Citrix Recommends

- Restrict AppCenter by removing execute permission on the program for non-administrative users

- Apply trusted server configuration Citrix policy on user devices - ICAClient.adm

- Enable trust XML requests setting in computer policy XML Service > Trust XML requests only on XenApp servers that are contacted by Web Interface, listed in Server Farms in the Web Interface Management Console.

SQL Server - only use db_owner for installation / service pack / feature release, otherwise use

db_writer & db_reader roles for the service account

Technical Overview of XenVault Plug-In 1.0

http://support.citrix.com/article/CTX129613

How to Build a XenVault Delivery in Merchandising Server

http://support.citrix.com/article/CTX127644

SSL Certificate request for Netscaler / Access Gateway Enterprise Edition

command: create ssl certreq <reqFile> -keyFile <keyFileName> [ -keyForm (DER | PEM) ]

OR - How to Transfer Certificates from IIS to the NetScaler

http://support.citrix.com/article/CTX109031