101: The Citrix Session: Help mitigate your organization’s cybersecurity risks – Part 1

Mar 3, 2022

Cybersecurity can often seem to present impossible challenges as organizations strive to repel attack attempts. But, really, cybersecurity’s is about risk management — layering on controls to reduce risk to an acceptable level.

Cybersecurity risk management requires a multi-faceted approach, and organizations should evaluate risk and choose the appropriate option(s) to address it. After a thorough risk assessment, the organization can choose to:

  • Accept the risk: Organizations can acknowledge the risk and choose not to resolve, transfer, or mitigate it if it is not feasible.
  • Avoid or eliminate the risk: This option may involve elimination of the risky service or feature to remove the risk from the equation.
  • Mitigate the risk: This option is where technical and administrative controls are implemented to reduce the likelihood or impact of risk.
  • Transfer the risk: This option assigns or moves the risk to a third-party via cyber liability insurance.

Host: Andy Whiteside
Co-host: Bill Sutton
Co-host: Ben Rogers


00:00:02.520 –> 00:00:11.790
Andy Whiteside: hi everyone and welcome to episode 101 of the citrix session i’m your host Andy whites i’ve got bill Sutton with me from integrity.

00:00:12.210 –> 00:00:21.210
Andy Whiteside: leader delivery services here and I got the been roger’s from citrix on with me, then you missed the i’m saying this tongue in cheek you missed the 100th episode Party last week.

00:00:24.330 –> 00:00:34.470
Ben Rogers: Well, good thing we had Presidents day off, and I was in charleston South Carolina with my sister, so I had to miss it I could have been in a better place than this.

00:00:34.680 –> 00:00:38.880
Andy Whiteside: You shouldn’t you should watch the video bill had like a party hat on and he was clean.

00:00:40.140 –> 00:00:40.830
Andy Whiteside: You wouldn’t believe it.

00:00:41.310 –> 00:00:42.210

00:00:43.410 –> 00:00:44.730
Bill Sutton: And if you believe that.

00:00:45.120 –> 00:00:47.700
Bill Sutton: i’ve got a bridge in New York, I can sell you a.

00:00:49.800 –> 00:00:52.110
Andy Whiteside: bridge in New York um.

00:00:53.220 –> 00:01:02.250
Andy Whiteside: Well, I think he does kind of highlight the point that you know we’re mostly consultants engineers on this call and we’re here to provide good content and.

00:01:03.030 –> 00:01:08.670
Andy Whiteside: i’m you know, had I had I taken the time to get the marketing people involved with done a much bigger.

00:01:09.540 –> 00:01:24.930
Andy Whiteside: Announcement around the 100 episode we to recap the first 100 but that’s not we do here, we talked about content and that’s what we’re gonna do today so with that i’ll jump into today’s blog me share my screen, so you guys can see what i’m talking about.

00:01:26.010 –> 00:01:32.550
Andy Whiteside: The blog that we’re covering is from Florian large zucca that you say, have been you know.

00:01:33.000 –> 00:01:33.810
Ben Rogers: I do not know.

00:01:34.350 –> 00:01:38.460
Andy Whiteside: i’ve met for him, but multiple times but i’ve never actually stopped to pronounce his last name that I know of.

00:01:38.970 –> 00:01:49.410
Andy Whiteside: The title of this is help help mitigate your organization’s cyber security risks, this is from a few weeks ago and I can’t think of a more appropriate topic.

00:01:50.130 –> 00:01:59.580
Andy Whiteside: Especially when it comes to the general idea of cyber security and to be quite specific citrix I was at a conference last week and I challenged this individual.

00:02:00.270 –> 00:02:04.830
Andy Whiteside: As to whether delivering what I just said, I said is citrix a security company and.

00:02:05.340 –> 00:02:14.010
Andy Whiteside: You know they kind of talked around and talked around it and ultimately came up with, yes, but they didn’t really know why they said yes, and I think part of this conversation today is going to highlight.

00:02:14.520 –> 00:02:27.570
Andy Whiteside: Why, even though citrix may not run around telling you their security company the concepts and principles behind this from day one, have a lot of security benefits to them and have expanded over the last five years for sure, and even more.

00:02:29.490 –> 00:02:37.950
Andy Whiteside: For me, if I can turn off printing inside my protocol and securely allow you to access that workload and not print man that’s a security play and that’s been around for a long time.

00:02:39.150 –> 00:02:47.280
Ben Rogers: So at this this article kind of has a special place in my heart, because if Pam Saunders is listening, my old boss.

00:02:47.910 –> 00:02:55.530
Ben Rogers: once a year, we would have to go through and do our annual risk assessment and a lot of what this says here in the middle, here, about how you.

00:02:55.950 –> 00:03:01.800
Ben Rogers: handle risk, you know, risk assessment and about eliminating risk it’s more about you know, do you deal with it.

00:03:02.160 –> 00:03:09.000
Ben Rogers: Or do you try to avoid it or do you mitigate it or, more importantly, he tried to transfer that off to another party.

00:03:09.420 –> 00:03:17.400
Ben Rogers: But these risk assessments I don’t care what industry you’re in or what part of it or administration that you’re involved in.

00:03:17.670 –> 00:03:28.080
Ben Rogers: You need to be doing these things inside of your company, because this is really going to tell you, you know one how adverse to risk is your organization and risk is just not computer wrist.

00:03:28.410 –> 00:03:37.080
Ben Rogers: wrist could be man i’ll give you an example, I had a healthcare, I had a health care scare in my family that happens with a you know, a family member of mine.

00:03:37.440 –> 00:03:46.770
Ben Rogers: And it put their business, it really is because this person was some of the only his job he was the only one that was doing, and so we very quickly realized that.

00:03:47.070 –> 00:03:52.260
Ben Rogers: This person is not here, these things don’t happen, and so, those are the sorts of things to get.

00:03:52.590 –> 00:04:02.190
Ben Rogers: identified and a risk assessment and an it a risk assessment, but also a risk assessment as a company as to what this is really looking at what is the risk health.

00:04:02.460 –> 00:04:18.540
Ben Rogers: of your organization and what risk, are you willing to accept can’t do anything about it but you’re willing to accept it and what risk, are you willing to mitigate there’s $1 cost with this, so I have done a lot of these in my past experience, but probably some of the most.

00:04:19.830 –> 00:04:23.340
Ben Rogers: Intense but helpful things in an organization can do.

00:04:24.000 –> 00:04:32.430
Andy Whiteside: Well, you may have come in a minute ago you can choose to ignore it, I think you’re not saying that but you saying, some people do know you can’t he just can’t.

00:04:33.960 –> 00:04:41.490
Ben Rogers: it’s part of the risk strategy that I mean some of the things you might go this risk is out there, but there might be very little that I can do about it or.

00:04:41.820 –> 00:04:55.830
Ben Rogers: What happens, sometimes is the cost to mitigate, it is not worth the ramification and if it was to happen, you know what’s the saying why are you gonna spend five cents to protect the one cent asset yeah.

00:04:56.370 –> 00:04:58.020
Andy Whiteside: i’ve never heard that, but it makes less sense.

00:05:00.660 –> 00:05:08.370
Andy Whiteside: yeah I know that says a lot of your background I know this part of big part of bills logic to being.

00:05:09.210 –> 00:05:24.180
Andy Whiteside: Experienced citrus guy and understanding, my comment just now around turning off the print the ability to print or download files and that’s huge if you can only if you can only stick your head through the front door, not your whole body and go get what you need that’s massive mitigation.

00:05:24.240 –> 00:05:31.680
Bill Sutton: Right there’s only is it to ben’s point I think the the four categories, a list here, except avoid mitigate transfer.

00:05:32.400 –> 00:05:43.320
Bill Sutton: It depends on the risk some you may mitigate some you may transfer I don’t think anybody’s in the business of transferring it all to an insurance company, because then you’re you know, then obviously you’re you’re not really doing much and you’re.

00:05:44.490 –> 00:05:53.940
Bill Sutton: Basically, planning on on invoking the insurance in the event that there’s a breach and that’s not up I don’t think a smart strategy.

00:05:54.240 –> 00:05:55.920
Andy Whiteside: But it, but it is a strategy i’ll give you one is a.

