About four months ago I wrote an article on SSL offloading for the Citrix XenMobile MDM server and talked about how this new feature helps us in placing the MDM server on our more secure corporate LAN as apposed to the DMZ. And although I still feel that this is a valid, robust and decent set up, I must admit that the idea of placing the MDM server in the DMZ doesn’t sound that bad after all, considering all that comes into play. During my last article on XenMobile I gave it a bit more thought and just recently I discussed it with a few community members as well. Let’s just say that, for now, I’m in doubt. Please feel free to share your thoughts on the matter, I might need your help on this one!
Well over a month ago Citrix released the XenMobile Device Manager SSL Offload Server Patch for NetScaler. And although this has been something we’ve been waiting for, although ‘we’ is probably still a relatively small group, for some reason I haven’t read or heard a thing about it. Perhaps XenMobile isn’t as popular as I thought or people just don’t mind putting their MDM machines in their DMZ’s, I know I would. Whichever the case may be, from now on you can securely place your MDM machine on your internal network without having to worry about potential unsecure connections, SSL only! Although I do highlight the XenMobile MDM server patch, the below is applicable to other sorts of (web) services as well.