VPN with MFA Authentication
- Architecture

Lantrasoft implemented a VPN with MFA Solution for its Financial Services Customer to enable a Secure Platform for application testing using Mobile devices.

Customer Overview

Financial Services Provider in the U.S. with a very vast technology landscape with cutting-edge tools and technologies in the environment. Diverse applications belonging to various LOBs supported by Development, DevOps, Testing, Interfacing teams and Vendors.

Business Requirement

  • Secure platform for application testing using Mobile devices – primarily for performance testing of the in-house developed, business critical applications.
  • Enable additional authentication mechanisms to meet the security requirements.
  • Leverage existing Infrastructure resources/appliances for this requirement to avoid additional spend on IT Infrastructure.

Our Solution

  • Design and host a secure Virtual Private Network with Multi-factor Authentication.
  • Allow authorized devices to gain access to the application with pre-defined security settings.

Approach to the Solution

  • nFactor Authentication was adopted to enhance the security levels by mandating and authorizing users with multiple identities to gain access.
  • This mechanism uses NetScaler VPN Gateway with Authentication Vserver configuration integrated with LDAP and Radius Server as the primary and secondary authentication factor associated with EPA Scan Policies.
  • Devices are required to successfully pass the aforementioned authentication levels in order to gain access to the internal resources.


  • User connects to NetScaler Gateway Virtual IP.
  • A login page with Username and Password fields is rendered.
  • Along with these credentials, LDAP or AD based authentication is performed at the backend.
  • If successful, User is presented with MFA as the second level of authentication.
  • If successful, an EPA scan is performed for the User’s device settings to grant access.

Results Achieved

  • Quality Assurance team was able to successfully test the application using the Secure Platform using Mobile devices.
  • Improved Security using MFA with Citrix NetScaler features.
  • Cost Optimization: Instead of additional spend on Security Software with End-User licenses, the existing NetScaler appliance and its features were repurposed such as nFactor, Pre-check and Post-check authentication policies, Session policy with NetScaler Gateway Vserver to create the VPN with MFA.
  • IT Administration Efficiency: Manage all Users’ Authentication, Authorization, Auditing and Administration within a Unified Gateway Solution.
Have a Technology Services Requirement? Let’s Connect