00:05:55.920 –> 00:06:02.010
Andy Whiteside: strategy, you want a real life right so bill your kids don’t drive you right then your kids don’t your your youngest kid don’t drive.

00:06:02.130 –> 00:06:03.300
Ben Rogers: I wonder, does that.

00:06:03.960 –> 00:06:11.730
Andy Whiteside: yeah, but when they turn 16 you have a choice you can teach them everything proper about defensive driving and not drinking and driving and doing all the right things.

00:06:11.940 –> 00:06:19.170
Andy Whiteside: But in the day bill they’re going to send you aside whatever class you go to hopefully and they’re going to tell you go get go get liability insurance beyond go get.

00:06:19.740 –> 00:06:28.050
Andy Whiteside: You know umbrella policies everything, because you know that’s, the only way you’re going to transfer the risk that you can’t control.

00:06:28.110 –> 00:06:35.430
Bill Sutton: To some that’s right we already have it because we put a big swing set in the backyard several years ago, many years ago when they were younger and they had friends over.

00:06:35.910 –> 00:06:43.290
Bill Sutton: And I thought you know some friend falls breaks a leg I need to make sure I have covered in case that I get in case I get sued or something so.

00:06:43.860 –> 00:06:53.070
Bill Sutton: already have the umbrella policy, but the point is you’re right you’re absolutely right, it was all about you know basically transferring that risk to someone else in the event that occurred, even though it was unlikely.

00:06:53.340 –> 00:07:01.770
Andy Whiteside: The ultimate risk like you still have some responsibility yeah you’re always going to feel bad it kid breaks his leg in your backyard, but any other day man, the financial, which is what this comes down to.

00:07:02.070 –> 00:07:15.360
Andy Whiteside: that’s right gotta go somewhere yeah alright so bill cover these real quick any additional things we want to talk about the four different general areas of acceptance avoidance mitigation transfer.

00:07:15.780 –> 00:07:27.930
Bill Sutton: No, not really I mean that covers at all, or for the most part, and then they talk about the benefits of cyber cyber security insurance or at least what they cover you know breaches identity recovery, etc.

00:07:29.310 –> 00:07:36.450
Andy Whiteside: yeah and I think this is interesting, too, because I just called my personal policy umbrella, which in my head at least says it covers everything.

00:07:37.110 –> 00:07:43.500
Andy Whiteside: Things not listed is that what this is covers everything, or does it clearly define these things, and the rest of that stuff they’re not taking the risk for.

00:07:43.560 –> 00:07:46.620
Bill Sutton: yeah most of most companies are going to have general liability insurance.

00:07:47.430 –> 00:07:57.270
Bill Sutton: But general liability insurance doesn’t no longer covers cyber security issues, so you have to get cybersecurity insurance to cover those types of issues, the ones that they list here for the most part.

00:07:58.260 –> 00:08:05.190
Bill Sutton: So general liability would cover, you know that somebody getting hurt on your premises, or something along those lines and cyber security is more targeted at just what it.

00:08:05.700 –> 00:08:13.920
Bill Sutton: implies, which is it breaches and identity recovery and and you know, extortion from a ransomware attack and so forth yeah.

00:08:15.270 –> 00:08:21.180
Andy Whiteside: What and i’m not going to go down this topic at all, but i’m literally while we’re talking about i’ve got i’ve got a secure document I shared with somebody who.

00:08:21.570 –> 00:08:29.910
Andy Whiteside: is going to be doing security vdi security audits, for us, and it prompted me to go think and find out what the status of that and I shared it online, so I know they’re editing it real time online.

00:08:30.270 –> 00:08:46.950
Andy Whiteside: i’ve got the benefit of workspace technologies case citrix workspace technology, where I can go search in one place for that document, find it so I get I get cyber security avoidance and and those things we’re going to talk about here, while also getting convenience, if you do it right.

00:08:46.980 –> 00:08:48.090
Andy Whiteside: it’s powerful.

00:08:49.740 –> 00:08:59.610
Andy Whiteside: All right, ah, so the first section here is about multi factor authentication i’m going to jump in front of this one, though, and have you guys been i’ll let you jump in on this.

00:09:00.780 –> 00:09:10.980
Andy Whiteside: single identity not not single sign on but single identity we’re having this conversation our morning management meeting about how important it is to limit the number of ids that you’re carrying out there, so you don’t have as many.

00:09:11.850 –> 00:09:15.720
Andy Whiteside: Policies personal problem you don’t have as many things to manage in terms of password.

00:09:16.290 –> 00:09:30.180
Andy Whiteside: related challenges and rules and profiles, but let’s put identity in front of multifactor real quick before we talk about multifactor so been identity, a single identity management, how important in that, and how real is that today.

00:09:31.380 –> 00:09:44.040
Ben Rogers: Well, I mean, so I i’ll answer your question with a little bit of a challenge if you can get down the single identity, good luck for me it’s down to corporate identity or work identity and home, I did.

00:09:44.550 –> 00:09:53.520
Ben Rogers: And like where I came from healthcare, I had some doctors and physicians and administration that wanted to merge those two they wanted to have their.

00:09:53.820 –> 00:09:58.650
Ben Rogers: Business identity merged in with their personal identity and it just wasn’t a good idea.

00:09:58.950 –> 00:10:07.980
Ben Rogers: Because different people need access to that so single identity, I think gotta be I think you’re gonna have to break it down you’re going to have one identity for your personal environment.

00:10:08.280 –> 00:10:12.930
Ben Rogers: Your personal you know dealing with your family dealing with kids scheduling and all that you have another.

00:10:13.230 –> 00:10:21.060
Ben Rogers: Identity that’s for work that’s going to be separate and the reason for that is is that you don’t want to intermingle those and, in some cases, you.

00:10:21.450 –> 00:10:27.330
Ben Rogers: might have some people from outside the organization that want to get in and look at your personal side.

00:10:27.780 –> 00:10:37.560
Ben Rogers: But if it’s mixed and that’s just not possible so i’m a big fan of separate identities for work in for personal and then for work man it’s it’s you know least access, what does what does this.

00:10:37.890 –> 00:10:45.000
Ben Rogers: person need and what’s the least amount of access, can we give them to ensure what they have now, I will say.

00:10:45.360 –> 00:10:57.150
Ben Rogers: One comment on Cyber insurance cyber insurance companies just don’t give you cyber insurance part of this article is talking about the audit that’s going to come along with this so like where I was at.

00:10:57.570 –> 00:11:07.560
Ben Rogers: For we had to apply for cyber insurance and so sure enough man, we apply for it next thing we know is auditors in our space going.

00:11:07.770 –> 00:11:13.530
Ben Rogers: We want to do all these check boxes, and these are the things are looking at do you have multi authentication.

00:11:13.770 –> 00:11:23.760
Ben Rogers: What is the identity of the user is there, multiple identities, you know what I say corporate identity should be one identity, but what if I work with two different organizations, what if I work for my.

00:11:24.120 –> 00:11:35.670
Ben Rogers: clinic but my clinics also partner with a hospital i’m forced to have an identity there so single identity, I don’t know man I haven’t achieved that in anywhere that i’ve worked so far.

00:11:36.120 –> 00:11:46.920
Andy Whiteside: Well, and that’s that’s true so but, but the okay so single corporate work single work identity is the goal, but the reality is not that that’s a reality right.

00:11:48.030 –> 00:11:52.320
Andy Whiteside: we’d all have to agree on one identity right we don’t have to agree on one provider.

00:11:54.270 –> 00:12:04.410
Andy Whiteside: To be you got to have somebody’s got to be the single source of truth in that that conversation and that’s never going to happen, but, but the need to have it is a no brainer it’s too limited as much as possible as a no brainer right.

00:12:06.300 –> 00:12:17.220
Bill Sutton: yeah we had a we had a security briefing and couple of weeks ago, you might have been on an Andy I don’t know and the person doing the briefing said, you should really only have five known passwords in your life.

00:12:18.300 –> 00:12:29.460
Bill Sutton: And that is your work credentials your personal email your apple ID if you have that or android and then I for the life of me I can’t remember the other two, but they were five total but you should you should know.

00:12:29.850 –> 00:12:38.430
Bill Sutton: and the rest of them, you should lead to some form of a password manager or something that is using a highly secure cryptic password that can be guest.

00:12:41.040 –> 00:12:42.210
Andy Whiteside: starred you say pass phrase.

00:12:42.420 –> 00:12:44.250
Bill Sutton: Pass phrase that’s what I meant to say sorry.

00:12:45.510 –> 00:12:47.400
Andy Whiteside: You know at that and I.

00:12:48.420 –> 00:12:52.290
Andy Whiteside: Am a huge fan the pass phrase is first of all I can’t remember complex passwords yeah.

00:12:52.680 –> 00:12:58.710
Andy Whiteside: yeah you get one side that’s got a allows you to have a special character and one side that doesn’t allow you have a certain special character and and.

00:12:59.490 –> 00:13:14.340
Andy Whiteside: And and it’s amazing the ones, he talked about the you know, protect a penny with five cents, or whatever I forget the exact statement i’ve got one like my time share login it’s the most difficult password I have for my time here my banks easier than that one.

00:13:17.430 –> 00:13:25.860
Andy Whiteside: All right, let’s go move on to the first real section to have here, which is we’re going to talk about the requirement, the citrus capability and the technology, the product citrix has.

00:13:26.250 –> 00:13:31.620
Andy Whiteside: It will let you handle this one multi factor authentication help us see what the Florida is covered here.

00:13:33.900 –> 00:13:40.140
Ben Rogers: Well it’s cool what’s cool about this is, we can do it out of the box without third party or we can hinge and the third party.

00:13:40.830 –> 00:13:47.520
Ben Rogers: Like October, or something like that so man from the from the cloud perspective from our workspace infrastructure perspective.

00:13:47.880 –> 00:14:01.020
Ben Rogers: We can make this really easy for you, I mean this is essentially a radio box and if you’re doing something like okta you know, an IP an API marriage, but uh I mean men.

00:14:02.190 –> 00:14:10.650
Ben Rogers: Multi factor authentication if organizations haven’t done this, yet this is really probably one of the most important things you could do to secure environment.

00:14:10.980 –> 00:14:20.190
Ben Rogers: Making somebody has something other than a password to get in is probably one of the most important things any organization can do, because that password is susceptible.

00:14:22.920 –> 00:14:37.860
Andy Whiteside: So to bend the idea that some companies, used to say they couldn’t afford to do this, in other words by the technology if you’re a citrix shop you’ve got it, it may not be your it may not be the end all be all but you’ve got it it’s ready to be turned on no excuse yep yep.

00:14:37.950 –> 00:14:42.450
Ben Rogers: And I would have to challenge people I think today you can’t afford not.

00:14:43.140 –> 00:14:49.950
Bill Sutton: yeah yeah I would agree with that a lot of the when we talked about cybersecurity insurance, a lot of the cyber security folks on renewal.

00:14:50.580 –> 00:14:59.040
Bill Sutton: they’re asking the questions Ben of customers are you do you require MFA for authentication into your systems do you require MFA for access to email.

00:14:59.400 –> 00:15:13.200
Bill Sutton: and customers that have not historically had it we’ve had a lot of customers come to us and say I need to enable MFA for this or I need to enable MFA for that they’ve never really approached it before and a lot of it has to do with with their insurance company policies driving this.

00:15:13.530 –> 00:15:17.190
Andy Whiteside: Well, and that’s awesome that well it’s unfortunate that it takes the.

00:15:17.280 –> 00:15:17.940
Bill Sutton: Ad is.

00:15:18.420 –> 00:15:21.870
Andy Whiteside: guys to do it, but hey I don’t care as long as somebody is making you do at some point right.

00:15:22.020 –> 00:15:22.740
Bill Sutton: it’s important.

00:15:23.340 –> 00:15:26.580
Andy Whiteside: You know, you would never you would have eaten vegetables as a kid at your mom not forced you to.

00:15:28.440 –> 00:15:30.390
Andy Whiteside: Sorry first one came to my mind.

00:15:31.470 –> 00:15:36.870
Andy Whiteside: Alright, so let’s tie this to a product and maybe you guys already did but citrix secure private access.

00:15:37.170 –> 00:15:48.000
Andy Whiteside: I mean if you’re listening to this podcast it’s obviously because you sell citrix you implement citrix you mean it’s citrix what is the product, and how does that show up in citrix secure private access.

00:15:50.130 –> 00:15:57.270
Ben Rogers: Well, secure private access is going to give you access to the cloud infrastructure and then in the cloud infrastructure you’re going to have in there.

00:15:57.630 –> 00:16:02.880
Ben Rogers: The workspace configuration the workspace platform configuration and that’s where you’re going to see.

00:16:03.270 –> 00:16:16.410
Ben Rogers: You know what type of MFA do you want to do, who are you I, who is your ID provider, how are you doing your ID your authentication So these are, these are all the things that are built in very easy I think it’s.

00:16:17.130 –> 00:16:26.490
Ben Rogers: i’m not looking at the screen and bill and keep me honest here left mouse hamburger go down authentication I think that’s where all this magic starts to happen in there.

00:16:29.730 –> 00:16:34.380
Bill Sutton: yeah that’s right he’s in citrix cloud is part of the Platform, but I mean what it does it’s.

00:16:34.380 –> 00:16:40.950
Bill Sutton: Basically, a form of zero trust the citrix secure private access it’s their zero trust network access solution.

00:16:42.000 –> 00:16:52.860
Bill Sutton: That has a lot of things in it around you know adaptive authentication browser isolation things like that, when the user leverages that technology and obviously MFA can be a part of that it shouldn’t be a part of that.

00:16:57.060 –> 00:17:12.090
Andy Whiteside: Right, so the next section talks about in point detection and response bill that you jump in on this one i’m sure it comes up in the projects you guys are doing and probably has a lot to do with your lineage in the end point detection and response.

00:17:12.420 –> 00:17:20.010
Bill Sutton: yeah I mean this this we’re seeing a lot more of this obviously with various multiple providers that are This is like next generation antivirus.

00:17:20.910 –> 00:17:36.150
Bill Sutton: it’s basically designed to to run on the endpoint and contain malware you know where it detects malware or strange behavior and then logs that somewhere in someone’s notified and.

00:17:36.900 –> 00:17:49.440
Bill Sutton: that’s fundamentally, what it is, is really like in the newest the new the antivirus for the newest the newest exploit, so the newest malware products that are folks are trying to use to target endpoints and servers.

00:17:50.250 –> 00:17:55.890
Andy Whiteside: So So for me, this is what we historically I when I used to be a SIS admin used to try to do for ourselves.

00:17:56.190 –> 00:18:03.240
Andy Whiteside: We just be able to look out for things going wrong or things going inappropriate and respond to this now.

00:18:03.750 –> 00:18:12.780
Andy Whiteside: I was horrible at it and luckily I worked at a time when all you did was have antivirus and I get alerts and I give figure out what what what why the alert was bogus more often than not.

00:18:13.380 –> 00:18:19.530
Andy Whiteside: I don’t know that I ever actually solved any of these now it’s a point where you want something looking real time all the time.

00:18:20.010 –> 00:18:31.740
Andy Whiteside: To point out anomalies and, in my personal opinion, you should have a third party doing that for you, because you know the fox guarding the hen House may not always get you the right, the right answers.

00:18:33.480 –> 00:18:34.050
Bill Sutton: Absolutely.

00:18:34.260 –> 00:18:36.390
Andy Whiteside: But the acronym ED are.

00:18:37.650 –> 00:18:42.300
Andy Whiteside: We hear md or means detection and response and recently I heard somebody say X Dr like.

00:18:43.380 –> 00:18:54.420
Andy Whiteside: X detection and response, so no matter what it is whether it’s network, whether it’s in points, whether it’s mobile devices, whether it’s servers it’s really potentially coming from everywhere right.

00:18:54.840 –> 00:18:56.220
Bill Sutton: Absolutely, it is now.

00:18:57.930 –> 00:18:58.890
Andy Whiteside: So I have a question.

00:19:01.050 –> 00:19:15.450
Andy Whiteside: Well Ben you were gonna say something, and I want to ask you about the you and bill both about the protocol and how your traditional players can begin to us and be in DR if they can’t see the protocol go ahead and so.

