Archive

Posts Tagged ‘VPN’

Microsoft Specialist – Architecting Microsoft Azure Cloud Solutions – #Azure, #LoveAzure, #EnvokeIT

Yes, I found a really interesting exam and must say that this is a great one! Makes you show that you understand all the great services that Azure has to offer and on such a good level as well!

I’m happy I made it and that EnvokeIT continues its journey within the Microsoft Cloud and Mobility area! ūüôā

Spec_Arch_AzureSol_logo_BW

The things that I love is the way that Microsoft puts a lot of really good material out there for free for all us techies to consume, like the Microsoft Virtual Academy, Channel 9, Azure Friday, etc.

Also what is really good if you’re preparing for this exam (70-534) is to go through this great prep guide:

Early Experts Study Guide for Microsoft Specialist Certification Exam 70-534, Architecting Microsoft Azure Solutions

So go and explore everything that Azure has to offer and if you have any thoughts or questions around Azure don’t hesitate to contact me at richard at envokeit.com or through our official contact details for the UK and Swedish businesses here.

Have a great weekend!

//Richard

Azure ExpressRoute is a really cool and important feature – #Microsoft, #Azure, #ExpressRoute

Everyone talks about the “cloud” and how you can leverage all the benefits or a public, private or hybrid cloud model. And one challenge and huge risks that enterprises see with moving into a¬†public cloud like Azure is the dependency to the public Internet.

Is the connection secure, stable, available and how can you determine that I have the connectivity between my on-premise stuff and Azure..?

It’s here where I think that Microsoft really has made a HUGE step towards getting more traction with the larger enterprises with the new ExpressRoute feature! Now you can get your own dedicated connection to Azure through it’s partner network of service providers like AT&T and Verizon etc.!

TechnicalOverview

Microsoft Azure ExpressRoute lets you create private connections between Azure datacenters and infrastructure that‚Äôs on your premises or in a co-location environment. With ExpressRoute, you can establish connections to Azure at an ExpressRoute partner co-location facility or directly connect to Azure from your existing WAN network (such as a MPLS VPN provided by a Network Service Provider).¬† Read more…

#Netscaler Insight and Integration with #XenDesktop Director – via @msandbu

November 15, 2013 Leave a comment

Great blog post by Marius! ūüôā

This is another one of Citrix hidden gems, Netscaler Insight. This product has been available from Citrix some time now, but with the latest update in became alot more useful. Insight is an virtual applance from Citrix which gathers AppFlow data and statistics from Netscaler to show performance data, kinda like old Edgesight. (NOTE: In order to use this functionality against Netscaler it requires atleast Netscaler Enterprise or Platinum)

Insight has two specific functions, called Web Insight and HDX insight.
Web Insight shows traffic related to web-traffic, for instance how many users, what ip-adresses, what kind of content etc. 
HDX Insight is related to Access Gateway functionality of Citrix to show for instance how many users have accessed the solution, what kind of applications have they used, what kind of latency did the clients have to the netscaler etc.

You can download this VPX from mycitrix under Netscaler downloads, important to note as of now it is only supported on Vmware and XenServer (They haven’t mentioned any support coming for Hyper-V but I’m guessing its coming.

The setup is pretty simple like a regular Netscaler we need to define an IP-address and subnet mask (Note that the VPX does not require an license since it will only gather data from Netscaler appliances that have a platform license and it does not work on regular Netscaler gateways)

After we have setup the Insight VPX we can access it via web-gui, the username and password here is the same as Netscaler nsroot & nsroot

image

After this is setup we need to enable the insight features, we can start by setting up HDX insight, here we need to define a expression that allows all Gateway traffic to be gathered. 
Here we just need to enable VPN equals true. We can also add mulitple Netscalers here, if you have a cluster or HA setup we need to add both nodes.

image

After we have added the node, just choose configure on the node and choose VPN from the list and choose expression true.

