BY USE CASE
Secure Distributed Work
Deliver zero trust network access (ZTNA) to all IT-sanctioned apps—web, SaaS, and client-server —whether they’re on premises or in the cloud. No matter how or where they’re accessed.
This ZTNA approach lets you enable remote access without VPN, to reduce your attack footprint while protecting data and user sessions:
Citrix Secure Private Access only allows outbound connectivity, ensuring your applications are always hidden from discovery.
For private applications, customers can deploy Citrix Cloud Connectors —either on premises or in AWS or Azure —to provide secure access with fault-tolerance and failover support:
User risk profiles allow IT to track activity and enforce policies as needed.
Granular insights also allow admins to troubleshoot issues that may arise, such as attempts at unauthorized access:
With integrated remote browser isolation technology, users can securely access IT-sanctioned applications from managed, unmanaged, and BYO devices without an endpoint agent.
Local sessions are automatically redirected to a cloud-hosted browser, ensuring any malicious code on infected BYO devices won’t reach your applications and network:
New ways of working have introduced new security challenges—including risks from BYOD and unmanaged devices that have been exposed to external threats. That’s why Citrix Secure Private Access lets you enforce controls on these devices to prevent hijacking of user credentials.
Built-in anti-keylogger and screen capture protection scramble strokes and return screenshots as blank. So the data presented by your applications stays safe, always.
Implement adaptive access policies to keep your data secure based on real-time risk factors, and enforce controls such as:
You can use these policies to enforce controls such as preventing downloads and watermarking pages in sensitive apps:
While other ZTNA solutions require third-party vendors to evaluate device posture, which adds costs and complexity, Citrix Secure Private Access provides built-in features for adaptive authentication, such as device posture checks, user location, user role, and risk score.
Authentication is not static, and these factors are used to intelligently decide the most suitable authentication mechanism for the user:
With capabilities to scan end user devices before and after each session, application access is monitored based on factors such as geolocation, device posture, risk profiles, and more:
Single sign-on (SSO) ensures your users have fast application access without having to authenticate into each application individually. This powerful tool helps reduce password management and improve security and governance.
You can configure Citrix Secure Private Access for each corporate application—and use ready-to-go templates for popular SaaS apps: