|
 Hello All,
Good news for all : Access Gateway 4.2 will be available on december 6 !
What’s New
New Features in version 4.2
The 4.2 releases provide the first integrated operation of the Access Gateway appliance and the Advanced Access Control option. When deployed together, the Access Gateway appliance is deployed in the DMZ, and the Advanced Access Control option is deployed on Windows 2003 server(s) inside the secure network. These two components work together to provide a seamless access experience.
Note for customers with Access Gateway Enterprise 4.0 deployments: The software based Secure Gateway function is now performed by the Access Gateway appliance; therefore the software Secure Gateway component is no longer provided or supported for deployments that include Advanced Access Control 4.2. Existing Access Gateway Enterprise 4.0 customers should purchase an Access Gateway appliance to replace their Secure Gateway component if they wish to deploy Access Gateway 4.2 and Advanced Access Control 4.2..
What’s new in Access Gateway 4.2
· New black bezel – The appliance bezel has been changed from red to black. No other changes have been made to the appliance.
· Double Source Authentication – A single user name can be authenticated to two different sources e.g. both Active Directory and RSA SecurID credentials could be authenticated on login. This feature allows the Acecss Gateway to duplicate the web interface capability of requiring both password and token code.
· Access Gateway multi-language client – the Access Gateway Client is available in five languages – English, Japanese, French, Spanish, and German. Note that the Access Gateway appliance and administration continues to be available only in English.
· Other technical updates – Support for Secure LDAP and wildcard SSL certificate support.
What’s new in Advanced Access Control 4.2
End-user Features:
· Enhanced authentication support – The integration of the Access Gateway appliance allows additional authentication types to be supported. The options that are available to authenticate to a Logon Point hosted on an Access Gateway appliance are: LDAP (such as Active Directory or Novell eDirectory), RSA SecurID, Secure Computing Safeword, and RADIUS. Note that local-hosted (appliance) user accounts are not supported when using Advanced Access Control.
· Client consolidation and improved End User Experience – The Access Gateway Secure Access Client (formerly called Access Gateway Client) is used to tunnel all traffic from the client workstation to the Access Gateway appliance, eliminating the need for the ActiveX Gateway client and Advanced Gateway client. In addition the Secure Access Client is included in the Access Client packager.
· Clients downloaded as needed - All workstation clients are downloaded on an as-needed based to improve the end user’s overall experience. Advanced Access Control 4.2 includes the Secure Access Client, LiveEdit client, and End-Point Analysis (EPA) client. In addition,
· Simplified access to Citrix Presentation Server published applications – Citrix Presentation Server published applications are accessible from within the Advanced Access Control navigation page, allowing users to quickly access and launch published applications.
Administrative Features:
· Access Suite Console administration of Access Gateway Appliance – The Access Suite Console has been extended to provide administration and configuration for the Access Gateway appliance. Policies, appliance tunnels, and network connections are all administered within the Access Suite Console. Certain appliance configurations still require the Access Gateway Administration Tool, such as the NIC configuration, server certificate configuration, and Advanced Access Control server location.
· Extended Citrix License Server support – When the Access Gateway appliance is configured with Advanced Access Control, licenses for the appliance are maintained within the Citrix License Server. The Access Gateway appliance relies on the Advanced Access Control backend to acquire a license and validate the session. Any license files installed on an Access Gateway appliance configured with Advanced Access Control are ignored.
· Continuous host checking and filtering – Administrators are able to apply continuous endpoint analysis checks and filters to enforce user access and compliance.
Architectural Features:
· Multi-language support and documentation. – All components of Advanced Access control are available in five languages – English, Japanese, French, Spanish, and German.
· Access Gateway integration with Advanced Access Control infrastructure – The central feature of Advanced Access Control 4.2 is the integration with the Access Gateway appliance. This integration produces the following changes to the core product infrastructure, providing several feature, architectural, and security benefits:
o Access Gateway appliance replaces Secure Gateway in the DMZ – The Access Gateway appliance is deployed in the DMZ to provide secure, external access to the Advanced Access Control infrastructure. In addition, the Access Gateway appliance is simple to deploy and manage while giving customers the convenience, benefits, and security of a hardened appliance in the DMZ.
Note: Secure Gateway is not supported with Advanced Access Control 4.2. Existing Advanced Access Control 4.0 customers must replace Secure Gateway with the Access Gateway appliance if they wish to deploy Advanced Access Control 4.2.
o Multiple Logon Points can be hosted on Access Gateway appliance – Administrators can configure multiple Logon Points on each Access Gateway appliance, with different users authenticating through different logon points. All appliances can host all defined logon points.
o Endpoint Analysis support through Access Gateway appliance – With the Access Gateway appliance running in the DMZ, the end-user enters the URL of the Logon Point hosted on the Access Gateway appliance, or launches the Secure Access client, the Endpoint Analysis Client executes endpoint scans, and Advanced Access Control policy settings are applied based on the scan results. The end-user’s experience with endpoint analysis scanning is the same as provided with Advanced Access Control 4.0.
o Access Gateway host-checks incorporated as Advanced Access Control endpoint scans – Previous versions of the Access Gateway appliance allowed host checks to be configured for performing scanning of registry keys, files, and running processes on the client workstation. This host-check configuration has been moved to the Access Suite Console in the same location where Advanced Access Control endpoint scans are configured. This allows all end-point scanning to be configured in the same location. Host-checks continue to function in the same manner they were performed with the Access Gateway 4.0 appliance.
o Access Gateway Realms moved to Logon Points – The realms that can be configured within the Access Gateway 4.0 appliance are migrated to behave as Logon Points within Advanced Access Control 4.2.
o Workspace Control support through Access Gateway appliance – If an end-user has launched Citrix Presentation Server published applications within an Access Gateway session and disconnects the applications to roam to a new client workstation, the session state is preserved such that endpoint analysis scans are re-run on the new device, access policies are re-executed, and the Citrix Presentation Server published applications are re-displayed to the user without loss of information unless access control policies do not allow reconnection to that application or virtual channel.
· Built-in Advanced Access Control server load balancing – With previous versions of the product, a hardware load balancer was typically used to load balance the Web Server component of the Advanced Access Control environment. Advanced Access Control 4.2 provides built-in load balancing of the Web Server component when used in conjunction with the Access Gateway appliance, eliminating the need for a hardware load balancing solution and eliminating extra costs. The Agent Server and HTML Preview components continue to be automatically load balanced by the Advanced Access Control infrastructure.
· Inclusion of SmartAccess for Web Interface hotfix – After Advanced Access Control 4.0 was released, a hotfix was created to provide SmartAccess capabilities when using Web Interface as a web resource within the Advanced Access Control main navigation page. This hotfix allows published applications to be filtered and Citrix Presentation Server policies to be applied according to the Access Control preferences associated with those applications.
· Scalability and performance enhancements – The scalability and performance of the Advanced Access Control infrastructure has been enhanced.
What happened to “Access Gateway Enterprise”?
The term Access Gateway Enterprise is no longer being used, due to marketplace confusion. We are now clearly naming the bundle of the Access Gateway and Advanced Access Control as “Access Gateway and Advanced Access Control”
Why has the Appliance Bezel Changed to black?
As the start of the integration with NetScaler, we agreed to present to consistent appliance look and feel from Citrix. The NetScaler black bezels were deemed to provide a better look. Apart from the bezel color change, there are no major changes to the existing appliance
|