Finding Your Rhythm: Discipline In The Midst Of Chaos and Uncertainty

The last few months have been unlike anything we’ve ever seen, the likes of which most of us have never experienced in our lifetime. Our routine lives that we perhaps took for granted has been taken away from us in a heartbeat. We are surrounded by uncertainty. However, this new reality that we find ourselves in, one filled with disruption, can be looked at as an opportunity, and how we react to these changes could very well define our future.

I have always considered time to be the most scarce resource. There is always so much to do and so little time, or at least that’s what we tell ourselves. As much as we try to be organized, its always a challenge to try and do all the things we want to, be it career development, hobbies, family, spirituality, mentoring etc. Now that we are confined to working from home, we all have a few extra hours to play with. I am convinced that the key to success is discipline, finding our rhythm.

So what do I mean by “finding a rhythm”? It involves us splitting up our days into manageable chunks, each assigned to something specific. The key is to be very conscious of those blocks of time and making every effort to stick to the routine you’ve defined. At the end of each day, its important to assess how you did and document the gaps. This will eventually help you establish your rhythm. Just like exercise, once we follow a routine for a period of time, we become very conscious when we deviate away from it and it bothers us. The routine becomes the new norm. It is important to put a lot of thought into what you are trying to achieve and then defining a daily routine that helps you get there over a period of time. For instance, if personal development is a goal, then spending time reading is one of the ways you can achieve that goal. To help you develop the habit of reading, define a specific time daily that you plan on devoting to reading and also designate a spot where you’ll be reading so you’ll associate that spot with that habit. Commitment to the routine is the key to success. It needs to be very visible, something you need to think about at all times. It also helps to share your routine with someone you trust, so that they can hold you accountable.

I have my daily routine on my whiteboard, my phone and all over my office. I am constantly reminded of it and that is by design. There is no running away from it. I am still in the process of getting to the point where it is fully ingrained in me. I know that when I get there and find my rhythm, it will lead to a better version of me. And that is all I am hoping for.

We’ve all been leading crazy, monotonous, stressful lives for a very long time. We’ve now been given an opportunity to slow down and do some introspection. While it is easy to let fear get the better of us, let us instead look at our present situation as an opportunity. A blessing in the form of time. Time to invest in professional growth. Time to achieve the personal goals we’ve been setting aside. Time to be be truly present for our families. Time to invest in others and do as much as we can to help them achieve their dreams. Let us all truly find our rhythm, make the most of this opportunity and be ready for what lies ahead, as this too shall pass!

Long Live Citrix Virtual Apps and Desktops – Key Highlights from Citrix Synergy 2019!

This year was my 9th year attending Citrix Synergy, but somehow the feeling never gets old. Its always great to meet colleagues, friends from the community, customers and others and learn about their challenges, their perception of Citrix and how we help address their challenges. This year was no different! One of the common themes I heard though from many was that Citrix is no longer serious about Virtual Apps and Desktops (CVAD)! Many felt a lack of love to the loyal base who have been CVAD customers for many many years. This sentiment while understandable couldn’t be farther from the truth and that is exactly why I decided to spend some time blogging about all the innovation around CVAD that was discussed in many of the breakout sessions and highlighted in the expo hall. I have linked the relevant sessions and demos when possible. So here goes…

ITSM Adapter for ServiceNow has come a long way!!!

One of the major announcements at Synergy 2018 was the ITSM Adapter for ServiceNow. The initial release primarily focused around allocating pre-provisioned virtual apps and desktops to users based on approval workflows via ServiceNow and logging this in the CMDB. However the PM and engineering team have been hard at work on many new exciting features based on feedback from our customers. Here are a few that come to mind:

  • If a user requests a desktop (Dedicated or otherwise) and if it does not exist, the desktop will be provisioned. In the past the desktop had to be pre-provisioned.
  • If pre-defined performance thresholds are exceeded, one can automate the addition of capacity to delivery groups.
  • Integration with Director whereby if an alert is triggered, a ticket can automatically be created in ServiceNow. These could be related to license usage, connection failure, CPU usage etc to name a few. Similarly App Probing failures
  • Citrix Analytics Integration
  • Citrix Endpoint Management Integration such as enrolling devices from service catalog self service and in bulk by admins.
  • Citrix Access Control integration (automate the addition of users to SaaS apps)

ITSM Adapter: App Provisioning Demo

ITSM Adapter: Director Integration Demo

ITSM Adapter: MCS Provisioning

ITSM Adapter: UEM Integration Demo

So Much HDX Goodness!

HDX has been the secret sauce for many many years and innovation hasn’t stopped. There were plenty of updates shared at Synergy that I will try to summarize below. However I highly recommend that you watch the HDX session (SYN211) led by our PM team that I have embedded here.

