Skip to main content

Netskope Help

Citrix Virtual Apps and Desktop

A cloud-based platform that hosts cloud-hosted desktops and applications. Using Citrix cloud you can deploy Citrix products, desktops, and other applications using any type of cloud-like private, public, or hybrid. You can install Netskope Client in Citrix Virtual apps using the deployment options supported by Netskope.

Environment

This document was created using the following components:

  • Citrix Workspace Version:

    • Citrix Virtual Apps and desktops 7 1912 LTSR CU3- Storefront

    • Citrix Virtual Apps and Desktops 7 2106

    • Citrix workspace: 22.2.0.4525(2202)

  • Netskope Client version: 93.0.1.944, 94.0.0.2364

  • OS: Windows 10 (Single Session), Windows Server (Multi Session)

Configuration Requirements

Specific configurations in Netskope tenant web UI can ensure that the processes or traffic from either of the applications are not blocked and directed to the Netskope Cloud. You must add exceptions to the Netskope Steering Configuration. To learn more, view Exceptions.

Configurations In Netskope Client

Add steering configuration exceptions (Certificate Pinned Application exception type) on the Netskope tenant WebUI to allow Citrix Workspace traffic to bypass Netskope and reach its destination.

To add Citrix workspace as a Certificate Pinned Application on the Netskope UI:

  1. Go to Settings > Security Cloud Platform > Steering Configuration and and select a configuration.

  2. On the configuration page, click EXCEPTIONS > NEW EXCEPTION > Certificate Pinned Applications.

    Certificate_Pinned_App.png
  3. In the New Exception window, do the following:

    1. From Certificate Pinned App, select the application. To add a new certificate pinned application in the New Certificate Pinned Application window, do the following:

      • Application Name: Enter the name of the application.

      • Platform: Select the operating system where the application is managed.

      • Definition: Provide the processes and .exe(s) list that you want to bypass. To learn more, view Exclusions.

    2. From Custom App Domains, add * to allow all URLs.

    3. From Actions, select Bypass for all operating systems that you want to allow directly to the destination.

    4. Click ADD.