At our company we have XenApps accessible through Citrix Access Gateway. I am looking through the settings and i can see under the Web Interface settings that the authentication point is set to be "at gateway", which means that authentication is worked out at Citrix Access Gateway, before it reaches Citrix Web Interface.
We are thinking about implementing two-factor authentication using SMSPASSCODE, and that is undoubtedly easiest to setup when authentication on Citrix Web Interface is NOT at the CAG.
So my question will be: If i change authentication from Access Gateway to the Citrix Web Interface will i compromise the security?