Category: Security

A lesson when relying on the FQDNs allowlist for Citrix Cloud Connectors

INTRODUCTION

If you are working regurlarly with Citrix Cloud it may be common knowledge by now that the fundamental connectivity requirement of the Cloud Connectors, on each resource location, is to open up port 443 for outbound connections towards the Internet.

In my experience this is fine and dandy and all, however this won’t be enough for a client’s criteria sometimes. Occasionally we need to jot down the explicit domain names (FQDNs) in which the Cloud Connectors accesses, thus only open up the standard HTTPS port towards these known FQDNs.
This very demand was something I was recently met with so in this post I will share a lesson on pursuing this route.

Continue reading “A lesson when relying on the FQDNs allowlist for Citrix Cloud Connectors”

ClickOnce application suddenly blocked by AppLocker Group Policy

INTRODUCTION

With the release of the Windows 7 and corresponding server operating system, the AppLocker technology has become a quintessential tool for system administrators to utilize. Thanks to it, administrators can restrict or allow end-users to run certain applications based on its publisher value, file path or even its unique file hash, all within an On-premise Domain-wide level. In other words, it is a given implementation within an enterprise environment to further defend itself from the many and various threats that can stem from executing suspicious programs.
In this post however, I would like to share an isolated issue in which an already known application was suddenly blocked by an AppLocker Group Policy and how it being a ClickOnce executable required some creative thinking right on the spot.

Continue reading “ClickOnce application suddenly blocked by AppLocker Group Policy”

Mapped network printers unavailable due to SMB1 being obsolete

INTRODUCTION

As we all might be familiar with, printers are one of those little peculiar matters within IT. Implementing these in an IT-environment is self-explanatory oftentimes, but when they do not cooperate the issue itself can stem from one single obscure root cause, if not a string of these having to be checked upon.
Recently, I encountered a particular printer issue which I found interesting enough to share. The root cause here, in summary, was due to the network protocol SMBv1 (Server Message Block) being obsolete in recent Windows releases.

Continue reading “Mapped network printers unavailable due to SMB1 being obsolete”