Archive

Posts Tagged ‘Services’

Azure AD Premium a visionary in Gartner IDaaS Magic Quadrant! I love it! – #Azure, #AzureAD, #IDaaS

This is awesome! I just love what Microsoft is doing with all the cool Azure offerings! That’s also why I’ve been digging deeper into this area lately and also took the Microsoft Specialist – Architecting Microsoft Azure Solutions exam and been playing around with Azure AD, DirSync and ADFS a lot.

Now with the whole release of Windows 10, Azure AD, Intune, ADFS and System Center we’re going to have a lovely story going forward with how to do client management going forward, just take a Windows 1o device, join it through Azure AD, Intune and federation and then sign in using your on-premise AD credentials. On top of that you can also then leverage Azure AD or federation with it for your SaaS apps as well and with SSO, and why not use the Azure connector to make your on-premise web apps available on the Internet with authentication as well!

Microsoft and Azure rocks!

Now also with the magic quadrant from Gartner that shows how well Microsoft is doing! It look very promissing, and just think about combingin all this also with Citrix Workspace cloud going forward! So great! ūüôā

Gartner just released their Magic Quadrant for Identity Management as a Service (IDaaS) and after only ~10 months in market, Azure AD premium was placed in the “Visionary” quadrant, far to the right of our competitors for our completeness of vision and our ability to execute, only slightly below companies with established, multi-year track records.

If you are a Gartner client, you can find the report here. We will have a complimentary copy to share soon, so please check back.

We’re really pleased with this result. We believe it validates our vision of providing of a complete solution for hybrid identity management, a solution that includes not just a directory and employee identity management, but full suite of identity capabilities, an integrated device management offering (Microsoft Intune), leading edge information protection (Azure RMS) and a robust set monitoring and security capabilities.

I am especially delighted by this validation because it says a lot about our customers, implementation partners and ISV partners who have worked together with us. They have been awesome about sharing their time and energy every day, to make sure that the products and services we build meet their needs and are helping them position their companies to thrive in the emerging world of cloud and devices.

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Microsoft.
Gartner does not endorse any vendor, product…

Continue reading here!

//Richard

Which #DaaS architecture is right? – #Azure, #RemoteApp, #Microsoft, #Citrix, #Workspace

December 22, 2014 Leave a comment

I really feel for you Solution Architects out there that have to struggle with how to revamp your companies or customers Hosted Desktop/App¬†services. They may be provided by a service provider today, or you do it yourself on-premise and manage them, or you’ve already taken the step to purchase it as a true DaaS/SaaS service from a public cloud provider. Today the options are many, and too many if you add all the hosting models and the technology options you have.¬†From a business perspective you’re getting the heat to deliver something with the word “cloud” in it just because it’s hot, and management then expect that TCO is sooooo¬†low and that you have now problems in delivering at all within a couple of weeks and you can scale up and down without any issues at all from a financial or technical perspective… ūüėČ

Often you also don’t even have the business, security, functional or technical requirements either so you’re supposed to come with the magic solution that fits all needs! ūüėČ

My personal view is also that some of our vendors/partners out there don’t¬†seem to have one (1)¬†clear strategy either (at least not officially).

Some are building and providing their own “cloud architecture” models for DaaS for partners to build on (VMware, Citrix, Microsoft etc.), and then they also are providing specific models for certain partners as well that run on top of other cloud solutions, like Citrix Service Provider (CSP) offerings on Azure or on-premise. As a partner to these companies you also are in a tough spot, are you to partner with them and deliver their technology on your infrastructure, or shall you wait until they deliver a fully working public cloud offering (like WorkSpace Services) and then add your added value on top of that? Options are many and I don’t think that Citrix has given their whole story yet, I still think that they business wise need to go where Microsoft is going by providing a DaaS service by themselves directly to customers and thereby also “cut” the partner network out because once the technology and self-service becomes to easy then what shall they add as value then? There will always be customers that wants help to onboard, operate etc. of course but this will be another type of service and many Citrix and Microsoft partners need to be become more solution focused and get away from the SME space and deliver integration and more IT management consulting skill sets instead.

But let’s get back to more technology…

I’ve been kind of waiting to get some time over to test the RemoteApp service in Azure. I personally think that this is the future and they way that many small to medium size business fairly short shall start to look at. Not all of these companies have the skill set or financials to look at building a good Software-as-a-Service (SaaS) offerings of Windows applications internally. I’m a bit annoyed though that out of the box there isn’t any Desktop-as-a-Service (DaaS) offering and that it’s still just the RDS/Hosted Shared Desktop model that is provided. A real Hosted Virtual Desktop or VDI offering would be nice and a license model that goes with it from Microsoft.

There are today so many different options that companies that want to provide or consume a DaaS service can leverage today, Citrix Service Providers have all of their options in terms of technology stacks (CloudStack, CloudPlatform, CSP for Azure, App Orchestration 2.5, Microsoft System Center, Azure Pack and all options¬†that are out there)… but which one shall/can you select? And what if you’re NOT a Citrix service provider and have a huge datacenter and haven’t already done your CAPEX investments around compute, network and storage etc..? Where do you then turn?

I think that here is where RemoteApp and a future Workplace Services offerings with Citrix on top would be great! You as a customer can turn to a partner/consultant company to get guidance and assess all your requirements and then easily be provisioned an environment that is of the “standard cloud offering” or get a customised one tailored specifically for your needs.

Like in my little demo scenario here I provisioned a fully functional RemoteApp environment that hosted all of the Microsoft Office 2013 apps that I use and also got a lot of storage at the same time… in almost no time at all!

Azure RemoteApp helps employees stay productive anywhere, and on a variety of devices – Windows, Mac OS X, iOS, or Android. Your company‚Äôs applications run on Windows Server in the Azure cloud, where they‚Äôre easier to scale and update. Users can access their applications remotely from their Internet-connected laptop, tablet, or phone. While appearing to run on the users’ local device, the applications are centralized on Azure‚Äôs protected, reliable platform.

Azure RemoteApp combines Windows application experiences with the powerful capabilities of Remote Desktop Services on Microsoft Azure ‚Äď the cloud for modern business.

I also like the licensing model:

  • Azure RemoteApp is priced per user and is billed on a monthly basis.
  • The service is offered in two tiers: Basic and Standard. Basic is designed for lighter weight applications (e.g. for task workers). Standard is designed for information workers to run productivity applications.
  • Pricing: Each service has a starting price per user that includes 40 hours of service per user. Thereafter, a per hour charge is applied for each user hour up to a capped price per user. You will not pay for any additional usage beyond the capped price in a given month.
This means that you’ll get¬†Office 2013¬†managed¬†for standard information workers of a max price of¬†23 USD/month¬†including management of the RDS Image and Office etc. and it also includes user data storage. Then you could of course also upload your own image with your apps as well and publish. Pretty good price model and will be interesting to see if this is what we will deliver in the future for all small/medium size companies instead.
As a comparison you can compare RemoteApp pricing then with the example if you would build your own RDS environment in Azure according to the following good guidelines: http://msdn.microsoft.com/library/azure/dn451351.aspx
A¬†little follow up TCO example below. This Azure hosted RDS example would give the 25 user company a dedicated RDS solution in Azure for 27 USD/month from a CAPEX perspective (HW + SW/licensing), I know that this is not a CAPEX investment if you go for it but you should compare it to your CAPEX investment you need to do if you would purchase compute, network, storage, licenses etc. The main point also is that ¬†this does not¬†include any OPEX costs needed to support and operate it. This would be great for providing a Hosted Desktop/Software service for a line of business app… but here you’re already at 27 USD/user/month, and RemoteApp is at 23 including user storage of 50Gb (where Microsoft also manage the “image and software” from a life-cycle management point of view.
image

RDS on Azure example quote:

More Azure solution pricing examples: http://blogs.technet.com/b/uspartner_ts2team/archive/2014/10/14/more-azure-solution-pricing-examples.aspx

What if you then also shall put Citrix on top of that… cost increases of course and still you’re kind of limited of being a SPLA or CSP in order to build¬†this, or you go and ask a SPLA/CSP to provide it for you if you’re an end-customer.

But back *again* to the test-drive that I did of RemoteApp…

Read more…

#Citrix #NetScaler Traffic Domains ins and outs – via @barryschiffer

January 23, 2014 Leave a comment

Another great blog post by Barry!!! Keep up the great work!!

