Citrix Offers Free Encryption For Virtualized Application Data

Citrix's “safe zone” folder encrypts data on end users' desktops and laptops from virtualized applications running on XenApp Server and is free to customers now during technical preview.
At its Synergy user group meeting in San Francisco this week, Citrix Systems unveiled an encryption feature for virtualized applications running under its XenApp Server in the data center.

Corporate applications, such as Siebel Systems, PeopleSoft and SAP, are virtualized by XenApp and often used to generate large amounts of data about a business' customers. All data created using the virtualized applications by end users' home computers or mobile laptops is encrypted and stored in a "safe zone" folder. If for any reason the computer is lost, the data remains inaccessible to an unauthorized user and can be wiped off a machine's hard drive upon reconnection to the company's network.

Citrix Systems CIO Paul Martine cited the safe zone feature of Xen App as an example of why he was confident he could allow 1,400 Citrix employees to equip themselves with a computer of their own choosing and allow them to access corporate applications. No matter where they were or what happened to their machines, the data would be protected.

"If I lose my laptop, I lose the device but not the data," Martine noted in an interview at Moscone Center on the second day of the user group conference.

The encrypted folder is possible only after a piece of Citrix client software, Receiver, is downloaded onto the machine. The style of encryption used is 256 bit AES or Advanced Encryption Standard, a difficult system to crack without massive supercomputing power. Receiver recognizes data created by virtualized applications and stores it in a safe zone directory, leaving other applications resident on the machine to function normally.

The Receiver client is updated and controlled through a central server, the Citrix Merchandising Server. It is managed and updated in a "silent," background operation that isn't noticeable to end users, said Barry Phillips, group VP and general manager of Citrix clients.

Phillips said the Receiver client is available free for the first time to all customers. It is in a technical preview stage with Citrix looking for feedback from early implementers. It can be downloaded from The Citrix client software also includes a thin, end user machine hypervisor. It runs a resident version of virtualized applications when the end user is disconnected from the network, such as during a flight on an airplane. Most of the time, the Citrix end user is receiving pixels for the display of a virtualized application running on a data center XenApp server.

The safe zone will become a feature in a future release of the Receiver client, Phillips said.