  • Citrix VDA Update Service: Cloud service fully managed by Citrix. No requirement for customer to have a Citrix cloud entitlement. Cloud agent goes on Cloud connector (for cloud customers) or delivery controller (on-prem customers). Cloud agent informs service on VDA versions within customer environment and the service informs customer about current versions and if an upgrade is recommended. Customer can then either do a manual update or schedule an automated update based on scheduled maintenance window or idle time. This is particularly useful when it comes to persistent desktops or Remote PC deployments as you no longer need software distribution tools to manage the upgrades.
  • VDA installer improvements: Enhancements to the VDA installers to improve the upgrade process and reduce upgrade errors.
  • VDA Rollback: During the upgrade process, all changes are written to an XML file. If the VDA upgrade process fails, the XML file is read to determine the changes that were made and those changes can then be undone.
  • Unified Communications:
    • Microsoft Teams:
      • Optimization for the web client was introduced in the CVAD 1809 release with Browser Content Redirection on chrome browser. Linux will soon be supported as well.
      • Teams Desktop App will be supported in the upcoming CVAD 1906 release. The media engine is now integrated into Workspace App (WSA) and no separate installation is necessary. The desktop version will support optimization for audio, video and screen-sharing. Policies will be controlled via Studio. One major improvement is that the new teams client will be installed to C:\Program Files (x86) as opposed to AppData. This bodes well for shared environments. This also means that future enhancements will be delivered via WSA. So if teams optimization is something that you are keen on, then you are better off sticking to the current release as opposed to LTSR (at least when it comes to the client).
  • Other Platforms:
    • Cisco is working closely with Citrix on a Webex optimization pack for both Web and the Desktop version of the Webex. Jabber optimization pack already exists and is available through Cisco.
    • Zoom has also released an optimization pack for CVAD.
    • Other vendors with optimization packs include BlueJeans, Avaya etc.
    • Citrix will also be working with Google in the near future for optimization packs for their multimedia collaboration solutions.
  • Protocol Enhancements:
    • Adaptive Throughput (1811): Increases maximum throughput of ICA over TCP leading to a better overall user experience. Throughput is adjusted based on session interactivity. Up to 5x improvement in file transfer speeds.
    • EDT Lossy + Enlightened Virtual Channels: Individual virtual channels can elect which protocol to use leading to overall improved performance. The demo in the session showed a 3D image of a car rendered with almost no lag over a 300msec link with 5% packet loss.
    • Local Text Echo is back in 1811! The functionality is on par with XA 6.5 but future releases will add enhancements.
  • Graphics:
    • Automatic Graphic Providers: No need anymore to install separate 3DPro VDA. Unified VDA installation package detects GPU at run time and installs necessary components.
    • Generic GPU support (Citrix Indirect Display Driver)
    • Preferred Modes: Understand client capabilities during session establishment and switch settings as needed.
    • Thinwire+Progressive Display: Dynamic image quality based on bandwidth availability
    • H.264 Build to Lossless: Pixel perfect image quality for the most demanding use cases.
    • Lossy Graphics: Unifying Thinwire and Framehawk (leveraging EDT Lossy)
    • Dynamic 3D Pro: Optimize for 3D workloads automatically in session.
    • HDX Graphics Monitor: In session details about graphics mode in use. Admin can enable or disable this feature. GPU is not a requirement.
    • Virtual Display Layout: Slice a single monitor into multiple displays. Allows customers to use a single large monitor and slice it however they like.
  • Other Updates:
    • Workspace Printing: Mobile print solution that gives you the ability to print from the virtual session but save the document outside the session as a pdf in Sharefile which can then be accessed via Workspace App.
    • CVAD 1903 and up now supports Stylus for note taking on Windows devices.
    • Biometric Authentication using FIDO2: FIDO2 is based on asymmetric cryptography with the goal of eliminating passwords as a whole. Biometrics can be used as a second form of authentication or the primary authentication mechanism. The goal is to support FIDO2 based biometric authentication within a virtual session via USB redirection. The other use case would be to leverage integrated biometrics (Windows Hello, TPM) etc for authentication within a virtual session.

Identity Story Beefs Up With Okta Integration and more to follow!

When it comes to IdP vendors, Okta probably has a significant market share and a lot of customers have made sizeable investments in their identity platform and hence want to make the most of their investment and leverage Okta as the identity provider for Citrix Workspace. At Synergy, we announced that we will integrate Workspace with Okta such that users can authenticate with Okta and login to Citrix Workspace. Furthermore Citrix Cloud Federated Authentication Service can be used in conjunction with Okta to provide single sign on Citrix virtual apps and desktops.

In the near future, Okta SaaS and web apps can be delivered within the Citrix workspace such that users will have unified access to both the Citrix delivered apps and Okta apps within Citrix Workspace with SSO.

Okta integration will go into public tech preview in the coming weeks.

In order to learn more, do watch the session below. The live demo starts around the 12:11 timestamp.

In addition to the Okta integration, Citrix also announced plans to integrate with Google Identity Platform as an identity provider for Citrix workspace.

Customers can also leverage their on premises Netscaler to integrate with third party identity providers and authenticate with Citrix Workspace. This capability is currently in tech preview and expected to release later in Q3.

Citrix App Protection Policies To The Rescue

Citrix Armored Client was announced at Summit earlier this year. This has now been re-branded to Citrix App Protection Policies. Citrix App Protection Policies allow administrators to protect HDX, SaaS and Web App delivered via the Workspace App from key-loggers and screen capture tools installed locally on the users endpoint. This takes security to a whole new level especially when combined with the existing HDX policies, and Citrix ADC End Point Analysis in conjunction with SmartAccess, SmartControl. Scott Lane demonstrates these new capabilities in the video above (25:15 time stamp)

Citrix Managed Desktops! A True DaaS Solution!

Citrix Managed Desktops (CMD) was officially announced at Synergy and compliments the Citrix Virtual Apps and Desktops offerings. CMD is meant for niche use cases like seasonal workloads, temporary workers, mergers and acquisitions, business continuity, or for SMB customers who have limited requirements. The main advantage of CMD is the consumption based billing or the “Pay As You Go” model. Some key highlights:

  • Supports domain joined or non domain joined desktops
  • Designed for Windows Virtual Desktop (Multi session Win 10)
  • Supports network connectivity to backend resources on premises.
  • Buy the whole solution from Citrix
  • Customers can bring their own image or Citrix can provide customers a base image with all the patches and updates.
  • Leverages the industry leading HDX protocol.
  • Consumption based billing
  • 11 Global Azure Gateway POPs can be leveraged.
  • Been in limited tech preview since Jan. Opening up tech preview to more customers after Synergy. General Availability slated for Q3.
  • VM types include B2s, D2sv3, D4sv3 and D8sv3 as of today
  • Regions include East US, Australia East, West Europe and West US today.
  • Basic monitoring is also provided as part of the solution.

Citrix Managed Desktops: Pricing

Do watch the session below for more details including a detailed demo (32:31 time stamp)

Performance Analytics For All!

