Secure Director deployment
This article highlights areas that might have an impact on system security when deploying and configuring Director.
Director communications
In a production environment, use the HTTPS protocols to secure the data passing between Director and your servers. HTTPS uses Transport Layer Security (TLS) protocols to provide strong data encryption.
Note:
- Citrix strongly recommends that you restrict access to Director console within the intranet network.
- Citrix strongly recommends that you do not enable unsecured connections to Director in a production environment.
- Use TLS 1.2 or higher. Do not use legacy TLS or SSL.
To secure communications between users’ web browsers and Director, refer to Enable TLS on Web Studio and Director
To secure communications between Director and Citrix Virtual Apps and Desktops servers (for monitoring and reports), refer to Securing On-Premises Monitor OData API Access.
To secure communications between Director and Citrix ADC (for Citrix Insight), when you Configure network analysis, choose a connection type of HTTPS.
Configure Microsoft Internet Information Services (IIS)
You can configure Director with a restricted IIS configuration.
Application Pool recycling limits
Director uses an application pool called Director. You can set the following Application Pool recycling limits on the application pool:
- Virtual Memory Limit: 4,294,967,295
- Private Memory Limit: The size of the physical memory of the StoreFront server
- Request Limit: 4,000,000,000
File name extensions
During installation, Director configures request filtering to only allow the following extensions:
- .
- .aspx
- .css
- .eot
- .html
- .ico
- .js
- .png
- .svc
- .svg
- .gif
- .json
- .woff
- .woff2
- .ttf
HTTP Verbs
During installation, Director configures request filtering to only allow the following verbs:
- GET
- POST
- HEAD
IIS features
Director does not require the following IIS components:
- ISAPI extensions
- CGI programs
- FastCGI programs
You can remove these components.
.NET trust level
Director requires .NET Trust Level to be set to Full Trust. Do not set the .NET trust level to any other value.
Configure user rights
When Director is installed, its application pool is granted the following:
- Log on as a service logon right
- Adjust memory quotas for a process, Generate security audits, and Replace a process level token privileges
The rights and privileges mentioned are normal installation behavior when application pools are created.
You do not need to change these user rights. These privileges are not used by Director and are automatically disabled.
Director security separation
You can deploy any web applications in the same web domain (domain name and port) as Director. However, any security risks in those web applications can potentially reduce the security of your Director deployment. Where a greater degree of security separation is required, Citrix recommends that you deploy Director in a separate web domain.