STIGQter: STIG Summary: Citrix XenDesktop 7.x Delivery Controller Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Apr 2020:

Delivery Controller must be configured to disable non-essential capabilities.

DISA Rule

SV-96121r1_rule

Vulnerability Number

V-81407

Group Title

SRG-APP-000141

Rule Version

CXEN-DC-000270

Severity

CAT II

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

10

Fix Recommendation

To disable Citrix CEIP - Phone Home:
1. Launch Studio.
2. Select "Configuration" in the left navigation pane.
3. Select the Support tab.
4. Follow the prompts to end participation in CEIP.

This prevents automatic upload of installation experience metrics that are collected locally during installation.
XenDesktopServerStartup.exe /components "CONTROLLER,DESKTOPSTUDIO"
/disableexperiencemetrics /exclude "Smart Tools Agent" /nosql
/quiet /verboselog /noreboot

Check Contents

Verify Citrix Customer Experience Improvement Program (CEIP) - PHONE HOME is disabled on XenDesktop Delivery Controller.

1. Launch Studio.
2. Select "Configuration" in the left navigation pane.
3. Select the Support tab.
4. Verify CEIP is disabled.

If CEIP is not disabled, this is a finding.

Vulnerability Number

V-81407

Documentable

False

Rule Version

CXEN-DC-000270

Severity Override Guidance

Verify Citrix Customer Experience Improvement Program (CEIP) - PHONE HOME is disabled on XenDesktop Delivery Controller.

1. Launch Studio.
2. Select "Configuration" in the left navigation pane.
3. Select the Support tab.
4. Verify CEIP is disabled.

If CEIP is not disabled, this is a finding.

Check Content Reference

M

Target Key

3291

Comments