Virtualisation

Common Criteria Certification for XenApp & XenDesktop

Citrix employee blogs - Wed, 09/06/2017 - 17:00

Citrix has a long history of achieving the Common Criteria security certification for XenApp and XenDesktop. I am pleased to announce that XenApp and XenDesktop 7.15 LTSR is now formally “in evaluation” status. We are listed as such on the …

  Related Stories
Categories: Citrix, Virtualisation

Community Champions: Citrix Technology Advocates (CTA)

Citrix employee blogs - Wed, 09/06/2017 - 14:00

This post originally appeared on the myCUGC Blog.

There is an old folk tale that says “It takes a village to raise a child,” this statement also holds true for any successful organization, “It takes a successful community to …

  Related Stories
Categories: Citrix, Virtualisation

Citrix Technology Advocate

Wag the real - Alain Assaf blog - Wed, 09/06/2017 - 13:44
(I’m not that full of myself, but I’m pretty happy about this recognition). About 14 years ago, I was working in a regional, multi-hospital system in Eastern Tennessee. I was the newest member of the network engineering team and we were responsible the network, servers, Active Directory, storage, IBM mid-range systems. Basically, all the vital … Continue reading Citrix Technology Advocate →
Categories: , Citrix, Virtualisation

Workplace Designers Embrace Technology and Data to Benefit Workers

Citrix employee blogs - Wed, 09/06/2017 - 12:02

This morning’s guest post comes to us from David Woolf, Steelcase General Manager for Integrated Technologies. — MP

Like most companies more than a century old, Steelcase embraces renewal and reinvention both in ourselves and in our partners. Founded as …

  Related Stories
Categories: Citrix, Virtualisation

Three Major GDPR Obstacles Facing British Businesses

Citrix employee blogs - Wed, 09/06/2017 - 06:00

New research has revealed that large British businesses are facing three major obstacles to EU General Data Protection Regulation (GDPR) compliance: data sprawl, a huge influx of personal customer information and uncertainty around data ownership[1]. In fact, these …

  Related Stories
Categories: Citrix, Virtualisation

NetScaler and NetScaler Gateway Knowledge Center Article Highlights – September 2017

Citrix employee blogs - Tue, 09/05/2017 - 17:30

Hello, Citrix Community! The following is a list of hand-picked NetScaler and NetScaler Gateway articles to assist you in managing your environment.

NetScaler Landing Pages

Visit the NetScaler landing page, which is a ‘one-stop’ location for all the necessary details …

  Related Stories
Categories: Citrix, Virtualisation

Using Too Many Secure Remote Access Solutions? Is Now the Time to Consolidate?

Citrix employee blogs - Tue, 09/05/2017 - 14:00
Moving to the Cloud is important, but should you overlook what is happening in your data center? If you have network sprawl, you need to consolidate.

Moving user identity to the cloud is of concern for a lot of customers.

  Related Stories
Categories: Citrix, Virtualisation

We’re Winning Together at #CitrixSummit 2018

Citrix employee blogs - Tue, 09/05/2017 - 12:00
Partner conferences offer a variety of ways to learn, network and boost your business.

For many of you, conferences are (or should be) a critical piece of your strategic plan with benefits that deliver all year long: you discover …

  Related Stories
Categories: Citrix, Virtualisation

Delivering Safer Apps with Windows Server 2016 and Docker Enterprise Edition

Microsoft Virtualisation Blog - Tue, 09/05/2017 - 09:00

Windows Server 2016 and Docker Enterprise Edition are revolutionizing the way Windows developers can create, deploy, and manage their applications on-premises and in the cloud. Microsoft and Docker are committed to providing secure containerization technologies and enabling developers to implement security best practices in their applications. This blog post highlights some of the security features in Docker Enterprise Edition and Windows Server 2016 designed to help you deliver safer applications.

For more information on Docker and Windows Server 2016 Container security, check out the full whitepaper on Docker’s site.

Introduction

Today, many organizations are turning to Docker Enterprise Edition (EE) and Windows Server 2016 to deploy IT applications consistently and efficiently using containers. Container technologies can play a pivotal role in ensuring the applications being deployed in your enterprise are safe — free of malware, up-to-date with security patches, and known to come from a trustworthy source. Docker EE and Windows each play a hand in helping you develop and deploy safer applications according to the following three characteristics:

  1. Usable Security: Secure defaults with tooling that is native to both developers and operators.
  2. Trusted Delivery: Everything needed to run an application is delivered safely and guaranteed not to be tampered with.
  3. Infrastructure Independent: Application and security configurations are portable and can move between developer workstations, testing environments, and production deployments regardless of whether those environments are running in Azure or your own datacenter.

Usable Security Resource Isolation

Windows Server 2016 ships with support for Windows Server Containers, which are powered by Docker Enterprise Edition. Docker EE for Windows Server is the result of a joint engineering effort between Microsoft and Docker. When you run a Windows Server Container, key system resources are sandboxed for each container and isolated from the host operating system. This means the container does not see the resources available on the host machine, and any changes made within the container will not affect the host or other containers. Some of the resources that are isolated include:

  • File system
  • Registry
  • Certificate stores
  • Namespace (privileged API access, system services, task scheduler, etc.)
  • Local users and groups

Additionally, you can limit a Windows Server Container’s use of the CPU, memory, disk usage, and disk throughput to protect the performance of other applications and containers running on the same host.

Hyper-V Isolation

For even greater isolation, Windows Server Containers can be deployed using Hyper-V isolation. In this configuration, the container runs inside a specially optimized Hyper-V virtual machine with a completely isolated Windows kernel instance. Docker EE handles creating, managing, and deleting the VM for you. Better yet, the same Docker container images can be used for both process isolated and Hyper-V isolated containers, and both types of containers can run side by side on the same host.

Application Secrets

Starting with Docker EE 17.06, support for delivering secrets to Windows Server Containers at runtime is now available. Secrets are simply blobs of data that may contain sensitive information best left out of a container image. Common examples of secrets are SSL/TLS certificates, connection strings, and passwords.

Developers and security operators use and manage secrets in the exact same way — by registering them on manager nodes (in an encrypted store), granting applicable services access to obtain the secrets, and instructing Docker to provide the secret to the container at deployment time. Each environment can use unique secrets without having to change the container image. The container can just read the secrets at runtime from the file system and use them for their intended purposes.

Trusted Delivery Image Signing and Verification

Knowing that the software running in your environment is authentic and came from a trusted source is critical to protecting your information assets. With Docker Content Trust, which is built into Docker EE, container images are cryptographically signed to record the contents present in the image at the time of signing. Later, when a host pulls the image down, it will validate the signature of the downloaded image and compare it to the expected signature from the metadata. If the two do not match, Docker EE will not deploy the image since it is likely that someone tampered with the image.

Image Scanning and Antimalware

Beyond checking if an image has been modified, it’s important to ensure the image doesn’t contain malware of libraries with known vulnerabilities. When images are stored in Docker Trusted Registry, Docker Security Scanning can analyze images to identify libraries and components in use that have known vulnerabilities in the Common Vulnerabilities and Exposures (CVE) database.

Further, when the image is pulled on a Windows Server 2016 host with Windows Defender enabled, the image will automatically be scanned for malware to prevent malicious software from being distributed through container images.

Windows Updates

Working alongside Docker Security Scanning, Microsoft Windows Update can ensure that your Windows Server operating system is up to date. Microsoft publishes two pre-built Windows Server base images to Docker Hub: microsoft/nanoserver and microsoft/windowsservercore. These images are updated the same day as new Windows security updates are released. When you use the “latest” tag to pull these images, you can rest assured that you’re working with the most up to date version of Windows Server. This makes it easy to integrate updates into your continuous integration and deployment workflow.

Infrastructure Independent Active Directory Service Accounts

Windows workloads often rely on Active Directory for authentication of users to the application and authentication between the application itself and other resources like Microsoft SQL Server. Windows Server Containers can be configured to use a Group Managed Service Account when communicating over the network to provide a native authentication experience with your existing Active Directory infrastructure. You can select a different service account (even belonging to a different AD domain) for each environment where you deploy the container, without ever having to update the container image.

Docker Role Based Access Control

Docker Enterprise Edition allows administrators to apply fine-grained role based access control to a variety of Docker primitives, including volumes, nodes, networks, and containers. IT operators can grant users predefined permission roles to collections of Docker resources. Docker EE also provides the ability to create custom permission roles, providing IT operators tremendous flexibility in how they define access control policies in their environment.

Conclusion

With Docker Enterprise Edition and Windows Server 2016, you can develop, deploy, and manage your applications more safely using the variety of built-in security features designed with developers and operators in mind. To read more about the security features available when running Windows Server Containers with Docker Enterprise Edition, check out the full whitepaper and learn more about using Docker Enterprise Edition in Azure.

Categories: Microsoft, Virtualisation

Solaris changed our industry; lighting a candle

Theresa Miller - Tue, 09/05/2017 - 05:00

Solaris changed our industry. But according to reports, the Solaris operating system may be nearing death. Oracle, who acquired Sun Microsystems in 2010, has laid off most of the remaining staff who were working on Solaris. There will be support for the OS until 2030, but this news feels like it needs a memorial.   […]

The post Solaris changed our industry; lighting a candle appeared first on 24x7ITConnection.