00:19:15.480 –> 00:19:21.360
Ben Rogers: What I what I think’s most interesting about this particular section is when you look at the citrix technology.

00:19:21.780 –> 00:19:23.910
Ben Rogers: it’s not it’s not just one.

00:19:24.180 –> 00:19:29.700
Ben Rogers: Technology set it’s a layered set so they talked about secure private access for getting users in.

00:19:30.120 –> 00:19:42.360
Ben Rogers: Isolating applications isolating desktops from the users isolating user itself from the network, but then you see secure internet access and really what that has to do with is evaluating what’s going out now.

00:19:42.840 –> 00:19:52.440
Ben Rogers: What are the users doing or are we always scanning their Internet traffic always scanning their outbound traffic, making sure that we’re cocooning things that we don’t want let out the environment.

00:19:53.340 –> 00:19:58.920
Ben Rogers: Are we allowing things that we do on our the environment so again it’s becoming a layered approach and then you.

00:19:59.250 –> 00:20:08.760
Ben Rogers: see this last piece with the adc you know, bringing some of this adc goodness into the cloud and really what that’s getting into is you know the end factor.

00:20:09.150 –> 00:20:23.220
Ben Rogers: Can we check the endpoint can we make sure the endpoint has certain parameters on it that make it where it’s allowed into our data Center So when I look at in point detection and response I don’t think of one products that I think of a.

00:20:23.220 –> 00:20:27.690
Ben Rogers: layered approach that are working together to kind of give me a holistic view.

00:20:28.290 –> 00:20:33.450
Ben Rogers: And, hopefully with that that will keep down some of the false positives that you were talking about me but.

00:20:33.840 –> 00:20:38.850
Ben Rogers: One product said I don’t think it’s going to get it for you, I think you’re gonna have to do a layer to production, I think.

00:20:39.090 –> 00:20:46.290
Ben Rogers: You kind of brought up a really good reason for layered approach Defense you don’t want the fox guarding the hen house that doesn’t do any good so.

00:20:46.590 –> 00:20:55.980
Ben Rogers: Multiple products across this multiplies doing different things, taking different taking on different challenges with different product sets.

00:20:57.810 –> 00:21:02.880
Andy Whiteside: So if i’m a competitor city or something you want, one that does it all you want some third party does it all.

00:21:03.750 –> 00:21:13.020
Andy Whiteside: That can’t be maybe the third party that’s a bunch of tools might be part of the answer, but one product like historically thought we could use to do with all this is it’s just not realistic, is it no.

00:21:14.520 –> 00:21:22.800
Bill Sutton: Not with one tool, not anymore like two events point you really need a layered approach here and he’s right that’s a within multiple products that cover this.

00:21:24.150 –> 00:21:30.150
Bill Sutton: That that’s really what’s needed in bd ours one piece of the solution, but not the complete peace.

00:21:31.380 –> 00:21:38.940
Andy Whiteside: Alright, so let me challenge the people who tell me all the time that we can they can do it with one product that they can do it with their multiple set of products doing it for you.

00:21:39.660 –> 00:21:46.380
Andy Whiteside: If i’m building a citrix environment, is it not true that i’m letting users come in securely hopefully they’ve been challenged.

00:21:46.590 –> 00:21:59.580
Andy Whiteside: into my environment in this encrypted protocol that most things can’t see into and i’m putting them back behind the curtain to do what they’re doing and I may have bypassed a lot of those traditional ways of trust, but verify.

00:22:03.090 –> 00:22:13.080
Ben Rogers: I think i’m a i’m a mega person will come here, this is not a you know citrix comment or is INTEGRA comment I think cloud applications.

00:22:14.310 –> 00:22:26.850
Ben Rogers: cloud that a little bit or make that a little bit ambiguous because, how do you really stop the user from going directly to the cloud vendor unless you work with the cloud vendor and say only these IP addresses can get to you.

00:22:27.900 –> 00:22:33.510
Ben Rogers: I think that makes it where the endpoint does become a little bit more vulnerable because now.

00:22:34.170 –> 00:22:44.700
Ben Rogers: you’re you know you’re doing multiple things in multiple places the day of them launching the vpn and just come into our corporate environment are gone they might have to go to work day they might have to go to.

00:22:45.570 –> 00:22:56.070
Ben Rogers: You know man, whatever the payroll is so you’re asking the users to go to more places and i’m not convinced that organizations have got all that locked down and like they need to.

00:22:56.670 –> 00:22:58.350
Andy Whiteside: So then you’re talking about.

00:23:00.120 –> 00:23:11.700
Andy Whiteside: Transfer risk because now you’re using cloud services but you’re still one portion of that equation is your end user your endpoint device accessing cloud services, you still want to be able to see what’s going on.

00:23:12.120 –> 00:23:24.930
Ben Rogers: Well, also the second a step further, is accessing cloud services, but it also might be accessing corporate services, you know, so the machine might be, you know going to different directions, but the machines, now the vulnerable point.

00:23:25.350 –> 00:23:34.080
Ben Rogers: So, again, I mean I think that’s one thing that when we talk to people about cloud applications they go out and understand where six is placing here.

00:23:34.230 –> 00:23:41.100
Ben Rogers: it’s more of you know let’s make sure that your endpoint is talking to a single identity, so that you can only have that one.

00:23:41.460 –> 00:23:45.690
Ben Rogers: One place to worry about you know you’re not opening up all these different.

00:23:46.080 –> 00:23:51.210
Ben Rogers: tree limbs and you’re going to all these different places don’t make the endpoint the access point.

00:23:51.510 –> 00:24:04.830
Ben Rogers: Have that sitting beside a platform like citrix works face where you then can manage it, but also, you can secure it and ensure that the endpoint you’re working with is only talking to that one data Center or one beta service right.

00:24:06.390 –> 00:24:21.930
Andy Whiteside: All right, let’s uh next is a what I have called a Sim tool so security information event management tool, a lot of people, especially those that maybe necessarily or not, I guess, maybe focused on their own thing they’re focused on the tool, not a solution.

00:24:23.370 –> 00:24:26.430
Andy Whiteside: A lot of people are talking about sims these days bill, you want to jump in on this one.

00:24:26.790 –> 00:24:35.580
Bill Sutton: yeah I mean Sim this kind of plays into what we were talking about before the the previous category of the previous topic which is ED are the Dr systems can report into the Sim.

00:24:36.120 –> 00:24:39.870
Bill Sutton: And then, if you’ve got to manage them, which I think they might talk about later.

00:24:40.680 –> 00:24:46.890
Bill Sutton: Then you’ve got like you said that external party reviewing what’s coming in and and and make taking action as needed.

00:24:47.460 –> 00:24:52.020
Bill Sutton: or addressing issues as they come through and then, when you look at the citrix product set for this.

00:24:52.590 –> 00:24:56.190
Bill Sutton: you’ve got the analytics piece in addition to the other piece, the ability to.

00:24:56.550 –> 00:25:08.580
Bill Sutton: To leverage the analytics for adaptive off, that is, the user logs in Monday, Tuesday and Wednesday from Richmond Virginia and then all of a sudden Wednesday night or Thursday morning early there a lot of they’re logging in from Russia or somewhere like that.

00:25:10.110 –> 00:25:21.870
Bill Sutton: The analytics piece for security can help can help you know question that login or even deny that login so that coupled with ADR gives them, you know visibility, as well as control.

00:25:24.240 –> 00:25:35.670
Andy Whiteside: So bill whether you’re doing or somehow Somebody needs to have a sense of my needs to have one place to go find all this stuff or maybe to look at things as well as to put artificial intelligence into.

00:25:36.060 –> 00:25:38.340
Bill Sutton: Yes, absolutely yeah.

00:25:38.880 –> 00:25:45.660
Andy Whiteside: So been you know one things we’ll talk about a little bit is your real world example your last organization, did you have when you think was an effective tool.

00:25:46.170 –> 00:25:56.880
Ben Rogers: We were getting there, I mean I had bought a Sim tool we you know, implementing a Sim tool is difficult to do, and you know the classic saying is garbage in garbage out.

00:25:56.910 –> 00:26:08.490
Ben Rogers: yeah I mean what this tool is really designed for is to cut down the noise and it also once you zero in on events man having some kind of automated remediation of these.

00:26:08.970 –> 00:26:19.830
Ben Rogers: A lot of these go in and people get overwhelmed with all the complexity of it and that’s where i’ll pivot to our security for our analytics for security product.

00:26:20.970 –> 00:26:30.630
Ben Rogers: It is not a complicated product man and the visibility that gives you in to the ICA sessions what the users are doing and the applications, I mean i’m not trying to sell you.

00:26:31.230 –> 00:26:41.910
Ben Rogers: Something but it gives you a lot of information that’s easy to digest nice dashboards and they don’t take a lot of setup so i’m glad citrix has this look here we can feed spoke.

00:26:42.840 –> 00:26:46.650
Ben Rogers: You know man security with Microsoft, we can feed those those.

00:26:47.550 –> 00:26:55.140
Ben Rogers: systems, but in my past i’ve seen sims you know if you don’t know what you’re doing it can become a lot of jargon really quick, but again garbage.

00:26:55.440 –> 00:27:02.970
Ben Rogers: In garbage out if I was looking at companies and they don’t have anything like a slog or they’re not in that business or they don’t have the manpower to maintain that.

00:27:03.420 –> 00:27:15.990
Ben Rogers: Looking at our analytics packages really easy applications to look at and learn, and then, once you start learning, you can dive down like and you’ve been given the example of I wish I could stop people from having to print.

00:27:16.620 –> 00:27:24.540
Ben Rogers: Well, man with the analytics package you can look at and say hey if these people go to print don’t allow them to print, though, allowing access to printers so.

00:27:24.870 –> 00:27:30.780
Ben Rogers: You can do a lot of security and remediation is within the Security analytics package itself so.

00:27:31.020 –> 00:27:45.210
Ben Rogers: Again, not trying to sell anybody anything but being around the product set for a while now there’s a lot of goodness, and a lot of value in the analytics applications that can marry with the scene, or in some places, can be a safe zone.

00:27:51.360 –> 00:27:54.810
Andy Whiteside: let’s move on to the next section privileged access.

00:27:56.070 –> 00:28:05.850
Andy Whiteside: fella start with you on this one I, I can tell you guys probably know this, I have to multitask a little bit doing these podcasts I literally just had to login to my nonprofits.

00:28:06.240 –> 00:28:16.770
Andy Whiteside: Online SAS portal to grant a member or user access rights with with single identity but multifactor enabled they forgot their password.

00:28:18.300 –> 00:28:28.710
Andy Whiteside: And I had to do that in order to do that had to go into a private incognito browser window and log in as my admin accounts, how many people do you think run around with way more privileges than they do on a daily basis.

00:28:29.040 –> 00:28:30.450
Bill Sutton: Oh, goodness it’s yeah.

00:28:31.500 –> 00:28:32.010
Bill Sutton: A lot.

00:28:33.690 –> 00:28:42.690
Ben Rogers: What is it what is it called we used to have a bad time with this in healthcare, so you know, an employee starts, or at the front desk and they get.

00:28:43.440 –> 00:28:51.090
Ben Rogers: They get promoted to another job they got a little bit more responsibility and then they get promoted to another job well next thing you know they’ve got.

00:28:51.540 –> 00:29:00.240
Ben Rogers: This as much access as a senior manager just because they’ve had all these roles and we’ve never taken away access we just always give them access, they need that they there’s.

00:29:01.020 –> 00:29:13.770
Bill Sutton: yeah it’s the whole employee lifecycle piece that that that you get involved in their onboarding and then as they’re moved around they it’s more additive it’s not it doesn’t really address what is really needed it’s just added.

00:29:18.960 –> 00:29:19.710
Andy Whiteside: So how do we.

00:29:21.210 –> 00:29:22.200
Andy Whiteside: How do we fix this.

00:29:25.380 –> 00:29:26.820
Andy Whiteside: How do we fix this in such a way.

00:29:27.900 –> 00:29:37.320
Andy Whiteside: That people still get their job done, knowing that we might have to take time on the front end to figure out what it is they’re accessing appropriately.

00:29:40.800 –> 00:29:55.110
Ben Rogers: Well, I think I think one with your identity your authorization identity you gotta be organized and you gotta have you know, like one of the things always tried to do is I tried to have job roles associated with active directory groups azure active directory group so that.

00:29:55.530 –> 00:30:00.270
Ben Rogers: I wasn’t dealing with roles individual level, I was dealing with roles at group level.

00:30:00.780 –> 00:30:08.160
Ben Rogers: And then the one thing that I I would probably continue to struggle with now is making sure that when employees have changed.

00:30:08.700 –> 00:30:21.540
Ben Rogers: You know when they’re moved from one role to another that there’s a way to kind of inventory, what do they need to have and what needs to be taken away if there’s a solution for that man, you probably got lightning in a bottle their marketing.

00:30:24.570 –> 00:30:27.450
Andy Whiteside: Well, I will chime in on that solution.

00:30:29.010 –> 00:30:35.940
Andy Whiteside: I think we have the tools with analytics assuming that we do what everybody should be doing, which is moving our.

00:30:36.390 –> 00:30:43.950
Andy Whiteside: front end of our digital transformation which by the way, never ends always evolving if we move that into a workspace where we can start to capture the analytics.

00:30:44.310 –> 00:30:54.900
Andy Whiteside: We have a fighting chance of understanding what people really need to have access to based on what they’re currently accessing and we have artificial intelligence to tell us when they are misusing that access.

00:30:55.650 –> 00:31:04.020
Ben Rogers: So let’s talk let’s talk about that, because now you’ve got me thinking you so let’s say let’s take the example of let’s say the front desk person, all of a sudden gets a manager.

00:31:05.130 –> 00:31:13.080
Ben Rogers: And we want to clip her from some of the front desk tasks, because they won’t need those anymore, and we now need to add the management tasks.

00:31:13.530 –> 00:31:26.130
Ben Rogers: i’m assuming that in analytics I could say if this group uses these applications, let me know and then that might be a way of catching it, I mean is that what you’re thinking.

00:31:27.840 –> 00:31:37.320
Andy Whiteside: here’s what i’m thinking, if you can philosophically come up with the logic on what you need to know to make it better through analytics you have a chance to get it done.

00:31:38.040 –> 00:31:45.870
Ben Rogers: I agree with that, because you could like in that example there, you could say if a manager uses a bass APP notifies.

00:31:46.500 –> 00:32:00.630
Ben Rogers: Because that shouldn’t be the case, and that means that something has slipped they should have they should have been rendered access to that APP when he assumed the management role, so I definitely could see doing something like that I don’t know you’ve got me thinking their.

00:32:03.090 –> 00:32:03.420
Andy Whiteside: bill.

00:32:04.230 –> 00:32:10.830
Bill Sutton: yeah I mean, I think there are specific tools for this and you know, to try to mitigate the the ability of someone to use.

00:32:11.280 –> 00:32:20.730
Bill Sutton: ben’s example of that is it moves into a management role from still having access to their older they’re older account credentials are not credentials, but they’re old they’re older permissions.

00:32:21.930 –> 00:32:29.880
Bill Sutton: I don’t you know that there’s a number of multiple ways to solve this but it looks like according to the article, there are tools for this that that are from third parties that can help address it.

00:32:30.090 –> 00:32:37.260
Bill Sutton: When I first saw this category, I immediately was thinking of elevated access management that we do sometimes within environments where we can.

00:32:37.470 –> 00:32:45.240
Bill Sutton: allow a certain user to have rights elevation to install an APP and then it’s done it’s brought day on after the APP that’s not what they’re referring to here, though obviously.

00:32:46.080 –> 00:32:46.410

00:32:49.680 –> 00:32:54.330
Andy Whiteside: yeah i’m looking at this article I probably should have looked at more brilliant student before we started here and.

00:32:54.660 –> 00:33:05.280
Andy Whiteside: we’re not going to get through all this and I don’t want to rush me this is way too good stuff so we’re going to add a part two, to this will get through a couple more sections and then we’ll pause for this time they’ll be this will be a two parter.

00:33:07.380 –> 00:33:07.740
Ben Rogers: Right.

00:33:08.610 –> 00:33:13.650
Andy Whiteside: yeah so let me play devil’s advocate on this and just be the.

00:33:15.630 –> 00:33:18.990
Andy Whiteside: just be the hardcore IT security guy here.

00:33:20.040 –> 00:33:30.780
Andy Whiteside: I don’t want to trust, but verify, I just want to go back to the old days of not trusting and if you need it, then you have to request it, and tell me why you need it, am I.

00:33:31.890 –> 00:33:40.470
Andy Whiteside: Or is that just too popular three that way these days or am I just go slow down progress and my slowing down progress to do them.

00:33:40.710 –> 00:33:50.820
Ben Rogers: I think, things are moving too fast and i’ll think the younger like it used to be, when you used to be acceptable to be on boarded two weeks after you join an organization.

00:33:51.270 –> 00:34:07.620
Ben Rogers: I don’t think we’ll dig that anymore, they expect they one how am I log in ready me my Apps, let me start running day once, so I think people’s temperament has gotten shorter where they expect it to be done, faster and, if not it’s just an excuse not a problem right.

00:34:08.340 –> 00:34:12.060
Andy Whiteside: And then the becomes excuse why you didn’t do your job right and all of a sudden you’re full of excuses.

00:34:12.390 –> 00:34:24.240
Ben Rogers: Right exactly yeah Come on, I am I saying that correctly, I could be being hard about that myself, but I, I think that, like I look at my nephew may works for chase bay.

00:34:24.810 –> 00:34:41.490
Ben Rogers: A man he bolted, then he does not want to wait if he’s got new toys that have been new applications are coming down the pipe he wants access it right, then, if not he wonders what’s going on, so I know his temperament short I just stick up for rata society man.

00:34:43.980 –> 00:34:50.040
Andy Whiteside: yeah I don’t know if i’ve used this example with you guys on use it with someone else last week, I had a lawyer that worked with when I work with a small business that.

00:34:50.850 –> 00:34:56.100
Andy Whiteside: You know kind of got mad at me because his computer was full of garbage and junk and he said, who did this i’m like you did.

00:34:56.310 –> 00:34:56.610

00:34:58.740 –> 00:35:05.670
Andy Whiteside: you’re the one that you didn’t read this one APP was going to start 18 other Apps you just wanted that APP right now so bad yeah you hit the.

00:35:05.730 –> 00:35:07.140
Ben Rogers: I say okay okay okay.

00:35:07.650 –> 00:35:08.010

00:35:09.300 –> 00:35:11.730
Andy Whiteside: that’s a lawyer right no better.

00:35:12.750 –> 00:35:13.230
Andy Whiteside: All right.

00:35:14.250 –> 00:35:25.230
Andy Whiteside: let’s talk about this one patching Okay, let me make a statement here, so I am a huge citrix fan, and I think citrix as a platform brings a lot of things into the mix.

00:35:26.430 –> 00:35:36.240
Andy Whiteside: I think, as a company, you have to buy into a platform or two that kind of sets the direction, but then there’s other things that you add to that platform to round out the edges.

00:35:37.200 –> 00:35:48.930
Andy Whiteside: we’re gonna talk about patching now then i’ll let you answer how citrix is a patching solution or where it plays in the patching world and then we’ll then we’ll then i’ll round out the edge on this one.

00:35:49.470 –> 00:36:02.160
Ben Rogers: So for me, this is why I bought citrix To begin with, I mean when you came and saw me and Caroline neurosurgery 15 years ago the problem I had was I had an aging fat client environment that I needed to upgrade.

00:36:02.850 –> 00:36:15.540
Ben Rogers: And my thought was we would go out by piece teams, we could continue to patch them and you asked, and it was like Why would you want to continue working on 500 plus machines, when you could scale that down to 50.

00:36:16.080 –> 00:36:26.430
Ben Rogers: yeah I was like What do you mean and it’s all about this image portability this image management that we have so with citrix we have an image gold image and we make.

00:36:26.670 –> 00:36:37.530
Ben Rogers: A template from that and we use that template in our environment and now guess what hundred and 52 how many ever users, you need to have access to that you need to update that you come back.

00:36:37.920 –> 00:36:49.080
Ben Rogers: You update that image and guess what now 500 users have it, you don’t have to worry about patching endpoints and the complexity of that remote workstations you don’t even see most of the time.

00:36:49.350 –> 00:36:55.020
Ben Rogers: You can just get out of the business of endpoint patching all together with a citrix solution right.

00:36:55.860 –> 00:36:58.680
Andy Whiteside: And I want to take that one step further in a second but bill good.

00:37:00.960 –> 00:37:11.070
Bill Sutton: Like the easiest way for me to respond with say ditto, but I think you know Ben hit it right on the hand The other thing about it is obviously the ability to do a one to many type of relationship.

00:37:11.580 –> 00:37:18.210
Bill Sutton: where you can patch the the master image it also applies to the applications as well, not just the os.

00:37:19.230 –> 00:37:25.470
Bill Sutton: Obviously you know our ability to deliver applications from one image, or you know, maybe two images in a large organization or more.

00:37:26.340 –> 00:37:34.440
Bill Sutton: that’s one place, we have to update those Apps we’re not having to worry about pushing them out to endpoints and those endpoints have enough os that can be patched or can be updated.

00:37:35.370 –> 00:37:44.490
Bill Sutton: You know, really gives you the the advantage of being able to manage it in a single place in a controlled way where you can do testing and and you know testing and.

00:37:44.850 –> 00:37:51.420
Bill Sutton: validation of any of the updates before they get pushed up to 300 machines and then you find out there’s a patch that breaks something.

00:37:52.620 –> 00:38:01.350
Andy Whiteside: And will steal the citrix virtual APP and desktop topic for a minute, what was the what was the tool that came along that made it a no brainer to be able to have that single image management.

00:38:02.220 –> 00:38:04.830
Bill Sutton: And the original tool was provisioning services so.

00:38:05.400 –> 00:38:09.570
Andy Whiteside: that’s it right when we got PDS that madness went away.

00:38:09.780 –> 00:38:10.230
Bill Sutton: yeah but.

00:38:10.350 –> 00:38:17.310
Bill Sutton: Before PBS we were doing this, perhaps and scripts and things to you know, to get them ready and get them or clothing or calling with.

00:38:18.030 –> 00:38:28.500
Bill Sutton: With you know automatic updates or what have you, it was a real bear I can remember doing in a healthcare organization plates spinning 50 servers every quarter just to make sure they were all the same.

00:38:28.800 –> 00:38:29.250
Bill Sutton: So, but.

00:38:29.490 –> 00:38:36.990
Andy Whiteside: But I wanna I want to challenge that a little bit so if i’m an organization i’ve got 1000 vdi users they’re all have a single image or two that’s great.

00:38:37.500 –> 00:38:48.570
Andy Whiteside: But what if I had 1000 users and they all had a persistence one to one image, but those all all those images are in the data Center whack and see and I can know what’s going on with them.

00:38:48.990 –> 00:38:58.950
Andy Whiteside: that’s that’s still a win that a lot of people look straight over whenever they start talking about going to go into vdi or some type of virtual APP and desktop model.

00:38:59.310 –> 00:39:08.460
Andy Whiteside: just getting those things centralized and backed up and knowing that they’re passing their got to where you put your hands on them that’s better than what you have if you got a bunch of PCs and laptops running around.

00:39:08.790 –> 00:39:18.180
Bill Sutton: don’t disagree, I mean the challenge with that, obviously, is you’re consuming a lot more storage you’ve got to manage each one of those individually using some sort of patching tool but to your point.

00:39:18.690 –> 00:39:24.060
Bill Sutton: Particularly from a security perspective and a uniformity perspective they’re all in the data Center yeah.

00:39:25.590 –> 00:39:30.060
Andy Whiteside: I can count my chickens, at the end of every day and I tell you I lost it that day or not yeah.

00:39:30.330 –> 00:39:40.740
Ben Rogers: So let’s take let’s take this a step further, and I know some of this is coming out later in the year, but you know we were talking about image management, but then we also have to talk about image portability.