Performance Analytics was one of the most exciting announcements for most customers. Performance analytics can provide user experience scores across all Citrix products taking into account both the end user and the infrastructure point of view to calculate the score. Today customers use multiple tools to assess and troubleshoot performance issues and even with all these tools, they struggle to understand what user experience is really like as there is no end to end visibility. They are inundated with data but very little insights. This is the problem that performance analytics attempts to solve. Some highlights below:

  • User-centric experience score that helps quantify user experience. These scores can be used to identify users experiencing poor performance and correlate with potential infrastructure issues.
  • Quantify app performance
  • Multi site aggregation and reporting
  • Available for both on premises and cloud CVAD customers.
  • Visibility into ICA traffic channels
  • Actionable insights
  • Drill down views available to determine what exactly is causing poor user performance (Eg: slow logons, GPO policies, network latency etc)
  • On premises customers need to upgrade DDC and Director to 1906. Customers require a Citrix Analytics Service account and outbound connectivity on port 443.
  • Next LTSR release slated for Q4, 2019 will have performance analytics integration.
  • Q2 Tech Preview
  • To address data sovereignty concerns, the goal is to have targeted availability in EMEA and APAC

Performance Analytics: How To Get Started

Watch the recorded session above for further details including a demo (24:00 time stamp)

Citrix Virtual Apps and Desktops Service Updates

  • Auto scale: Available via Citrix Cloud Studio. Schedule based or load based power management for workloads (power up or power down VMs to keep public cloud consumption costs under control. Capacity and cost savings information will be available with Director.
  • Delegated Admin and Config Logging now available for CVAD service
  • Machine Creation Services support on Google Cloud Platform is coming soon. This will allow customers to leverage GCP as a resource location with CVAD service and automate the provisioning of workloads. In addition Linux Virtual Apps and Desktops is now certified for GCP
  • App Layering enhancements include Azure Gov support, Office 2019 certification as an App Layer and Server 2019 certification as an OS layer.
  • License management and reporting capabilities have improved significantly including daily active use and monthly active use reporting. Admins can also release licenses from users that have changed roles or left the company.
  • There is a lot of focus on an API drive approach including enabling direct API access for seamless automation. An Orchestration API is now available as a limited tech preview. Customers can also leverage OData APIs for reporting.
  • Citrix Brand Personalization Service is now in public tech preview and allows customers to personalize application name, icons, app color themes etc for Workspace App and other Citrix products like Secure Mail, Secure Web and Citrix Files.
  • Secure Browser service has a number of updates including auto-selection of region for best user experience, client drive mapping, expanded region support and admin localization.

Watch the session below to learn more!

Access Control for SaaS and Web Apps with On-Premises Storefront

One of the major challenges preventing customers from adopting Citrix Access Control was the dependency on the Citrix Workspace service. Most customers still leverage on premises Citrix ADC and Storefront to aggregate their resources and not ready to migrate from Storefront to Citrix Workspace. In order to enable these customers to be able to adopt Citrix Access Control, Citrix announced Access control integration with on premises Storefront. This new capability allows customers to secure SaaS and Web Apps using the Access Control capabilities and deliver these apps either using the embedded browser within Workspace App or via the Secure Browser depending on the use case. To learn more about these capabilities, review this blog post by Chris Fleck.

Citrix Workspace: Addressing The Security Conundrum [Session Recorded at Citrix Synergy 2019 in Atlanta, Georgia]


Scott Lane and I had the privilege to lead a session at Citrix Synergy this year around the security benefits of Citrix Workspace. When most people think about the Citrix Workspace, then tend to focus on the user experience and productivity benefits. While these are very important, there are also a number of security use cases that the solution addresses. The goal of this session was to walk through these benefits with a demo centric approach. We also had Chris Fleck (Vice President and Technical Fellow at Citrix) join us as our mystery speaker and he shared some cool projects that he’s currently working on. Hope you enjoy this session! I would love to get your feedback!


Synergy 2019 Breakout Sessions That You Don’t Wanna Miss!

Every year, I try to compile a list of sessions that I highly recommend. This year, I’m a bit late, but better late than never. So here goes:

  • SYN101: Citrix Virtual Assistant and Productivity Analytics (Kedarnath Poduri, Omar ElNaggar)
  • SYN145: Privacy, security, data and trust: a look at the future of data risk management (Steve Wilson, Peter Lefkowitz, Lisa Bobbitt)
  • SYN129: Getting ahead of global regulations and compliance with Citrix (Florin Lazurca, Joseph Nord, Chris Hoffner, Peter Lefkowitz)
  • SYN111: Desktops-as-a-Service with Citrix (Kireeti Valicherla, Paul Carley)
  • SYN141: Learn how the intelligent Citrix Workspace organizes, guides, and automates work (Omar ElNaggar, Vishal Ganeriwala)
  • SYN142: The journey to Workspace with Citrix IT leaders (Joe Verdarame, Renee Flores)
  • SYN703: Get visibility into your Citrix licensing and active use (Daniel L’Hommedieu, Alex Tompkins)
  • SYN210: Avoid performance stress when using hybrid cloud workloads (Thomas Poppelgaard, Christiaan Brinkhoff)
  • SYN229: Citrix Cloud deployment strategies: customer and partner perspectives (Shane O’Neill, Paul Stansel)
  • SYN138: How to move from StoreFront to Workspace (Craig Hinchliffe, Alex Tompkins)
  • SYN127: Bringing Okta and Citrix together in Workspace (Daniel L’Hommedieu, Bryan Smoltz)
  • SYN130: Future of work (Christian Reilly, James Bulpin)
  • SYN201: Performance analytics for Citrix Virtual Apps and Desktops (Sameer Mehta, Jitendra Deshpande)
  • SYN211: HDX: it’s all about the user experience (Mark Howell, Miguel Contreras, Fernando Klurfan, Roberto Moreno)
  • SYN226: Reliable, high performance workspace delivery over imperfect network connections (Derek Thorslund, Wesley Shepherd)
  • SYN230: Citrix Cloud and Azure: real-world experiences and tips for a successful deployment (Paul Stansel, Jason Samuel)
  • SYN221: How to protect your Citrix deployments and modern applications with Citrix ADC (Patrick Coble, Frank Bunger)
  • SYN202: Under the hood with Citrix Analytics (Mathew Varghese, Jim Regetz)
  • SYN217: Multi-site recommended practices, reloaded (Jarian Gibson, Shane Kleinert, Kees Baggerman, Dave Brett)
  • SYN231: Architecting the workspace for high security (Kurt Roemer, Mike Nelson)
  • SYN208: Citrix App Layering: top 10 lessons from the field 2.0 (Dan Morgan, Daniel Lazar)

I also want to mention that I will be leading two sessions this year. Details below:

  • SYN236: Citrix Workspace: addressing the security conundrum (George Kuruvilla, Scott Lane)
  • SYN406: Debunking common misconceptions about Citrix Workspace: lessons from the field (George Kuruvilla, Kevin Nardone)

I look forward to seeing many of you next week in Atlanta! 

