Thursday, July 10, 2008

[THIN] Re: ICA Client Encryption

I think Steve's recommendation is solid.
 
Why does he want to use Basic encryption?  It's really not secure and I don't know that Citrix should even call it encryption.
 
- Bob
 
 

From: thin-bounce@freelists.org [mailto:thin-bounce@freelists.org] On Behalf Of Jensen, Jay
Sent: Thursday, July 10, 2008 5:58 AM
To: thin@freelists.org
Subject: [THIN] ICA Client Encryption

 

Hello gang, BriForum 2008 at Chicago Navy’s Pier rocked!!  What a relaxed and awesome venue!

 My new boss wants to put the ICA (XenApp Client 10.20) encryption level from our previous 128-bit encryption to Basic encryption when we migrate to our new XenApp 4.5 Farm.  In the past we have always used 128-bit encryption due to security to reduce any chance a hacker could intercept our ICA TCP/IP packets and jeopardize our Citrix Farm / Corporate data.  We are an international business with over a 250-server farm so it is imperative we get it right!

We use CSG today for our External Citrix connection and we are in the process of migrating to Access Gateway both internally and externally.

What is everyone else using for ICA client encryption and/or can you point me to a whitepaper or recommendation site what is the best practice on ICA Client encryption?  I guess I am old school and maybe I am being stupid in recommending 128-bit encryption on the ICA client and I would like one of experts in this list to guide me in the rigiht direction and ease my fears that Basic ICA encryption is what should be used!

Thank You in advance for your assistance.

Jay Jensen
Citrix Team
Americas Sales and Distribution IT
Trane Commercial Systems
Ingersoll Rand

3600 Pammel Creek Road, La Crosse, WI  54601
Tel: 608-787-4619

E-mail: jjensen@trane.com
www.trane.com
The information in this message is the property of Ingersoll Rand Company. This message is intended only for the use of the addressee named above and may contain legally privileged and/or confidential information.  If you are not the intended recipient of this message, you are hereby notified that any use, dissemination, distribution or copying of this message is strictly prohibited.  If you receive this message in error, please notify us immediately by telephone or return e-mail and delete the message, all copies thereof and any attachments. We thank you for your cooperation.

 

 

Posted by thinlist at 10:14 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)