The IT Melting Pot!

Ok, the week has past and Citrix Summit & Synergy is over. And with this little post I’d like to give you all my view on what the key takeaways are and also how they are related to the enhancement list that I’ve been consolidating.

As always: this is my personal view and I hope you like it, if not browse off to somewhere else! And due to that I missed my wife and kids I took the weekend off completely so this is Update 1, and I’ll summarise my whole Synergy experience in Update 2 later this week! 🙂

I changed the post layout from being a table as we say it in the previous blog into a more “readable” format below. Each heading represents the enhancement request topic and/or the takeaway item, and then the subheading of Description and Status is showing you my personal view on the topic and its status.

Enjoy!

Licensing

Description:

One of the main issues with licensing is that all products don’t supports the license server (NetScaler etc.)

Status:

Not fulfilled.

All products do still not use the license server! This needs to be changed and I’d really like to get some real reporting capabilities in place that can present how licenses are used over time, by whom and by which component (product) in the service stack. 

Monitoring & Reporting

Description:

1. Ensure that you can get historical concurrent user reports that spans across ALL products (NetScaler/AG, XenApp, XenDesktop etc.).

1. Ensure that Citrix provides an end-2-end monitoring and reporting service for the whole Citrix stack. This to ensure that delivery organizations can deliver reports like “Service Availability in %” over time that includes all service components (NetScaler AGEE VIP, StoreFront/WI, PVS/MSC, XenServer, XenApp/VDA, Profile Server, etc. If Citrix isn’t going to do this; then please point on a product that does the job.

Status:

Not fulfilled.

There where some interesting ideas that Citrix are working on and talked about at Synergy. But still the focus is on a service component (product) level and they have no real good service E2E-monitoring and reporting plans.

CloudGateway are going towards a good model but still that doesn’t include the “XenDesktop” products like XenServer, PVS/MCS, XenApp/XenDesktop brokers/controllers and the application and desktops. Then you have the NetScaler Insight feature/capability or even product that is coming. But it’s still uncertain on how this will be able to deliver a good E2E overview or not, I don’t think so. It will most likely be a NS/AGEE and BR “Insight” using AppFlow for dumping out data that then has to be aggregated, analyzed, crunched and presented by 3^rd party products like Splunk.

So where are we with this monitoring?? Well, I think that most shops need to understand that Citrix will create the capabilities to ensure that their products can expose the data necessary, but something else need to aggregate it and create the E2E reporting. Products like EGInnovations could have a play here with the rest of the products out there from vendors like HP, BMC, Microsoft etc.

But it would be nice if Citrix could point to one or two partners and their products and say that; “This/these are the products that we Citrix Consulting Services use and implement as a best practice!”. Wouldn’t it? It’s today to technology and product focused and Citrix needs to realize that IT today is delivered as a service. And that service is not based on an implementation of one product/service component.

Quality

Description:

Improve your testing!! There have been to many issues with updates to products in the “Citrix stack” that has caused issues in others, like update to XenServer that caused PVS issues, or updates to a specific NetScaler feature that caused others to fail.

Status:

Not fulfilled.

Well, this one is hard to say that they have “solved” though it’s something that needs to be addressed and worked on over time.

But I think that there is an initiative and of course a goal to increase the quality from Citrix but at the same time it’s hard to be so innovative and do M&A and get everyone aligned and in synch. This is an area where focus still is needed!

I met with the Product Design team and that is an interesting team within Citrix that has the overall “User Experience” focus and usability focus from an end-user and business perspective rather than just looking at specific product needs from a technical point of view. And this team has some work to do and if you can I’d highly recommend talking to Citrix about how you could get your inputs into this team! Because I think its very important that Citrix focuses on getting real business values and issues prioritized and understand how their products really are used and perceived out there by the real customers and end-users.

Cross-product life/patch cycle management

Description:

Create a central update service for all products that can inform the admin about updates not applied or if components aren’t in synch in terms of SW versions etc. This is specifically important on certain products where Citrix don’t even provide updates through installer packages (PVS for instance where admins are required to registry updates, copying of DLL-files etc.).