Key Takeaways from Citrix Synergy 2018 Announcements That Did Not Make The Keynote

Just like many of you, I had the pleasure of attending another awesome Citrix Synergy last week in Anaheim. Had the chance to meet many of the community members, customers and fellow Citrites in person. As is always the case, I was not able to attend a lot of sessions due to customer/internal meetings and such and spent some time this week catching up on content. While Workspace, ServiceNow Integration and Analytics were front and center, what I’m realizing is that there were plenty of great announcements made during the breakout sessions that many of you probably missed. If you want to learn more about what was announced as part of the keynote read Jason Samuel’s blog post.  I wanted to spend some time summarizing some of the most interesting announcements that were not part of the keynote. I am still in the process of reviewing the sessions and will update this post over time.

Workspace Environment Management (WEM) To Be Offered As A Citrix Cloud Service

WEM is Citrix’s solution for user environment management and resource optimization along with UPM. On average, customers see a 30% improvement in server scalability and login times can also be improved significantly. WEM did require certain infrastructure components to be deployed. However, at Synergy it was announced that the Citrix will be offering a WEM service essentially hosting, managing and maintaining all the infrastructure components such that the customer only has to deploy the agents and the cloud connector. This should make the solution even more appealing to customers and help with server scalability and user experience in a hybrid cloud environment. 

Learn more about this announcement in SYN231 (Recording below. Start at around 6:15)

Seamless Roaming O365 Outlook Email Cache and Search Index Database using UPM

A new feature is coming in UPM that allows handling of large files specifically designed for O365. And it is controlled with a single policy setting in UPM. Once the policy is enabled, a per user search index db is created and all outlook requests are redirected to the database thus enabling a roaming search index for the user for both virtual apps and desktops. Its limited to 32 bit version of Office for now. The search index and OST file will be wrapped in a VHDX container and stored in the profile. Learn more about this feature in the SYN231 video posted above. Start watching at 22:30. 


WEM and UPM Capabilities Now Extended To Manage Physical Endpoints

As part of Citrix’s Unified Endpoint Management strategy, WEM and UPM will soon be able to manage physical endpoints. This is a welcome change and will help customers use the same solution set to manage both physical endpoints and the virtual workloads. Learn more in the SYN231 video above. Start watching at 30:52.

PVS Management Directly From Citrix Cloud

On prem PVS workloads can soon be managed directly from Citrix Cloud. In addition a new PVS cloud license will be introduced. A customer can download the PVS cloud license from MyCitrix and install on onprem license server to manage PVS from Citrix cloud.

More info in the SYN131 video below. Watch from 28:40

Azure QuickDeploy for XenApp and XenDesktop Service

Azure Quickdeploy is a feature that is available for the XenApp Essential customers that makes it extremely easy to build Citrix workloads in Azure. The same wizard has now been ported over to XA/XD service. You can specify your Azure subscription info, connect to a resource location, upload a custom image, provide domain information and the machine catalog will be created for you. This is perfect for small deployments and POC’s. This feature will be released in the coming weeks for XA/XD service. It will only support Server VDAs. Also important to note that Quick deploy cant be used in conjunction with studio. Its an either/or. To learn more in the video. Watch from 32:00


Extending Citrix Cloud Support For Google Cloud Platform and Oracle Cloud

While Google cloud got plenty of attention at the keynote (and I will have a follow up blog looking specifically into Citrix Cloud and GCP), it is also worth noting that we will be extending platform support for Oracle cloud infrastructure. This is of particular interest for customers who have a significant investment in Oracle cloud today. Its all Hyper-V based which is also appealing to many customers. There is an Oracle deployment guide already published and the planned availability for support in Oracle cloud is Q2, 2018. Learn more in the SYN131 video above and start watching at 34:20




Citrix Director Enhancements

There were a lot of Citrix Director enhancements announced including Resource App prediction based helping admins predict future resource usage, ability to generate custom reports, a set of predefined default smart alerts (as opposed to admins having to go and define alerts manually), detailed breakdown of logon duration including a breakdown of “interactive session”, NMAS integration, the ability to troubleshoot XenMobile devices right from Director and last but not the least App Probing. App probing in particular is really exciting as it allows you to define and automate app probes for your published apps and desktops thereby helping admins be proactive about how the published resources are performing and getting ahead of potential issues. Lots of features to get excited about!! Watch SYN126 (below) for further details.

The New Citrix Files Application

The new Citrix Files application (new Sharefile client for desktop) has combined the capabilities of Sync, Drive Mapper and Deskop into a single application. Just like drive mapper, it provides a single pane of glass for all your data (network drives, sharepoint, personal cloud, OneDrive For Business etc). You also now have the ability to perform workflows directly from windows explorer or finder. You now also have the ability to map multiple drives to specific sub folders within sharefile or connectors like OneDrive for Business. The configuration can be through Citrix policies within Studio. Watch SYN100 below from 19:25 to learn more.

Intelligent Traffic Management (formerly Cedexis) Is Awesome!

Earlier this year, Citrix announced the acquisition of Cedexis to add to the Netscaler portfolio. People like to describe Cedexis as the Waze of Traffic Management. Its not far from the truth. Cedexis collects 14 billion data points on a daily basis from over 900 millon end user sessions and 40,000+ networks around the world to intelligently route traffic thereby offering the best possible user experience and intelligently avoiding application disruptions. Watch SYN123 below to get a quick overview of Cedexis.

HDX Enhancements

There were quite a few updates covered in SYN206 around HDX. I’ve tried to highlight a few below. I would highly recommend reviewing the recording below.

Browser Content Redirection 2.0

Backported as a stand-alone compatible component with LTSR 7.15. Chrome (Q3) and Edge will also be supported. Modern portocols such as HLS, DASH and Web Assembly will be supported. The rendering engine will be made part of the Workspace App. Browser content redirection 2.0 will be able to offload WebRTC as well!

Citrix Ready Partners in the Video multicasting industry like Qumu, vBrick, Ramp and Haivision will support Client side fetching and Browser content redirection for live video events where Receiver client side fetch can fetch the video from the branch office edge caching appliance.

Real Time Optimization

Skype RealTime Optimization Pack support coming for Chromebooks (that can run android apps) in H2 2018. Hardware acceleration for endpoints with AMD GPUs is also expected around the same time frame. 

Microsoft Teams Support Strategy 

In the short term, Citrix plans to support the Microsoft teams web client with browser content redirection 2.0. Chrome browser will be the first to be supported and windows endpoints will initially be supported with Linux endpoints to follow. File uploads might have limitations with browser content redirection 2.0 and MS Teams. The workaround is to use Sharefile or other such solutions to upload the files. 

Long term goal is to develop a receiver side media engine on all supported platforms (Windows/Mac/Linux) for real time optimization of MS Teams UC content. 

Delivery of Cisco Jabber from virtualized desktops


Workspace App and Citrix Receiver

After the keynote, in conversations with customers and partners there were a lot of questions around Workspace App and what it means for customers running Citrix receiver today. This is covered in great detail in SYN133. If you are a customer leveraging Citrix receiver, it will be automatically upgraded to Workspace app via Citrix auto update and it is fully backward compatible. All the new Workspace capabilities above and beyond virtual apps and desktops will only get enabled if you subscribe to the various Citrix Workspace services. So in other words, if you are an on premises customer leveraging  Storefront or an on premises customer leveraging Citrix Workspace just for site aggregation (more below on site aggregation), your client will be automatically updated to Citrix Workspace app but none of the functionality changes other than than UI having a new look. Watch the video below from 21:10. The session also provides a deep dive into Citrix Workspace App and demos of the new capabilities. 

Workspace and Site Aggregation

The new site aggregation feature now allows customers to tie their existing on premises deployments to Citrix Workspace (four step workflow). For customers who are on Web Interface or an older version of Storefront now have the option of leveraging Workspace to aggregate their virtual apps and desktops and deliver it to their end users with the new modern user experience. Moreover with Workspace, customers no longer have to worry about upgrading (as you would with on premises storefront) as Citrix manages and maintains the Workspace. 

Gateway Service Updates

When the Gateway service was introduced a while ago, the primary function of the service was secure ICA proxy. The service has evolved quite a bit and now supports single sign on to Enterprise Web and SaaS apps including a library of 40+ pre-defined SaaS templates. Gateway service can also be integrated with an on premises storefront deployment and supports hybrid deployments as well with Workspace aggregation. Direct connect to VDA without the need for connectors was also announced which will lead to increased scalability. Another key announcement was the much requested two factor authentication natively through the gateway service. This will be made possible with native One Time Password (OTP) support.

For an update on all Citrix Cloud services, I highly recommend watching SYN100. It also includes a lot of great demos. 

Citrix Synergy 2018 – Breakout sessions you do not want to miss!

Every year, I publish a list of my recommended Citrix Synergy breakout sessions. A number of people asked me if I had put one together this year and while its late this year, better late than never! As always I tend to pick sessions based on topics that are most relevant to customers and the quality of content and speakers. So here are my top 20 for this year!

SYN231: Manage your user experience from Workspace Environment Management Service

Who should attend: XenApp/XenDesktop Administrators, EUC Architects

More Info:

SYN233: The geek’s guide to the workspace 

Who should attend: EUC/Cloud Architects, Management

More Info:

SYN123: Deliver the best user experience for your customers and users with Intelligent Traffic Management (Cedexis) 

Who should attend: Network Administrators, Network Architects, EUC Architects

More Info:

SYN704: Deep insights across the Citrix portfolio with Citrix Analytics 

Who should attend: EUC Architects, Citrix administrators, Security Architects, Management

More Info:

SYN238: Implementing Federated Authentication Service: real world examples

Who should attend: Identity/Cloud/XenApp/XenDesktop Architects, XA/XD Adminstrators

More Info:

SYN230: Discover Citrix Workspace Hub

Who should attend: Desktop Adminstrators, XA/XD administrators, EUC Architects

More Info:

SYN504: Security: getting the most from your resources

Who should attend: C level executives, Security Architects, EUC Architects

More Info:

SYN714: Citrix Rx for success in healthcare

Who should attend: Healthcare customers

More Info:

SYN207: XenApp and XenDesktop tech update (May 2018 edition)

Who should attend: Everyone 

More Info:

SYN131: Central image management: Provisioning Services and Machine Creation Services today, tomorrow and beyond

Who should attend: XenApp/XenDesktop Administrators, EUC Architects

More Info:

SYN239: From StoreFront to Citrix Workspace

Who should attend: XenApp/XenDesktop Administrators, Cloud Architects, EUC Architects

More Info:

SYN127: Everything you need to know about Windows 10, Server and Citrix

Who should attend: XA/XD Administrators, EUC and Cloud Architects, Management

More Info:

SYN201: Citrix App Layering: top 10 lessons learned

Who should attend: XA/XD Administrators, EUC architects

More Info:

SYN204: Identity and access management and SSO with NetScaler Gateway Service

Who should attend: Netscaler Administrators, XA/XD Administrators, EUC/Network/Cloud Architects

More Info:

SYN241: How to break the cyber kill chain of ransomware

Who should attend: Security Architects, EUC architects

More Info:

SYN226: Demystifying NetScaler SD-WAN for infrastructure architects

Who should attend: Network administrators, Network architects

More Info:

SYN224: How to deploy NetScaler in public clouds and use it to provide SSO to on-prem and SaaS apps

Who should attend: Netscaler Administrators, Cloud Architects

 More Info:

SYN222: Next-gen of Native-OTP: now with Push Notification

Who should attend: EUC/Security/Network Architects, Netscaler administrator

More Info:

SYN103: Expand the value of Office 365 with ShareFile

Who should attend: EUC architect, Management, Cloud architect

More info:

SYN501: Workspace IoT

Who should attend: Executives, EUC/Cloud/Network/Security architects, IoT enthusiasts 

More Info:

In addition to these, I will be co-presenting two sessions at Citrix Synergy both cloud focused. The first, with Christiaan Brinkhoff, will focus around best practices and architectural considerations when deploying cloud workloads. The second, with Daniel Feller, takes a look at innovative and cost effective approaches to business continuity by leveraging Citrix Cloud. Details about the sessions below.

Look forward to seeing you at Synergy!

I’ll Make It Up To You (Imagine Dragons Cover)

Great to finally spend a Friday night making music after what seems like forever. This is a song from the album “Evolve” by Imagine Dragons. As always I have added a few layers including harmonies. First time I am recording using the SM7B. Also used my Mininova on this one. Can you spot it?