Read more…

How To: #XenMobile #MDM 8.5 Deployment Part 3: Policies – #Citrix

September 10, 2013 Leave a comment

And here U have part 3 of Adams great blog post series!

How To: XenMobile MDM 8.5 Deployment Part 3: Policies

In this 3rd part of my 7 part series on XenMobile MDM 8.5 we will focus on policies. Policies within MDM allow you to control a multitude of features on your end users mobile devices, including: WiFi, Email, VPN, Location Services, most all functionality of the device (camera, FaceTime, etc), AppStore access, etc. Most configuration variations you do to control and limit/restrict/configure your end users devices will be done from this tab. This tab is also the location where we can create some automated actions that include notifying your users when they have fallen out of compliance.

If you would like to read the other parts in this article series please go to:

In this article I was to cover a ‚Äúbase‚ÄĚ set of policy configurations that will give you a feel of how the policies work in general. By no means does this cover the breadth of what you can do with MDM, but it at least gives you a glimpse.

I want to accomplish the following in this article:

  1. Set a passcode policy on the device
  2. Block iCloud from syncing documents
  3. Preconfigure a WiFi network on my device (so that your users could come into the office with WiFi already configured and never have been given the password)
  4. Blacklist Dropbox, Box, and SkyDrive applications
  5. Notify the user their device as Out of Compliance (OoC) if those apps are installed
  6. Mark the device as OoC in the dashboard
Later in this series we will build upon the policies by adding applications to push to our users and ultimately roll it all together in a Deployment. For the purposes of this article (and the fact I’m a die hard Apple fan) the only devices I own are Apple..so this will all be iOS based. If your Android, first off I’m sorry, and second off it should still be similar ;) .
 

Configure a Passcode Policy

Step 1. Navigate to the web console (usually http/s://mobile.yourdomain.com/zdm and login.
 
 
MDM3-0000
 
 
Step 2. Navigate to the ‚ÄúPolicies‚ÄĚ tab, then iOS->Configuration. You should have two policies that were installed by default with the console, one of them being a Passcode policy. Highlight it and click ‚ÄúEdit‚ÄĚ
 
MDM3-0001
 
 
Step 3. Leave these settings as default, click on the ‚ÄúPolicy‚ÄĚ tab.
 
MDM3-0003
 
 
Step 4. Modify to suit your requirements. Here I am requiring a passcode, allowing simple passwords, minimum length of at least 4, and auto-locking the device after 2 minutes of inactivity. When….
Continue reading here!
//Richard

Upgrading to #Citrix #Receiver for #Windows – why and how?

This is something that all Citrix admins should read! How many questions don’t U get about which version of the client to use and why etc?

This document describes the various versions of Receivers for Windows, lists the reasons for upgrading, and recommends best practices for upgrading to the latest version of Receiver based on specific circumstances.

Note: The Online Plug-in 12.x will reach end of its maintenance in March 2013. Customers using Online Plug-in with XenApp 5, XenApp 6.x, XenDesktop 4.x, or XenDesktop 5.x must upgrade to the latest version of Receiver for Windows 3.X prior to that date where practical.

Citrix Receiver is the latest Citrix software you install on Windows end points to gain access to virtualized apps and desktops. It is also regularly installed on virtual desktops to enable access to virtualized apps.

The name of Citrix client software and the built-in functions are changed over the years. The clients in common use today are the Online Plug-in for Windows 12.X and the Receiver for Windows 3.X.

Where the Online Plug-in for Windows 12.X provided Web and PNAgent support, Receiver for Windows 3.X provides additional support. It can be configured for self-service access to applications, VPN-less remote access, single sign-on the Windows, Web, and SaaS applications, and has a built-in method to check for updates.

Both the Online Plug-in and Receiver have two versions.

  • The¬†Online Plug-in Web¬†is used solely for Web access to applications and the¬†Online Plug-in (Full)¬†supports Web access as well as PNA Services. The¬†Full¬†version supported SSO, Smart Cards, and access to apps through the Start menu¬†
    The standard Receiver for Windows, CitrixReceiver.exe, can be considered is a complete replacement for the Online Plug-in Web and largely a replacement for the Online Plug-in (Full). It can be used for web access. It can be configured to access PNA Services. And it can also be used with the latest versions of StoreFront, CloudGateway (App Controller), and Access Gateway to provide a rich set of services. It contains the latest, multithread, multi-stream HDX engine.

  • The¬†CitrixReceiverEnterprise.exe¬†version essentially…

Continue reading here!

//Richard

Designing a virtual desktop environment? – #XenDesktop, #Citrix

This is a good blog post by Niraj Patel.

Questions: How do you successfully design a virtual desktop solution for 1,000 users?  How about 10,000 users?  What about 50,000 users?  What are the questions you should be asking?  Most importantly, where do you start?

Answer: Hire Citrix Consulting for your next virtual desktop project!  OK, that is one right answer, but not the only way to do it.  The successful way to design a virtual desktop environment is to follow a modular approach using the 5 layers defined within the Citrix Virtual Desktop Handbook.  Breaking apart a virtual desktop project into different layers provides a modular approach that reduces risks and increase chances for your project’s success no matter how larger you’re planned deployment is.  What are the 5 layers and some examples of the decisions are defined within them?

  1. User Layer:  Recommended end-points and the required user functionality.
  2. Access Layer:  How the user will connect to their desktop hosted in the desktop layer.  Decisions for local vs. remote access, firewalls and SSL-VPN communications are addressed within this layer.
  3. Desktop Layer:  The desktop layer contains the user’s virtual desktop and is subdivided into three components; image, applications, and personalization.  Decisions related to FlexCast model, application requirements, policy, and profile design are addressed in this layer.
  4. Control Layer:  Within the control layer decisions surrounding the management and maintenance of the overall solution are addressed.  The control layer is comprised of access controllers, desktop controllers and infrastructure controllers.  Access controllers support the access layer, desktop controllers support the desktop layer, and infrastructure controllers provide the underlying support for each component within the architecture.
  5. Hardware Layer:  The hardware layer contains the physical devices required to support the entire solution, and includes servers, processors, memory and storage devices.

Want to know how to get started?  Try the Citrix Project Accelerator.  Input criteria around your business requirements, technical expertise, end user requirements, applications, etc. to get started on your architecture based on the 5 layer model.

Lastly, don‚Äôt forget to come see¬†SYN318…

Continue reading here!

//Richard

#Citrix #NetScaler 10 on Amazon Web Services – #AWS

Yes, it’s here! ūüôā

Mainstream IT is fast embracing the enterprise cloud transformation and selecting the right cloud networking technologies has thus quickly emerged to be an imperative. As mainstream IT adopts IaaS (Internet as a service) cloud services, they will require a combination of the elasticity and flexibility, expected of cloud offerings and the powerful advanced networking services used within emerging enterprise cloud datacenters. 

Citrix¬ģ NetScaler¬ģ 10 delivers elasticity, simplicity and expandability of the cloud to enterprise cloud datacenters and already powers the largest and most successful public clouds in the world. With NetScaler 10, Citrix delivers a comprehensive cloud network platform that mainstream enterprises can leverage to fully embrace a cloud-first network design.¬†

Citrix and Amazon Web Services (AWS) have come together to deliver industry-leading application delivery controller technology. NetScaler on AWS delivers the same services used to ensure the availability, scalability and security of the largest public and private clouds for AWS environments. Whether the need is to optimize, secure or control delivery of enterprise and cloud services, NetScaler for AWS can help accomplish these initiatives economically, and according to business demands. 

