Hello,
we had a penetration test for our Citrix infrastructure.
On the Citrix servers is SEP 12.1.3 installed (AV / AS only) and the auditors have commented that it might be possible for normal users to read the Exclusionen from the registry and exploit them. (For Citrix you NEED some Exclusion for sure.)
The same problem we had on thousands of PCs and notebooks. Here I created an Application and Device Control Policy that block access for normal users. Works fine.
Since several years I install on the Citrix servers only AV / AS and now I'm careful and I would be interested if anyone has experience with ADC on Citrix servers (NOT Citrix Provisioning Server)?
Symantec Endpoint Protection (SEPM and SEP Client) 12.1.3 ==> on the way to 12.1.4 in the next weeks.
Citrix Presentation Server 4.5 on Windows Server 2003 R2 fully patched
Citrix XenApp Server 6.5 on Windows Server 2008 R2 fully patched
Thank you in advance.
Thedo