Sites vs Zones in XenApp/XenDesktop 7.x – Design Considerations When Choosing Between The Two


Zones, a key design element that administrators and architects have learned to love in XenApp 6.5 was reintroduced in Xenapp and XenDesktop 7.7 FMA architecture. Prior to 7.7, building multiple sites was generally recommended when spanning multiple data centers or regions but now customers  now have the option of leveraging Zones. While Zones is a potential option, it might not always be the right option based on your situation. In this post, my goal is to review basic concepts around Sites and Zones and dig into design considerations to help choose between the two.

Primer on Sites and Zones


A site is what you define when you deploy XenApp or XenDesktop under the FMA architecture. It acts as a logical boundary with all objects defined being part of that site. It is also an administrative boundary. Each site has one or more delivery controllers and requires its own site configuration database. A site always have one primary zone defined by default. Sites can span multiple data centers and regions but there are a number of factors that need to be taken into consideration and we will review these a little later.


Zones are defined within a site to keep applications and desktops close to the user location while also simplifying administration by leveraging a single instance of Studio, Director and configuration database regardless of the number of zones. With zones, users in remote regions can get to their resources without having to traverse the WAN.

There are two types of zones – Primary zones and Satellite zones. Primary zones typically have two or more controllers and have the site configuration database locally whereas satellite zones can have a single controller or more. While similar, zones in the new FMA architecture in 7.x is not the same as XenApp 6.5. For instance, the concept of a zone data collector no longer exists.

With the introduction of Zone preference in conjunction with Optimal Gateway Routing, users can be homed to a specific zone when accessing their apps and desktops based on predefined conditions and rules. This greatly improves the user experience. Disaster recovery can also be handled intelligently.

For detailed information on Zones and Zone preference I would recommend you review the official documentation. Carl Stalhood has a very good blog on this topic as well.

There is also a great overview of Zone Preference in the XenDesktop 7.11 Master Class starting at the 58 minute mark.

When to use Sites

While zones simplifies overall administrative overheard and potentially infrastructure requirements, leveraging sites is a more prudent choice in certain scenarios. Lets look into these:


Latency will impact user performance. Latency and concurrent user requests should be taken into consideration and tested before deciding to use zones. See the chart above for different scenarios tested. There are two great blogs, one by Chris Gilbert and another by William Charnell on how latency affects brokering performance from satellite zones in XA/XD 7.7 where they collect metrics under various latency conditions. Definitely worth a read. However these metrics have improved significantly in 7.11 and above. In fact, 250 ms latency, XenApp and XenDesktop 7.11 outperforms the 7.7 code at 90 ms. With 7.11 or later, users experience quicker brokering of resources, even with latency between a broker and the SQL server. The official citrix documentation covers latency and the impact on zones, registration storm impact and how this can be tuned in great detail.

Fault Domains

When we talk about large deployments with greater than 5000 users, it is best practice to break the environment down into smaller PODs. This helps split the enviroment into multiple fault domains such that when any of the pods are affected, only a small set of users are impacted if any. Even when all users connect in to a single datacenter, it is still beneficial to break the infrastructure down to multiple sites and PODs. Here are the slides from a great session at Synergy 2015 that covered the benefits of a POD based architecture. This blog is also worth a read.

Administrative Boundaries/Regulatory Compliance

For environments that require complete administrative isolation between different regions or business units, going with separate sites is recommended. While Role Based Access Control is available, it does not meet the needs of every customer. In addition I have worked with customers that have gone with multiple sites so as to isolate environments to meet compliance requirements such as PCI or regulated environments where upgrades are not as frequent.

While multiple sites requires additional infrastructure, the resources from the various PODs can be aggregated from a user access perspective. Monitoring and troubleshooting can also be simplified as Director can manage multiple sites. A number of the tasks can also be automated by leveraging script. Image management can be greatly simplified by leveraging PVS.

When to use Zones

When designing a XenApp/XenDesktop infrastructure for an environment with multiple datacenters with latency being a non factor (within acceptable limits), zones can certainly be an option. The number of users per satellite zone can play a factor when making that determination as discussed earlier. Fault tolerance should also be taken into account as all the zones share one common site configuration database and connectivity issues could impact all the users. The resources that users connect to can be controlled based on zone preference and failover. 

Using a combination of Sites and Zones is also an option. For instance if a customer environment is spread across the globe but also has multiple datacenters within each region, they could use Sites for each region and the leverage Zones for the datacenters within each region assuming low latency between the datacenters. This would help reduce the overall complexity and administrative overheard when compared to deploying a site per datacenter.

From The Field

Here is some feedback from Jason Samuel, one of our CTP‘s based on his experience.

“Most of my customers completed their migrations from 6.5 to 7.x when either zones weren’t available in FMA yet or was still new.  They went with a site per data center.  My bigger customers embraced localized pods within each datacenter itself.  This is often self contained pods built on HCI as the backend.  Application and image management is controlled through PowerShell scripts to help with administration of multiple sites.  Since these customers have been using this model for a few years now and it is a mature process for them, they continue with this approach.  My customers that are doing greenfield 7.x deployments are the ones that really consider zones vs. doing individual sites.”

Ryan Mcclure, Senior Architect at Citrix Systems had this to say: 

“So armed with this data and information, what should you do? Stick to multiple sites? Design with zones wherever possible? Some scenarios just beg for zones, while others are obvious use cases for sites/pods, but more commonly, both are technically viable and it is a matter of weighing the pros and cons. If your workload is mission critical and your deployment lives in one or two datacenters, multiple sites are probably a good option for you. They provide additional fault tolerance, shrink failure domains and increase flexibility during upgrades. If, on the other hand, you have a number of semi-well connected locations where application back-ends reside, one site per location may prove prohibitive from an administrative perspective. These sorts of deployments are where zones should really be considered. The combination of sites and zones also shouldn’t be overlooked. The geographic distribution cited above is one example, but sites and zones can also be combined to strike a balance between manageability and availability. Rather than all VDAs in a zone mapping to a single primary site, multiple primary sites can be deployed.

When the decision isn’t obvious, our most successful customers ask the same question:

“What are other customers in similar situations doing?”

The strategy around sites and zones definitely isn’t one size fits all, but up until now, most of our large enterprise customers have gravitated towards separate sites. Many do so based on their desire to shrink failure domains and minimize risk wherever possible. You may have even heard recommendations to skip zones because sites have been available longer in the FMA world. At the time, this recommendation may have made sense, but the IT space is as dynamic as ever and leading practices need to be updated with the times. Over the last few months, this trend around steering clear of zones has started to shift, and more customers are taking a hard look at how zones can help simplify environment management. In most scenarios, zones shouldn’t be viewed as a total replacement for sites, but if your deployment can be simplified and/or management streamlined by implementing zones where the make sense, now is the time to give them a good look.”

