Archive
Which #DaaS architecture is right? – #Azure, #RemoteApp, #Microsoft, #Citrix, #Workspace
I really feel for you Solution Architects out there that have to struggle with how to revamp your companies or customers Hosted Desktop/App services. They may be provided by a service provider today, or you do it yourself on-premise and manage them, or you’ve already taken the step to purchase it as a true DaaS/SaaS service from a public cloud provider. Today the options are many, and too many if you add all the hosting models and the technology options you have. From a business perspective you’re getting the heat to deliver something with the word “cloud” in it just because it’s hot, and management then expect that TCO is sooooo low and that you have now problems in delivering at all within a couple of weeks and you can scale up and down without any issues at all from a financial or technical perspective… 😉
Often you also don’t even have the business, security, functional or technical requirements either so you’re supposed to come with the magic solution that fits all needs! 😉
My personal view is also that some of our vendors/partners out there don’t seem to have one (1) clear strategy either (at least not officially).
Some are building and providing their own “cloud architecture” models for DaaS for partners to build on (VMware, Citrix, Microsoft etc.), and then they also are providing specific models for certain partners as well that run on top of other cloud solutions, like Citrix Service Provider (CSP) offerings on Azure or on-premise. As a partner to these companies you also are in a tough spot, are you to partner with them and deliver their technology on your infrastructure, or shall you wait until they deliver a fully working public cloud offering (like WorkSpace Services) and then add your added value on top of that? Options are many and I don’t think that Citrix has given their whole story yet, I still think that they business wise need to go where Microsoft is going by providing a DaaS service by themselves directly to customers and thereby also “cut” the partner network out because once the technology and self-service becomes to easy then what shall they add as value then? There will always be customers that wants help to onboard, operate etc. of course but this will be another type of service and many Citrix and Microsoft partners need to be become more solution focused and get away from the SME space and deliver integration and more IT management consulting skill sets instead.
But let’s get back to more technology…
I’ve been kind of waiting to get some time over to test the RemoteApp service in Azure. I personally think that this is the future and they way that many small to medium size business fairly short shall start to look at. Not all of these companies have the skill set or financials to look at building a good Software-as-a-Service (SaaS) offerings of Windows applications internally. I’m a bit annoyed though that out of the box there isn’t any Desktop-as-a-Service (DaaS) offering and that it’s still just the RDS/Hosted Shared Desktop model that is provided. A real Hosted Virtual Desktop or VDI offering would be nice and a license model that goes with it from Microsoft.
There are today so many different options that companies that want to provide or consume a DaaS service can leverage today, Citrix Service Providers have all of their options in terms of technology stacks (CloudStack, CloudPlatform, CSP for Azure, App Orchestration 2.5, Microsoft System Center, Azure Pack and all options that are out there)… but which one shall/can you select? And what if you’re NOT a Citrix service provider and have a huge datacenter and haven’t already done your CAPEX investments around compute, network and storage etc..? Where do you then turn?
I think that here is where RemoteApp and a future Workplace Services offerings with Citrix on top would be great! You as a customer can turn to a partner/consultant company to get guidance and assess all your requirements and then easily be provisioned an environment that is of the “standard cloud offering” or get a customised one tailored specifically for your needs.
Like in my little demo scenario here I provisioned a fully functional RemoteApp environment that hosted all of the Microsoft Office 2013 apps that I use and also got a lot of storage at the same time… in almost no time at all!
Azure RemoteApp helps employees stay productive anywhere, and on a variety of devices – Windows, Mac OS X, iOS, or Android. Your company’s applications run on Windows Server in the Azure cloud, where they’re easier to scale and update. Users can access their applications remotely from their Internet-connected laptop, tablet, or phone. While appearing to run on the users’ local device, the applications are centralized on Azure’s protected, reliable platform.
Azure RemoteApp combines Windows application experiences with the powerful capabilities of Remote Desktop Services on Microsoft Azure – the cloud for modern business.
I also like the licensing model:
- Azure RemoteApp is priced per user and is billed on a monthly basis.
- The service is offered in two tiers: Basic and Standard. Basic is designed for lighter weight applications (e.g. for task workers). Standard is designed for information workers to run productivity applications.
- Pricing: Each service has a starting price per user that includes 40 hours of service per user. Thereafter, a per hour charge is applied for each user hour up to a capped price per user. You will not pay for any additional usage beyond the capped price in a given month.
RDS on Azure example quote:
More Azure solution pricing examples: http://blogs.technet.com/b/uspartner_ts2team/archive/2014/10/14/more-azure-solution-pricing-examples.aspx
What if you then also shall put Citrix on top of that… cost increases of course and still you’re kind of limited of being a SPLA or CSP in order to build this, or you go and ask a SPLA/CSP to provide it for you if you’re an end-customer.
But back *again* to the test-drive that I did of RemoteApp…
Dell + Nutanix = awesome! – #Nutanix, #Dell, #EnvokeIT
Hi all,
It’s been a while since I posted something… so the blog backlog is huge right now but I’ll try to finalise all of the items I have prepared soon when time allows!
But this is a really cool thing that I think that many don’t understand the capabilities of! Dell will now provide the awesome Nutanix distributed file system on their XC series!
You all know much I already like Nutanix and the the way that it “just works”! Think about it for a while, it’s so easy just to build a platform that you can scale and manage in such a simple manner. It’s also like a match in heaven for the Hyper-V Failover cluster and VMM world with storage presented over SMB3.. so easy to setup, so simple to manage, and what a performance and scalable solution!
If you have any thoughts, questions or simply just want to learn more about Nutanix or Dell then contact us at EnvokeIT, we know how this works and can help you to simplify and modernise your IaaS service in a true web-scale way!
//Richard
Azure ExpressRoute is a really cool and important feature – #Microsoft, #Azure, #ExpressRoute
Everyone talks about the “cloud” and how you can leverage all the benefits or a public, private or hybrid cloud model. And one challenge and huge risks that enterprises see with moving into a public cloud like Azure is the dependency to the public Internet.
Is the connection secure, stable, available and how can you determine that I have the connectivity between my on-premise stuff and Azure..?
It’s here where I think that Microsoft really has made a HUGE step towards getting more traction with the larger enterprises with the new ExpressRoute feature! Now you can get your own dedicated connection to Azure through it’s partner network of service providers like AT&T and Verizon etc.!
Microsoft Azure ExpressRoute lets you create private connections between Azure datacenters and infrastructure that’s on your premises or in a co-location environment. With ExpressRoute, you can establish connections to Azure at an ExpressRoute partner co-location facility or directly connect to Azure from your existing WAN network (such as a MPLS VPN provided by a Network Service Provider). Read more…
#Hyper-V 2012 R2 Network Architectures Series (Part 1 of 7) – Introduction
This is a great blog post series! Good job Cristian Edwards!
Hi Virtualization gurus,
Since 6 months now, I’ve been working on the internal readiness about Hyper-V Networking in 2012 R2 and all the options and functionalities that exists and how to make them work together and I realize that a common question in our team or from our customers is what are the best practices or the best approaches when defining the Hyper-V Network Architectures of your Private Cloud or your Virtualization farm. Hence I decided to write this series of posts that I think they might be helpful at least to do the brainstorm to find the best approach for every particular scenario. The reality is that each environment is different and use different hardware, but at least I can help you identify 5 common scenarios on how to squeeze the performance of your hardware.
I want to make clear that there is no just one right answer or configuration and your hardware can help you determine the best configuration for a robust, reliable and performer Hyper-V Network Architecture. Please note that I will do some personal recommendation based on my experience. These recommendations might or might not be the official – generic recommendations from Microsoft, so please call you support contact in case of any doubt.
The series will contain these post:
1. Hyper-V 2012 R2 Network Architectures Series (Part 1 of 7 ) – Introduction (This Post)
5. Hyper-V 2012 R2 Network Architectures Series (Part 5 of 7) – Converged Networks using Dynamic QoS
6. Hyper-V 2012 R2 Network Architectures Series (Part 6 of 7 ) – Converged Network using CNAs
7. Hyper-V 2012 R2 Network Architectures Series (Part 7 of 7 ) – Conclusions and Summary
8. Hyper-V 2012 R2 Network Architectures (Part 8 of 7) – Bonus
Continue reading here!
//Richard
Multi-Factor Authentication for Office 365 – #Office365, #IAM
This is cool!
Paul Andrew is a technical product manager on the Office 365 team working on identity.
Today we’re adding Multi-Factor Authentication for Office 365 to Office 365 Midsize Business, Enterprise plans, Academic plans, Nonprofit plans, and standalone Office 365 plans, including Exchange Online and SharePoint Online. This will allow organizations with these subscriptions to enable multi-factor authentication for their Office 365 users without requiring any additional purchase or subscription.
Multi-factor authentication increases the security of user logins for cloud services above and beyond just a password. With Multi-Factor Authentication for Office 365, users are required to acknowledge a phone call, text message, or an app notification on their smartphone after correctly entering their password. Only after this second authentication factor has been satisfied can a user sign in.
Multi-factor authentication has been available for Office 365 administrative roles since June 2013, and today we’re extending this capability to any Office 365 user. We’re also enhancing the capabilities that have been available since June. We’re adding App Passwords for users so they can authenticate from Office desktop applications as these are not yet updated to enable multi-factor authentication. And we’re enabling users who are authenticated from a federated on-premises directory to be enabled for multi-factor authentication.
This addition of multi-factor authentication is part of our ongoing effort to enhance security for Office 365, and we’re already working on Office desktop application improvements to Multi-Factor Authentication for Office 365, which we’ll introduce later in this post. Office 365 offers many robust built-in security features for all customers and also optional controls that enable subscribers to customize their security preferences. More information about security in Office 365 is available inthe Office 365 Trust Center.
Let’s take a look at how Office 365 customers can take advantage of multi-factor authentication and configure it, including using App Passwords for Office desktop applications.
After entering your account password, you see a message like this while your phone is being called for acknowledgement.
Multi-Factor Authentication for Office 365
Office 365 administrators enroll users for multi-factor authentication through the Office 365 admin center.
#App-V 5.0 Capacity Planning – #Microsoft via @micheroth and @vkleinerde
This is a good article, have a look at this if you’re planning some App-V 5.0 capabilities!
The following recommendations can be used as a baseline to help determine capacity planning information that is appropriate to your organization’s App-V 5.0 infrastructure.
 Important |
|---|
| Use the information in this section only as a general guide for planning your App-V 5.0 deployment. Your system capacity requirements will depend on the specific details of your hardware and application environment. Additionally, the performance numbers displayed in this document are examples and your results may vary. |
Determine the Project Scope
Before you design the App-V 5.0 infrastructure, you must determine the project’s scope. The scope consists of determining which applications will be available virtually and to also identify the target users, and their locations. This information will help determine what type of App-V 5.0 infrastructure should be implemented. Decisions about the scope of the project must be based on the specific needs of your organization.
| Task | More Information |
|---|---|
| Determine Application Scope | Depending on the applications to be virtualized, the App-V 5.0 infrastructure can be set up in different ways. The first task is to define what applications you want to virtualize. |
| Determine Location Scope | Location scope refers to the physical locations (for example, enterprise-wide or a specific geographic location) where you plan to run the virtualized applications. It can also refer to the user population (for example, a single department) who will run the virtual applications. You should obtain a network map that includes the connection paths as well as available bandwidth to each location and the number of users using virtualized applications and the WAN link speed. |
Determine Which App-V 5.0 Infrastructure is Required
| Important |
|---|
| Both of the following models require the App-V 5.0 client to be installed on the computer where you plan to run virtual applications. You can also manage your App-V 5.0 environment using an Electronic Software Distribution (ESD) solution such as Microsoft Systems Center Configuration Manager. For more information see Deploying App-V 5.0 Packages by Using Electronic Software Distribution (ESD). |
- Standalone Model – The standalone model allows virtual applications to be Windows Installer-enabled for distribution without streaming. App-V 5.0 in Standalone Mode consists of the sequencer and the client; no additional components are required. Applications are prepared for virtualization using a process called sequencing. For more information see, Planning for the App-V 5.0 Sequencer and Client Deployment. The stand-alone model is recommended for the following scenarios:Full Infrastructure Model – The full infrastructure model provides for software distribution, management, and reporting capabilities; it also includes the streaming of applications across the network. The App-V 5.0..
- With disconnected remote users who cannot connect to the App-V 5.0 infrastructure.
- When you are running a software management system, such as Configuration Manager 2012.
- When network bandwidth limitations inhibit electronic software distribution.
Continue reading here!
//Richard
#XenDesktop 7.1 on #Hyper-V Pilot Guide! – #Citrix
This is a great PoC guide, some thing I would have done differently in detail but overall great work!
You’ve heard of XenDesktop 7.1, experienced a demo and worked through the Reviewer’s Guide. Now where do you turn when you’re ready for a PoC, pilot and preparations for a full-scale rollout?
Here on the Citrix Readiness and Enablement Team, we’re always looking for ways to empower our customers to be successful on their projects. To this end, we’ve taken one of our most popular hands-on lab guides used to train hundreds of internal and external students and reworked it for consumption by the masses. The XenDesktop 7.1 on Hyper-V Pilot Guide can be download fromhttps://citrix.sharefile.com/d/scaa256260df4ab3b. In this guide we cover the following topics with step-by-step instructions and screenshots:
– Configuring System Center Virtual Machine Manager and Installing the Agent
– Setting Up SQL Server Mirroring for a XenDesktop site
– Setting up the XenDesktop Site
– Joining a Controller to an Existing Site
– Configuring StoreFront and Installing Certificates
– Configuring NetScaler for StoreFront Load Balancing
– Installing the VDA Software on Desktop and Server VMs
– Creating Catalogs of Machine for Desktops and Servers
– Creating Delivery Groups for Desktops and Servers
– Delivering Installed and App-V Applications
– Provisioning Services Configuration and Optimizations
– Using the XenDesktop Setup Wizard
– Setting up Remote Access with NetScaler and StoreFront
– Internal and External Connectivity Scenarios
– Load Evaluator Policies
– Monitoring with Director
– Exploring Configuration Logging
– Exploring Delegated Administration
– Working with PowerShell
And much more!
Take a look through the document and let us know your thoughts…
IMPORTANT: This guide is designed to be used as a reference for building PoC and/or pilot environments. Production environments should always be…
Continue reading here!
//Richard
Almost perfect.. #ShareFile StorageZones on Azure is now generally available! – #Citrix, #Azure
This is a great addition I must say, but some things are missing!
One thing that I’m missing is the full integration with Azure storage containers! You still have to specify a temp/cache storage location that today ShareFile controller requires to be on a CIFS share when you have multiple controllers. And if you put the controller up in Azure as well, how do you then get that CIFS share and make it highly available? There is no CIFS exposure directly from the Azure storage, you have to setup a couple of VM’s in Azure, do something like DFS to expose is.. and then all of a sudden you have a whole file service to manage there as well.. and to monitor and all of a sudden you need AD and monitoring and reporting of it.. phuuu…
So I hope that in next version we can specify an Azure storage container for that cache/temp storage as well! 😉
The other thing I’d really like to see is NetScaler support in Azure, so that we could do proper AAA/CS/LB of the controllers in Azure as well so that we can get a simple and fully cloud based service in Azure! 🙂
BYOD and a growing global workforce are generating demand for instant access to data, offline productivity and seamless collaboration from anywhere. Organizations are challenged with reconciling these forces with leveraging existing investments, protect intellectual property and meet regulatory compliance requirements – driving interest in ShareFile StorageZones. StorageZones offers IT the flexibility to store data in secure Citrix-managed datacenters in multiple worldwide locations, or on-premise within their own datacenters.
At Citrix Synergy 2013, we announced new ShareFile StorageZones options with Microsoft Windows Azure. We are now pleased to announce the general availability of ShareFile StorageZones on Azure with the release of ShareFile StorageZones Controller software version 2.2. This release includes support for Windows Azure storage containers, therefore if you have a Windows Azure account, you can use an Azure storage container for your private data storage instead of a locally maintained share. Hosting ShareFile data natively in your Microsoft Azure account helps IT build the most cost-effective and customized solution for their organization. This customer-managed solution integrates ShareFile with Microsoft Azure’s Binary Large Object (Blob) storage, a cloud service for storing large amounts of unstructured data that can be accessed from anywhere in the world via HTTP or HTTPS.
Product Overview
Azure storage is customer-managed storage hosted in the Windows Azure cloud. File uploads are initially deposited into a temporary storage area shared by all StorageZone controllers. Then, a background service copies those files to the Windows Azure storage container and deletes the local cached copy of the file(s).
Typically with CIFS based StorageZones, the Controller servers are installed on-premise in the customer’s datacenter. However, if a customer is hosting virtual machines in Azure, they could install the StorageZone Controller software on instances running in their Azure account and not necessarily on-premise.
Read the ShareFile StorageZones on Azure Storage Technical Brief and watch the video Installing and Configuring ShareFile StorageZones v2.2 with Microsoft Azure to learn more about this solution.
Check out our Citrix and…
Continue reading here!
//Richard
#Microsoft’s new CEO = Satya Nadella
Continue reading here!
//Richard
Google + Microsoft = Process Explorer 16.0 – #Google, #VirusTotal – via @lseltzer
This is kind of cool!
The latest version of Process Explorer, one of the top tools in Microsoft’s popular Windows Sysinternals suite, has incorporated support for the popular VirusTotal service run by Google.
The Sysinternals tools were written by Mark Russinovich and Bryce Cogswell before Microsoft bought their company many years ago. Russinovich continues to develop the tools in his spare time at Microsoft while working on their Azure cloud service.
To quote the “What’s New” section on microsoft.com:
Thanks to collaboration with the team at VirusTotal, this Process Explorer update introduces integration with VirusTotal.com, an online antivirus analysis service. When enabled, Process Explorer sends the hashes of images and files shown in the process and DLL views to VirusTotal and if they have been previously scanned, reports how many antivirus engines identified them as possibly malicious. Hyperlinked results take you to VirusTotal.com report pages and you can even submit files for scanning.
VirusTotal was created and built up by Hispasec Systems, a Spanish security consulting firm. Over the years it became wildly popular to the point where it needed a cloud infrastructure on the scale that a company like Google could provide. Google took the service over in 2012 [Corrected from 2007]. Read more…
The IT Melting Pot! 