Archive
Azure AD Premium a visionary in Gartner IDaaS Magic Quadrant! I love it! – #Azure, #AzureAD, #IDaaS
This is awesome! I just love what Microsoft is doing with all the cool Azure offerings! That’s also why I’ve been digging deeper into this area lately and also took the Microsoft Specialist – Architecting Microsoft Azure Solutions exam and been playing around with Azure AD, DirSync and ADFS a lot.
Now with the whole release of Windows 10, Azure AD, Intune, ADFS and System Center we’re going to have a lovely story going forward with how to do client management going forward, just take a Windows 1o device, join it through Azure AD, Intune and federation and then sign in using your on-premise AD credentials. On top of that you can also then leverage Azure AD or federation with it for your SaaS apps as well and with SSO, and why not use the Azure connector to make your on-premise web apps available on the Internet with authentication as well!
Microsoft and Azure rocks!
Now also with the magic quadrant from Gartner that shows how well Microsoft is doing! It look very promissing, and just think about combingin all this also with Citrix Workspace cloud going forward! So great! 🙂
Gartner just released their Magic Quadrant for Identity Management as a Service (IDaaS) and after only ~10 months in market, Azure AD premium was placed in the “Visionary” quadrant, far to the right of our competitors for our completeness of vision and our ability to execute, only slightly below companies with established, multi-year track records.
If you are a Gartner client, you can find the report here. We will have a complimentary copy to share soon, so please check back.
We’re really pleased with this result. We believe it validates our vision of providing of a complete solution for hybrid identity management, a solution that includes not just a directory and employee identity management, but full suite of identity capabilities, an integrated device management offering (Microsoft Intune), leading edge information protection (Azure RMS) and a robust set monitoring and security capabilities.
I am especially delighted by this validation because it says a lot about our customers, implementation partners and ISV partners who have worked together with us. They have been awesome about sharing their time and energy every day, to make sure that the products and services we build meet their needs and are helping them position their companies to thrive in the emerging world of cloud and devices.
This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Microsoft.
Gartner does not endorse any vendor, product…
Continue reading here!
//Richard
Which #DaaS architecture is right? – #Azure, #RemoteApp, #Microsoft, #Citrix, #Workspace
I really feel for you Solution Architects out there that have to struggle with how to revamp your companies or customers Hosted Desktop/App services. They may be provided by a service provider today, or you do it yourself on-premise and manage them, or you’ve already taken the step to purchase it as a true DaaS/SaaS service from a public cloud provider. Today the options are many, and too many if you add all the hosting models and the technology options you have. From a business perspective you’re getting the heat to deliver something with the word “cloud” in it just because it’s hot, and management then expect that TCO is sooooo low and that you have now problems in delivering at all within a couple of weeks and you can scale up and down without any issues at all from a financial or technical perspective… 😉
Often you also don’t even have the business, security, functional or technical requirements either so you’re supposed to come with the magic solution that fits all needs! 😉
My personal view is also that some of our vendors/partners out there don’t seem to have one (1) clear strategy either (at least not officially).
Some are building and providing their own “cloud architecture” models for DaaS for partners to build on (VMware, Citrix, Microsoft etc.), and then they also are providing specific models for certain partners as well that run on top of other cloud solutions, like Citrix Service Provider (CSP) offerings on Azure or on-premise. As a partner to these companies you also are in a tough spot, are you to partner with them and deliver their technology on your infrastructure, or shall you wait until they deliver a fully working public cloud offering (like WorkSpace Services) and then add your added value on top of that? Options are many and I don’t think that Citrix has given their whole story yet, I still think that they business wise need to go where Microsoft is going by providing a DaaS service by themselves directly to customers and thereby also “cut” the partner network out because once the technology and self-service becomes to easy then what shall they add as value then? There will always be customers that wants help to onboard, operate etc. of course but this will be another type of service and many Citrix and Microsoft partners need to be become more solution focused and get away from the SME space and deliver integration and more IT management consulting skill sets instead.
