Archive
Heads Up – issues with Access Gateway Plug-in for Mac OS X Version 2.1.4 – #Citrix, #NetScaler
Well, I guess that you’ve already read all the good things about the new capabilities of the newer Access Gateway plug-in, Receiver and Access Gateway Enterprise that together with StoreFront will add additional features and functions that haven’t existed before. It’s now built to work together with the Receiver on the Windows and Mac OS X platforms and promises a lot by various blog posts from Citrix and others (incl. myself).
Here is an example of what it can (should) do: What’s new with Access Gateway MAC Plug-in release 2.1.4
But is the Access Gateway Plug-in that great? Well, before you plan to implement version 2.1.4 on OS X and especially if you want to leverage the SSL VPN functionality and host checks (EPA) then read the Important notes and Known issues for this release:
Important Notes About This Release:
- The Access Gateway Plug-in for Mac OS X Version 2.1.4 supports Citrix Receiver Version 11.7
- Import the secure certificate for Access Gateway into the Keychain on the Mac OS X computer.
- The Access Gateway Plug-in for Mac OS X Version 2.1.2 and earlier versions are not supported on Mac OS X Version 10.8.
- Endpoint analysis scans for antivirus, personal firewalls, antispam, Internet security, and EPAFactory scans are not supported for Mac OS X.
- Client certificate authentication is not supported for Mac OS X.
First of all I’d say that these notes are not that great if you ask me! Why do I have to add the cert into the Mac Keychain? Why doesn’t the plug-in support the more “advanced” host checks like personal firewalls, certificates etc.?
Wait, it get even worse!! And before you go to the whole list I’d highlight these top ones that I’m kind of surprised about:
- It doesn’t support LAN access
- Upgrading doesn’t work
- Doesn’t apply proxy settings configured in session profile
- It doesn’t support SAN certificates
- Users cannot start the Access Gateway plug-in if the Receiver is already started, you first have to shut down the Receiver
Here you see the full Known Issues list for this release:
- When users disable wireless on a Mac OS X computer and connect by using a 3G card, the Access Gateway Plug-in does not upgrade automatically through Citrix Receiver. If users select Check for Updates to upgrade the plug-in, the upgrade fails and users receive the error message “Updates are currently not available.” [#45881]
- If you run stress traffic for HTTP, HTTPS, and DNS simultaneously, the Access Gateway Plug-in fails. [#46348]
- When users disable wireless on a Mac OS X computer and connect by using a Vodafone Mobile Broadband Model K3570-Z HSDPA USB 3G stick, the Access Gateway plug-in does not tunnel traffic. [#256441]
- If you configure an endpoint analysis policy and also enable the client choices page and proxy servers in a session profile, occasionally a blank choices page appears after users log on. When you disable the choices page in the session profile, the choices page appears correctly. [#316331]
- If users connect to Access Gateway with the Access Gateway Plug-in for Mac OS X and then run ping with a payload of 1450 bytes, the plug-in fails to receive the ICMP reply. [#321486] Read more…
Tech Preview of #Citrix #XenApp support for the #Lync 2013 VDI Plug-in
Good info from Derek Thorslund.
As you may have already noticed, earlier this week we opened up our Tech Preview program for optimized support of the Microsoft Lync™ 2013 client to all current Citrix XenApp customers under active Subscription Advantage. This phase of the Tech Preview program gives our customers the opportunity to evaluate the Citrix Receiver Display Adapter that integrates with Microsoft’s Lync™ 2013 VDI Plug-in for Windows. The Display Adapter plug-in has been posted on the Citrix Downloads page under “Citrix Receiver” in the “Betas and Tech Previews” section (visible to Citrix customers and partners after login). Please use the Support Forum to provide feedback or request assistance from the community.
Read more here!
