The Citrix Netscaler firmware upgrade is complete and my job as an administrator is done, right? Many people are convinced that a firmware upgrade fixes all current security issues, but this is not always true. What else may need to be done and what is the easiest way to do it?
Another security problem with the Citrix Netscaler and then also from the high category! Quickly install the latest firmware and everything is secure again, but that's wrong! In addition to the latest firmware upgrade, additional configurations on the Netscaler are often necessary to provide a final remedy for the security problem. How are you supposed to know when an additional configuration is necessary? You have to read and follow the documentation for the relevant CVE, but who reads the documentation?
Here is an example:
After the firmware upgrade, there are two additional Netscaler configurations that still need to be performed to resolve the security issues. The easiest way to do this is via the Netscaler Console and the Job Workflow.
If necessary, define parameters and send them to the Netscaler at the end. Under Infrastructure
| Configuration
| Configuration Jobs
you can then check whether everything has worked.
I'm repeating myself, but if you have a Netscaler in operation, you should have added it to the Citrix Cloud Netscaler Console. Please read my three-part article on the Citrix Cloud Netscaler Console (formerly ADM)