The full suite of NetScaler capabilities such as availability, acceleration, offload and security functionality is available in AWS, enabling users to leverage tried-and-true NetScaler functionality such as rewrites and redirects, content caching, Citrix Access Gateway‚ĄĘ Enterprise SSL VPN, and application firewall within their AWS deployments. Additional benefits include usage of Citrix CloudBridge‚ĄĘ and Citrix Branch Repeater‚ĄĘ as a joint solution.¬†

Citrix NetScaler transforms the cloud into an extension of the datacenter by eliminating the barriers to enterprise-class cloud deployments. Together, NetScaler and AWS delivers a broad set of capabilities for the Enterprise IT: 

Hybrid Cloud Environment 

Hybrid clouds that span enterprise datacenters and extend into AWS can benefit from the same cloud networking platform, significantly easing…

Continue reading here!

//Richard

Heads Up – issues with Access Gateway Plug-in for Mac OS X Version 2.1.4 – #Citrix, #NetScaler

Well, I guess that you’ve already read all the good things about the new capabilities of the newer Access Gateway plug-in, Receiver and Access Gateway Enterprise that together with StoreFront will add additional features and functions that haven’t existed before. It’s now built to work together with the Receiver on the Windows and Mac OS X platforms and promises a lot by various blog posts from Citrix and others (incl. myself).

Here is an example of what it can (should) do: What’s new with Access Gateway MAC Plug-in release 2.1.4

But is the Access Gateway Plug-in that great? Well, before you plan to implement version 2.1.4 on OS X and especially if you want to leverage the SSL VPN functionality and host checks (EPA) then read the Important notes and Known issues for this release:

Important Notes About This Release:

  1. The Access Gateway Plug-in for Mac OS X Version 2.1.4 supports Citrix Receiver Version 11.7
  2. Import the secure certificate for Access Gateway into the Keychain on the Mac OS X computer.
  3. The Access Gateway Plug-in for Mac OS X Version 2.1.2 and earlier versions are not supported on Mac OS X Version 10.8.
  4. Endpoint analysis scans for antivirus, personal firewalls, antispam, Internet security, and EPAFactory scans are not supported for Mac OS X.
  5. Client certificate authentication is not supported for Mac OS X.

First of all I’d say that these notes are not that great if you ask me! Why do I have to add the cert into the Mac Keychain? Why doesn’t the plug-in support the more “advanced” host checks like personal firewalls, certificates etc.?

Wait, it get even worse!! And before you go to the whole list I’d highlight these top ones that I’m kind of surprised about:

  • It doesn’t support LAN access
  • Upgrading doesn’t work
  • Doesn’t apply proxy settings configured in session profile
  • It doesn’t support SAN certificates
  • Users cannot start the Access Gateway plug-in if the Receiver is already started, you first have to shut down the Receiver

Here you see the full Known Issues list for this release:

  1. When users disable wireless on a Mac OS X computer and connect by using a 3G card, the Access Gateway Plug-in does not upgrade automatically through Citrix Receiver. If users select¬†Check for Updates¬†to upgrade the plug-in, the upgrade fails and users receive the error message “Updates are currently not available.” [#45881]
  2. If you run stress traffic for HTTP, HTTPS, and DNS simultaneously, the Access Gateway Plug-in fails. [#46348]
  3. When users disable wireless on a Mac OS X computer and connect by using a Vodafone Mobile Broadband Model K3570-Z HSDPA USB 3G stick, the Access Gateway plug-in does not tunnel traffic. [#256441]
  4. If you configure an endpoint analysis policy and also enable the client choices page and proxy servers in a session profile, occasionally a blank choices page appears after users log on. When you disable the choices page in the session profile, the choices page appears correctly. [#316331]
  5. If users connect to Access Gateway with the Access Gateway Plug-in for Mac OS X and then run ping with a payload of 1450 bytes, the plug-in fails to receive the ICMP reply. [#321486] Read more…

Enterprise Mobility Report – Lessons from the Mobile Cloud – #Citrix, #BYOD

Here is a good report done by Citrix, not that much that I didn’t expect but great to get some input!

We just released our quarterly enterprise mobility cloud report. Every quarter, we look out across our enterprise mobility customers deployed in the cloud and try to understand common practices by reviewing aggregate data on deployed apps, app blacklisting and whitelisting practices, policy deployments, and OS deployments by region and vertical industry. So here’s a small taste of what we saw in Q412.