00:39:41.700 –> 00:39:47.220
Ben Rogers: Things that customer or struggle with when they say okay i’ve got to get the cloud.

00:39:47.700 –> 00:39:55.290
Ben Rogers: Is they don’t have time to rebuild their environment, they need to take their environment they’re running in a day get out the cloud.

00:39:55.590 –> 00:40:01.620
Ben Rogers: Man our image portability this coming down the pipes going to make that much easier and some people go What do you mean with image portability.

00:40:02.040 –> 00:40:09.180
Ben Rogers: You could be running on an old Prem vmware system and now you’ve got to get that out to azure and that’s going to have different specs on the beach.

00:40:10.080 –> 00:40:12.330
Ben Rogers: we’re going to be able to help you with that we’re going to be able to make those.

00:40:12.810 –> 00:40:18.030
Ben Rogers: Software hardware changes, you know there’s salt hardware devices that are in that vm.

00:40:18.390 –> 00:40:25.380
Ben Rogers: we’re going to be able to help you out with that, where you can take your on Prem images and get them out to a public cloud environment.

00:40:25.680 –> 00:40:36.060
Ben Rogers: called an image portability, but I think that goes into play with patching how easy, is it to get your information from one point to another and maintain it once it’s there no.

00:40:37.770 –> 00:40:46.680
Andy Whiteside: Yes, starting with the idea that, if we get these things into workspaces and clouds we can get analytics but I particularly use the word clouds not cloud.

00:40:47.640 –> 00:41:04.680
Andy Whiteside: Because a lot of stuff falls apart, if you don’t have the ability to take it with you into multiple clouds clouds can be your data Center to be integrity data Center it could be, as your aws G CP IBM, you name it that image portability story just gets better and better.

00:41:08.010 –> 00:41:19.920
Andy Whiteside: Alright, so the citrix technologies that apply citrix virtual APP and desktop bill, how does citrix adc What does all people call application delivery controller or Netscape or How does that play into this patching story.

00:41:21.570 –> 00:41:30.210
Bill Sutton: Well, you know it enables the access to the virtual desktops for one you know you still have to patch the ABC itself.

00:41:30.690 –> 00:41:43.680
Bill Sutton: But you know the the fact that you’re you can leverage ABC to scan the endpoint to determine whether it’s appropriately patched up to determine whether or not it’s got the right er or FDR FDR on it and running.

00:41:44.040 –> 00:41:52.260
Bill Sutton: that’s those are definitely some of the advantages that the ABC brings to bear for this and you can actually, as we know, you can leverage the adc to say Okay, do you have the.

00:41:52.590 –> 00:42:00.720
Bill Sutton: correct version of your your you know ADR product running at the right, the right level, and if you do, you get full access, if you don’t.

00:42:01.530 –> 00:42:04.230
Bill Sutton: get access, but only to a single APP and you can’t do anything but.

00:42:04.290 –> 00:42:08.610
Bill Sutton: But access the APP you can print, you can copy your paste you can’t do any of those things.

00:42:10.020 –> 00:42:13.620
Andy Whiteside: So I hope i’m getting ready to throw both you guys for a loop when I asked this question.

00:42:14.970 –> 00:42:15.570
Andy Whiteside: When.

00:42:16.830 –> 00:42:22.890
Andy Whiteside: If I do that outside the citrix ecosystem, in other words, not the platform of choice for granting this access.

00:42:24.450 –> 00:42:36.630
Andy Whiteside: Am I going to have to install maybe something else on that endpoint in order to go looking around for that in point detection information if I use a third party and not the citrix platform that i’ve been harping on so far.

00:42:38.220 –> 00:42:51.480
Andy Whiteside: And there was a really bad way to ask this question what i’m trying to get at is if i’ve got to have the citrix workspace APP on to access the stuff anyway embedding some of that capabilities into software in the workspace APP is a win, win.

00:42:54.210 –> 00:43:07.320
Ben Rogers: Well, I would agree with that, I mean you would the workspace APP could do both your endpoint analysis and your application access, so you can have it all that I have multiple agents running on the endpoint you know.

00:43:08.250 –> 00:43:17.010
Andy Whiteside: What i’m getting at there is even back in the days when I was consulting you know all the time, I used to have to push out this little implant analysis agent thing on there.

00:43:17.430 –> 00:43:26.010
Andy Whiteside: Now, which is buried into the workspace APP and what’s already on there is on there when I meet with people who have all kinds of like Okay, what do you put on your end point I just put citrix on it.

00:43:26.400 –> 00:43:30.630
Andy Whiteside: Okay, well, why is it got 18 things install Oh, these are all the agents to make all of the things work.

00:43:30.930 –> 00:43:40.920
Andy Whiteside: that’s the whole idea of the citrix platform stuff we’re talking about here is all the sudden I can collapse things into one trusted platform and add fewer things on top of it that’s a win.

00:43:41.520 –> 00:43:43.200
Bill Sutton: Exactly yeah it is.

00:43:43.620 –> 00:43:47.700
Andy Whiteside: We had this conversation with someone I was actually really excited one of my leaders in the company.

00:43:48.420 –> 00:43:56.220
Andy Whiteside: started like when I started talking about just using Microsoft edge and not Google chrome because the chromium engines inside edge.

00:43:56.610 –> 00:44:03.000
Andy Whiteside: And that would mean we have less applications install I saw them shaking their head going well that’s probably a good thing it’s like yeah.

00:44:03.420 –> 00:44:11.310
Andy Whiteside: it’s probably good thing if it works if it doesn’t work we got to put chrome on there, but the idea that less is more applies to a lot of things in life.

00:44:14.160 –> 00:44:26.040
Andy Whiteside: Alright guys, we got just a few more minutes, and then we all have other things to do let’s get one more topic here and it’s an interesting one in the world of citrix backups so, how does backups help me handle risk men.

00:44:27.210 –> 00:44:36.300
Ben Rogers: Oh well, I mean man, you could you could say what’s some of what it’s just a continuation were just talking about you’ve got your images and multiple locations so let’s say you’ve got.

00:44:36.630 –> 00:44:44.100
Ben Rogers: A data Center and you’ve got a set of images there and you’ve got a backup the ability and you’ve got a mirror copy of those images because you’ve been able to do it through.

00:44:44.430 –> 00:44:57.960
Ben Rogers: You know PBS or mcs or or other technologies, I mean you’ve got you’ve got in some cases, you can have an active active or an active passive I mean you really can get into a Dr BC.

00:44:58.260 –> 00:45:04.050
Ben Rogers: P scenario that’s very easy to spin up because you’re leveraging the image, the image.

00:45:04.740 –> 00:45:11.670
Ben Rogers: portability of citrix so from a macro perspective, you can have backups of your images in an offsite facility.

00:45:12.000 –> 00:45:27.870
Ben Rogers: You can have a backup citrix environment in a colo facility or you could have with at CS and gsb to active citrix environments both cheering loads that one could go down the other one to take the load, so I mean.

00:45:28.170 –> 00:45:42.510
Ben Rogers: As far as backups and air gabbing it’s all possible with citrix man, we can we can do it so many different ways, how far do you want to take it usually a lot of resolve back to what we were talking about before the money, what do you have to spend on it.

00:45:44.340 –> 00:46:02.700
Andy Whiteside: So bill there’s two products listed here to solve help solve this from a citrix perspective citrix virtual APP and desktop and citrix adc you’ve been doing this stuff 30 years ish what was the biggest game changer in being able to backup your your machines in that 30 years.

00:46:05.220 –> 00:46:08.520
Bill Sutton: it’s a game changer to backup your machines.

00:46:11.280 –> 00:46:16.950
Bill Sutton: Well, I think you know, obviously the the whole concept of a single image i’m not sure where you’re going here but.

00:46:17.700 –> 00:46:19.500
Andy Whiteside: You saw the concept of a single image.

00:46:19.530 –> 00:46:21.900
Bill Sutton: You know that you have to back up is a big part of it.

00:46:24.180 –> 00:46:24.480
Bill Sutton: yeah.

00:46:27.810 –> 00:46:28.230
Bill Sutton: Oh yeah.

00:46:29.100 –> 00:46:32.910
Andy Whiteside: The interested in having on here and that’s because you know damon all love.

00:46:33.720 –> 00:46:46.260
Andy Whiteside: When we got to the world of hypervisor and you can take a snapshot before you did that upgrade or you could take a snapshot every week to get that stuff back, I mean this other stuff great let me in the hypervisor whether it’s citrix hypervisor or your hypervisor of choice.

00:46:47.520 –> 00:46:59.100
Andy Whiteside: Huge game changer in the world of backup and I just noticed that that one’s not on here listen as a technology if if you’re not using a hypervisor these days you’re missing this backup one which is a no brainer.

00:46:59.400 –> 00:47:08.550
Bill Sutton: yeah I mean the concept, the air gap that I, I can name I can count on probably one hand, or maybe both hands, the number of times i’ve been i’ve been involved in a.

00:47:08.790 –> 00:47:12.810
Bill Sutton: ransomware attack, where the only environment that was functioning was the citrix environment.

00:47:13.590 –> 00:47:27.300
Bill Sutton: It had locked back in databases that it didn’t it didn’t stop it encrypted the exchange data store, I mean, some of them are really bad, but the citrix environment, maybe they got an image or two depending on how the customer, maybe they had a couple of static images, but.

00:47:28.530 –> 00:47:32.280
Bill Sutton: I have encountered that and I think what they’re getting out here, partly is.

00:47:32.880 –> 00:47:39.720
Bill Sutton: Air gapped and encrypted backups keep them off site somewhere else that’s not directly IP connected to your network, or at least it’s.

00:47:40.020 –> 00:47:50.370
Bill Sutton: it’s isolated, so that a ransomware attack gets in there, it can’t get to those backups i’ve had to rebuild citrix environments where they did get to the backups so.

00:47:51.900 –> 00:47:58.440
Andy Whiteside: yeah and in my heart common the highest one hypervisor one up but yeah absolutely the architecture this stuff by default brings into the equation.

00:47:58.620 –> 00:48:08.700
Andy Whiteside: And we look to build a citrix environment you’re talking about did not get impacted by ransomware they weren’t built to prevent ransomware they were just building the right way, which happened to prevent ransomware.

00:48:08.970 –> 00:48:10.950
Ben Rogers: Correct so we’re here to the product.

00:48:11.340 –> 00:48:11.760
Bill Sutton: It is.

00:48:12.150 –> 00:48:14.670
Andy Whiteside: In the architecture of it yeah and.

00:48:14.880 –> 00:48:23.370
Ben Rogers: And people laugh when we say that, but it truly is I mean we don’t like the thing that we always talk about cities, compared to the vpn vpn.

00:48:23.850 –> 00:48:33.240
Ben Rogers: Shooting a bullet hole through your network, so that now I in my machine X access that network yeah there’s a sales and all that, but it, how many.

00:48:33.840 –> 00:48:43.710
Ben Rogers: administrators are up on their acl or a citrix is just made a window we’re not allowing you to get into that environment we’re presenting that environment to you, virtually.

00:48:44.040 –> 00:48:51.390
Ben Rogers: The window to allow you to have access to it, you don’t really you’re never really physically audit, like you, are with a vpn yeah.

00:48:51.630 –> 00:48:53.970
Andy Whiteside: You never took control of it you’re just a.

00:48:55.110 –> 00:48:56.490
Andy Whiteside: subscriber of it, for the moment.

00:48:56.940 –> 00:48:59.970
Andy Whiteside: Exactly in a in a.

00:49:02.460 –> 00:49:08.580
Andy Whiteside: situation where you’re getting presentation layer information I was at a conference last week and they kept using the word that when you do virtual desktop you’re streaming it.

00:49:08.940 –> 00:49:15.210
Andy Whiteside: Microsoft was using the word streaming I just want to run up on stage you’re not streaming it you’re presenting it, but I figured they wouldn’t appreciate that.

00:49:17.190 –> 00:49:25.860
Andy Whiteside: Well guys, I will let’s wrap on this one on backup will pick it up again, maybe later this week i’ll try to find a time that works for both you guys i’ll talk about here in a second hey before.

00:49:26.160 –> 00:49:33.570
Andy Whiteside: let’s let’s talk about this will be been you’re going to be moving on from citrix on to a new technology that we’re going to work another company right you’re going to love details my whole point in.

00:49:33.810 –> 00:49:38.370
Andy Whiteside: and bring this up, is that, thank you for jumping on these and we’ll See you in a different podcast down the road but.

00:49:38.640 –> 00:49:49.710
Andy Whiteside: When citrix asked me about who do we want to fill in for being on the citrix podcasts I had one requirement and that one requirement is to have real world, knowledge and I want to thank you for bringing real world knowledge to the podcast.

00:49:50.430 –> 00:49:52.650
Bill Sutton: yeah double down on that.

00:49:54.630 –> 00:50:03.090
Ben Rogers: me and bill, I appreciate you having me on in the podcast, I am sorry to say, yeah this will be my last podcast is a citrix employee.

00:50:03.780 –> 00:50:15.720
Ben Rogers: I am often new ventures that I can’t talk about publicly, but maybe I will be a member of another podcast technology that you employ Andy so uh I might not be a stranger to you guys.

00:50:15.780 –> 00:50:18.210
Bill Sutton: After all, for so little teaser going on there.

00:50:19.920 –> 00:50:27.570
Andy Whiteside: will be no i’ll ask this question have you real quick you’re not leaving citrix because you don’t believe in what they do and where you’re just expanding your horizons.

00:50:28.170 –> 00:50:36.600
Andy Whiteside: People are talking to you all the time about you know what’s going on citrix are you done with such i’m like are you kidding me that the technology is more applicable than ever we just got through talking about all that.

00:50:37.200 –> 00:50:40.890
Andy Whiteside: But more applicable than ever, you know, this is just business stuff that’s going on.

00:50:41.490 –> 00:50:50.370
Ben Rogers: No, I mean I think citrix is going to be stronger than ever, I mean one thing that sits within citrix as walls it’s happening is they’re concentrating on what they do best.

00:50:50.700 –> 00:51:01.470
Ben Rogers: They want to be able to deliver virtualized application virtualized desktops when I got the citrix I didn’t realize how wide and deep citrix was especially with the.

00:51:01.890 –> 00:51:15.720
Ben Rogers: adc I had a busy season my environment, but I just thought it was a fancy way of managing ICA and I didn’t realize the scope of the you know the Swiss army knife that those boxes have, and then you got the whole right so.

00:51:16.020 –> 00:51:20.940
Ben Rogers: citrix is a great company, I have a lot of admiration for the company i’ll still support the company.

00:51:21.210 –> 00:51:30.720
Ben Rogers: This has nothing to do with the company, this is just an opportunity that puts me back in Charlotte, which is where I wanted to be they moved me to upstate New York and i’m you know was fine with that, but.

00:51:31.050 –> 00:51:38.550
Ben Rogers: it’s always good to be back home in your backyard, where you know people and you’ve got contacts, and that was a big reason for my move and to your point.

00:51:39.030 –> 00:51:44.130
Ben Rogers: My past allows me to talk about databases and data Center infrastructure.

00:51:44.550 –> 00:51:52.860
Ben Rogers: And I was not able to complete that story of citrix so i’m looking forward to being able to expand my storytelling and my experience so.

00:51:53.220 –> 00:52:00.480
Ben Rogers: Definitely appreciate the opportunity Andy and bill it’s been a wonderful pleasure to all the listeners and he’s a big great i’ve learned a ton.

00:52:00.810 –> 00:52:08.970
Ben Rogers: Of appreciated people that have reached out to me through linkedin and like I said, hopefully i’ll be back in some capacity here in the near future yeah.

00:52:09.480 –> 00:52:10.290
Andy Whiteside: i’ve been Thank you.

00:52:10.830 –> 00:52:12.420
Andy Whiteside: Thank you bill, thank you, as always, and.

00:52:13.440 –> 00:52:17.490
Andy Whiteside: i’ll try to find a time we’ll finish this one, this week, while we still got been on the hook.

00:52:17.880 –> 00:52:18.720
Ben Rogers: Right yeah be cool.

00:52:19.530 –> 00:52:20.850
Andy Whiteside: Alright guys well thanks have a good day.