going to the Gateway service also acts as a way for you to be able to connect your 80 or unfriend. So that's the mechanism. any more questions Alright. Thank you very much. Thank you.

Cackle comments for the website

Buy this talk

Access to the talk “Citrix Synergy TV - SYN219 - Access Control solution deep dive”
Available
In cart
Free
Free
Free
Free
Free
Free

Access to all the recordings of the event

Get access to all videos “Citrix Synergy Atlanta 2019”
Available
In cart
Free
Free
Free
Free
Free
Free
Ticket

Interested in topic “Software development”?

You might be interested in videos from this event

September 28, 2018
Moscow
16
128
app store, apps, development, google play, mobile, soft

Buy this video

Video

Access to the talk “Citrix Synergy TV - SYN219 - Access Control solution deep dive”
Available
In cart
Free
Free
Free
Free
Free
Free

Conference Cast

With ConferenceCast.tv, you get access to our library of the world's best conference talks.

Conference Cast
523 conferences
20459 speakers
7482 hours of content