Things we expected:

  • iOS led in the enterprise. Definitely something we already knew.
  • Industries like retail and restaurants ‚Äď whose use cases involve direct one-on-one customer engagement, were ¬†iOS- (and¬†iPad-) heavy. Makes sense.
  • Industries with mobile field service organizations went for Android. Given the platform‚Äôs lower replacement cost, control-ability, and ubiquity, that makes sense.
  • Facebook and Dropbox made the blacklist. Productivity and data security are major concerns, especially for corporate-issued devices.

Things we didn’t expect:

  • Android gained in EMEA. Android gained eleven percentage points in Europe, the Middle East, and Africa in a quarter. Anecdotally, we know several organizations there that deployed big Android-based mobile line-of-business initiatives last quarter, but is there a bigger trend? Tell us what you think!
  • Healthcare went for Android. 85% of deployed devices in our cloud in healthcare were Android. But healthcare organizations we talk to are standardizing on iOS, so it doesn‚Äôt add up! But remember: this is the¬†cloud¬†report. Most of our large healthcare customers have deployed our solution on-premise and those seem to be mostly iOS today. The cloud healthcare companies are really mobile themselves ‚Äď usually home healthcare organizations like traveling nurses and therapists and hospice care workers who deliver end of life care to patients in their homes. It makes sense that these organizations would be big users of the cloud given the highly distributed nature of the¬†business and the fact that there are some common HIPAA-compliant mobile apps that have developed for the Android platform.
  • Dropbox was on the blacklist, but was also one of the most heavily-recommended apps from enterprise IT (in the enterprise app catalog). This juxtaposition speaks to Dropbox‚Äôs simultaneous usefulness and risk! Organizations can‚Äôt decide! Many of our customers talk to us about the ‚ÄúDropbox dilemma‚ÄĚ and most agree that if they could provide data sharing in a secure, enterprise-grade way, users would go for it.

Download the complete report here!

//Richard

#Citrix #CloudBridge Connecting to Microsoft #Azure – Technology Preview

February 19, 2013 Leave a comment

This is really interesting!!! Can’t wait to try it out, I just got Azure up and running with a couple of VM’s in it and will set this up and try it ASAP! ūüôā

CloudBridge Connecting to Microsoft Azure

Release Date: Feb 15, 2013

 
Citrix CloudBridge connects enterprise datacenters to external clouds and hosting environments, making the cloud a secure extension of the enterprise network.

This technology preview offers standard based secure connectivity to Microsoft Azure. With this enhancement, a customer can  connect their enterprise data center to the Azure VPN gateway and access the IaaS and PaaS offerings from Microsoft. 

The following are the key points to note :

  • Secure L3 connection to Azure VPN gateway
  • CloudBridge deployment on the enterprise data center only. It is not running inside Azure
  • No WAN Optimization or L2 extension supported in this solution since it needs deployment of CloudBridge on the Azure end as well.

Images and Licenses:

We are making available virtual appliances running on XenServer (xva images). These appliances need EVAL licenses. Please follow links to sign-up and get these EVAL licenses.

To get started:

  1. For the XenServer images of CloudBridge, please download from the list below
  2. Get and activate an EVAL license via the get license link for NetScaler VPX and follow the instructions. CloudBridge license is shared with NetScaler VPX Platinum Edition.

Helpful Resources:

  1. Download the CloudBridge@Azure Tech Preview deployment guide from the link below the Download section
  2. For help with licensing the instance, refer to the NetScaler VPX licensing guide
  3. New to NetScaler/CloudBridge? Documentation, knowledge base articles, additional tutorials and other information is available on the NetScaler Knowledge Center

Have Questions?

Go to the¬†CloudBridge discussion forum¬†to get help from…

Continue reading here!

//Richard

<span>%d</span> bloggers like this: