STIGQter STIGQter: STIG Summary: Citrix Virtual Apps and Desktop 7.x Delivery Controller Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Jan 2021:

Citrix Delivery Controller must be configured to disable non-essential capabilities.

DISA Rule

SV-234567r628794_rule

Vulnerability Number

V-234567

Group Title

SRG-APP-000141

Rule Version

CVAD-DC-000270

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

To disable Citrix CEIP - Phone Home:
1. Launch Studio.
2. Select "Configuration" in the left navigation pane.
3. Select the Support tab.
4. Follow the prompts to end participation in CEIP.

This prevents automatic upload of installation experience metrics that are collected locally during installation.
VADServerStartup.exe /components "CONTROLLER,DESKTOPSTUDIO"
/disableexperiencemetrics /exclude "Smart Tools Agent" /nosql
/quiet /verboselog /noreboot

Check Contents

Verify Citrix Customer Experience Improvement Program (CEIP) - PHONE HOME is disabled on Delivery Controller.

1. Launch Studio.
2. Select "Configuration" in the left navigation pane.
3. Select the Support tab.
4. Verify CEIP is disabled.

If CEIP is not disabled, this is a finding.

Vulnerability Number

V-234567

Documentable

False

Rule Version

CVAD-DC-000270

Severity Override Guidance

Verify Citrix Customer Experience Improvement Program (CEIP) - PHONE HOME is disabled on Delivery Controller.

1. Launch Studio.
2. Select "Configuration" in the left navigation pane.
3. Select the Support tab.
4. Verify CEIP is disabled.

If CEIP is not disabled, this is a finding.

Check Content Reference

M

Target Key

5270

Comments