Citrix Cloud Analytics
Citrix Cloud Analytics solutions facilitate organizations to detect and deflect potential threats and instantly address performance issues long before security incidents occur, or employees begin to submit help desk tickets. Citrix Analytics for Security continuously assesses the behavior of Citrix Virtual Apps and Desktops users, Citrix DaaS (formerly Citrix Virtual Apps and Desktops service) users, and Citrix Workspace users. It applies actions to protect sensitive corporate information.
Netsurion Open XDR dashboard and reports will provide information about possible attacks, suspicious activities, or any other threat noticed in user activities based on the user’s risk score.
For a new instance, integrate Citrix Cloud Analytics with Netsurion Open XDR by streaming the logs to Logstash and then to Netsurion Open XDR using a syslog extension from Logstash.
Configure the alerts, dashboards, and reports into Netsurion once configured to deliver events to the Netsurion Manager.
The following are the key Data Source Integration available in Netsurion Open XDR.
|Security||Citrix Cloud Analytics – User risk score change and suspicious activities detected||This alert is triggered when the following events occur.
|Security||Citrix Cloud Analytics – User risk score activities||This report delivers detailed information on the increase and decrease of the user risk scores. It includes username, risk score value changes (difference between earlier and current risk score), and more.|
|Security||Citrix Cloud Analytics – User profile summary||This report provides a detailed summary of user data usage, location, and device access information.|
|Security||Citrix Cloud Analytics – User risk activities summary||This report summarizes any suspicious activities or threats linked to a user. It comprises user details, threat type, the severity of the threat, risk probability, and other events occurrence details.|
The configuration details are consistent with Netsurion Open XDR 9.3 and later, and Citrix Analytics.