Configure App Protection Posture Check
To enable App Protection Posture Check, configure the new VDA Citrix Policy that is related to this feature.
Prerequisites
Make sure that you have the following:
- For cloud deployments - Cloud Desktop Delivery Controller version 115 or later
- For on-premises deployments - Citrix Virtual Apps and Desktops version 2308 or later
- Windows Virtual Delivery Agent Installer version 2308 or later
- For Windows - Citrix Workspace app for Windows 2309 or later
- For Mac - Citrix Workspace app for Mac 2308 or later
- For Linux - Citrix Workspace app for Linux 2308 or later
Configure the new VDA Citrix Policy for Posture Check as follows:
Note:
This new VDA Citrix Policy can be deployed using both Citrix Studio and Web Studio. The following procedure is deployed via Citrix Studio and you can use the same procedure for Web Studio also.
-
Open the Citrix Studio app on the Desktop Delivery Controller (DDC) for on-prem or Web Studio for Cloud deployments and then select Policies.
-
Under Actions, select Policies > Create Policy.
-
Click the All Settings drop-down menu and select App Protection under ICA.
-
Select Posture check for Citrix Workspace app and then click Select.
The Edit Setting window appears.
-
Clear the Use default value checkbox.
-
Click Add and enter the relevant values from the following:
- Windows-AntiScreencapture
- Windows-AntiKeylogging
- Linux-AntiScreencapture
- Linux-AntiKeylogging
- Mac-AntiScreencapture
- Mac-AntiKeylogging
For example, If you’ve added “Windows-AntiScreencapture” and “Windows-AntiKeylogging”, then the Citrix Workspace app for Windows that supports Posture Check and has these capabilities is allowed to connect to the VDA.
Note:
- Each entry must have only one capability.
- No space is allowed in the name of capability.
- Make sure that the values are spelt correctly. Incorrectly spelt values cause the session to terminate.
- Values that don’t have the prefix Windows-, Linux-, or Mac- are ignored.
-
After adding all the required values, click OK.
-
Click Next.
-
Select Assign Policy to > Selected users and machine objects.
-
Select the required delivery groups where this policy must be deployed and then click OK.
-
Click Next.
-
Enter the policy name in the Policy name field and then select the Enable policy checkbox.
-
Click Finish.
A policy for posture check is created.
Expected behavior if App Protection Posture Check fails
- If the Posture Check VDA Citrix Policy is enabled and you’re using a Citrix Workspace app version that does not support the Posture Check feature, then the session is terminated without displaying any error message.
- If you’re using a Citrix Workspace app version that supports the Posture Check feature, then the session is terminated displaying the following error messages respectively:
-
Windows:
-
Mac
-
Linux
-