Status:

Not fulfilled.

Citrix “is working” on this, but no clear message on when they will have something or if they even will do it.

Cross-product User Experience

Description:

Ensure that the end-user look & feel are the same across the products used in the stack (NetScaler AGEE login page, Web Interface/StoreFront, Receiver etc.). This should not require admins to do and should be a design principle. 

Status:

Not fulfilled.

Citrix is of course working on this and as a part of the Excalibur release the focus is to work on a seamless end-user experience from all Receiver types.

But no special commitments or plans could be presented when all the products are aligned from a look & feel perspective. Neither when they will provide more GUI-based customization possibilities for all components so that you don’t have to update HTML, JavaScript, CSS and other type of content to get your experience good across all products.

Cross-product Administration

Description:

Come on, simplify the administration of the products in the stack = reduce the number of consoles! 

Status:

Not fulfilled.

This is a topic that Citrix has been talking about for years. But I also understand that they want to reduce all the product consoles and make it easier for admins. But this is also becoming more complex now when the Citrix offerings are more complex and includes so many products that can be implemented as a part of services and some are even going to be used as a standalone product.

So consolidating all of them is most likely not good or practical but at least make an effort for the products that most likely are implemented together. And Director and Studio are getting more capabilities and they are moving in the right direction (at least with the Excalibur release you manage both XA and XD from Studio and Director). But from an overall perspective I see that for instance AppController is not aligned with StoreFront, StoreFront is not aligned with XenDesktop and XenApp and will probably not be there until the FMA architecture is fully in place. And then you have PVS and all of a sudden with NetScaler 10 they released the really crappy GUI for that product. I see that they have a lot of work to do here, and I think they need to survey how most companies service delivery models look like in order to get the most optimal “console design” in place and which products to integration into which console.

AppDNA

Description:

1. No support for Windows 8 or Windows Server 2012
2. No support for IE 10
3. No support for Chrome browser

Status:

1. Fulfilled – Windows 8 and Windows Server 2012 support is coming very shortly in the service pack 1 release! 🙂
2. Fulfilled – IE 10 will be supported as well in the SP1 release!
3. Not fulfilled – No info around this unfortunately

But a part from the list of enhancement I’m glad to report the following info provided about AppDNA;

• There is no longer a limit on the number of apps (was 5 before) in the evaluation license! So now you can download and import all your apps that you have and get a high level compliance overview and check out the capabilities of the tool! For detailed reporting you then need to use other licences.
• There is still no Partner Use License or NFR license, this would be good so that partners could setup a demo environment to show off the capabilities!
• One figure that questions where raised around was how much space an “OS Image” takes on an average in terms of storage when imported, answer was 500MB.
• If an application changes more than 10-15% and is imported as another MSI then one additional application license will be consumed.
• And as a side-note all the material says that the Evaluation license cannot be used to install on virtual Windows Server for AppDNA, this is interesting and I tried digging into it deeper to understand why though this is the first thing you do in a PoC, you don’t go and buy a physical host for a short PoC! And I also showed that I myself had it installed in a virtual instance and asked what may not be working but no one could give an answer so I guess it’s up to us to try it out…

AppController – CloudGateway Enterprise

Description:

1. Enterprise/multi-site support with synch of the database. This to ensure that you can have an HA pair setup for instance in Europe and one in the North Americas and have the end-user be logged in against both and have their subscriptions etc. follow them (as well as of course reporting, monitoring etc. etc.)
2. Support for really large AD domains with LARGE # of AD users and AD groups
3. Support for AD domain structure where the BASE DN is different to where AD users and the AD security groups you want to use for roles
4. Role based administration – this has just got to be there. Without it I wouldn’t call it an enterprise product…

Status:

The CloudGateway update from Synergy was great! But let us first review the topics above the status:

1. Not fulfilled – This is not in place yet; Citrix is working on a database replication for the AppController so that you can have multiple sites and ensure that the data is replicated between them. This is good and I think that this is something that is needed prior to being able to sell and implement this at the very large enterprises (unless you think that one site is good as an interim solution until the product is ready). So with this in place I think the capabilities are there to support the Mobility needs!
2. Not fulfilled – Large AD’s is a concern and is also being addressed in the coming release(s). So up until then you need to limit the users and groups to use into a base DN of your choice if you fall into this dilemma and need the product now.
3. Not fulfilled – This is something that I think is important for the larger customers where you cannot synch from the root base DN as described in list item #2.
4. Not fulfilled – Ok, to be frank I don’t understand how this isn’t there yet! It’s marketed as an enterprise product and how does most enterprise business run their IT shops? They provide these capabilities as a service, and this service is then delivered by the service delivery organization consisting of multiple teams/levels. And they all need different access into the service and products to do their jobs. I imagine for on thing that the AppController, StoreFront and NetScaler “platform” of the service could be delivered from one or multiple teams. This is just the delivery platform! But then on top of this you have the developers that are developing the mobile apps, the teams that are in charge of sourcing the SaaS apps, and the App and Desktops teams that are managing XenApp/XenDesktop. And all of these items needs to be controlled and governed in the service delivery model and role based access is just an enabler of this. There could even be use cases where companies would like their own developers to publish their mobile apps, so then they need to be able to wrap the mobile app files and publish them in the enterprise app store (AppController) to roles etc.

Ok, so now we’ve covered the topics from the enhancement list! These where the interesting releases about CloudGateway Enterprise!!

• WorkMail
• WorkWeb

And I must personally say that the WorkMail app was great! It could perfectly be used by for instance contractors etc. where you want to control the data of the email-client on unmanaged devices. And it has a great calendar function that showed the participant availability that the standard iOS app doesn’t, it supported opening of attachment from the WorkMail app to other managed apps to ensure that uncontrolled apps cannot get to corporate information.

And the WorkWeb app is also a great new capability. If this one work as well and seamless as it was said then it will be very simple to provide those internal web apps to all users in a controlled and simple way without having to setup complex proxy solutions etc. Use the Receiver for authentication and proxying over the MicroVPN (MDX) tunnel instead!

Here are some pictures for WorkMail ( see the great attachment functionality and integration with ShareFile!):

And here you have some pics for WorkWeb:

For more information about MDX, WorkMail, WorkWeb and all other CloudGateway Enterprise capabilities I recommend that you have a look at these articles/blog posts:

CloudGateway Enterprise PoC Best Practice Guide

Citrix MDX

Citrix delivers email to your mobile device… securely!

Browsing the web at work…and making IT happy at the same time!

And of course you should stay tuned for the upcoming release to see if they solve the multi-site issues etc.! A tech preview should be out soon…

CloudGateway Express (StoreFront)

Description:

1. Support for multiple setups that can synch the DB. This to ensure that you can have an HA pair setup for instance in Europe and one in the North Americas and have the end-user be logged in against both and have their subscriptions etc. follow them (as well as of course reporting, monitoring etc. etc.)
2. Simplify configuration and branding of the StoreFront for Web sites like most other providers have and they had in Web Interface
3. Add all features that where available in Web Interface
4. Design the product to allow the user to select whether he/she can group apps and desktops into folders or tabs in StoreFront for Web

Status:

