Archive
My Post-Synergy View – Update 2 #CitrixSynergy #Citrix #CitrixSummit #XenApp #XenDesktop #NetScaler #Sanbolic
Hi again!
Ok, time to wrap up my Synergy update post series… In the previous post I started to give U my view of the takeaways from Citrix Synergy. So let’s continue! 🙂
As I wrote before I tried to structure the post using the following; each heading represents the enhancement request topic and/or the takeaway item, and then the subheading of Description and Status is showing you my personal view on the topic and its status.
NetScaler
Description:
These where the items that we had on the enhancement list before going to Synergy:
- Create SDX platform/architecture to run on all MPX appliances, for more info why see; NetScaler MPX vs. SDX dilemma; https://richardegenas.com/2012/10/03/netscaler-mpx-vs-sdx-dilemma/
- Add support for AG session policies so that ICA proxy can be turned on for specific published apps and desktops and not per session. This for situations where you might have one app or desktop that sits behind an AGEE and others don’t.
- The NetScaler/Access Gateway HTML/GUI pages used shall be able to be customized per AGEE/AAA Virtual Server. Today they are global pages so that specific modifications/customizations cannot be made and you have to buy an additional NetScaler unless major customizations are done and then life-cycle management becomes an issue.
- Change so that you can specify different Authentication policies and requirements mapped to Session policies instead of to a Virtual Server, AAA group etc. This could then provide a way so that you could offer ICA proxy mode with single auth and two-factor if you launch/select to open an SSL VPN tunnel. And then a user that has forgotten a hardtoken could still get access but only in ICA proxy mode and have all virtual channels disabled without having to have multiple accounts in the Receiver and admin doesn’t need multiple NS AGEE VS.
- It would be good to get the same Account Self-Service functionality that the Single Sign-On/Password Manager service can provide and have integrated into the AGEE login page where end-users can themselves unlock their accounts and reset their passwords without involving Service Desk. And the solution for how to get the single sign-on account self service feature should be an integration part of the NetScaler AGEE console rather than manually updating the HTML pages etc.
NetScaler SDX – value add, #CitrixSynergy #NetScaler
Sitting here listening to the SDX model and its capabilities etc. And I must agree that the concept is great in terms of isolation, flexibility, density and other added values that the platform provides…
But I still see the need for the same SDX model on the smaller appliances where you may need the capabilities of feature isolation etc but where you don’t need the performance/throughput etc. of the larger appliances where the SDX model starts.
If you look at the NetScaler data sheet I can’t understand why you don’t get the SDX model option on for instance the 8200 box and why not down to the 5500?
More on my thoughts on this from my previous blog can be found here.
//Richard
NetScaler MPX vs. SDX dilemma
Hi again!
Ok, I may be totally off and wrong here but I see a bit of a problem with the Citrix product packaging and offering around the whole NetScaler product.
I love the fact that the product is available as virtual appliances (VPX) and physical appliances (MPX) and the lovely “mix-product” which is the SDX platform. The SDX is a lovely addition and I see so many reasons for why you want to go towards that platform, so bear with me.
The NetScaler product itself is a great product and the feature set it rich! It’s definitely rich in terms of what features it offers from the same appliance! Some of the marketing of the product against competitors is that you can do it all (GSLB, LB, SSL offloading, SSL VPN, Application Firewall, ICA/HDX proxy etc.) on one appliance instead of purchasing several. Have a look at the editions of the product and the rich feature offering;
But I must challenge this whole idea of putting all features/capabilities on one appliance! What if you decide to build a service on the NetScaler product and decide to provide these capabilities;
- Access Gateway
- Network Connect (SSL VPN access)
- Network Proxy (ICA/HDX proxying)
- End-to-end Web Security (AAA etc.)
- Load Balancing (LB, GSLB)
So imagine that if for some reason you need a new version of the NetScaler appliance or if Citrix provides a fix for a bug/issue that is related to one of the capabilities. Then you have to stop your whole service delivery of all of them just to apply a patch/update targeted for one of them. Is that good from an incident, problem, change management point of view? I guess that’s why I like the SDX platform where I then can put the capabilities on different VPX instances on the same SDX HW platform.
This then also leads you to the whole cost of the service if you also like this idea of separation of duties, how much does the SDX cost and what does the VPX instances cost (they are purchased in bundles of 5 where 5 is included with the SDX purchase). And except for the cost of the HW, SW and SA you have the complexity that you have to select which of the SDX platforms to choose (see a more detailed NetScaler Datasheet here). And this is the biggest issue as I see it! I’d like to recommend the SDX platform to more customers than the enterprise segment. But then you have an issue, the SDX platforms starts on the 11 500 appliance.
Why doesn’t Citrix offer the SDX model on the smaller appliances?? I’d like to understand that because I think that most customers out there will not require that much throughput or CCU etc that the 11 500 delivers….
And there are more reasons to why you would like an SDX model other than separation of duties.. but more on that in another post.
Cheers!
//Richard
Mobile Application Management (MAM) = Complete Mobile Workplace?
Ok, so I’ve been looking at some of the players out there that say they have a “MAM” product and everybody seem so hooked on talking about MAM and how that’s gonna solve all the needs of a Mobile Workplace… and to be totally frank I think that people tend to run to fast with new cool and hip buzz-words or solutions.
To start of with, what is the definition of a MAM system? This is a pretty good summary I’d say that I stole from WikiPedia;
“Mobile Application Management (MAM) describes software and services that accelerate and simplify the creation of internally developed or “in-house” enterprise mobile applications. It also describes the deployment and management of in-house and commercially available mobile apps used in business settings on both company-provided and “bring your own” smartphones and tablet computers.
Mobile application management has also been defined as “the strategy and process around developing/procuring, securing, deploying, accessing, configuring, updating and removing (business) applications from mobile devices used by the employees. To read more at wikipedia click here…”
And does a solution like this provide all the capabilities for businesses today for a complete Mobile Workplace?
Cisco Ceasing Development Of Load-Balancer Products
Wow… ok, it may not be the biggest news but it’s indeed interesting!
“The ADN market has since become more crowded as the technology gets hotter. Behind F5 is No. 2 player Citrix(NSDQ:CTXS), estimated to hold between 15 percent and 17 percent, along with a host of other vendors, from Brocade and Radware to smaller, scrappier alternatives such as A10 Networks.
Suppiger’s research note highlighted F5, Citrix and A10 specifically as being well-positioned to take advantage of Cisco’s decline. Indeed, both F5 and A10 are among Cisco competitors that already are moving to capitalize on Cisco’s decision.”
Read more here!
//Richard
The IT Melting Pot! 