//Richard
Windows #Intune – Toyota rolls out to more than 3000 clients
Automotive Retailer Avoids $1.3 Million in IT Costs with Cloud-Based PC Management Tool
Toyota Motor Europe (TME) had no tools to manage 3,500 car-diagnostic PCs running outside the corporate domain at 3,000 dealerships. TME chose Windows Intune to manage the PCs remotely from a web-based console. It can standardize software deployments to ensure consistent customer service and enhance the security of managed computers to reduce downtime at dealerships. Remote assistance capabilities will also help reduce on-site support costs.
Business Needs
Toyota Motor Europe (TME) manages a network of 30 national marketing and sales companies (NMSC) across Europe. These organizations oversee more than 3,000 dealerships.
In early 2012, TME replaced its stand-alone car-diagnostic tool called IT2 with 3,500 new PCs running more up-to-date software, including Tech Stream and Picoscope. The PCs also store technical documentation. Mechanics attach the PCs to a Vehicle Information Module that connects to a vehicle’s engine to provide critical maintenance information, such as how to reprogram and update a vehicle’s computer chip. The PCs were installed by an external company. The computers are not joined to the domain and operate outside the corporate firewall.
TME did not have a management solution for these 3,500 computers. “We wanted everyone to use the new tools, but we had no visibility into how the dealerships were working with the PCs,” says Niels Svaerke, Manager, Business Process Office, After Sales at Toyota Motor Europe.
NMSC staff downloaded diagnostic software to the PCs from a Toyota intranet site. However, there was no way for headquarters to verify that all dealerships received and installed the software updates concurrently. “It was difficult to ensure that everyone was providing the same level of service by using the same corporate systems and auto diagnostics,” says Dirk Christiaens, Manager of Enterprise Architecture at Toyota Motor Europe. “Also, the head office had no way of knowing if the dealerships deployed an antivirus solution for their PCs, a worrying scenario as they were connected directly to the Internet.”
NMSC employees performed on-site support for mechanics, which often entails travel time. Sometimes, NMSC staff called an external company to reinstall all the software on the PC. Either scenario incurred wasteful downtime at the dealerships.
Solution
To solve these issues, Toyota Motor Europe decided to evaluate Windows Intune, the cloud-based PC management service from Microsoft. Staff at the NMSC can use the web-based Administration console in Windows Intune to run PC management tasks remotely, including software distribution. All that is required is a standard Internet connection, a browser running Microsoft Silverlight, and the Windows Intune client software installed on the PCs at the dealerships. The client returns information on the PC, including software and hardware inventory, and endpoint protection and update status to the Administration console.“We wanted to move into cloud computing, so Windows Intune met our needs perfectly,” says Christiaens. “Windows Intune had a more flexible, pay-as-you-go model, with no additional bandwidth or server costs.”
Read the whole case study here!
//Richard
Windows Azure Active Directory (AD) has reached General Availability!
This is cool! And I think that it’s a great step in the right direction for many companies! 🙂
Windows Azure Active Directory
Windows Azure Active Directory (Windows Azure AD) is a modern, REST-based service that provides identity management and access control capabilities for your cloud applications. Now you have one identity service across Windows Azure, Microsoft Office 365, Dynamics CRM Online, Windows Intune and other 3rd party cloud services. Windows Azure Active Directory provides a cloud-based identity provider that easily integrates with your on-premises AD deployments and full support of third party identity providers.
Use Windows Azure AD to:
Integrate with your on-premises active directory
Quickly extend your existing on-premises Active Directory to apply policy and control and authenticate users with their existing corporate credentials to Windows Azure and other cloud services.
Offer access control for you applications
Easily manage access to your applications based on centralized policy and rules. Ensure consistent and appropriate access to your organizations applications is maintained to meet critical internal security and compliance needs. Windows Azure AD Access Control provides developers centralized authentication and authorization for applications in Windows Azure using either consumer identity providers or your on-premises Windows Server Active Directory
Build social connections across the enterprise
Windows Azure AD Graph is an innovative social enterprise graph providing an easy RESTful interface for accessing objects such as Users, Groups, and Roles with an explorer view for easily discovering information and relationships.
