Archive

Posts Tagged ‘network proxy’

NetScaler MPX vs. SDX dilemma

October 3, 2012 9 comments

Hi again!

Ok, I may be totally off and wrong here but I see a bit of a problem with the Citrix product packaging and offering around the whole NetScaler product.

I love the fact that the product is available as virtual appliances (VPX) and physical appliances (MPX) and the lovely “mix-product” which is the SDX platform. The SDX is a lovely addition and I see so many reasons for why you want to go towards that platform, so bear with me.

The NetScaler product itself is a great product and the feature set it rich! It’s definitely rich in terms of what features it offers from the same appliance! Some of the marketing of the product against competitors is that you can do it all (GSLB, LB, SSL offloading, SSL VPN, Application Firewall, ICA/HDX proxy etc.) on one appliance instead of purchasing several. Have a look at the editions of the product and the rich feature offering;

NetScaler Features

But I must challenge this whole idea of putting all features/capabilities on one appliance! What if you decide to build a service on the NetScaler product and decide to provide these capabilities;

  • Access Gateway
    • Network Connect (SSL VPN access)
    • Network Proxy (ICA/HDX proxying)
  • End-to-end Web Security (AAA etc.)
  • Load Balancing (LB, GSLB)

So imagine that if for some reason you need a new version of the NetScaler appliance or if Citrix provides a fix for a bug/issue that is related to one of the capabilities. Then you have to stop your whole service delivery of all of them just to apply a patch/update targeted for one of them. Is that good from an incident, problem, change management point of view? I guess that’s why I like the SDX platform where I then can put the capabilities on different VPX instances on the same SDX HW platform.

This then also leads you to the whole cost of the service if you also like this idea of separation of duties, how much does the SDX cost and what does the VPX instances cost (they are purchased in bundles of 5 where 5 is included with the SDX purchase). And except for the cost of the HW, SW and SA you have the complexity that you have to select which of the SDX platforms to choose (see a more detailed NetScaler Datasheet here). And this is the biggest issue as I see it! I’d like to recommend the SDX platform to more customers than the enterprise segment. But then you have an issue, the SDX platforms starts on the 11 500 appliance.

Why doesn’t Citrix offer the SDX model on the smaller appliances?? I’d like to understand that because I think that most customers out there will not require that much throughput or CCU etc that the 11 500 delivers….

And there are more reasons to why you would like an SDX model other than separation of duties.. but more on that in another post.

Cheers!

//Richard

%d bloggers like this: