NETSCALER LATEST FEATURES AND DOD CERTIFICATION
NetScaler has recently introduced several new features and updates, particularly in security and observability. These include enhanced protection against TCP spoofing attacks, improved security advisory dashboards, and the ability to export NetScaler events to Splunk for better visualization and insights. Additionally, there's support for smart card-based authentication and two-factor authentication for management access. Here's a more detailed look at the key updates:
Security:
- Improved TCP spoofing protection:
NetScaler is now compliant with RFC-5961, enhancing its ability to defend against TCP spoofing attacks. This includes features like RST window attenuation, SYN spoof protection, and rate limiting of challenge ACK responses.
- Enhanced Security Advisory dashboard:
The dashboard provides a comprehensive overview of NetScaler's security posture, offering immediate insights into vulnerabilities and overall health.
- Splunk Integration:
NetScaler can now export events to Splunk, allowing users to leverage Splunk's dashboarding and analytics capabilities for better visibility into their NetScaler infrastructure.
- Smart card-based authentication:
Users can now log in to the NetScaler management GUI using smart cards, simplifying the login process.
- Two-factor authentication:
NetScaler now supports two-factor authentication for both system and external users accessing the management console.
- OWASP tag support for security violations:
Security violations displayed in the NetScaler Console GUI now include OWASP tags, helping administrators identify vulnerabilities within the OWASP top 10.
- Proxy auth support for signatures and IP Reputation:
NetScaler can now utilize a proxy server for retrieving WAF and Bot signatures and IP Reputation feeds, enhancing security in environments where direct internet access is restricted.
- Custom keyword support for JSON payloads:
Users can now add custom keywords to their NetScaler WAF configuration to reduce false positives when detecting SQL injection and command injection attacks.
- NetScaler – DOD certification a big deal
NetScaler MPX 9100 FIPS and 8900 FIPS release version 13.1, has achieved certification to be on the Department of Defense Information Network Approved Products List (DoDIN APL).
The DoDIN APL is a U.S. military compliance framework that maintains a list of products certified for interoperability and cybersecurity. This ensures reliable communication and collaboration within the DoDIN and guides DoD organizations in product acquisition.
NetScaler’s certification highlights its commitment to providing secure, interoperable solutions for DoD entities. As defense organizations increasingly operate in distributed environments, securing access to sensitive data beyond traditional network boundaries has become paramount. NetScaler effectively addresses this challenge through a software-based architecture and a unified codebase applicable across all deployment types. This ensures consistent security policies and streamlined management across data centers, cloud, and edge deployments.
Such a cohesive approach simplifies operations, enhances security, and guarantees that mission-critical applications remain available and responsive, regardless of their location.
NetScaler significantly improves availability and safeguards cybersecurity and interoperability through a comprehensive suite of capabilities. Key features include advanced load balancing (LB and GSLB), web application firewall (WAF), API and bot protection, SSL offloading, denial-of-service (DoS) mitigation, and Zero Trust access enforcement.