Its an interesting notion; however, how would Packeteer "know" what
legitimate traffic looked like? Moreover, how would it handle
encrypted traffic (Citrix now uses varying levels of RC5 encryption)?
BTW, there is Extranet, Citrix's own proprietary system for proxying
ICA connections.
> -----Original Message-----
> From: Clayton Knorr [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, March 01, 2001 3:13 PM
> To: '[EMAIL PROTECTED]'
> Subject: Citrix ICA and Application Layer Awareness
>
>
> There were some posts back in January about proxying Citrix
> ICA, which are a
> topic of particular concern for me lately.
>
> The previous posts indicated that there aren't any real
> proxies or ALGs for
> ICA, which I'm basically in agreement with. However what
> about a product
> like Packeteer Packetshaper that can actually differentiate between
> different protocols regardless of what port the run on. It can also
> actually differentiate between published apps by inspecting
> the packets as
> they are forwarded. If you can block/control traffic based
> on application
> information isn't that an ALG?
>
> I'm thinking about utilizing a Packeteer or similar solution
> as a security
> measure to ensure not only that connections are only made
> over port 1494 (or
> whatever port we end up using...)but that the connections are
> actually ICA
> traffic. Anyone have any thoughts about using this kind of a
> solution as a
> security measure?
>
> Thanks...
> Clayton
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