Citrix NetScaler Traffic Domains are a way of segmenting network traffic for different applications or even tenants. You are able to use a traffic domain to create fully isolated network environments on a single NetScaler instance. An instance is a single appliance or a HA setup of two appliances.

Citrix NetScaler Traffic Domains were introduced with NetScaler 10.0. At first NetScaler Traffic Domains started as a somewhat hidden feature which you could only configure by CLI. As of version 10.1 Traffic Domains are fully configurable in the NetScaler GUI which makes it a lot simpler to use.

In a way NetScaler Traffic Domains could compete with the NetScaler SDX platform. With Traffic Domains we segment networks on a single NetScaler instance instead of the SDX where we create a virtual appliance per network segment. 

A downside of using NetScaler Traffic Domains is the fact that some features are only supported for usage inside of Traffic Domain 0. Traffic Domain 0 is the default Traffic Domain, all services run inside Traffic Domain 0 unless explicitly specified.
An example of non supported features are NetScaler Management and NetScaler Gateway. For a complete list of supported features follow this link.
For non supported features for which you need isolation you have two options, NetScaler SDX or additional NetScaler appliances  (virtual or physical).

My expectations are that we will see more and more  features being supported on NetScaler Traffic Domains. An amazing feature would be to enable management functionality on Traffic Domains where you would only be able to manage or create services assigned to that Traffic Domain. This would be especially useful for multi-tenancy or multi management in situations where for example one team manages Mobility and one team managing a web application.

A few use cases Citrix describes for NetScaler Traffic Domains:

  • Use of duplicate IP addresses
  • Use of duplicate NetScaler entities
  • Multi Tenancy

A use case I’m actually using NetScaler Traffic Domains for is the ability to deliver services in a DMZ as well as an internal network.
Internal Network services like Microsoft Exchange Client Access Services and Microsoft App-V are heavy on traffic and I don’t like those services traversing the firewall in the DMZ. This also works great combined with Direct Server Return (DSR) which is blocked by most firewalls. Check out more on DSR combined with App-V on this article by Ingmar Verheij.

Read more…

#Gartner Magic Quadrant for Application Delivery Controllers – #ADC, #NetScaler, #Citrix

November 26, 2013 Leave a comment
Citrix is keeping up the good work and is placed with F5 in the Leader quadrant!

Citrix is positioned in the Leaders Quadrant for Application Delivery Controllers for the seventh consecutive year: the Gartner Magic Quadrant Report focuses on vendor’s ability to solve complex application deployment challenges. Don’t miss this chance to learn from Gartner’s independent research.

NetScaler is well established as the industry’s leading internet delivery system, touching an estimated 75 percent of internet users each day. Citrix builds on this leadership to provide the world’s most advanced cloud networking platform, giving customers a single, integrated solution that brings the elasticity, simplicity and expandability of the cloud to any network. This combination helps customers deliver public and private cloud services with the best performance, security and reliability to any device. Learn more about the importance of this recognition by reading this recent press release.

Figure 1. Magic Quadrant for Application Delivery Controllers
Figure 1.Magic Quadrant for Application Delivery Controllers

 
 

Source: Gartner (October 2013). The full 2013 Gartner Application Delivery Controller Magic Quadrant, report can be viewed on the Gartner website.

//Richard

How to pick virtualization (HW, NW, Storage) solution for your #VDI environment? – #Nutanix, @StevenPoitras

September 13, 2013 Leave a comment

Here we are again… a lot of companies and Solution Architects are scratching their heads thinking about how we’re going to do it “this time”.

Most of you out there have something today, probably running XenApp on your VMware or XenServer hypervisor with a FC SAN or something, perhaps provisioned using PVS or just managed individually. There is also most likely a “problem” with talking to the Storage team that manage the storage service for the IaaS service that isn’t built for the type of workloads that XenApp and XenDesktop (VDI) requires.

So how are you going to do it this time? Are you going to challenge the Storage and Server/IaaS service and be innovative and review the new cooler products and capabilities that now exists out there? They are totally changing the way that we build Virtual Cloud Computing solutions where; business agility, simplicity, cost savings, performance and simple scale out is important!

There is no one solution for everything… but I’m getting more and more impressed by some of the “new” players on the market when it comes to providing simple and yet so powerful and performing Virtual Cloud Computing products. One in particular is Nutanix that EnvokeIT has partnered with and they have a truly stunning product.

But as many have written in many great blog posts about choosing your storage solution for your VDI solution you truly need to understand what your service will require from the underlying dependency services. And is it really worth to do it the old way? You have your team that manages the IaaS service, and most of the times it just provides a way for ordering/provisioning VM’s, then the “VDI” team leverages that one using PVS or MCS. Some companies are not even where ¬†they can order that VM as a service or provision it from the Image Provisioning (PVS/MCS) service, everything is manual and they call it a IaaS service… is it then a real IaaS service? My answer would be now… but let’s get back to the point I was trying to make!

This HW, Hypervisor, Network, Storage (and sometimes orchestrator)¬†components are often managed by different teams. Each team are also most of the times not really up to date in terms of understanding what a Virtualization/VDI service will require from them and their components. They are very competent in understanding the traditional workload of running a web server VM or similar, but not really dealing with boot storms from hundreds to thousands of VDI’s booting up, people logging in at the same time and the whole pattern of IOPS that is generated in these VM’s “life-cycle”.

This is where I’d suggest everyone to challenge their traditional view on building Virtualization and Storage services for running Hosted Shared Desktop (XenApp/RDS) and Hosted Virtual Desktop (VDI/XenDesktop) on!

You can reduce the complexity, reduce your operational costs and integrate Nutanix as a real power compute part of your internal/private cloud service!

One thing that also is kind of cool is the integration possibilities of the Nutanix product with OpenStack and other cloud management products through its REST API’s. ¬†And it supports running both Hyper-V, VMware ESXi and KVM as hypervisors in this lovely bundled product.

If you want the nitty gritty details about this product I highly recommend that you read the Nutanix Bible post by Steven Poitras here.

Nutanix_Bible640CVM_Dist-1024x384

Read more…

How To: #XenMobile #MDM 8.5 Deployment Part 3: Policies – #Citrix

September 10, 2013 Leave a comment

And here U have part 3 of Adams great blog post series!

How To: XenMobile MDM 8.5 Deployment Part 3: Policies

In this 3rd part of my 7 part series on XenMobile MDM 8.5 we will focus on policies. Policies within MDM allow you to control a multitude of features on your end users mobile devices, including: WiFi, Email, VPN, Location Services, most all functionality of the device (camera, FaceTime, etc), AppStore access, etc. Most configuration variations you do to control and limit/restrict/configure your end users devices will be done from this tab. This tab is also the location where we can create some automated actions that include notifying your users when they have fallen out of compliance.

If you would like to read the other parts in this article series please go to:

In this article I was to cover a ‚Äúbase‚ÄĚ set of policy configurations that will give you a feel of how the policies work in general. By no means does this cover the breadth of what you can do with MDM, but it at least gives you a glimpse.

I want to accomplish the following in this article:

  1. Set a passcode policy on the device
  2. Block iCloud from syncing documents
  3. Preconfigure a WiFi network on my device (so that your users could come into the office with WiFi already configured and never have been given the password)
  4. Blacklist Dropbox, Box, and SkyDrive applications
  5. Notify the user their device as Out of Compliance (OoC) if those apps are installed
  6. Mark the device as OoC in the dashboard
Later in this series we will build upon the policies by adding applications to push to our users and ultimately roll it all together in a Deployment. For the purposes of this article (and the fact I’m a die hard Apple fan) the only devices I own are Apple..so this will all be iOS based. If your Android, first off I’m sorry, and second off it should still be similar ;) .
 

Configure a Passcode Policy

Step 1. Navigate to the web console (usually http/s://mobile.yourdomain.com/zdm and login.
 
 
MDM3-0000
 
 
Step 2. Navigate to the ‚ÄúPolicies‚ÄĚ tab, then iOS->Configuration. You should have two policies that were installed by default with the console, one of them being a Passcode policy. Highlight it and click ‚ÄúEdit‚ÄĚ
 
MDM3-0001
 
 
Step 3. Leave these settings as default, click on the ‚ÄúPolicy‚ÄĚ tab.
 
MDM3-0003
 
 
Step 4. Modify to suit your requirements. Here I am requiring a passcode, allowing simple passwords, minimum length of at least 4, and auto-locking the device after 2 minutes of inactivity. When….
Continue reading here!
//Richard
%d bloggers like this: