Citrix Aims to Secure the Enterprise


By: R. Scott Raynovich

SANTA CLARA, Calif. - Citrix spent two days this week briefing analysts here at its Silicon Valley headquarters. Company executives detailed product plans and roadmaps for a variety of Citrix virtualization technologies that appear to be converging into a centralized platform designed to manage security, networking, and control of applications.

One of the things that jumped out at me is that Citrix is now well positioned to integrate several key technologies -- virtualization, networking, and security -- that need to be enhanced as enterprises move to a complicated, multi-cloud and hybrid cloud world. This is also setting up for a head-on battle with VMware, probably the closest competitor to Citrix, which is also bidding to become the primary IT shop to manage many aspects of the evolving virtualized information technology (IT).

As the slide below shows, Citrix executives talked about the approach as helping IT managers to wrangle the various silos of technology, which are becoming more complicated with the proliferation of cloud. Citrix, in short, is looking to become a meta-management company -- using virtualization to manage the virtualization.

Citrix Silos

Here's a wrap of some of the key things that I saw:

Workspace and Enterprise Security

Citrix Workspace is an interesting concept that combines productivity and security for the enterprise client. Imagine a more sophisticated version of virtual desktop infrastructure (VDI), in which Citrix was a pioneer, which serves up and integrates cloud applications. It's hard to explain without a demo -- which you can check out here -- but the idea is to control all aspects of a worker's application environment for both security and performance reasons, while at the same time giving them tools for increasing productivity.

Workspace creates a sort of virtualization layer of all a worker's business apps, including desktop-, cloud-, and browser-based apps, and then serves them up in a sort of meta-app dashboard. This includes integrated AI-aided productivity tools that can surface specific tasks from specific applications without requiring the user to open up or dig into an individual app. It fits with one of the themes of the Citrix presentations, which is that users today are too distracted and spend too much time "looking for things" on their desktop. Citrix does this by providing integration with popular apps such as Office365, Workday, and SalesForce and integrating the apps with the Workspace interface.

From the CxO and CISO's perspective, however, the biggest advantage of Workspace is that it provides centralized control of the applications and security. For example, the code from a software app or a Web browser can be isolated in a sandbox-style virtualization environment that improves security.

As Citrix Chief Technology Officer Christian Reilly pointed out, more control is needed over applications in order to provide full security. "Self-securing environments are foundational to a zero-trust [security] model." This includes using "continuous authentication," which Citrix is implementing in its framework and which has a goal of securing the entire work environment from the network to the desktop.

SD-WAN Integration

Many research firms and analysts put Citrix in "catch-up" mode in the red-hot software-defined wide-area networking (SD-WAN) environment, but the company is open about this while being clear that at the same time it's focused on making a big push in the SD-WAN market. At the same time, SD-WAN dovetails with some of its other efforts, including Workspace. One of its advantages is that Citrix has a strong foothold in the networking and cloud infrastructure community with its popular Application Delivery Controller (ADC) product, previous known as Netscaler, which now comes in many flavors, including virtualized hosted versions built on microservices.

There were two takeaways here for me in the the SD-WAN department. The first is that Citrix has significant cloud infrastructure and other products it can use to sell SD-WAN as an integrated security and applications experience story. For example, executives explained how SD-WAN can be coupled with Workspace to speed up application performance and provide integrated security in a hosted cloud environment.

“The real true value of SD-WAN has come to delivering workspace to branch office users," said Chalan Aras, VP of Citrix SD-WAN. "SD-WAN is a new weapon to uplift employee experience."

Second, Citrix can scale its cloud points of presence (PoP) by providing enhanced integration with cloud apps such as Office365 and Azure -- as well as other cloud platforms -- through a program known as Cloud Direct. Citrix also signaled that it plans to rapidly expand its SD-WAN cloud gateways, which now number 10, which will result in providing Citrix's own middle-mile SD-WAN cloud network.

Multi-Cloud and Hybrid Cloud Networking

If you want your head to explode, you can start talking to CTOs and CxOs about multi-cloud platforms. It's early days, but the discussion in cloud is now shifting to how to manage multiple workloads and applications running in multiple clouds, whether that's multiple public clouds (multi-cloud), or a combination of private and public clouds (hybrid cloud).

Mihir Maniar, Vice President, Products, with Citrix, presented a brain-busting view of how Citrix is exploring architectures for multi-cloud and hybrid cloud. He said a new category of IT management is emerging called the "Platform Team" that is charged with deciding how applications are running in different clouds. This is causing companies to choose among differing architectures such as "service-mesh lite" and "full service mesh," in which they use a variety of tools such as Istio and Kubernetes to manage cloud connectivity. But it gets extremely complex when you try to secure and provide connectivity to multiple clouds.

Citrix's weapons in this area include its lesser-known product called ADM (Applications Delivery Management), which is a software-defined controller that manages application loads and networking using its ADC product, as well as its SD-WAN product. If Citrix does a good job of integrating these products, it will not only reinforce its SD-WAN story but also connect it to the multi-cloud networking evolution.

Jeroen van Rotterdam, SVP Engineering for Citrix, told me that the key to providing multi-cloud security and connectivity will involve managing many pieces of the puzzle using a centralized security policy -- with the "Zero Trust" approach -- and then having the capability to propagate this over several environments, including the cloud, network, and application domain. Van Rotterdam said the Citrix approach will involve integration of SD-WAN with its Workspace approach so that IT and security professionals can have centralized management control of security policies across an enterprise. In the multi-cloud world that will include linkages between SD-WAN and cloud PoPs using ADC.

All of this isn't bad for Citrix, because security comes up repeatedly at the top of the list in Futuriom surveys of the features and benefits users are looking for from SD-WAN products (see below).

Sd Wan Security Drivers

Overall, Citrix presented a compelling vision of what's going to be needed to give IT management more centralized control and visibility over complicated multiple domains, including cloud. This could become increasingly powerful as many IT domains such as networking, security, and applications are converging -- and managers look for tools to help wrangle the chaos and secure their environments.

(Citrix is featured in our recent SD-WAN Infrastructure Growth report, which is available to Futuriom premium subscribers.)