Citrix Access Gateway consolidation

The Citrix Access Gateway team is pleased to announce changes being made to simplify the product line and sales process. On September 17, 2012 the following changes were announced:

Products Discontinued

  • Access Gateway VPX (non-NetScaler code)
  • Access Gateway 2010
  • Access Gateway software editions 4.x and 5.x
  • Extended warranty option for Access Gateway MPX 5500

Name Change

  • Access Gateway MPX (formerly Access Gateway 5500)

New! Citrix Access Gateway VPX

Citrix has announced the new Access Gateway VPX virtual appliance based on NetScaler to replace the discontinued Access Gateway VPX.

Read more here.

Citrix Access Gateway Release (blog)

Citrix Access Gateway (based on the NetScaler platform) provides the best secure application access for Citrix XenApp and Citrix XenDesktop virtual desktops and applications. It is also the remote access component of Citrix CloudGateway, which offers secure delivery of Web, SaaS and iOS apps, along with ShareFile data. With all the prowess of the proven NetScaler platform, comes a standard tradeoff of simplicity vs. power. With all the features and control that an Access Gateway offers, it can be intimidating for some of us. At Citrix, we take the end user experience very seriously, and want to make sure that you get the job done, with the least effort possible, without compromising on the capabilities that our products can offer! With this vision, in our (just released) Z3 release, we have created a new Simplified Configuration Wizard in Access Gateway. This Remote Access wizard is meant to assist our most common use cases – Remote Access to Published Apps & Desktops, as well as CloudGateway. On the new Access Gateways (or NetScalers), based on release, you will be able to access this wizard, in the following ways:

  1. On an appliance, licensed as purely an Access Gateway (does not provide any additional NS service), you will see a new Access Gateway Home Tab, next to the Dashboard Tab. Clicking on this Home tab will take you to the new AGEE home page, which shows basic monitoring information, specific to Access Gateway. More importantly, in the top right corner, you will see a link called ‘Create New Access Gateway’. Clicking this link launches the new Remote Access Wizard.
  2. On NetScaler appliances / VPX, you will be able to reach the same Access Gateway Home page by clicking the Access Gateway Configuration summary node. Exact Location: Configuration -> Access Gateway -> Getting Started -> Create/Monitor Access Gateway. This will take you to the same Access Gateway Home page as described above. Once there, you will see a link called ‘Create New Access Gateway’. Clicking this link launches the new Remote Access Wizard.

This wizard is split into following configuration blocks:

  • Access Gateway Settings
  • Authentication
  • Certificate
  • DNS
  • Remote Access configuration for Web Interface / CloudGateway

Running this wizard automatically creates for you, various policies (authentication, session, …), and binds them to an AG vServer.   Lets take a look at the various policies created:

Continue reading more of this article here at the Citrix blogs.

Security vulnerabilities in Citrix Access Gateway standard edition

Three security vulnerabilities have been identified in Access Gateway Standard Edition:

    • Directory traversal in Access Gateway Standard Edition 5.0.x prior to version 5.0.4 (critical severity)

    • Access Gateway Standard Edition 5.0.x can act as an open proxy (high severity)

    • Text content injection in Access Gateway Standard Edition 5.0.3 and 5.0.4 (low severity)

Access Gateway Standard Edition versions 4.5.x and 4.6.x and currently supported versions of NetScaler Access Gateway Enterprise Edition are not affected by these vulnerabilities.

What Customers Should Do

A patch for version 5.0.4 of the Access Gateway Standard Edition firmware has been released to address these vulnerabilities. Citrix strongly recommends that all customers using affected versions of Access Gateway Standard Edition apply this patch to their appliances as soon as possible. This patch can be found at the following location:

What Citrix Is Doing

Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at

Obtaining Support on This Issue

If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at

Reporting Security Vulnerabilities to Citrix

Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. If you would like to report a security issue to Citrix, please compose an e-mail to stating the exact version of the product in which the vulnerability was found and the steps needed to reproduce the vulnerability.

Read the original KB article here.