1. Not fulfilled – Same status here with StoreFront as with the AppController. There are plans but yet no solution is in place for the multi-site customers. Both database “replication” or push between StoreFront servers are being worked on, and the Receiver will also hold the end-users items so that if he/she roams to another StoreFront that has the same store then the Receiver will be used to ensure that items follows the user. Still this is not available and it will be interesting to see how this will work going forward, especially if the Receiver is the way Citrix bets on first. If that’s the case I can see issues with most of my customers at least where you will travel and end up at different stores and may not use the same Receiver all the time due to that most of these users has at least three devices they use (phone, tablet, work-PC/Mac, home computer etc.).
2. Not fulfilled – This is still a big question, the whole Excalibur (XA/XD update) release and also the other projects right now seems to be user experience driven to ensure that all products etc. are aligned from a look & feel point of view. So still you have to do your coding and update the CSS files etc. An the green bubbles are there to stay on all entry points for the end-users, logos et will most likely be the first thing that you can brand on the Receivers and Receiver for Web going forward.
3. Not fulfilled – Ok, here they have quite a bit to do… see the excellent feature table from Thomas about this topic (and also read the CloudGateway Enterprise PoC Best Practise Guide) for more details. And the following text pretty much says a lot;Known StoreFront Limitations Relative to Web Interface
   The limitations listed below are related to StoreFront and are relative to the other alternative, which is to leverage (Web Interface or PNA Site) for windows applications and desktops.– Multi-Site support: StoreFront doesn’t support redundancy across multiple sites and disaster recovery yet.- Advanced Authentication Methods: StoreFront currently supports AD & OTP authentication methods only. Advanced methods such as SmartCard, Proximity Cards, ADFS, SAML are not yet supported.- Advanced Features:
   — Desktop appliance site
   — Elective AD password changeIn the next major release of StoreFront, we intend to bridge some of the critical feature gaps relative to StoreFront.
4. Not fulfilled – This is also something that was interesting, there have been a couple of customer and colleagues that I’ve been talking to that would like to see that the StoreFront and Receiver allows the user to arrange the icons how he/she feels like. But apparently this is not something that the Citrix guy I talked to at the booth thought was really important…. I’ll follow up and please email if you want this!

ShareFile

Description:

Ok, so the following ShareFile items where on the enhancement list from previous blog post:

1. Native Linux client (Ubuntu as primary distribution)
2. Ensure that encryption on local devices are available for all device types and OS’s (iOS, Android, Windows Phone, Win XP/7/8, Linux, OS X)
3. Design the product so that you could leverage public storage providers for your storage but encrypt it using your own PKI service and proxy traffic to it through the Storage Center server(s) without having to invest in in-house storage solutions and reduce CAPEX.
4. Design the solution so that you can configure the plugin/Receiver functionality when it comes to StoreFront on groups/roles instead of just for the whole account.

Status:

Ok, so where are we with ShareFile? A lot was released and changed for the product and very interesting components where added. But lets start checking the enhancement list above before we go into the new capabilities!

1. Not fulfilled – Still there is no native Linux client! So you guys that use Ubuntu or any other Linux distribution need to use the Web login which isn’t that nice and at the same time then doesn’t provide any encryption of the downloaded items unless you can do that through the NetScaler.
2. Not fulfilled – Encryption is not built into for all OS’s. And it seems that iOS and Android are the first OS’s to have the encryption feature. But it also looks like you have to be careful when planning your ShareFile implementation if encryption is important to you though whether you invest in CloudGateway or not may have an impact on the readiness. So talk to Citrix about when it comes for you depending on how you will distribute the plugin, either as the standalone app to the iOS or Android devices or through the AppController and Receiver (then it looks like you’ll get encryption support earlier). And the Windows and OS X encryption is going to be later than the “mobile” OS’s.
3. Not fulfilled – You’ll still have to either rely on Citrix and their usage of Amazons cloud storage service OR you can also integrate with your own on-premise storage solution. Which is good but I’d really like to see in this release planned now that you could leverage the Storage Center or Storage Controller to integrate with your own public cloud provider. So no direct support for any vendors released yet but you could of course proxy that somehow and publish a CIFS share internally to the Storage Center server.
4. Not fulfilled – This is something that Citrix is really looking at, however it’s not fully built-in yet in the current release but in the future the features and behaviour of the plugins will be controllable by setting configurations per group that you add the users to. This is something that many would like to see and also one important aspect is to be able to block access to the web login so that people can be blocked from downloading files from a kiosk PC at an airport for example.

But if we then move away from the enhancement list items from previous post I’m glad to see the ShareFile announcements around Global Availability for StorageZones and also the new StorageZone Connector.

And especially the following pictures are great from the posts below that describes the ShareFile architecture for both the ShareFile Enterprise GA product/service and the coming StorageZone connector:

For more information have a look at these two blog posts:

Announcing General Availability of ShareFile with StorageZones

[Announcing] StorageZone Connector for Network Shares – Tech Preview

That’s it for Update 1! Stay tuned for the Update 2 post later this week!

Cheers and have a great week!

//Richard