← Back to Citrix Virtual Apps and Desktop 7.x Workspace App Security Technical Implementation Guide

V-234262

CAT II (Medium)

Citrix Workspace must accept Personal Identity Verification (PIV) credentials.

Rule ID

SV-234262r640183_rule

STIG

Citrix Virtual Apps and Desktop 7.x Workspace App Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-001953

Discussion

The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access.<br /><br />DoD has mandated the use of the Common Access Card (CAC) to support identity management and personal authentication for systems covered under HSPD 12, as well as a primary component of layered protection for national security systems.<br /><br />Satisfies: SRG-APP-000391, SRG-APP-000392

Check Content

Verify the policy value for Administrative Templates >> Citrix Components >> Citrix Workspace >> User authentication >> "Smart card authentication" is not set to "Disabled". For this setting, "Not Configured" is equivalent to "Enabled".<br /><br />If the "Smart card authentication" policy is set to "Disabled", this is a finding.

Fix Text

Set the policy value for Administrative Templates >> Citrix Components >> Citrix Workspace >> User authentication >> "Smart card authentication" to "Enabled" and check the "Allow smart card authentication" box. <br /><br />If the environment leverages PIN pass-through, also check the "Use pass-through authentication for PIN" box.