Protecting services in NetScaler
Now, since NetScaler often sits in front of many different services, this may make it a popular target for hackers. These might, for instance, be PCI-DSS services, such as VISA or PayPal. On the other hand, they may just be plain web services that might be an intranet portal or some other sort of sensitive data.
So, the purpose is to configure NetScaler to deflect common forms of attack and activate counter measures when someone is trying a particular form of attack.
A popular question that is often asked is, should NetScaler be in front of the firewall or should the firewall be the first line of defense?
In my opinion, NetScaler has sufficient security features to allow it to be placed in front of the firewall. Putting it behind the firewall often makes the network more complex and makes it more difficult to handle VMAC, GARP updates, and so on.
NetScaler has many prebuilt defense mechanisms, for instance, Denial of Service (DoS) attacks on the TCP layer. The...
