Skip to main content

Citrix Secure Private Access FAQs

Citrix Secure Private Access provides the Zero Trust Network Access (ZTNA) to private web apps within your data centre and private cloud. With adaptive authentication, adaptive access, and single sign-on to IT sanctioned applications, organisations can meet modern security standards without compromising employee productivity. A super hot product, we're seeing lots of use cases and have the answers to your questions.

Welcome to our Citrix Secure Private Access FAQ’s. If you don’t see what you’re looking for, get in touch and we can give you a straight answer to your question.

What is Citrix Secure Private Access (SPA)?

Citrix Secure Private Access (Citrix SPA) is a cloud based Zero Trust Network Access (ZTNA) service that uses adaptive authentication and authorisation to deliver adaptive access to Web, SaaS, DaaS, TCP and UDP based apps. 

Check out our blog for more: What is Citrix SPA?

Is Citrix Secure Private Access (SPA) a replacement for Citrix Secure Workspace Access?

Yes. Citrix Secure Private Access (Citrix SPA) will replace Citrix Secure Workspace Access. Citrix Secure Workspace Access was primarily focused on delivering secure access to browser-based applications. Citrix Secure Private Access (Citrix SPA) adds to that functionality with the TCP and UDP based apps.


Can Citrix Secure Private Access (SPA) replace traditional SSL VPN's?

Yes. Citrix Secure Private Access (Citrix SPA) provides a Citrix Secure Private Access Agent which can be installed on the local user device (currently MacOS and Windows) and through this agent users can access their Client Server applications.

How is Citrix Secure Private Access (SPA) Licensed?

Citrix Secure Private Access (Citrix SPA) is a subscription licence monthly per user. There are 2 options, Standard and Advanced.

  • Standard includes SSO to web and SaaS based apps with multifactor authentication.
  • Advanced adds ZTNA to TCP and UDP based apps, adaptive access based on user location, device posture and risk scores and more.

What is Zero Trust Network Access (ZTNA)?

Citrix defines Zero Trust Network Access (ZTNA) as a security model that trusts no one and continuously monitors and verifies user access to the network.

What is Adaptive Authentication Service?

Citrix Adaptive Authentication Service is a Citrix Cloud based service that provides advanced authentication to customers. Features such as multifactor authentication, device posture and conditional authentication can be combined to control what application access the user has and the type/level of access the user has to the application.

What are the main features of Citrix Secure Private Access (Citrix SPA)?

  • Adaptive Security.
  • Adaptive Application Access (Web, SaaS and Client/Server).
  • Enhanced Security Policies.
  • Enterprise Browsers.
  • Zero Trust Network Access (ZTNA).

What is Adaptive Security in Citrix Secure Private Access (Citrix SPA)?

Adaptive Security provides the ability to continuously monitor a user and assess their security profile and then influence the authentication process and access to resources.

What Adaptive Application Access is available in Citrix Secure Private Access (Citrix SPA)?

Users can be provided with no access, full access or limited access to their applications based on several factors such as user/group membership, device type, network and global location and device posture (End Point Scans).

What are Enhanced Security Policies in Citrix Secure Private Access (Citrix SPA)?

Enhanced Security Policies are policies that enforce application access based on rules set within those policies. Example: <Geo Location does not equal “x” & Network location equals “y” & user risk score is less than “z”>. Once these conditions have been met admins can define within the policy the applications the user has access to and restrictions to those applications such as “watermark, clipboard access, printing etc.”.

What is Secure Browser within Citrix Secure Private Access (Citrix SPA)?

Citrix Secure Private Access (Citrix SPA) has a function of “Remote Browser Isolation, when a user launches a SaaS or Private Web app this application will launch within a secure isolated browser instance that has centrally managed security restrictions.