Citrix Analytics service brings hope for better security

As it becomes more difficult to monitor and secure applications and data, Citrix's security analytics platform is getting more attention from IT pros.

ANAHEIM, Calif. -- As the need for better security grows and the capabilities of machine learning technology get stronger, IT pros are looking more closely at security analytics tools.

One such option is the Citrix Analytics service, which monitors applications, devices, networks and users. It relies on machine learning to gather information about normal activity and alerts IT to any deviations from that behavior. Organizations can use the security analytics platform, currently in limited preview, to glean data from either on-premises or cloud-hosted Citrix deployments.

"Running IT the old way is getting increasingly difficult, because there's too much data, too many devices and users," said Zeus Kerravala, founder and principal analyst of ZK Research in Westminster, Mass. "Machine-learning-based analytics down the road will become the norm -- especially for security. So many threats today occur from inside the network."

Citrix Analytics security and performance monitoring

Many attendees here at Citrix Synergy 2018 said they're considering adopting the Citrix Analytics service.

Cerner Corp., a health IT provider based in Kansas City, Mo., delivers XenApp Published applications to healthcare providers, including 500,000 global users on tens of thousands of Citrix servers. It would be helpful to have automatic monitoring and analysis of user logon times and server resource information, such as CPU usage, said Dan Harms, a principal architect at Cerner.

"Clinicians are very sensitive to how long it takes to log in," Harms said. "Their job is not to have to call IT all the time."

Application performance is a big part of analytics offerings today, and it can help IT understand where apps perform well and why, Kerravala said. There are a lot of third-party vendors that provide app monitoring capabilities, but they all take different approaches. Some monitor devices, and some do it at the network level. It's possible that Citrix Analytics will do a better job of specifically monitoring Citrix workloads, Kerravala said.

At Cerner, Citrix Analytics would also help overcome the challenge of having multiple, different security tools that report on different aspects of the infrastructure, Harms said.

That's one of the things we like in the analytics -- being able to see everything in one dashboard.
Dan Harmsprincipal architect at Cerner

"That's one of the things we like in the analytics -- being able to see everything in one dashboard," Harms said.

Organizations can use the Citrix Analytics service whether they run Xen products on premises, on Citrix's Cloud -- which is based on Microsoft Azure -- or on other cloud providers supported by the Citrix Cloud service, such as Amazon Web Services (AWS), said Mike Stringer, senior director of product engineering. Once it's generally available, the security analytics platform likely will not have a separate SKU, but it will be included in other Citrix offerings, he said.

WestRock, a paper and packaging company based in Atlanta, runs XenApp published apps and a small XenDesktop VDI deployment, and it's currently doing a proof of concept to determine whether to move these workloads to AWS. Michael Hauenstein, a Citrix engineer at the company, said he hasn't seen the quality of analytics in the Citrix Analytics service present in any other offerings yet, but Microsoft could compete in this market more in the future.

"The learning piece and the automation [are] really, really interesting," Hauenstein said.

Understanding identities also plays a key role in the Citrix Analytics service, said Jack Gold, analyst at J. Gold Associates in Northborough, Mass.

"[Citrix has] got the ability to look at all of their components, build a knowledge base of what everyone is doing and trying to assess from that, 'Is there a security risk?'" he said. "It's identity, but also security and policy-setting in an automated fashion. I see Analytics as the core of making all of this stuff work."

NetScaler analytics tool

Citrix also offers a cloud-based analytics service specifically for its NetScaler product. Organizations can use the NetScaler Management and Analytics Service to glean information about how NetScaler is running and how apps are performing in terms of latency and disk usage.

At Chubb, a global insurance company based in Whitehouse, N.J., "we could figure out why the India side of the connection is experiencing higher than normal latency, [for example]," said Kirk Moore, a senior network engineer. "It's designed to be proactive."

Chubb doesn't currently use the service, but would find it useful now that the company has increased its usage of NetScaler, Moore said. It's unpractical to do all that analysis manually now, he added.

Site editor Erica Mixon contributed to this report.

Dig Deeper on Unified endpoint management