Deploy a node.js script in seconds to an Azure Web App with git and run it server-less

Nicholas Dille (Sepago) - Sun, 09/03/2017 - 22:00
Deploy a node.js script in seconds to an Azure Web App with git and run it server-less In customer projects, I sometimes develop small applications to collect and process data from different data sources or to offer a web interface. In any case, I try to avoid rolling out a VM to run...
Categories: , Citrix, Virtualisation

WAGTHEREAL DIGEST – September 2 2017

Wag the real - Alain Assaf blog - Sat, 09/02/2017 - 08:00
A list of articles/blog posts to review, research, or archive EUC/Virtualization/Scripting PVS Server shows down in console even though StreamService is running StoreFront 3 optimizations Citrix Director Load Balancing – NetScaler 12 Warm up Citrix VDA’S with ControlUp logon simulator and PowerShell Command-line switches for Microsoft Office products Tech/Nerd/Gadget/Gaming Thanks for reading, AlainFiled under: Always … Continue reading WAGTHEREAL DIGEST – September 2 2017 →
Categories: , Citrix, Virtualisation

Intune Company Portal for macOS Experience

Aaron Parker's stealthpuppy - Sat, 09/02/2017 - 06:06

Microsoft released a beta version of the Intune Company Portal for macOS just last month; however, it’s since been pulled from the Download Center. This app had been made available along with the announcement of Conditional Access supporting macOS in preview.

Installing the Company Portal is required to enable Conditional Access support on macOS, so I imagine a new version will be made available soon. If you’re testing with Macs or looking for full support with Intune, this is an important part of the puzzle.

Intune Web Enrollment

Previous to the Company Portal on macOS, enrollment in Intune is a largely manual process that requires logging into the Intune web portal with a browser, downloading a management profile and installing that manually. Not the best user experience.

Here’s what that looks like:

Intune Company Portal for macOS Experience

With the Company Portal, the user experience is streamlined, with the management profile installed automatically and you can see device compliance status from within the app. Here’s a quick look at the end-user experience with the Intune Company Portal for macOS on macOS Sierra.

Hopefully we’ll see the portal app available for download again soon and available for wider testing. I’m also hoping that the availability of the Portal app means we’ll see the ability for Intune to install apps on macOS. As we see more Mac devices (either corporate or personally owned), the ability to deploy and manage apps on this platform becomes critical. 

This article by Aaron Parker, Intune Company Portal for macOS Experience appeared first on Aaron Parker.

Categories: Community, Virtualisation

Age of Machine Learning and Artificial Intelligence

Citrix employee blogs - Fri, 09/01/2017 - 14:00
We are living in the golden age of Machine Learning (ML) and Artificial Intelligence (AI).

Three driverless vehicle companies (Google, Uber, and GM) circle the Citrix Octoblu Tempe offices on a daily basis. Cognitive AI systems like IBM Watson are …

  Related Stories
Categories: Citrix, Virtualisation

The National Kids Cancer Ride is Less Than One Week Away!

Citrix employee blogs - Fri, 09/01/2017 - 12:00
The countdown has begun – the National Kids Cancer ride starts on September 3, 2017, a little less than one week from now. It’s time to finally begin the journey in earnest.

Throughout the year, there have been several phases. …

  Related Stories
Categories: Citrix, Virtualisation

Provisioning XenApp & XenDesktop Workloads in Azure US Government

Citrix employee blogs - Thu, 08/31/2017 - 17:00

I am pleased to announce preview support in Citrix Cloud XenApp and XenDesktop service to provision VDAs on Azure US Government cloud. This allows Citrix administrators to quickly deploy and manage XenApp and XenDesktop workloads in Azure Government Cloud using …

  Related Stories
Categories: Citrix, Virtualisation

Citrix ICA Client – What Leaks?

Citrix employee blogs - Thu, 08/31/2017 - 14:00
A common question I receive as Security Product Manager for XenApp and XenDesktop is “what information is left behind after the Citrix ICA client executes?” This happens most often for PCI DSS and HIPAA audits and the question is normally …   Related Stories
Categories: Citrix, Virtualisation

Finally Making Password Security a Thing of the Past!

Citrix employee blogs - Thu, 08/31/2017 - 12:00

Finally Making Password Security a Thing of the Past! It’s Not About the Password; It’s What’s Behind It

Not all of us can remember those 47-character passwords with 5 special characters and that require 3 of the letters to be …

  Related Stories
Categories: Citrix, Virtualisation

Pages

Subscribe to Spellings.net aggregator - Virtualisation