Professional Documents
Culture Documents
RAS Handbook v1.21
RAS Handbook v1.21
Allows full network access to resources and applications, like being connected to the Standard Bank
network. To establish a Full VPN connection after authenticating select the network access tile for a
Full VPN to be established, refer to Section 3 to obtain step-by-step information.
1.1.2 Half VPN
Half VPN is when you log on to RAS and select the third tile that allows access to virtual applications
and desktops that you have been granted access to launch. This option does not provide full network
connectivity only to the virtual apps and desktops. To establish a half VPN connection after
authenticating select Citrix Virtual Apps and Desktops.
When Virtual Apps and Desktops Access is selected you will automatically be presented with a
Storefront screen as shown below. Should your device not meet security compliance you will be
presented with the Storefront page below.
Should your device not meet security compliance, you will be presented with the Storefront page
below.
The table below provides a breakdown of the prerequisites that must be in place for Full VPN
connectivity to be established.
A device that is part of any of the Standard Bank Domains is categorised as a Trusted Windows 10 device, no further
action is required of you. Your device meets the prerequisites for a FULL VPN to be established.
Bank Issued device, Note: For MacOS or Windows 10 Non-Domain joined devices are categorised as Untrusted devices and will need have
Domain Joined the prerequisite configurations and software installed for a full VPN to be establish, refer to the section below to obtain
(Trusted) the prerequisites that need to be met for a full VPN to be established.
Follow steps 1.4 and 1.5 on how to make your device compliant.
1.3 Prerequisites for a Citrix VPN Connection
1.3.1 Windows Device
Criteria Explanation
A prerequisite to obtain VPN access is to have a valid and active domain account (e.g a123456 / c123456 account)
created on the Standard Bank domain. Should you not have a domain account, one should be requested via the
VPN Access MyAccess process.
Once you have a domain account VPN access can be obtained by following the steps documented in Section 2 of this
document.
Windows 10:
• Gateway Plug in - V21.3.1.2, required for a VPN to be established
• EPA Plug in - V21.3.1.2, required for a VPN to be established
• Workspace App – V21.02.0.25, required for Citrix Virtual Apps & Desktops
Local Administrator rights are needed to install this software. Software Center is also available to install the VPN pre-
Software Prerequisites requisites by following the steps documented in Section 4 of this document.
Windows
Software Prerequisites
Windows
Click on Programs
and Features
Software Prerequisites
Windows
Gateway Plug in -
V21.3.1.2
EPA Plug in - V21.3.1.2
Workspace App –
V21.02.0.25
1.3.2 MAC OS Device
Criteria Explanation
VPN Access A prerequisite to obtain VPN access is to have a valid and active domain account (e.g a123456 / c123456 account)
created on the Standard Bank domain. Should you not have a domain account, one should be requested via the
MyAccess process.
Once you have a domain account VPN access can be obtained by following the steps documented in Section 2 of this
document.
Software Prerequisites For MACOS based devices the following device prerequisites must be installed:
MAC OS
Mac Gateway Plug in – V4.4.8
Workspace App - V21.04.0.14
Software Prerequisites
MAC OS
Click on Search
Type “gateway”
Click on Search
Type “endpoint”
1.4 Steps to follow to enable an Untrusted Windows device to be compliant for VPN
connectivity
• Type in “winver”
• The About Windows window will
pop up showing your Windows
Version.
Note:
Your Operating System version must be
Windows 10 and above to qualify for a
VPN connection.
Note:
Your Windows Firewall must be
enabled to qualify for a VPN
connection.
Note:
If you do not use the Default Windows
Defender software and use a Third-
Party Firewall Software. Please log a
call with the Citrix Team with the
details of your specific Antivirus
Firewall Software.
4. To Enable BitLocker Drive
Encryption:
• Right Click on Start menu and then
click on the Search tab.
