Released 2017 and updated in 2021. There is this support doc here, which just talks about some password options. These are covered in the text below, but need to be combined with other techniques.
In our environment we have no external facing Netscalers which authenticate with 6 digit PIN + SecurID + Citrix FAS. Would this need to be implemented in our environment?
Thanks for the note, I expect the logs would be a good indicator. Multiple factors is always a good starting point- as long as the logs don’t show lots of attempts to access ( that are failing ). As ever something to review if things change
Great post.
PS: The "here" in the "There is this support doc here," link results in 404 (the "Oops...").
Hello Pavol, thanks for the heads up! Looking over the doc there are a few support links. Which one was it that was 'dead'?
Kind Regards Andrew
Hi Andrew,
it's the "here"
(https://support.citrix.com/article/CTX230464/how-to-prevent-brute-force-login-attacks-on-netscaler-gateway)
in
Released 2017 and updated in 2021. There is this support doc here, which just talks about some password options. These are covered in the text below, but need to be combined with other techniques.
I love you articles, keep up the brilliant work!
Pavol
https://web.archive.org/web/20221115021028/https://support.citrix.com/article/CTX230464/how-to-prevent-brute-force-login-attacks-on-netscaler-gateway
In our environment we have no external facing Netscalers which authenticate with 6 digit PIN + SecurID + Citrix FAS. Would this need to be implemented in our environment?
Thanks for the note, I expect the logs would be a good indicator. Multiple factors is always a good starting point- as long as the logs don’t show lots of attempts to access ( that are failing ). As ever something to review if things change