Alternative for “is_vpn_url” When using AAA, I usualy setup a ContentSwitch that integrates a non addressable AAA vserver. Continue Reading →
Basic web authentication setup With the Netscaler 10.5 release came a new feature: Web Authentication. Continue Reading →
Use SAML Attributes in Policy Expressions SAML is a protocol that is taking off more and more allowing authentication of users without passwords over public Networks. Continue Reading →
Citrix Netscaler and SSL 3 “Poodle” vulnerability Citrix just released a security advisory article regarding the SSL “poodle” vulnerability and how we can disable SSL 3.0 protocol on the Netscaler -> http://support.citrix.com/article/ctx200238 The article shows how we can disable SSL on vServers and on NSIP, MIP and SNIPs. Continue Reading →
ShellShock and NetScaler 1-oct-2014 – Updated with new Responder Policy to block ShellShock based on traffic pattern 28-oct-2014 – Updated with new NetScaler version with Bash Fix This week it happened again, after HeartBleed a couple of months ago another major security hole popped-up; ShellShock or CVE-2014-6271. Continue Reading →
Kerberos SSO by impersonation Kerberos is complicated, but you should not over-complicate it. Continue Reading →
How To: NetScaler 10.5 as SAML Identity Provider In this how-to we will explain how to setup the NetScaler as a SAML Identity Provider (IdP) for SAML 2.0 so we can generate tokens / assertions to be consumed by a SAML Service Providers (SP). Continue Reading →
