Subtitles of the Movie

This is Citrix Access Gateway Advanced Edition 4.5, and in this video we're going to do the course recap and we're going to talk about everything we've discussed over the length of this course. First off we discussed the prerequisites for installing software both for the administrator, meaning you had to know a little bit about networking; had to know a little bit about Windows Server, and how to install software, obviously, as well as the hardware requirements for the Access Server software, meaning you had to have it on a Windows Server Operating System with certain Support Packs. You also had to have a certain version of SQL Server installed for the backend database that held all the configuration information about your Access server farm. We then walked through the installation of the software, both the Access Gateway software and the necessary license console and administrative tools on the Access Gateway Server. And then we licensed the Access Gateway software using the License Console. We walked through the License Console and discussed how to run reports, how to authorize additional users to use the License Console and how to tell when you're nearing the license counts for your licensed Citrix products. We then moved on to talk about resources and we discussed web resources, file share resources, and network resources. We discussed how web resources can be web interfaces for presentation server farms or how they can just be websites. We discussed how to set them up, how to make sure that you defined the correct websites in the Web Resource Configuration screen so that when users went to access that web resource they didn't get Access denied messages because they're attempt to access servers that are outside of the web resource that you've defined. We talked about File Share resources and how you can use tokens so that you don't have to set up hundreds of file share resources for every individual user or every individual group, and we talked about network resources and how you can restrict people coming in using the Secure Access Client to a particular server or range of servers based upon their IP address. How you can also filter access based upon protocol or port number, and also the gotchas that the Access Gateway doesn't really care what you do across those protocols or port numbers so long as that's the only ones you're using and that you're authorized to use them. We then talked about scans, both continuous scans and Endpoint Analysis scans. We discussed how continuous scans are only used for the secure Access client, and how they are running continuously whenever you're connected. We discussed how if you removed the Registry key or stopped the process in the continuous scans that your Secure Access Client connection would be suspended and how they would be restored if and when those processes or registry keys or files were put back where they were expected to be. We talked about Endpoint Analysis scans, and how you can query a client device for specific pieces of information such as Antivirus version, or whether the Firewall's turned On or what Domain the machine is in. We also discussed how to import Endpoint Analysis scan packages into the Access Management Console so that if you happen to write a scan package yourself or if you happen to download one or purchase one from the Internet, you could import it into your Access Management Console and be able to use that scan against client devices. We also talked about using the output from one scan as the input from another, thereby chaining the scans and chaining the conditions so that if a prerequisite scan condition is not met you don't run subsequent scans thereby taking up more time on the client device. We then talked about data sets and how they are used to determine if a list of information is true about a client device. The examples we used are group memberships for certain Mac addresses for the Mac Address Endpoint Analysis scan, and a list of Microsoft Security Updates that was necessary to be installed for the Microsoft Security Update scan. We then moved on to filters. We talked about continuous filters and Access filters, and how you use the outputs of scans and filters, meaning that for example if you queried for a Domain Membership, if that domain membership returned false, meaning I am not a member of the domain you're looking for, then the filter says, I am not allowed to see this particular resource. We talked about how continuous filters use continuous scan results and Access filters use Endpoint Analysis scans results. We also talked about policies. We talked about connection policies and access policies. Connection policies apply to the Secure Access Client and define at what point and in under what conditions the Secure Access Client can connect to the protected network through an Access Gateway appliance. We talked about Access policies which determine under what conditions users can access resources in the Web interface to the Access Gateway Farm. We talked about how filters are used inside of policies to determine whether a policy is applied and a policy is applied based upon the results of an Endpoint Analysis scan so you can see the logical flow from Endpoint Analysis scan to filters to policies. We then talked about logon points, both how to create them and how to deploy them and do basic administration. We talked about how to apply policies to logon points so that only certain users could access the logon points based upon Active Directory Group Membership, or really any other type of Endpoint Analysis scan. We talked about deploying them and how they have to be deployed on a per-server basis, and you can verify that they are deployed by looking at the File System, or also looking in IIS Manager. We then talked about basic server farm configuration, how to change the authentication profiles for LDAP or RADIUS and how to set up Load balancing or Failover for each of those authentication profiles. We then talked about the Service Account Credentials that the Access Gateway servers use to talk to one another as well as to talk to the database server. We also talked about presentation server and all the hoops you have to jump through and all the little gotchas that come with integrating a presentation server farm with your Access Gateway server farm. We talked about basic troubleshooting. Really the only two ways of troubleshooting access problems in your Access Server farm is by either looking at Realtime Session information or by looking at the Event Logs, either on the server directly or by using the Event Log Consolidator built into the Access Management Console. And of course, we tied all of this together in our Lab where we developed an Access Gateway infrastructure from start to finish and we went in and messed with some of the settings and broke it for a little while, and then we had to bring it back from the dead so that we could allow users access once again. And this concludes our discussion of the topics covered in this course.