Updated: 2-23-2016 A couple of months ago I released this blogpost:https://www.antonvanpelt.com/make-netscaler-ssl-vips-secure This blogpost is still valid however, last week Citrix released NetScaler 10.5 57.7. This firmware release contains various improvements on SSL security. Lets see what has been improved…. Default Security First lets try to run a SSL server test on a default SSL based ...
Recently I implemented a Citrix NetScaler environment at a Dutch insurance company. This company uses Citrix NetScaler as a reverse proxy for various web-based applications. One of these applications is using public signed client (user) certificates. Based on the client certificate information a user will get a specific role assigned within the web app. This ...
THIS ARTICLE HAS BEEN UPDATED: https://www.antonvanpelt.com/make-your-netscaler-ssl-vips-more-secure-updated Nowadays just securing your webserver with a SSL certificate isn’t secure enough. Recently the POODLE man in the middle attack makes the SSLv3 officially unsecure. I know this is not the first post written on hardening NetScaler, Neil Spelling and Marius Sandbu wrote very good articles on this topic. In this ...