But let’s get back to more technology…
I’ve been kind of waiting to get some time over to test the RemoteApp service in Azure. I personally think that this is the future and they way that many small to medium size business fairly short shall start to look at. Not all of these companies have the skill set or financials to look at building a good Software-as-a-Service (SaaS) offerings of Windows applications internally. I’m a bit annoyed though that out of the box there isn’t any Desktop-as-a-Service (DaaS) offering and that it’s still just the RDS/Hosted Shared Desktop model that is provided. A real Hosted Virtual Desktop or VDI offering would be nice and a license model that goes with it from Microsoft.
There are today so many different options that companies that want to provide or consume a DaaS service can leverage today, Citrix Service Providers have all of their options in terms of technology stacks (CloudStack, CloudPlatform, CSP for Azure, App Orchestration 2.5, Microsoft System Center, Azure Pack and all options that are out there)… but which one shall/can you select? And what if you’re NOT a Citrix service provider and have a huge datacenter and haven’t already done your CAPEX investments around compute, network and storage etc..? Where do you then turn?
I think that here is where RemoteApp and a future Workplace Services offerings with Citrix on top would be great! You as a customer can turn to a partner/consultant company to get guidance and assess all your requirements and then easily be provisioned an environment that is of the “standard cloud offering” or get a customised one tailored specifically for your needs.
Like in my little demo scenario here I provisioned a fully functional RemoteApp environment that hosted all of the Microsoft Office 2013 apps that I use and also got a lot of storage at the same time… in almost no time at all!
Azure RemoteApp helps employees stay productive anywhere, and on a variety of devices – Windows, Mac OS X, iOS, or Android. Your company’s applications run on Windows Server in the Azure cloud, where they’re easier to scale and update. Users can access their applications remotely from their Internet-connected laptop, tablet, or phone. While appearing to run on the users’ local device, the applications are centralized on Azure’s protected, reliable platform.
Azure RemoteApp combines Windows application experiences with the powerful capabilities of Remote Desktop Services on Microsoft Azure – the cloud for modern business.
I also like the licensing model:
- Azure RemoteApp is priced per user and is billed on a monthly basis.
- The service is offered in two tiers: Basic and Standard. Basic is designed for lighter weight applications (e.g. for task workers). Standard is designed for information workers to run productivity applications.
- Pricing: Each service has a starting price per user that includes 40 hours of service per user. Thereafter, a per hour charge is applied for each user hour up to a capped price per user. You will not pay for any additional usage beyond the capped price in a given month.
RDS on Azure example quote:
More Azure solution pricing examples: http://blogs.technet.com/b/uspartner_ts2team/archive/2014/10/14/more-azure-solution-pricing-examples.aspx
What if you then also shall put Citrix on top of that… cost increases of course and still you’re kind of limited of being a SPLA or CSP in order to build this, or you go and ask a SPLA/CSP to provide it for you if you’re an end-customer.
But back *again* to the test-drive that I did of RemoteApp…
#Citrix #NetScaler Traffic Domains ins and outs – via @barryschiffer
Another great blog post by Barry!!! Keep up the great work!!
Citrix NetScaler Traffic Domains are a way of segmenting network traffic for different applications or even tenants. You are able to use a traffic domain to create fully isolated network environments on a single NetScaler instance. An instance is a single appliance or a HA setup of two appliances.
Citrix NetScaler Traffic Domains were introduced with NetScaler 10.0. At first NetScaler Traffic Domains started as a somewhat hidden feature which you could only configure by CLI. As of version 10.1 Traffic Domains are fully configurable in the NetScaler GUI which makes it a lot simpler to use.
In a way NetScaler Traffic Domains could compete with the NetScaler SDX platform. With Traffic Domains we segment networks on a single NetScaler instance instead of the SDX where we create a virtual appliance per network segment.
A downside of using NetScaler Traffic Domains is the fact that some features are only supported for usage inside of Traffic Domain 0. Traffic Domain 0 is the default Traffic Domain, all services run inside Traffic Domain 0 unless explicitly specified.
An example of non supported features are NetScaler Management and NetScaler Gateway. For a complete list of supported features follow this link.
For non supported features for which you need isolation you have two options, NetScaler SDX or additional NetScaler appliances (virtual or physical).
My expectations are that we will see more and more features being supported on NetScaler Traffic Domains. An amazing feature would be to enable management functionality on Traffic Domains where you would only be able to manage or create services assigned to that Traffic Domain. This would be especially useful for multi-tenancy or multi management in situations where for example one team manages Mobility and one team managing a web application.
A few use cases Citrix describes for NetScaler Traffic Domains:
- Use of duplicate IP addresses
- Use of duplicate NetScaler entities
- Multi Tenancy
A use case I’m actually using NetScaler Traffic Domains for is the ability to deliver services in a DMZ as well as an internal network.
Internal Network services like Microsoft Exchange Client Access Services and Microsoft App-V are heavy on traffic and I don’t like those services traversing the firewall in the DMZ. This also works great combined with Direct Server Return (DSR) which is blocked by most firewalls. Check out more on DSR combined with App-V on this article by Ingmar Verheij.
#Gartner Magic Quadrant for Application Delivery Controllers – #ADC, #NetScaler, #Citrix
Citrix is positioned in the Leaders Quadrant for Application Delivery Controllers for the seventh consecutive year: the Gartner Magic Quadrant Report focuses on vendor’s ability to solve complex application deployment challenges. Don’t miss this chance to learn from Gartner’s independent research.
NetScaler is well established as the industry’s leading internet delivery system, touching an estimated 75 percent of internet users each day. Citrix builds on this leadership to provide the world’s most advanced cloud networking platform, giving customers a single, integrated solution that brings the elasticity, simplicity and expandability of the cloud to any network. This combination helps customers deliver public and private cloud services with the best performance, security and reliability to any device. Learn more about the importance of this recognition by reading this recent press release.
Source: Gartner (October 2013). The full 2013 Gartner Application Delivery Controller Magic Quadrant, report can be viewed on the Gartner website.
//Richard
How to pick virtualization (HW, NW, Storage) solution for your #VDI environment? – #Nutanix, @StevenPoitras
Here we are again… a lot of companies and Solution Architects are scratching their heads thinking about how we’re going to do it “this time”.
Most of you out there have something today, probably running XenApp on your VMware or XenServer hypervisor with a FC SAN or something, perhaps provisioned using PVS or just managed individually. There is also most likely a “problem” with talking to the Storage team that manage the storage service for the IaaS service that isn’t built for the type of workloads that XenApp and XenDesktop (VDI) requires.
So how are you going to do it this time? Are you going to challenge the Storage and Server/IaaS service and be innovative and review the new cooler products and capabilities that now exists out there? They are totally changing the way that we build Virtual Cloud Computing solutions where; business agility, simplicity, cost savings, performance and simple scale out is important!
There is no one solution for everything… but I’m getting more and more impressed by some of the “new” players on the market when it comes to providing simple and yet so powerful and performing Virtual Cloud Computing products. One in particular is Nutanix that EnvokeIT has partnered with and they have a truly stunning product.
But as many have written in many great blog posts about choosing your storage solution for your VDI solution you truly need to understand what your service will require from the underlying dependency services. And is it really worth to do it the old way? You have your team that manages the IaaS service, and most of the times it just provides a way for ordering/provisioning VM’s, then the “VDI” team leverages that one using PVS or MCS. Some companies are not even where they can order that VM as a service or provision it from the Image Provisioning (PVS/MCS) service, everything is manual and they call it a IaaS service… is it then a real IaaS service? My answer would be now… but let’s get back to the point I was trying to make!
This HW, Hypervisor, Network, Storage (and sometimes orchestrator) components are often managed by different teams. Each team are also most of the times not really up to date in terms of understanding what a Virtualization/VDI service will require from them and their components. They are very competent in understanding the traditional workload of running a web server VM or similar, but not really dealing with boot storms from hundreds to thousands of VDI’s booting up, people logging in at the same time and the whole pattern of IOPS that is generated in these VM’s “life-cycle”.
This is where I’d suggest everyone to challenge their traditional view on building Virtualization and Storage services for running Hosted Shared Desktop (XenApp/RDS) and Hosted Virtual Desktop (VDI/XenDesktop) on!
You can reduce the complexity, reduce your operational costs and integrate Nutanix as a real power compute part of your internal/private cloud service!