• Type in Control Panel and click on
the icon
Click Shutdown
After Shutdown:
Click Next
Bitlocker is Enabled
Note:
Bitlocker Drive Encryption must be in an
enabled state to qualify for a VPN
connection.
https://standardbank.sharepoint.com/sites/CitrixRemoteAccess/Shared%20Documents/For
ms/AllItems.aspx?newTargetListUrl=%2Fsites%2FCitrixRemoteAccess%2FShared%20Docum
5. Verify & Install Cybereason ents&viewpath=%2Fsites%2FCitrixRemoteAccess%2FShared%20Documents%2FForms%2FAl
EDR Agent installed
lItems%2Easpx&viewid=971be17f%2Dbe8d%2D4682%2Dbb92%2Ddc01bb662b5f&id=%2Fsi
tes%2FCitrixRemoteAccess%2FShared%20Documents%2FGeneral%2FSoftware
Click on the Cybereason folder
Note:
Cybereason EDR Agent must be
installed to qualify for a VPN
connection.
6. Verify & Install Antivirus
Software (applies to only
Bank Owned Devices)
• Right Click on Start menu and then
click on the Search tab.
• Type in Control Panel and click on
the icon
• Click on the Program and Features
icon
OR
Note:
McAfee Realtime Protection must be
installed and enabled to qualify for a Please log a call to the Shared OPS Endpoint Team by emailing: SharedOPSEndpoint@mail.standardbank.com
VPN connection.
Note:
If your Firewall Software is not listed,
please log a call with the Citrix Team
with the details of your specific
Antivirus Software.
1.5 Steps to follow to enable an Untrusted MacOS device to be compliant for VPN
connectivity
Note:
If you choose to create a recovery key,
where FileVault generates a recovery key
and displays it, it is your responsibility
to make sure you write it down or enter it
electronically and store it securely in such a
way that you’ll have access to it even when
your Mac OS device can’t be booted.
1. Connect to MyAccess
Portal
https://myaccess.stand
ardbank.co.za/identityi
q/login.jsf
2. Search for the users A
or C number.
1. Connect to
MyAccess Portal
https://myaccess.st
andardbank.co.za/i
dentityiq/login.jsf
2. Select Manage my
Access then click
on manage user
access
3. Click on the tick
box
4. Verify if the
request is for the
correct access
5. Click on Submit to
approve the access
6. Click on Submit to
approve the access
3. Citrix VPN – How to Connect
3.1 Step by Step VPN Connecting Guide for a Windows Device (Trusted & Untrusted)
The table below provides a step by step guide to assist you to the Citrix VPN link
https://ras.standardbank.co.za
1.
Initiate a Citrix VPN Connection:
Open Chrome or Microsoft Edge
Browser
Enter the following Remote Access
web address
https://ras.standardbank.co.za, hit
enter
The browser will redirect you to login
page where you will be required to
enter your login credentials as shown
below, enter your email address and
click on Next
8.
This will show you the current
session status.
3.2 Step by Step VPN Connecting Guide for a MacOS Device (Untrusted)
The table below provides a step by step guide to assist you to the Citrix VPN link
https://ras.standardbank.co.za
2 Click on Applications
.
3. Requirement:
Gateway Plug in - V21.3.1.2 &
EPA Plug in - V21.3.1.2
4. Click on Install
5.
6. Requirement:
Workspace App – V21.02.0.25
7. Click on Install
8.
9. Software Installation is Complete
5.2 Some users will experience a cycle on the RAS login screen
IE11
• Click on the Settings “Gear” Icon, found on
the top right of the browser
• Click on “Internet Options”
• Under “Browsing History” section, click on
“Delete”
• On new pop-up window, ensure
“passwords” is also selected and click on
“Delete”
Google Chrome
• Click on the 3 buttons found on the top right
hand corner of your browser
• Select “Settings”
• On the “Settings” page, scroll down until you
see the “Privacy and security” section
5.6 Untrusted MacOS device with FileVault enabled, fails posturing check