Archive
#XenMobile on Android and MicroVPN issue unless you really synch Worx releases…
Hi,
If you’ve worked with XenMobile and especially the AppController to deploy WorxMail and WorxWeb you know that these establish a MicroVPN tunnel to reach internal resources when needed.
One thing that I noted today was that when you upgrade your AppController and NetScalers and people also upgrade their Worx Home app on Android you can run into an issue unless you upgrade and align your Worx Home and WorxWeb apps.
The new Worx Home 8.6.1 on Android requires that you run WorxWeb 1.3.3 from Citrix, otherwise the MicroVPN tunnel won’t be established and you won’t reach your internal resources through it.
So it’s more important than ever to ensure that you try your NetScaler, AppController and Worx apps and align their releases.. once they work then you see this great progress and tunnel being established.
It would be nice to get a good table of which versions of each product/component that you should run and which ones that can support all use cases like; XenMobile , ShareFile on prem, ICA/HDX proxy, SSL VPN and SmartAccess for RfW and proxy! I’ve not yet found one combination that delivers everything. 😉
Happy XenMobile’ing!
//Richard
#Netscaler Insight and Integration with #XenDesktop Director – via @msandbu
Great blog post by Marius! 🙂
This is another one of Citrix hidden gems, Netscaler Insight. This product has been available from Citrix some time now, but with the latest update in became alot more useful. Insight is an virtual applance from Citrix which gathers AppFlow data and statistics from Netscaler to show performance data, kinda like old Edgesight. (NOTE: In order to use this functionality against Netscaler it requires atleast Netscaler Enterprise or Platinum)
Insight has two specific functions, called Web Insight and HDX insight.
Web Insight shows traffic related to web-traffic, for instance how many users, what ip-adresses, what kind of content etc.
HDX Insight is related to Access Gateway functionality of Citrix to show for instance how many users have accessed the solution, what kind of applications have they used, what kind of latency did the clients have to the netscaler etc.
You can download this VPX from mycitrix under Netscaler downloads, important to note as of now it is only supported on Vmware and XenServer (They haven’t mentioned any support coming for Hyper-V but I’m guessing its coming.
The setup is pretty simple like a regular Netscaler we need to define an IP-address and subnet mask (Note that the VPX does not require an license since it will only gather data from Netscaler appliances that have a platform license and it does not work on regular Netscaler gateways)
After we have setup the Insight VPX we can access it via web-gui, the username and password here is the same as Netscaler nsroot & nsroot
After this is setup we need to enable the insight features, we can start by setting up HDX insight, here we need to define a expression that allows all Gateway traffic to be gathered.
Here we just need to enable VPN equals true. We can also add mulitple Netscalers here, if you have a cluster or HA setup we need to add both nodes.
After we have added the node, just choose configure on the node and choose VPN from the list and choose expression true.
Upgrading to #Citrix #Receiver for #Windows – why and how?
This is something that all Citrix admins should read! How many questions don’t U get about which version of the client to use and why etc?
This document describes the various versions of Receivers for Windows, lists the reasons for upgrading, and recommends best practices for upgrading to the latest version of Receiver based on specific circumstances.
Note: The Online Plug-in 12.x will reach end of its maintenance in March 2013. Customers using Online Plug-in with XenApp 5, XenApp 6.x, XenDesktop 4.x, or XenDesktop 5.x must upgrade to the latest version of Receiver for Windows 3.X prior to that date where practical.
Citrix Receiver is the latest Citrix software you install on Windows end points to gain access to virtualized apps and desktops. It is also regularly installed on virtual desktops to enable access to virtualized apps.
The name of Citrix client software and the built-in functions are changed over the years. The clients in common use today are the Online Plug-in for Windows 12.X and the Receiver for Windows 3.X.
Where the Online Plug-in for Windows 12.X provided Web and PNAgent support, Receiver for Windows 3.X provides additional support. It can be configured for self-service access to applications, VPN-less remote access, single sign-on the Windows, Web, and SaaS applications, and has a built-in method to check for updates.
Both the Online Plug-in and Receiver have two versions.
- The Online Plug-in Web is used solely for Web access to applications and the Online Plug-in (Full) supports Web access as well as PNA Services. The Full version supported SSO, Smart Cards, and access to apps through the Start menu
The standard Receiver for Windows, CitrixReceiver.exe, can be considered is a complete replacement for the Online Plug-in Web and largely a replacement for the Online Plug-in (Full). It can be used for web access. It can be configured to access PNA Services. And it can also be used with the latest versions of StoreFront, CloudGateway (App Controller), and Access Gateway to provide a rich set of services. It contains the latest, multithread, multi-stream HDX engine.
Top 10 #CitrixSynergy sessions…watch them today!
Have a look at the 10 most popular Citrix synergy sessions! They are now uploaded and ready for you to see:
- SYN501: Geek Speak Tonight! (Desktop Virtualization panel) & SYN501 (Mobility panel)
- SYN415: Advanced best practices for migrating from Web Interface to StoreFront
- SYN321: Next-generation desktop and app delivery with XenDesktop 7, Microsoft System Center 2012
- SYN334: What’s new in XenDesktop and XenApp Platinum
- SYN320: XenDesktop 7: what you should know about FlexCast management architecture and XenApp migration
- SYN299: One Step Beyond – An audience with the Citrix CTO’s
- SYN322: XenDesktop 7: reinventing HDX for mobile, 3D graphics and beyond
- SYN222: Architecting a global XenApp farm with regional users using NetScaler and StoreFront
- SYN404: Introducing the Citrix Diagnostic Toolkit
- SYN206: What’s new in ShareFile Enterprise
Continue reading here!
//Richard
#XenMobile, #MobileSolutions – Is this what we’ve been waiting for? – #Citrix, #ZenPrise, #BYOD
Ok, so Citrix has now presented their new offering after merging Zenprise into their product portfolio. And is this what you have been waiting for?
My personal answer to that is probably yes, now you have all the capabilities (almost) out there to get your BYOx program/strategy and architecture in place or if you just want to add additional capabilities to your existing service offerings.
I must say though that the packaging is compelling and VERY interesting!
Citrix Mobile Solutions Bundle
The Citrix Mobile Solutions Bundle, which is comprised of XenMobile MDMand CloudGateway, offers a complete enterprise mobility management solution that enables IT to manage and secure devices, apps, and data.
XenMobile MDM Edition
XenMobile MDM Edition offers market leading mobile device management capabilities that deliver role-based management, configuration and security of corporate and employee-owned devices.
What I’d like to see is a roadmap where Citrix becomes an even more complete provider of technology in the Mobility segment. I still believe that Mobility is not only about smartphones and tablets and all the apps that you shall deliver to those devices and non-managed and non-corporate owned devices. There is still a need to provide device management of corporate assets that are not smartphones and tablets! And why should you have to implement another device management service/product for those.
So please Citrix = add Windows 7/8, OS X and Linux device capabilities as well in your almost complete Enterprise Mobile Management offering!
The offering is of course also today an early release where the former Zenprise product and CloudGateway is provided under the same marketing and price bundle but I’m waiting for when we have one (1) enterprise app store! And all capabilities from one technical architecture and product that you enable each capability on a need basis and are licensed accordingly.
But this is a great step for Citrix and I must say that I’m looking forward to see where this is going, I mean the feature set is pretty awesome!
Compare Features |
XenMobile MDM Edition |
Mobile Solutions Bundle |
| Enterprise MDM | ||
| Device management |  |
|
| Configure policies | |
|
| Security and compliance | |
|
| Scalability and high-availability | |
|
| Ease of administration | |
|
| Provisioning and self-service enrollment | |
|
| Enterprise integration | |
|
| Monitor and support | |
|
| Decommission devices | |
|
| Secure email, browser and data sharing apps | ||
| @WorkMail | |
|
| Email attachment encryption | |
|
| @WorkWeb | |
|
| ShareFile integration | |
|
| Microsoft SharePoint integration | |
|
| Mobile app containers | ||
| Mobile application management | |
|
| MDX Vault | |
|
| MDX Interapp | |
|
| MDX Access | |
|
| App wrapping | |
|
| Unified app store | ||
| Enterprise app store | |
|
| Follow-me apps | |
|
| Identity management, single sign-on and scenario-based access control | ||
| Active Directory integration | |
|
| Instant application and data provisioning | |
|
| Single sign-on to apps and data | |
|
| App requests | |
|
| Instant application and data de-provisioning | |
|
| Strong authentication | |
|
| Secure remote access | |
|
| Policy enforcement | |
|
More information about the technologies have also been added to eDocs!
Of course also made their competition table:
Compare the Mobile Solutions Bundle to other enterprise mobility solutions
These are exciting times and I’m looking forward to play around with the whole bundle!
Read more about XenMobile/Mobile Solutions here!
//Richard
February Edition of #Citrix #XenDesktop Technical Newsletter Now Available
February XenDesktop newsletter is out! Here’s a subset of what you can read from the Citrix blog post.
Using XenDesktop? Then you need to get the XenDesktop Technical Newsletter! The newsletter is comprised of the best technical resources from across Citrix Services: Consulting, Technical Support, Education, and Technical Readiness. In its third year the newsletter is designed to help customers run their XenDesktop optimally and get more out of their investment in Citrix desktop virtualization. And its FREE!
I am pleased to announce that the February 2013 edition of the newsletter is now available.
Check out the archive page, where you can access both the current and past issues, as well as subscribe to the FREE monthly newsletter.
The February edition of the newsletter is packed with great content, including:
- Optimal XenApp 6.5 VM Configuration (Blog)
- Introduction to the new Project Accelerator (Blog)
- Deploying XenApp 6.5 using PVS (Blog)
- Insider Troubleshooting tips for Administrators (eBook)
- Whats new with Excalibur (Blog)
- Top Knowledge Center content for December 2012 (Articles, hotfixes, whitepapers, etc…)
- How to configure Access Gateway 5 standalone for use with XD5 (tech note)
- XenDesktop Tools & Hotfixes
- And much more.
If you have any feedback/suggestions please let us know. Also don’t forget to Sign-up now!
//Richard
What’s new with Access Gateway MAC Plug-in release 2.1.4 – #Citrix, #AG, #Receiver
Another great blog post from Prashant! You rock! 😉
The new Citrix Access Gateway Appliance release 10.0.71.6014.e brings along with it the new MAC plug-in release 2.1.4. MAC OS, along with Microsoft Windows, are the two main desktop platforms supported by Citrix Access Gateway for full SSL Tunnel. The AG plug-in is most commonly used in tandem with Citrix Receiver, to provide access to your virtual applications and desktops, provided by XenApp & XenDesktop respectively. The Receiver and AG plug-in also work together to provide end users access to intranet web and SaaS resources via Citrix CloudGateway.
The new 2.1.4 plug-in brings the following new enhancements for Citrix Receiver users:
- Seamless Desktop Receiver experience: With this release of Access Gateway plug-in, end users will no longer have to sign into the plug-ins as a manual step, to access apps / sites that require a full SSL tunnel. Receivers automatically launch a SSL VPN session via Access Gateway as needed. Result is – end user just deals with Citrix Receiver and Receiver internally (and automatically) deals with Access Gateway on user’s behalf.
- EPA with ICAProxy / CVPN: Receivers can now seamlessly launch AG plug-ins to connect to an Access Gateway vServer configured with End Point Analysis policies, in ICAProxy and CVPN modes as well. Earlier, this was supported only for Full Tunnel access.
- ….
Continue reading here!
//Richard
#NetScaler #SDX design and best practise
Ok, I understand that this is something that I’ve touched upon before as well and received some comments on (NetScaler MPX vs. SDX dilemma). But I’ll still continue the reasoning behind why I think that the NetScaler SDX architecture is great, and that is needs to be offered on all the different platforms/appliance types/sizes!
To kick off the reasoning I recommend that you read this post; #NetScaler #AAA on NS 10.00 Build 70.7 = watch out!. When you’ve read both previous posts I hope that you see where I’m now going with all of this…
Just have a look at this picture where I’m trying to illustrate two design options for how you could build your NetScaler service for a tenant;
And if you then keep in mind about the AAA bug that caused the whole NetScaler engine to crash, what happens in the top scenario if this VPX had been affected? Think about if that NetScaler hosted network connectivity to you public cloud services with workloads, all SSL VPN users connected to the enterprise, all ICA/HDX proxy users into XenApp/XenDesktop, and also provided AAA features to the enterprise web apps used by customers and partners etc.? Wow, that would actually mean that one single 401 basic authentication could have taken down EVERYTHING!