Final Thoughts

Zones in XenApp/XenDesktop 7.9+ is a welcome addition and offers greater flexibility when planning out deployments. However, it is not necessarily the solution for every use case as discussed above. Latency, number of users/location, concurrent logins etc need to be carefully considered before deciding whether to go with multiple sites or leverage zones instead.




Which Sessions Should I Attend at Citrix Synergy 2017? A Q&A approach!


Over the last couple of years I have been compiling a list of recommended synergy sessions  that I encourage my customers to attend. Since most attendees come with different objectives, coming up with a top 10 list didnt seem logical. So this year I decided to take a different approach and organize my picks based on the reasons why customers and partners have decided to attend Synergy.

My Top Picks Overall (In no specific order):

  • SYN301: XenApp and XenDesktop Tech Update: May 2017 edition

  • SYN134: Citrix Workspace User Experience

  • SYN412: StoreFront: top 10 lessons learned from the field

  • SYN102: Is it Time to Upgrade to XenApp 7.x?

  • SYN321: XenMobile Deployments

  • SYN330: Optimize and scale your XenApp and XenDesktop platform the CTP way

  • SYN303: Independent Citrix experts’ deep dive on Remote Graphics, user experience and GPUs

  • SYN316: Increase your security posture with Sharefile Enterprise

  • SYN115: Why should I use ShareFile if I already have Office 365?

  • SYN318: A to Z: best practices for delivering XenApp and XenDesktop from Microsoft Azure using Citrix Cloud

  • SYN103: XenApp and XenDesktop App Layering

  • SYN107: XenServer Tech Update

  • SYN111: What’s new with Citrix Cloud and what’s to come

  • SYN123: SD-WAN case study: How a XenApp customer improved application delivery to the branch

  • SYN118: What’s new with NetScaler ADC

  • SYN310: Powering the digital workspace using Citrix Cloud: a deep dive into architecture and configuration

  • SYN319: Securing devices, apps and data with XenMobile

  • SYN312: Authentication: deep dive on Citrix solutions

  • SYN712: Analysis of a hack: how to defend and protect with Citrix

  • SYN131: Citrix Workspace IoT

  • SYN127: Introducing Smart Tools for the Xen product family; faster POCs and efficient operations on-premises or in the cloud

  • SYN325: Automating NetScaler: talking NITRO with PowerShell

For existing XenApp/XenDesktop customers looking to optimize their environments and/or learn whats new:

  • SYN301: XenApp and XenDesktop Tech Update: May 2017 edition
  • SYN709: Monitoring the Citrix virtual workspace
  • SYN412: StoreFront: top 10 lessons learned from the field
  • SYN104: XenApp and XenDesktop: What’s new and roadmap
  • SYN103: XenApp and XenDesktop App Layering
  • SYN106: Fantastic four: the do’s, don’ts and lessons learned of Citrix implementations
  • SYN312: Authentication: deep dive on Citrix solutions
  • SYN111: What’s new with Citrix Cloud and what’s to come
  • SYN302: Keys to a successful XenApp and XenDesktop user experience
  • SYN102: Is it Time to Upgrade to XenApp 7.x?
  • SYN330: Optimize and scale your XenApp and XenDesktop platform the CTP way
    SYN706: Build a XenApp real-time session monitoring dashboard
  • SYN409: Overcoming challenges in a double-hop XenApp session
  • LAB609: Deploying Workspace Environment Management for XenApp and XenDesktop
  • LAB613: Configuring ShareFile in a Citrix environment
  • SYN303: Independent Citrix experts’ deep dive on Remote Graphics, user experience and GPUs
  • LAB610: Gain end-to-end insight and control with NetScaler Management & Analytics System

For attendees curious about how Citrix complements Microsoft Azure and O365:

  • SYN115: Why should I use ShareFile if I already have Office 365?
  • SYN318: A to Z: best practices for delivering XenApp and XenDesktop from Microsoft Azure using Citrix Cloud

For Microsoft Intune customers looking to see how XenMobile can complement their existing solution:

  • SYN415: XenMobile Essentials for Microsoft Enterprise Mobility Suite
  • SYN116: Admin and end user experience with XenMobile Essentials for Enterprise Mobility Suite

For attendees who would like to learn more about Sharefile, and how it compares with other solutions:

  • SYN316: Increase your security posture: deep dive on ShareFile security and compliance
  • SYN314: Extend existing storage investments with ShareFile
  • SYN702: Why choose ShareFile over Box, Dropbox, Egnyte, Syncplicity, and other EFSS vendors

If you are new to Citrix App Layering:

  • SYN103: XenApp and XenDesktop App Layering
  • LAB611: Installing and configuring application layering

Interested in learning more about Citrix Cloud:

  • LAB605: Deploying and configuring XenApp and XenDesktop Service on Citrix Cloud
  • SYN310: Powering the digital workspace using Citrix Cloud: a deep dive into architecture and configuration
  • SYN111: What’s new with Citrix Cloud and what’s to come
  • LAB615: Deploying and automating Citrix solutions with Citrix Cloud and AWS

Attendees who have a strong networking background or networking focused:

  • SYN123: SD-WAN case study: How a XenApp customer improved application delivery to the branch
  • SYN411: Guidelines for NetScaler ADC sizing and capacity planning
  • SYN118: What’s new with NetScaler ADC
  • LAB601: Increase your NetScaler IQ to better manage your NetScaler ADCs
  • LAB602: Gain competitive advantage with key new features in NetScaler SD-WAN
  • SYN130: Getting started with NetScaler Management and Analytics System
  • SYN323: Migrate your NetScaler deployments to the cloud
  • LAB610: Gain end-to-end insight and control with NetScaler Management & Analytics System

For those considering migrating workloads to a public cloud:

  • SYN318: A to Z: best practices for delivering XenApp and XenDesktop from Microsoft Azure using Citrix Cloud
  • SYN111: What’s new with Citrix Cloud and what’s to come
  • SYN310: Powering the digital workspace using Citrix Cloud: a deep dive into architecture and configuration
  • SYN313: Identity, security, availability: best practices with Citrix Cloud
  • LAB615: Deploying and automating Citrix solutions with Citrix Cloud and AWS
  • LAB612: Architecting Citrix in the cloud era with XenDesktop Essentials and NetScaler in Azure
  • SYN110: Select the right cloud or hybrid cloud for your deployment? How, when and where
  • SYN104: XenApp and XenDesktop: What’s new and roadmap

For attendees interested in learning more about XenMobile:

  • SYN117: XenMobile: What’s new and roadmap
  • SYN319: Securing devices, apps and data with XenMobile
  • LAB603: Implementing XenMobile Services within Citrix Cloud
  • SYN320: Take your XenMobile environment to the cloud
  • SYN405: Modernizing mobility in manufacturing

For attendees who have a strong security background/interest:

  • SYN312: Authentication: deep dive on Citrix solutions
  • SYN313: Identity, security, availability: best practices with Citrix Cloud
  • SYN316: Increase your security posture: deep dive on ShareFile security and compliance
  • SYN125: Security challenges and uses cases you can solve with Citrix Workspace Suite
  • SYN414: Access and authentication options in a Citrix environment
  • LAB607: Building a successful Federated Authentication Service POC
  • SYN124: Securing high-value applications in bank IT infrastructure
  • SYN329: FedRAMP – Security and compliance in a cloud world
  • SYN712: Analysis of a hack: how to defend and protect with Citrix

For attendees still running XenApp 6.5:

  • SYN102: Is it Time to Upgrade to XenApp 7.x?

For attendees evaluating VDI solutions and would like to compare and contrast XenApp and XenDesktop with VMware Horizon:

  • SYN304: Comparison: delivering virtual desktops with XenDesktop 7.x or Horizon 7.x

For current Azure Remote App customers:

  • SYN334: XenApp Essentials the fastest way to deliver apps from Azure

For those who are new to IoT and would like to learn about Octoblu:

  • SYN401: Fireside chat with IoT experts about automating Citrix with Octoblu
  • SYN131: Citrix Workspace IoT

For attendees looking to cut costs, specifically around hypervisor licensing:

  • SYN107: XenServer tech update: boot PVS desktops faster, protect against zero days, and patch without reboots
  • SYN416: XenServer for VMware admins
  • LAB617: Extending the security of your XenApp and XenDesktop environment with XenServer and Bitdefender Hypervisor Introspection (HVI)

If Automation and Orchestration peaks your curiosity :

  • SYN401: Fireside chat with IoT experts about automating Citrix with Octoblu
  • SYN127: Introducing Smart Tools for the Xen product family; faster POCs and efficient operations on-premises or in the cloud
  • LAB608: Workspace IoT makerspace
  • SYN325: Automating NetScaler: talking NITRO with PowerShell
  • SYN131: Citrix Workspace IoT
  • SYN322: Guidelines for automating service orchestration and analytics in your datacenter
























Is Samsung Chromebook Plus The Perfect Chromebook?

Over the past couple of years I’ve been collecting a lot of chromebooks. As of the 13th of Feb, I now own 6, mostly Acer and Samsung devices. As much as I love the concept of a low cost, ultra portable and secure thin client with excellent battery life & then leveraging Citrix for my enterprise apps, it always felt like there was something missing. Some of the common complaints were display resolution, build quality, lack of offline access and lack of a good touch screen model under $500.

Needless to say I was extremely intrigued when Samsung announced the 12 inch Chromebook Plus and the price point. I pre-ordered the device and got mine earlier this week. My experience so far has been terrific. Lets look into why I feel this device is close to perfect.


The Samsung Chromebook Pro is a  12.3-inch laptop that also converts into a tablet. It is powered by an OP1 Hexa-core (Dual A72, Quad A53) ARM processor with 4GB of RAM and 32GB of storage. It comes with two USB Type-C ports and a microSD slot. It has various display modes, very similar to the Lenovo Yoga. It has a full metal design that weighs just 2.4 pounds. It comes with a stylus that pops out of the right side of the system, letting you take notes with Google Keep and other apps and smart enough to recognize characters, allowing you to search through your handwritten notes afterwords.

Display Resolution

Resolution has been one of my biggest gripes with chromebooks so far. And boy does this device address that issue. The Chromebook pro comes with a quad HD (2400 x 1600) pixel screen made with Gorilla Glass 3. with a 3:2 aspect ratio. The high resolution means my Citrix VDI instance looks absolutely spectacular on this device. Lots of real estate too!

Battery Time

Based on my testing so far, the battery time of the Chromebook Plus is on par every other chromebook I own. I’m getting approximately 9-10 hrs. Keep in mind that the resolution for this device is also one of the best. So that the battery time extremely impressive.

Android Apps!

This to me is a GAME CHANGER!! As you know, Google announced support for Android apps on chromebooks last yr. The challenge was that just a handful of devices were actually supported, and even among the ones where it was supported there was only one that had a touch screen. Personally I believe Android app support is pointless if there is no touch screen. Thankfully the Chromebook plus does have one! The combination of android app support, great resolution and touch screen makes it the perfect device. I now have a number of key productivity apps, many of which I can use offline. Some of my favorites so far are Citrix Secure Mail, Secure Web, Sharefile (Enterprise File Share and Sync), Slack and Skype for Business to name a few.

Touch Screen

The touch screen is extremely responsive. No lags whatsoever. Works great in tablet mode. Also great when using Android apps. All chromebooks moving forward need to be touch enabled IMHO. You cannot effectively use Android apps without touch!


The Chromebook Plus comes with a pressure sensitive stylus that is on par with others like the Surfacebook. Is it perfect? No. But its quite good. I can totally see myself using this device to do a white board or sketch a design while I am at customers. Very handy!!

Final Thoughts

Today was my first day out on the road with just the chromebook pro. I honestly did not miss my XPS 13. I accessed my Citrix VDI instance the entire time and the experience has never been this good on any of the other chromebooks I own. I also used a number of android apps including Skype for Business, Sharefile, Secure Web and others. The combination of VDI, chrome browser and native mobile apps is quite amazing. I used the the system for around 5 hrs and did not run into any issues during that time.

At $449, this device is a steal! If you are looking for a chromebook today, this should be in the list of favs! If I were to change one thing, I would add more memory to this device. Android apps can eat up memory fast!

Kudos to Samsung for a job well done!