Provide single sign-on across your cloud applications
Provide your users with a seamless, single sign-on experience across Microsoft Online Services, third party cloud services and applications built on Windows Azure with popular web identity providers like Microsoft Account, Google, Yahoo!, and Facebook.
Read more about the service here!
Pricing
Access Control
Access Control is available at no charge. Historically, we have charged for Access Control based on the number of transactions. We are now making it a free benefit of using Windows Azure.
Directory
The base directory, Tenant, User & Group Management, Single Sign On, Graph API, Cloud application provisioning, Directory Synchronization and Directory Federation, is available at no charge. Certain additional capabilities such as Azure AD Rights Management will be available as a separately priced option.
Read more about pricing here!
//Richard
Ten websites that teach coding and a bunch of other things – via @caleweissman
This is a great summary blog post with many good references to where you can start learning to code!
Seemingly every day there’s a new article or blog post imploring you to learn how to code. “Those who code have the power to transform their dreams into reality.” “Coding will help you keep [your job], or help you make a case for a raise.” “You should learn to program because it’s easy, it’s fun, it will increase your skill set, and… it will fundamentally change your perspective on the world.” What’s more, “If you want to start a technology company, you should learn to code.” New York City Mayor Michael Bloomberg’s New Year’s resolution was to learn how to code. Douglas Rushkoff, who calls coding “the new literacy of the digital age,” wrote an entire book about it. And didn’t Marc Andreessen say that “software is eating the world?” As a result, companies from Codecademy to edx and many others have popped up to meet this rising demand.
As a person who’s grown up in the digital age, I have often heard the cry, “digital literacy or die.” Conventional wisdom – at least today – is that in the way you know how to read and write English, “you need to have some understanding of the code that builds the Web… It is fundamental to the way the world is organized and the way people think about things these days.” If you buy that then you’ll want to start now.
But where should you go? I’ve been dabbling in the black arts, although I am by no means a ninja coder, and am ready to report back. The courses below offer everything from HTML to Python and beyond. HTML and CSS are good, because they’re the basic building blocks of Web design, and in my opinion, Python is useful, because it’s the most universal in many respects. Others say Java is better to learn, because its so prominent on the Web. I would rebut that you can learn Java from Python. Potayto. Potahto.
In any case, each program below emphasizes different pedagogical techniques and philosophies, and they are all mass market in the sense that anyone is welcome. No previous experience is necessary.
MIT Courseware Online
MIT has long been a pioneer of online courseware. One course is their Intro to Computer Science & Programming class, thought by many to be the best, most encompassing intro computing course offered. Taught by tenured MIT faculty, the online course is structured via taped lectures, written assignments, and self-assessment quizzes.
The course itself is quite rigorous as it was an intro course for MIT students. This isn’t a sort of online class you can do some parts and not the other. It requires a certain amount of pre-existing math knowhow to be truly successful. The course description says it only requires high school algebra as a prerequisite but I don’t buy this. I remember being pretty stumped by the second assignment, and I passed AP Calc with flying colors. This doesn’t mean the math is terribly high-level, but that it probably requires a certain amount of mathematical aptitude beyond algebra unless you want to spend the entire course scouring forums for help. As with any MIT course, there is an expectation that you not only know how to do a function, but why that function is performed and from where it stemmed. After attempting to follow this courseware for two sessions, I was officially stumped and dropped it.
edX
MIT and Harvard partnered up to create edX. It is a conglomeration of all of their available open courseware, along with a new department for the two institutions to perform research about the future of online courses and new pedagogical technologies. For MIT courseware, you can watch the lectures anytime, read the assignments, and self-assess. EdX has you follow the course in real time and complete the assignments and exams to receive a physical certificate from the program. It currently offers numerous classes in more subjects than just coding and far beyond the purview of Computers Science….
Continue reading here!
//Richard
#HP Improves Enterprise #Mobility with Cloud-based Management Solution
Interesting…
PALO ALTO, Calif. — HP Enterprise Services today announced a cloud-based management solution that delivers secure anytime, anywhere access to applications and data from any mobile device.
HP Enterprise Cloud Services – Mobility meets the demands of balancing the responsibilities and requirements of IT with the challenges and expectations of users. This new cloud solution is part of the HP Converged Cloud portfolio, which provides enterprises with the essential foundation of technologies and services to confidently build, operate and consume IT services.
The new solution provides fast and flexible deployment of tools and services for secure application access, file storage and sharing via multiple mobile platforms and all types of devices, including tablets and mobile phones. IT organizations are provided the tools to set appropriate security policies and the access controls to protect valuable corporate assets, applications and data.
The solution also allows users to download approved enterprise applications from a secure storefront, upload files to support collaboration and synchronize files between the HP cloud infrastructure and any mobile device. Mobile data is encrypted in transit and at rest, covering the device as well as the cloud infrastructure.
HP Enterprise Cloud Services – Mobility also provides the ability to configure cloud file storage that can scale up and down, and offers local storage options that address data sovereignty and compliance requirements.
“Mobility in the workplace continues to be a key focus and concern for IT executives,” said Pete Karolczak, senior vice president, HP Enterprise Services. “HP Enterprise Cloud Services – Mobility leverages HP’s strong cloud portfolio by providing clients with a mobility service that provides the highest level of user experience and productivity while minimizing risk for IT.”
HP Enterprise Cloud Services – Mobility integrates leading industry technologies, including solutions from Citrix and SAP, which are fully managed and maintained by HP to simplify deployment and ongoing operations.
Pricing and availability
HP Enterprise Cloud Services – Mobility is available globally with a set of service features and options priced and packaged to deliver…
Continue reading here!
//Richard
Do you develop your own mobile apps? – #Mobility
Ok, this is a pretty hot topic! Mobility is here to stay for a while, everyone speaks about Enterprise Mobility Management (EMM), MDM, MAM, MIM etc….
But how are business tackling this need to support business processes and functions for todays mobile workforce? And how do you out there build your mobile apps that are to support your users and business?
Do you outsource your app development, or do you do it in-house? Do you use any of the “cloud services” to build your apps like the following examples?
Here are some really interesting blog posts/articles on the subject!
THE BEST WAY TO DEVELOP MOBILE APPS? DON’T DEVELOP MOBILE APPS! – via Jeffrey Hammond
Mobile app dev: Outsource or in-house?
This is an interesting mobile world we live in, but how shall all business adopt to it the best way? 😉
Please share your view if you want!
//Richard
Google puts pressure on Microsoft, launches #Quickoffice for iPhone and Android
This is interesting and Microsoft needs some competition for sure! Will have to test it and see how it works and how much of a real alternative to MS Office it is!
Computerworld – Google launched its Microsoft Office substitute, Quickoffice, for Apple’s iPhone, Android smartphones and Android tablets, fulfilling a promise made in December.
The release on Tuesday follows the launch of Quickoffice for Apple’s iPad late last year, when a Google executive said that iPhone and Android versions “are on the way.” The move was also preceded by a February announcement that Google was baking the Quickoffice technology into both its Chrome browser and Chrome OS.
The search giant acquired Quickoffice in mid-2012 and rolled the firm’s development team into its Google Apps group. On the iPhone, iPad and Android smartphones and tablets, Quickoffice lets customers view, create and edit Word, Excel and PowerPoint documents.
The new iOS and Android apps are available free to paying customers of Google Apps for Business, a cloud-based suite that costs $50 per user for a one-year subscription.
Customers that don’t subscribe to Google Apps can buy stand-alone apps — Quickoffice Pro for iPhones and Android smartphones, Quickoffice Pro HD for iPads and Android tablets — for $15 and $20, respectively.