One thing that also is kind of cool is the integration possibilities of the Nutanix product with OpenStack and other cloud management products through its REST API’s. And it supports running both Hyper-V, VMware ESXi and KVM as hypervisors in this lovely bundled product.
If you want the nitty gritty details about this product I highly recommend that you read the Nutanix Bible post by Steven Poitras here.
How To: #XenMobile #MDM 8.5 Deployment Part 3: Policies – #Citrix
And here U have part 3 of Adams great blog post series!
In this 3rd part of my 7 part series on XenMobile MDM 8.5 we will focus on policies. Policies within MDM allow you to control a multitude of features on your end users mobile devices, including: WiFi, Email, VPN, Location Services, most all functionality of the device (camera, FaceTime, etc), AppStore access, etc. Most configuration variations you do to control and limit/restrict/configure your end users devices will be done from this tab. This tab is also the location where we can create some automated actions that include notifying your users when they have fallen out of compliance.
If you would like to read the other parts in this article series please go to:
- How To: XenMobile MDM 8.5 Deployment Part 1: Installation
- How To: XenMobile MDM 8.5 Deployment Part 2: Basic Configuration
In this article I was to cover a “base” set of policy configurations that will give you a feel of how the policies work in general. By no means does this cover the breadth of what you can do with MDM, but it at least gives you a glimpse.
I want to accomplish the following in this article:
- Set a passcode policy on the device
- Block iCloud from syncing documents
- Preconfigure a WiFi network on my device (so that your users could come into the office with WiFi already configured and never have been given the password)
- Blacklist Dropbox, Box, and SkyDrive applications
- Notify the user their device as Out of Compliance (OoC) if those apps are installed
- Mark the device as OoC in the dashboard
.Configure a Passcode Policy
Configuring #ShareFile and #SAML Walkthrough – via @andyjmorgan
Another great blog post by Andrew! Great job!
While working with a customer recently on a sharefile implementation, I set about creating a SAML / Active Directory single sign on deployment. Configuring ADFS and SAML were complete unknowns to me so I set about documenting the process end to end for future reference.
The end result of this activity will allow you to login to sharefile using a native account (think Guest) or an active directory account (think internal user).
What you will need in order to follow this guide:
- An enterprise Sharefile account.
- A local domain.
- An active directory service account. (standard user rights are fine)
- A windows 2012 server to host ADFS (windows 2008 r2 is fine, but you’ll need to install ADFS 2.0 manually).
- This windows server must be accessible via https (443) from the internet. (Netscaler SSL works fine).
- An external trusted certificate for the web server hosting saml (e.g. adfs.yourdomain.com). For this walk through, I’ll assume you have already done this. *
- A copy of the Sharefile User Management Tool.
- About 2-3 hours spare.
* for this, generate a server certificate and import it into the local machines personal certificates.
Steps:
- Installing Active Directory Federated Services.
- Configuring Federated Services.
- Configuring Sharefile for SAML.
- Syncing Active Directory users with Sharefile.
- Testing the saml login….
Continue reading here!
//Richard
#Microsoft to acquire #Nokia’s devices & services business
This is interesting, but I must admin that I’m not that surprised…
Microsoft to acquire Nokia’s devices & services business, license Nokia’s patents and mapping services
REDMOND, Washington and ESPOO, Finland – Sept. 3, 2013 – Microsoft Corporation and Nokia Corporation today announced that the Boards of Directors for both companies have decided to enter into a transaction whereby Microsoft will purchase substantially all of Nokia’s Devices & Services business, license Nokia’s patents, and license and use Nokia’s mapping services.
Under the terms of the agreement, Microsoft will pay EUR 3.79 billion to purchase substantially all of Nokia’s Devices & Services business, and EUR 1.65 billion to license Nokia’s patents, for a total transaction price of EUR 5.44 billion in cash. Microsoft will draw upon its overseas cash resources to fund the transaction. The transaction is expected to close in the first quarter of 2014, subject to approval by Nokia’s shareholders, regulatory approvals and other closing conditions.
Building on the partnership with Nokia announced in February 2011 and the increasing success of Nokia’s Lumia smartphones, Microsoft aims to accelerate the growth of its share and profit in mobile devices through faster innovation, increased synergies, and unified branding and marketing. For Nokia, this transaction is expected to be significantly accretive to earnings, strengthen its financial position, and provide a solid basis for future investment in its continuing businesses. Read more…
Microsoft is progressing quickly! – SkyDrive Pro updated to 25GB and improved sharing – via @BasvanKaam
I must say this once again, Microsoft looks to be on the right track when it comes to getting back as one strong supplier of services in the future/present “BYOD” world. As I wrote in my post #Microsoft – On the right track! – #Windows, #BYOD, #Citrix now Microsoft is actually targeting to solve many of the gaps that we see with today services for BYOx scenarios. For instance how to manage what you want on top of the device (Azure, Intune, SkyDrive, Work Folders etc…) in a controllable fashion and not a full managed device that costs you a fortune to manage… and ShareFile, Box and others are great solutions that have many features that SkyDrive doesn’t have. But there is one thing that they all lack (or please enlighten me!!):
Encryption at rest on Windows, OS X and Linux OS’s/distributions, here all providers are leaning on that you already have hard drive encryption like BitLocker etc. But who manages that then? Can you then say that your service is “BYOD-compliant”? I wouldn’t say so… It’s not only SmartPhones and Tablet devices that we loose… but here Microsoft and SkyDrive may be the first to come with encryption on at least Windows 8.1 devices and somewhat manageable…
But again back to the announcement from Microsoft and SkyDrive:
Microsoft announced today that it is giving business users more storage space and a better way to share files across multiple devices. As first reported by TechCrunch, through its SkyDrive Pro accounts, employees will now receive 25GB of storage to start out with, a sharp increase from 7GB — and even this capacity can be increased to 50GB or even 100GB. Additionally, using SkyDrive’s Shared with Me view, users can share files with their friends and co-workers securely and in real-time.
According to Microsoft Senior Product Managers Mark Kashman and Tejas Mehta, the new storage space limits will be available for both new and existing customers.
This certainly makes the service standout among its competitors, namely Dropbox and Box. It was only about a week or so ago when the latter heralded in the launch of a new pricing plan aiming to increase the number of small businesses using its service. For personal users, Box also wound up doubling the amount of free storage they received.
Here’s how you can figure out the overall storage for each user:
With Office 365, you get 25 GB of SkyDrive Pro storage + 25 GB of email storage + 5 GB for each site mailbox you create + your total available tenant storage, which for every Office 365 business customer starts at 10 GB + (500 MB x # of user(s)1).
While Dropbox, Box, and Hightail certainly are some of the popular services out there today, SkyDrive isn’t something to be trifled with either. Through its integration with the Surface, Windows Phone, and other Microsoft products, along with iOS and Android devices, it has the potential to be a very powerful service.
As for the new sharing feature, just like you would perhaps see in Google Drive or any other cloud storage service, SkyDrive Pro is now offering a Shared with Me view that lets you take a shared document and view, edit, re-share, download, and more — all as if it were in your own storage bin.
But Microsoft isn’t stopping there, as it is adding several minor, but interesting enhancements to SkyDrive. The company has also increased the overall file upload limit to its SharePoint Online service to 2GB per file. Files placed into the recycle bin will now remain…
Continue reading here!
//Richard
#Microsoft finds a new way to deliver a private #cloud in a box – #Azure via @maryjofoley
Interesting!!!! 🙂
It took three years from when it was first announced, but Microsoft may have found a way to deliver a private cloud in a box.
The company’s vision and strategy for doing this has gone through many twists and turns.
Microsoft’s original plan was to provide its largest partners and even a few, select enterprise users a so-called Azure Appliance. Announced in 2010, the Azure Appliances were to be carried by Dell, Fujitsu and HP. These OEMs were to provide the servers which could be installed in partner and select enterprise customers’ datacenters. Microsoft was supposed to provide and maintain Windows Azure as a service to these servers.
The only partner that ever delivered an Azure Appliance was Fujitsu, which announced availability in August 2011. But some time in the past few months, Microsoft ended up dropping its Azure Appliance plans, without ever officially announcing it was dead.
The IT Melting Pot! 