Warning : For those who download Alcatraz before the 2nd of December 2010, please update it, same link. An issue around leaking desktop handles is affecting v0.9.0.31, when you update it you should have v0.9.0.32 Citrix announced the 29th of November 2010 a new project code name “Alcatraz“, part of the project “San Francisco” and can be combine with project “GoldenGate” (Check the end of this blog for the Citrix links about each project). The idea is simple, how to add a "lock" layer to all the published applications accessed by mobile users, how to improve "security" if a device is stolen, lost etc ? Citrix Labs try to give an answer with this new project and I think this idea is very well found. Without modifying your existing Citrix (XenApp, WebInterface, CAG etc..) architecture you can provide another authentication level before launching an application with a PIN Code request (bellow screen shot from my iPhone) To be clear, this is not a second factor authentication add-on / product for Access Gateway and Web Interface. This PIN code interface is load before the published application, once the user profile loaded. It look neat, but how does it work ? First you need to install Alcatraz msi on the XenApp servers you want to use for your tests, you can download msi packages here : https://www.citrix.com/English/SS/downloads/details.asp?downloadID=2305766&productID=186 (MyCitrix account is required) You will find one package for 32bit OS and another one for 64bit OS. All the binaries will be installed in “C:\Program Files (x86)\Citrix\Alcatraz” folder and you will find the following files: Then the only change you need to do is to amend or create published applications dedicated to mobile users using “C:\Program Files\Citrix\Alcatraz\Alcatraz.exe” /a “command line of published application” for the 32bit XenApp servers or “C:\Program Files (x86)\Citrix\Alcatraz\Alcatraz.exe” /a “command line of published application” for the 64bit XenApp servers. In the registry, you can find a part in HKLM\Software\Citrix\Alcatraz for 32bit servers and in HKLM\Software\WOW6432Node\Citrix\Alcatraz for 64bit servers and all the settings are explained on the project page here : http://community.citrix.com/display/xa/Getting+Started+with+Project+Alcatraz ChallengeInterval – This setting is disabled by default (set to 0). This setting will force the user to enter their pass-code after a period of time (in seconds) even if the user is interacting with the published application. (Default: Disabled) InactivityTimeout – This is the amount of time (in seconds) that a user has not interacted with their published…