Google also boasted that the new apps, as well as the December iPad app, which was updated Tuesday, are now more tightly tied to Google Drive, the search company’s online storage service…
Continue reading here!
//Richard
#Citrix #XenMobile #MDM Integration With #Cisco ISE for #BYOD
Interesting and a good blog post by Sameer Mehta.
World of BYOD
Bring your own device (BYOD) initiatives are enabling employees to bring their own personal devices to work and allowing them corporate access to services such as Email. We did a recent audit using our ability to integrate with security incident and event management (SIEM) systems for a customer. The audit provided visibility into their ActiveSync traffic and found devices that belonged to executives that were not under IT management. Here’s a snapshot of their BYO devices.
There are several reasons to enable such access – for example, to boost employee productivity or convenience of accessing email from any device. Having said that, as Uncle Ben puts it, “with great power comes great responsibility”, and this responsibility is on the IT administrator from a security point of view. It’s IT’s responsibility to make sure that corporate data is not compromised or leaked in the following scenarios:
- What happens when this personal device is lost or stolen?
- What happens if this device is jailbroken or rooted?
- What happens if this device ends up outside an approved geofence. For example, outside of the US?
- What happens if the user inadvertently installs an application that has the ability and access to the entire device memory, thereby having unauthorized access to corporate data?
End User’s perspective on Enterprise Mobility
End users want access to corporate services such as email, intranet, ability to share and collaborate over documents, and also use 3rd party applications such as Evernote, Quick Office or GoodReader. With mobile solutions such as XenMobile MDM, CloudGateway, ShareFile and GoToAssist, Citrix provides ubiquity i.e. ‘access any app. from any device’, and a unified view for applications with an enterprise app store, documents via ShareFile. Having said that, since the user is accessing multiple applications; end user experience is a key component of mobility solutions. For example, bootstrap authentication and provide single sign on (SSO) to other applications.
Enterprise IT perspective on BYOD
As IT is providing access to corporate services, the main concern is around data loss prevention (DLP) and protecting corporate content on the mobile device. This means, encrypting data at rest for application data, and documents that are hosted either on Sharepoint, Network File share or Cloud storage. From a DLP perspective, for security conscious organizations, the mobile solutions bundle, which includes XenMobile MDM and CloudGateway…
Continue reading here!
//Richard
Configuring Email-Based Account Discovery for #Citrix #Receiver
Check out this great blog post from Avinash Golusula:
Configuring Email-Based Account Discovery
1 Add DNS Service Location (SRV) record to enable email based discovery
During initial configuration, Citrix Receiver can contact Active Directory Domain Name System (DNS) servers to obtain details of the stores available for users. This means that users do not need to know the access details for their stores when they install and configure Citrix Receiver. Instead, users enter their email addresses and Citrix Receiver contacts the DNS server for the domain specified in the email address to obtain the required information.
To enable Citrix Receiver to locate available stores on the basis of users’ email addresses, configure Service Location (SRV) locator resource records for Access Gateway or StoreFront/AppController connections on your DNS server. If no SRV record is found, Citrix Receiver searches the specified domain for a machine named “discoverReceiver” to identify a StoreFront/AppController server.
You must install a valid server certificate on the Access Gateway appliance and StoreFront/AppController server to enable email-based account discovery. The full chain to the root certificate must also be valid. For the best user experience, install either a certificate with a Subject or Subject Alternative Name entry of discoverReceiver.domain, or a wildcard certificate for the domain containing your users’ email accounts.
To allow users to configure Citrix Receiver by using an email address, you need to add a SRV record to your DNS zone.
- Log in to your DNS server
- In DNS > Right-click your Forward Lookup Zone
- Click on Other New Records
- Scroll down to Service Location (SRV)
- Configuring Email-Based Account Discovery
- Choose Create Record
The IT Melting Pot! 