How to activate or deactivate ShareFile Advanced Preferences

When you set upload or download notifications for particular users on folders, by default, the users will receive notifications about these uploads/downloads in real-time. Users can change this default behavior by clicking the Personal Settings link in their account. However, if you want to set a default value for this setting for all users on your account, you may do so using this setting.

Note: Changing this setting does not affect existing users in the system (it is only applied to newly-created users). You can update this setting for individual users in the at their individual profile page found under People. In Real-Time is the default value.

Users can receive email notifications in the following languages: English, German, Spanish, French, Dutch, Chinese, Russian, Japanese, Korean, Portuguese.

Related:

Citrix SD-WAN Software Feature Cheat Sheet

• 6K nodes in multi-region

• GCP support for VPX/VPXL

•SFP Y-Cable HA (210 and 1100 only)

• HDX reporting on user-level for SDWC

• O365 PAC file automation

• Palo Alto Prisma API auto-configuration

• Inband Management: Allows you to use the SD-WAN data ports for management, which carries both data and management traffic, without having to configure an addition management path.

• Static LAG (Link Aggregation Groups) – LACP Mode 1 [active-backup] providing fault tolerance

• Standby Metered Link Enhancements – Disable if Data

Cap reached option is introduced

• Cloud Direct Service available with SD-WAN Center (410, 210 and 1100 only)

• Routing Enhancements

○ OSPF TAGGING Support

○ Protocol Preference (Prefer BGP over OSPF or

vice-versa)

○ Routing Statistics enhancements

○ New AS PATH Length import filter (for route

manipulation)

• Security Admin role in SD-WAN Center – (Sec Admin

Has the read-write access only for the Firewall and

security-related settings in the Config Editor, while

having read-only access to the other sections)

• Packet Capture on Multiple Interfaces from

appliances and Center

• 210 SE LTE Auth enhancement – A new

Authentication input field is introduced in the APN

settings form. There are 4 possible values for this

new field – None, PAP, CHAP, PAPCHAP.

• Change Management optimization

• RBAC management in SDWC

Related:

  • No Related Posts

Manage ShareFile Apps and Devices

Article Contents (click to skip to that section)

Configure Device Security

An account Administrator will be able to set security options in the web application at Admin Settings > Security > Configure Device Security.

An Admin can use these options to control the security level for devices used to access the ShareFile account by other users. Please note, these settings will always override any individual user preferences.

Modifiable Device Security settings include:

File Self Destruct – Determines the number of days without the user logging in or accessing the account before the account is automatically removed from the mobile device. Unlike Remote Wipe, which occurs only when a user is online, Self Destruct occurs even if the user is offline. This setting can be updated at any time by the Account Admin. Options are: Never, 1, 3, 7, 14, 30, 45, or 60 days. When self destruct is triggered on a device, users with mobile push notifications enabled may receive a notification referencing a “Poison Pill” activation.

Require User Passcode – Controls whether users are required to enter a 4-digit PIN or a password to access their ShareFile content. When set, all ShareFile content will be encrypted. Options are: PIN, Password, or User-Selected Passcode.

Enable External Applications – Determines whether users can open downloaded files outside of the ShareFile application.

Enable Offline Access to Files – Controls whether users can see ShareFile content when the device is offline.

Enable Automatic Login – Determines whether users can opt to save their ShareFile password on the device.

Restrict Modified Devices – Enabling this will restrict users from being able to use the ShareFile app on a jail-broken / jailbroken / jail broken device. ShareFile cannot fully troubleshoot issues encountered by users that have chosen to jailbreak their device.

Device Security Presets

You may configure each setting individually at the Configure Device Security menu. In addition to a Custom setting option, ShareFile offers a number of presets with various differences.

Manage Personal Devices

Each user on the system will have the ability to manage their devices in Personal Settings, My Connections. The user will be able to Wipe their device in the event that it is lost or stolen. Wiping a device will remove all ShareFile data the next time the device connects to the account.

Admin – Manage User Devices

Administrators on the account can manage all user devices on the user profile page. Under Basic User Permissions, click the Manage connected apps and devices for this user link.

This menu will allow the admin to lock, wipe or revoke a specific user’s device or application. After selecting to wipe a device, the status will display Wipe Pending until the next time the device connects and then all ShareFile data will be removed. Note: Wipe is only available for mobile devices and ShareFile Sync for Windows.

Related:

  • No Related Posts

How to configure Integrated Windows Authentication with Citrix Director

Open IIS, navigate to the Director Site and open Authentication settings. In the Authentication settings, enableWindows Authentication and disableAnonymous Authentication. Once this is done, restart the IIS server.

IIS Configuration
Disabling and enabling authentication parameters for the site Director in the IIS

In a scenario, where the delivery controller or the broker are in two different servers, we need to enable delegation on the Director server. Go to the AD – Active Directory Users and Computers – Right Click on the machine name and select properties – Enable ‘Trust this computer for delegation’ as shown below.

Enable delegation on the Active Directory for the server on which Director is installed

If your browser does not support integrated Windows authentication, then as an admin, a group policy should be applied across all the supported browsers. Here is how you can set your IE for integrated Windows authentication.

  1. Open Microsoft Internet Explorer.
  2. Select Tools > Internet Options.
  3. Open the security tab
  4. Add the sites to Trusted Sites Zone and click on custom level
  5. Enable automatic logon with current user name and password

IE settings

Note: For configuring integrated windows authentication on Chrome and Firefox, please refer their support forums.

Note: In case of multiple domain, make sure that all the domain being used trust each other in a two way transitive manner. This is mandatory for integrated Windows authentication to work.

Note: For integrated authentication to work, the DDC and Director should be at the same version.

Related:

  • No Related Posts

Citrix Hypervisor Security Update

Description of Problem

A security issue has been identified that may allow privileged code running in a guest VM to compromise the host. This issue is limited to only those guest VMs where the host administrator has explicitly assigned a PCI passthrough device to the guest VM.

A CVE identifier for this issue is not yet available.

CVE ID Description Vulnerability Type Pre-conditions
TBA Bounding error updating physmap CWE-121 A PCI passthrough device must be assigned

This issue affects all currently supported versions of Citrix Hypervisor up to and including Citrix Hypervisor 8.2 LTSR.

Mitigating Factors

Customers who are not using the PCI passthrough feature of Citrix Hypervisor are not at risk from this issue

What Customers Should Do

Citrix has released hotfixes to address this issue. Citrix recommends that affected customers install these hotfixes as their patching schedule allows. The hotfixes can be downloaded from the following locations:

Citrix Hypervisor 8.2 LTSR: CTX286459 – https://support.citrix.com/article/CTX286459

Citrix Hypervisor 8.1: CTX286458 – https://support.citrix.com/article/CTX286458

Citrix XenServer 7.1 LTSR CU2: CTX286457 – https://support.citrix.com/article/CTX286457

Citrix XenServer 7.0: CTX286456 – https://support.citrix.com/article/CTX286456

What Citrix Is Doing

Citrix is notifying customers and channel partners about this potential security issue. This article is also available from the Citrix Knowledge Center at http://support.citrix.com/.

Obtaining Support on This Issue

If you require technical assistance with this issue, please contact Citrix Technical Support. Contact details for Citrix Technical Support are available at https://www.citrix.com/support/open-a-support-case.html.

Reporting Security Vulnerabilities

Citrix welcomes input regarding the security of its products and considers any and all potential vulnerabilities seriously. For details on our vulnerability response process and guidance on how to report security-related issues to Citrix, please see the following webpage: – https://www.citrix.com/about/trust-center/vulnerability-process.html

Disclaimer

This document is provided on an “as is” basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information on the document is at your own risk. Citrix reserves the right to change or update this document at any time.

Changelog

Date Change
2020-11-24 Initial Publication

Related: