Archive
How does #Citrix #NetScaler SDX isolate its instances?
Ok, I received this question the other day and this article is really spot on! Get a cup of coffee and enjoy! 😉
And remember this: YOU CAN ONLY HAVE 7 INSTANCES/1Gbps NIC!!!! So if you intend to host more than 7 VPX’s on your SDX then ensure that you plan your network design if you use 1Gbps otherwise go for the 10Gbps ports and SPFS.
NetScaler SDX Appliance with SR-IOV and Intel-VTd
This article contains information about the Single Root I/O Virtualization (SR-IOV) and Intel Virtualization Technology for Directed I/O (Intel-VTd) technology and how NetScaler appliance uses this technology to achieve fully isolated high performance NetScaler instances.
NetScaler SDX Appliance with SR-IOV and Intel-VTd
Server Virtualization presents both a tremendous opportunity and a major challenge for Enterprise Data Centers and Cloud Computing infrastructure. Current Hypervisors already facilitate the consolidation of many servers that are not utilized efficiently to a smaller number of physical servers delivering better space utilization, lower power consumption, and reduced overhead costs.
Virtualization architectures are built on a virtualization layer called a Virtual Machine Monitor or Domain 0 that becomes the primary interface between a virtual machine and the physical hardware. Even though virtualization allows multiple virtual machines to share the same hardware, it also creates additional overhead and can lower server performance as it becomes the bottleneck between a virtual machine and input/output (I/O) hardware as the number of virtual machines increase.
The NetScaler SDX appliance breaks through these performance bottlenecks by leveraging next generation of I/O virtualization technology called SR-IOV as defined by the PCI-Special Interest Group (SIG). SR-IOV enabled Intel chips along with Intel VT-d enable the NetScaler SDX appliance to significantly reduce virtualized network processing overheads, and provide more secure and predictable mechanisms for sharing I/O device among multiple virtual machines.
Intel Implementation of Single Root I/O Virtualization
Intel has worked with the PCI-SIG to define the SR-IOV specification. As shown in the following image, SR-IOV provides dedicated I/O to virtual machines bypassing the software virtual switch in the Virtual Machine Manager (VMM) completely, and Intel Ethernet Controllers improve data isolation among virtual machines. Another feature of SR-IOV is a feature called Virtual Functions. These are Lightweight PCIe functions that allow a single physical port to look like multiple ports. Therefore, multiple virtual machines can now have direct assignment on the same port. This increases the scalability of the number of virtual machines on the machine through more efficient I/O device sharing.
Intel VT-d Technology
Intel VT-d is a hardware enhancement for I/O virtualization that is implemented as part of core logic chipset. Intel VT-d defines an architecture for DMA remapping that improves system reliability, enhances security and…
Continue reading here!
//Richard
LIMITED RELEASE – #Receiver #Storefront 1.2 Update 1 for Web Receiver Add-in
Issue(s) Fixed in This Release
- After enabling the requireTokenConsistency parameter in StoreFront’s store configuration file (c:\inetpub\wwwroot\Citrix\<StoreName>\Web.config) as described in Knowledge Center article CTX134965, users might not be able to access resources when logging in through Access Gateway.
- Attempts to authenticate to the Receiver for Web fail for users whose passwords contain certain special characters.
Continue reading and download it here!
//Richard
XenMobile product overview… and It’s nice! via @BasvanKaam – #BYOD, #MDM, #Citrix
Wow! I must say that Bas van Kaam has done a great wrap-up here! I highly recommend you to read this blog post!!! 🙂
It was only about a month ago when I was writing my Blog about the CloudGateway that I wondered which route Citrix would take now that they acquired Zenprise, well… here it is… XenMobile, another Xen sibling sees the light! Lets jump right in…
I had the opportunity to make use of one of Citrix’s demo environments to have a closer look at MDM, which is an awesome way to explore new and existing products by the way, if your company is a Citrix partner and has access I definitely recommend having a look. Besides that I used the Citrix E-Docs website as well as Citrix.com to find as much information as possible.
The main focus of this article will be on XenMobile MDM as the Mobile Solutions Bundle (one of the two editions available) focuses primarily on the CloudGateway which I already discussed in one of my previous blogs.
MDM?
MDM stand for Mobile Device Management and it’s just that! Here’s what Citrix has to say about it: As per Citrix: XenMobile MDM is a robust mobile device management solution that delivers role-based management, configuration, and security for both corporate and employee-owned devices. Upon user device enrollment, IT can provision policies and apps to devices automatically, blacklist or whitelist apps, detect and protect against jailbroken or rooted devices, and selectively wipe a device that is lost, stolen, or out of compliance. Users can use any device they choose, while IT can ensure compliance of corporate assets and secure corporate content on the device.
Editions
There are two editions: XenMobile MDM and the Mobile Solutions Bundle. XenMobile MDM primarily focuses on (hardware) device management, more on it’s extensive feature set shortly. Every major platform is supported including: iPhone, iPad, Android, BlackBerry, Symbian and Microsoft Windows 8. It includes the XenMobile Secure Mobile Gateway (SMG) and XenMobile SharePoint Data Leak Prevention (DLP) as well as the XenMobile Mobile Service Provider (ZSM) and the XenMobile Remote Support Application Toolset.
VDI Smackdown: Head-to-head analysis of Citrix XenDesktop, Microsoft etc… via @rpruijt
Great work!!!! 🙂 Continue reading!!!
Are you looking for an independent overview of desktop virtualization solutions and curious about the different strategy questions? Do you want detailed information about the features and functions each desktop virtualization vendor is offering!? If so the VDI Smackdown you definitely must read!
In the current market there is an increasing demand for unbiased information about desktop virtualization solutions. This white paper is focused on solutions that are anticipated to have an important role in desktop virtualization deployments. An overview of available features of each solution has been created to allow an understanding and comparison of capabilities.
The latest solutions included in the feature matrix are: Citrix XenDesktop 5.6FP1, Citrix VDI-in-a-Box 5.2, Dell vWorkspace 7.6, Microsoft RDVH Windows8/Server 2012 and VMware View 5.2; The English whitepaper can be downloaded here. The Japanese version will be available as soon as possible.
Empowering the end-user by giving access to Windows, Web and Mobile applications so he can access data and information systems from both private and public datacenters regardless of the device or location is the ultimate strategic objective.
The delivery of the classic (Windows) desktop interface can be divided in two segments:
- the classic desktop and laptop, running Windows, Linux or Mac OS X;
- the virtual desktop running in the datacenter or local on the classic workstation.
In essence “desktop virtualization” is the de-coupling of the desktop, operating system and the applications from the underlying endpoint or device. This kind of virtualization can be subdivided into two types:
- With the first type applications are executed remotely, server hosted, and presented at the endpoint via a remote display protocol.
- With the second type applications are executed at the endpoint, client-side and presented locally.
Making Windows, Web and Mobile applications available to the end-user, regardless of the technology being used, is an important strategic objective of an advanced IT infrastructure. The Virtual Desktop (vDesktop) is an essential component in the range of Application and Desktop delivery solutions and in essence, it provides the following functions:
- Flexibility: Detach the vDesktop from the endpoint; Several vDesktops can be used next to one another
- BYO: enables delivery of applications and desktops for BYO scenario’s;
- Access: vDesktop works independently of location, endpoint and network;
- Security: Server Hosted – VDI; data in the computing center;
- Freedom: Every user can have his own desktop with administrator privileges when needed;
- Management: Centrally managed and hardware independent;
- Legacy: It is simple to offer legacy applications on a state-of-the-art platform;
- Sustainability: Power Management, handling the necessary resources in an efficient manner
The transition to a dynamic and optimized desktop is causing many IT organizations to reevaluate traditional IT operations, deployment, delivery, packaging, support, and management methods.
Desktop virtualization is a key component in the optimized desktop. It’s important to have a Vision and Strategy around application and desktop delivery and enterprise mobility. Designing, building, managing and maintaining the desktop virtualization…
Continue reading here!
//Richard
#Citrix Nails Its Enterprise Mobility Strategy – #XenMobile, #BYOD – via @ekhnaser
Read this great article and see if you agree! 😉
Citrix Nails Its Enterprise Mobility Strategy
I have been very pleased with the strategy, execution and the road map that Citrix has developed around Enterprise Mobility. With the announcement of XenMobile MDM and the Mobile Solutions bundle, I can very easily say that the Citrix solution is the most complete and feature-rich offering on the market today.
XenMobile MDM is simply a name change for Zenprise, which Citrix acquired a few months earlier. I expected Citrix to simply change the “Z” to “X” and keep the name, but I guess Citrix marketing did not find that as amusing. That is not the only change that occurred: A new version of “Zenprise” also accompanies this release, and XenMobile MDM now brings it to version 8.0.1.
Many customers and colleagues have asked me why Citrix acquired an MDM provider — what are the value-adds and isn’t the world moving towards MAM anyway? To answer, we have to make a clear distinction between the use cases. I agree and concur that for BYOD initiatives, MAM is a better, cleaner way of doing this things and that MDM is not the ideal solution.
That being said, there are plenty of use cases where MDM is the only solution that makes sense and I will give you real-world examples. Have you heard of the “Belly” card? It is a customer recognition and rewards program from a company HQ’ed in Chicago that offers merchants a locked down iPad for display in their place of business. Customers can come in and scan their mobile phones on the iPad provided and after a certain number of check-ins they are offered a reward for their loyalty. In this case, belly would have very little use for MAM; they need an MDM solution to manage the thousands of iPads they have deployed.
Another example: United Airlines and American Airlines allow customers to use mobile devices in the cabin to purchase goods in-flight. Obviously, the airlines don’t want the flight attendants to use their own device for this, MDM shines again here.
Finally, what about financial institutions that want to continue to issue corporate-managed devices of different flavors? It’d be for security reasons, obviously. In this case, MDM shines.
When I see bloggers and analysts disqualify MDM, they are not thinking beyond BYOD, where the business world could have a use case built around an application they issue on a mobile device.
Did Citrix strike gold with its acquisition of Zenprise? I will say this much: It was one of the best acquisitions the company has ever made. The natural follow-up question is, what about CloudGateway? And my answer is, it is the glue that holds everything together and is the most important product in the Citrix solution today. Everything will go through CloudGateway moving forward and at version 2.5 has the following features:
- Enterprise app store with identity management capabilities for a single sign-on like experience
- Windows Applications and Desktops through XenApp and XenDesktop
- Mobile applications integration, provisioning, etc.
- SaaS applications integration, provisioning, etc
- Integration with Citrix ShareFile for enterprise DropBox functionality
CloudGateway also has a connector for Citrix Podio, and here I’ll be critical of Citrix the same way I’m critical of VMware for not integrating SocialCast. Why Citrix doesn’t make Podio…
Continue reading here!
//Richard
Vulnerability in #Citrix Access Gateway Standard Edition 5.0 – #AG
Vulnerability in Citrix Access Gateway Standard Edition 5.0 Could Result in Unauthorized Access to Network Resources
Document ID: CTX136623 / Created On: Mar 5, 2013 / Updated On: Mar 5, 2013
(1 ratings)
Description of Problem
A vulnerability has been identified in Citrix Access Gateway Standard Edition that could allow an unauthenticated user to gain access to network resources.
This vulnerability has been assigned the following CVE number:
• CVE-2013-2263
This vulnerability affects all 5.0.x versions of the Citrix Access Gateway Standard Edition appliance firmware earlier than 5.0.4.223524.
Citrix Access Gateway Standard Edition versions 4.5.x and 4.6.x are not affected by this vulnerability.
What Customers Should Do
A patch for version 5.0.4 of the Citrix Access Gateway Standard Edition firmware has been released to address this vulnerability. Citrix strongly recommends that all customers using affected versions of Citrix Access Gateway Standard Edition apply this patch to their appliances as soon as possible.
This patch can be found at the following location under the Appliance Firmware section (you will need to login with your MyCitrix ID):
http://www.citrix.com/downloads/netscaler-access-gateway/product-software/access-gateway-504.html
Acknowledgements
Citrix thanks Ben Williams, David Middlehurst and James Eaton-Lee of NCCGroup (http://www.nccgroup.com) for working with us to protect Citrix customers.
What Citrix Is Doing
Citrix is notifying customers and channel partners…
Continue reading here!
//Richard
Five enterprise-ready antivirus systems – #Webroot, @Webroot
This is an interesting article! And I’m happy to see the only cloud-based product on the list!
5: Webroot SecureAnywhere Business – Endpoint Protection
Webroot SecureAnywhere Business – Endpoint Protection is the only solution on this list that is cloud-based only. Some of the others offer a cloud-based service option, but Webroot is the only one that does not offer an on-premise system. However, Webroot is still one of the most impressive applications in the list. The dashboard gives admins a quick overview of their enterprise, endpoint details can be quickly checked, and policies, reports, and logs can be easily viewed. On top of that, though, is the client: it installs in seconds (literally about 6-8 seconds for me) and scans in less than two minutes (1 minute, 42 seconds for my test system). Also, Webroot claims that their client software will run alongside any other security software without conflict. The main disadvantage of this system is its cloud-based nature – company’s deploying Webroot may have limited Internet bandwidth or security concerns with cloud software.
Read the whole article and the other 4 products listed here!
And you can also read my previous blog post about my little review of Webroot here.
//Richard
#Citrix #StoreFront Slowness, Join and Replication issue – check list!
Ok, I guess that you may have seen issue with StoreFront before… and it you have not then good for U!
But in the case that you have experience it here are a couple of things that you can do and hopefully it solves your issue with slow StoreFront console startup, server join issues or replication issues. Sometimes I’ve seen that the join, replication and slowness is ok and the process goes through. But then all of a sudden you get an error and the propagation fails… and this can be because of a timeout in the StoreFront process that you’ve initiated.
I already assume that you’ve checked the basic stuff.. that the servers can reach each other (ping server name and FQDN etc. and that there are no FW issues)….
You may have an issue because you/your server cannot reach the Internet, and some of the components of the product is signed with SSL certificates and StoreFront will try to perform a check whether the publishers certificate is ok or not. So if your servers are behind a proxy serevr that you usually configure in your browser to be able to connect from your companies internal network to the Internet then you should do the following.
1. Log on to your first StoreFront server and create a copy of the original aspnet.config file under C:\Windows\Microsoft.NET\Framework\v2.0.50727 (verify which framework version that your app is using in IIS and modify that appropriate aspnet.config file, more info about this change can also be found here and is for Web Interface but is also applicable to StoreFront)
2. Open Notepad as an Admin (if you have UAC of course enabled) and open the asp net.config file
It will have the content as described by the picture above, add this line to it: <generatePublisherEvidence enabled=”false”/>
Working with #XenMobile #AppController and Me@Work apps – #Citrix, #BYOD
I got to play around with @WorkWeb and @WorkMail apps a bit… and I must say that the process to get the Me@Work apps into AppController isn’t the simplest there is for someone that haven’t been doing iOS app development before.
But what I’m describing here is what’s now named XenMobile AppController and a part of the XenMobile bundle:
(Note: picture from Citrix)
So lets try to summarise the steps involved in getting these @WorkWeb and@WorkMail apps into your AppController and then published them to your users!
- Get your hands on a Macbook!
- Download the App Preparation Tool for iOS Applications and install it on the client
- Download and install Xcode (not 100% necessary but I recommend that you do that to simplify the creation/download of Distribution certificates and Distribution Profiles)
- Open XCode and open Preferences->Downloads,
Read more…
#Citrix Partner Central, the new partner portal is live!
Attention Partners: It’s official. My Citrix is retired and Partner Central, your new portal is live.
You may be wondering why Citrix made this change, what’s the motivation and why now. At Citrix, we believe in innovating, improving and adapting. We have been monitoring partner feedback from various sources and have identified opportunities to provide a better web experience. The market landscape has changed, the needs of our partners have expanded, and the way we communicate has evolved. It’s time for our private portal experiences to reflect these changing needs.
Partner Central, a start of something great
We understand that you have specific needs from a web site. We listened to your feedback about what you want to experience and how you want content to be prioritized. You’ll find real-time announcements from Citrix and the industry, links to resources you use most often, links to what’s new and tools that have been integrated within each main section: training and certification, sales, marketing, licensing and renewals and support.
Partner Central is easy to use, intuitive and you still have access to the same tools and content you had before with My Citrix. More good news is that your same username and password will still work with the new site. You will be able to conduct activities such as:
- Reviewing product pricing, new sales promotions and trainings
- Managing customer renewals, products, Advisor Rewards and leads
- Accessing partner notification documents, Key Play campaign materials and product sales kits
You can access Partner Central at www.Citrix.com/PartnerCentral to start exploring. We’re confident that your experience will be improved…
Continue reading here!
//Richard
The IT Melting Pot! 