But; if you would have separated your capabilities/features into separate VPX’s then you wouldn’t have had that issue. The “only” thing that would have happened if you ran into an issue that caused the NetScaler to crash then it would only affect that VPX (AAA VPX in the scenario above).
So my personal view is that it’s great that Citrix provides all the features on one appliance/instance. But it also adds quality and test efforts on Citrix to ensure that they perform testing of ALL features and functions before releasing a new build. And that may affect the lead-time to get fixes and new builds released and quality may also be impacted… and that’s what I’m afraid of is happening. So a little word of advice; separate workloads/features when you can and when you don’t want this big of a risk, and prey that Citrix soon delivers the SDX architecture on all appliances! And they would of course perhaps not just sell the larger boxes like they force us into today even if the bandwidth capabilities of that box isn’t required. But they would instead sell more VPX’ on top of the HW, that’s at least what I think.
Comments?
Cheers!
//Richard
NetScaler MPX vs. SDX dilemma
Hi again!
Ok, I may be totally off and wrong here but I see a bit of a problem with the Citrix product packaging and offering around the whole NetScaler product.
I love the fact that the product is available as virtual appliances (VPX) and physical appliances (MPX) and the lovely “mix-product” which is the SDX platform. The SDX is a lovely addition and I see so many reasons for why you want to go towards that platform, so bear with me.
The NetScaler product itself is a great product and the feature set it rich! It’s definitely rich in terms of what features it offers from the same appliance! Some of the marketing of the product against competitors is that you can do it all (GSLB, LB, SSL offloading, SSL VPN, Application Firewall, ICA/HDX proxy etc.) on one appliance instead of purchasing several. Have a look at the editions of the product and the rich feature offering;
But I must challenge this whole idea of putting all features/capabilities on one appliance! What if you decide to build a service on the NetScaler product and decide to provide these capabilities;
- Access Gateway
- Network Connect (SSL VPN access)
- Network Proxy (ICA/HDX proxying)
- End-to-end Web Security (AAA etc.)
- Load Balancing (LB, GSLB)
So imagine that if for some reason you need a new version of the NetScaler appliance or if Citrix provides a fix for a bug/issue that is related to one of the capabilities. Then you have to stop your whole service delivery of all of them just to apply a patch/update targeted for one of them. Is that good from an incident, problem, change management point of view? I guess that’s why I like the SDX platform where I then can put the capabilities on different VPX instances on the same SDX HW platform.
This then also leads you to the whole cost of the service if you also like this idea of separation of duties, how much does the SDX cost and what does the VPX instances cost (they are purchased in bundles of 5 where 5 is included with the SDX purchase). And except for the cost of the HW, SW and SA you have the complexity that you have to select which of the SDX platforms to choose (see a more detailed NetScaler Datasheet here). And this is the biggest issue as I see it! I’d like to recommend the SDX platform to more customers than the enterprise segment. But then you have an issue, the SDX platforms starts on the 11 500 appliance.
Why doesn’t Citrix offer the SDX model on the smaller appliances?? I’d like to understand that because I think that most customers out there will not require that much throughput or CCU etc that the 11 500 delivers….
And there are more reasons to why you would like an SDX model other than separation of duties.. but more on that in another post.
Cheers!
//Richard
Lync 2013 client preview for VDI/Hosted Virtual Desktop environments
This is an update in the right direction for getting all Lync features to work in a hosted environment! But where are we on this topic of getting the collaboration features etc. to our end-users in a good way to the “Any Device” and “Anywhere” or BYOD if that’s what you wanna call it?
Before there has been a lot of issues with running Lync and what’s supported feature-wise depending on where you ran Lync, what protocol you where accessing it over and how Lync was presented (either as published desktop or as a published app). And this had it’s challenges for companies that for instance wanted to go to a BYOD model where the end-point device the user was sitting on wsn’t managed and didn’t allowed Lync to be installed and where those users then were relying on their XenApp or XenDesktop environment. And then there are features that aren’t supported or let’s say; didn’t work that well and really loaded the host server.
The table below is from a great Microsoft blog post by Jesper Osgaard where he compares the features of Lync in a virtualized environment;
What did Citrix do about it? Well first they released the HDX Realtime Optimization Pack for Microsoft Lync to address these issues and to ensure improved Lync functionality. And I must give Citrix credit for adding support for Linux directly!
The IT Melting Pot! 