Hello,
I'm interested in the VMWare NSX solution for Software Defined Networking in our organization. We've a VMWare farm with all our servers configured over our 2 datacenters and a Citrix farm with the Citrix XenApp and NetScaler solution for our end-users. The Citrix farm is configured as a RDS environment, so multiple users shares one Citrix XenApp server with only one IP.
I think for our VMWare farm microsegmentation is not a problem, but is it possible to implement this also for our cliënts in a shared Citrix XenApp RDS environment? For instance, if user 1 from the Finance department on Citrix XenApp server 1 is allowed to communicate with the Finance servers, but user 2 from the Marketing department on Citrix XenApp server 1 is not allowed to do this, but he is allowed to communicate to the Marketing servers, is this casus configurable? I was thinking about the Active Directory Group Membership option to automatically read to which group the user belongs too and configure it with the Identity Firewall in NSX, but so far I know the firewall only match a single user to a single IP. And in our configuration, there is no single user <-> IP mapping possible.
Are there any workarounds or solutions to make microsegmentation possible?
Thank you in advance.
Kind regards,
Frank Jan