Single Sign-On is fast becoming the norm due to consumption of services like ShareFile & Office 365.
Personally, I think Single Sign-On is currently the coolest NetScaler feature; I like the idea of federated authentication and the end of having so many accounts and passwords.
Additionally, you can federate in to your hosted services without needing to manage user accounts, giving your customer the option of sustaining their control over user identities and access control – this can be very appealing to some customers.
SAML, as one example, is essentially a software smartcard certificate authentication method and it requires PKI certificate services to operate. The good news is; it’s very easy to deploy.
NetScaler, acting as a reverse proxy (or TMG replacement), can provide users with flexible authentication ability using a variety of methods, including Username/Password, smart cards, OTP Tokens, Multi-Factor Authentication capabilities of MFA Server in Azure or OpenIDOAuth using public accounts (like Google/Facebook/LinkedIn, etc.).
XenApp and XenDesktop now fully support federated authentication and this opens up the opportunity to provide a bring-your-own-identity mobility service that can massively reduce the complexity associated with integrating with customers directory services and the on-boarding of their users.
Incidentally, Single Sign-On is also supported with ShareFile and XenMobile, so if you were considering a premium mobility platform using Citrix Workspace Suite licensing, NetScaler can help you federate all of the products, along with Office 365 and many more!
PS - I told you this was a cool feature!
The next blog covers Content Switching that has some excellent potential use-cases…
By Darren Bennett, Partner Enablement Specialist (Citrix), rhipe