Desktop as a Service (DaaS) – Is it the Silver Bullet we’ve been waiting for?

With Amazon’s recent announcement of Workspaces offering and VMware’s Horizon DaaS offering, customers have started to inquire about to relevance and reality of such a solution.  As a Sales Engineer, I address these questions from customers on a daily basis. While I believe DaaS is here to stay and might be a perfect fit for some (especially in the SMB space),  I dont think it is a solution for a majority of the enterprise customers out there today. I thought I would post my views why I believe DaaS is not the Silver Bullet. I want to be clear that the views expressed here are my own.

Cost:

While upfront, DaaS seems like a cost effective solution (Amazon Workspaces and VMware Horizon DaaS offering starts at $35/month), it offers you a very limited environment. When you size something similar to what end users are used to having as their corporate devices (beefy processor, 4Gigs of Memory, 100 GB HD), all of a sudden that cost is  higher (upwards of $65). Now how about your power users? You get the idea. This does not take into account applications. So when you factor everything and the costs associated with maintaining some multi tiered applications on premises, I would argue that the cost of DaaS could be a wash or higher when compared to an on premises solution. I am sure over time the  cost of DaaS will come down significantly and the application architectures will change and will suit the DaaS model. But as of today, cost is not a reason to move to a DaaS model for most enterprise customers.

Uptime, Reliability & SLA’s:

When considering DaaS, keep in mind is that the customer has no control over the backend infrastructure and is totally at the mercy of the service provider when it comes to reliability, DR and uptime. If a large service provider like Amazon can have outages, and be down for extended periods of time, you have to seriously question the reliability of DaaS. One way to mitigate risk is to define a robust Service Level Agreement (SLA), but this can be challenging due to lack of flexibility by the service provider. In an on premises XenDesktop implementation, the customer can architect a fully redundant and fault tolerant solution that the customer has full control of.

Performance/Complexity:

For customers looking to provide a desktop with just Office productivity applications, DaaS could be a viable option. Small businesses would be an example where such a solution would be a good fit. However, in the Enterprise space, the application portfolio is much larger and consists of a variety of tiered client server applications. Most customers are hesitant to move the backend data into the cloud for various reasons. So in order to make the DaaS solution work for enterprise customers some sort of a VPN tunnel is required that bridges the cloud infrastructure with the customer on premise infrastructure. The customer has to manage infrastructure on premises and in the cloud. This adds complexity, makes troubleshooting harder, could lead to performance issues, and could make DR and SLA agreements extremely complicated. Also in a scenario where users connect from different parts of the world and have data living locally, there could be various challenges as well. To summarize, some of the key technical challenges are:

  • Performance issues – If the DaaS provider does not have a presence across the globe, there could be serious performance issues when accessing the desktop. Few cloud vendors have presence outside the US. In a lot of cases, businesses or clients might control where the data is stored. If certain application data is stored locally in a different part of the world, there could be challenges in having the data synchronized at all times and could also lead to performance issues. In a traditional VDI model, desktops move closer to the applications in the data center which leads to better performance whereas with DaaS, desktops move further away from applications which is bound to impact the application performance and user perception.
  • Connectivity and bandwidth issues: One of the assumptions when going down the DaaS route is that the user is always connected. The challenge is that if there is any form of connectivity issues either at the service provider or the user, user loses access to the desktop. Also for a large enterprise to access thousands of desktops in the cloud, there could be a significant bandwidth requirement that could drive up the cost of the DaaS solution.
  • Maintaining infrastructure both on premises and in the cloud: In a lot of cases, data and application infrastructure will reside in the customer’s private cloud with the DaaS infrastructure living in the public cloud. This leads to added administrative overhead, challenges in troubleshooting end user issues, added bandwidth requirements and costs to list a few challenges.

Licensing challenges with DaaS

Licensing is one of the key challenges in a DaaS implementation. Microsoft does not offer a Service Provider License Agreement for desktop OS. As a result, most DaaS implementations are based on shared Windows Server OS or a dedicated Server OS/user. While the shared/dedicated server based DaaS environment could work fine for some users, it does not offer the same level of personalization/customization that true VDI solution based on a Desktop OS offers.

In order for a service provider to host a true windows desktop based VDI solution for a customer,  customer needs to own the Desktop OS licenses and transfer it over to the DaaS provider. Such a configuration leads to increased costs for the customer.

Persona Management:

The degree of user customization offered within a DaaS solution can be significantly limited as compared to on premises VDI solutions. These include USB peripheral support, printer management and profile management to name a few. Peripherals such as those that rely on a fast USB connection will not be able to communicate quickly with the service provider data center. Login times can be impacted if some of the profile data lives on premise. Printer driver support can become challenging as most DaaS providers rely on universal print drivers. Print job spooling could consume a lot of bandwidth and impact user performance.

Security/Trust 

Most companies are still very reluctant to host their confidential data in the public cloud where they do not have full control. In some cases, companies are not allowed to host data in the cloud due to regulations and compliance laws. At the end of the day, who owns the data? If the service provider is subpoenaed it is likely that can they divulge customer data without the customers consent.

No Offline Access

DaaS providers do not provide any form of offline access. Users need to be connected at all times in order to access their desktops. An on premises Citrix XenDesktop implementation on the other hand offers solutions that allow the user to access their desktops offline with bidirectional synchronization of data with the datacenter. If offline access is a requirement, then the DaaS solution is not a fit.

While this post might make it seem like I am anti DaaS, that is not the case. There are definitely use cases for DaaS in every enterprise, but it is not a solution for ALL use cases within an environment.

 

My Rebuttal to the latest VMware FUD: Citrix XenDesktop is for “Purely Virtual” use case

I recently got hold of a sales campaign email from VMware which focused around “taking out” existing XenApp customers by upselling them the VMware Horizon suite. The objective was to prevent customers from upgrading to XenDesktop. While I am all for competing with VMware and having a healthy debate on our competing strategies when it comes to Desktop Virtualization, I don’t appreciate FUD being spread that is ABSOLUTELY BASELESS. A lot of times, I walk into customers who have been completely misinformed on our solution. Below is the latest claim from VMware that I’d like to address in this post.

“Coach the customer in keeping XenApp and complimenting it with Horizon Suite for best in class virtual desktops, to manage physical desktops (this is key – Citrix is pure virtual, we on the other hand can do it all including physical via H. Mirage and virtual via H. View) “

Citrix is purely “Virtual”???? REALLY ??

Much before VMware acquired Wanova Mirage (2012), Citrix had XenClient which is a type 1 hypervisor that runs on physical endpoints and allows for centralized management of virtual desktops while providing offline access and bi directional synchronization. With XenClient 5, Citrix has further enhanced this product to integrate the personal vDisk technology thereby allowing for a single image to be shared by thousands of users while allowing customization and personal applications to be installed leveraging personal vdisk. Moreover, the users personalizations stored in the personal vDisk is available both in the hosted VDI environment and within XenClient. We’ve also extended this solution to Macs with the Desktop player for Mac which provides the same functionality via a type 2 hypervisor. XenClient is an ideal solution for physical desktops and laptops alike providing offline access, centralized management and layering of user personalization, apps and data.

Provisioning Services has been around for a long time as well as part of the Citrix XenDesktop suite which allows for streaming of images to physical endpoints, physical servers, virtual desktops and virtual servers. PVS also allows for centralized management of these images and to easily scale up/scale down capacity, rollout/pull back updates etc. Granted this solution is not an offline solution and not for mobile users, but it is a solution for physical endpoints and scales to thousands of endpoints from a single PVS server

If I were a customer, I would feel insulted with VMware’s strategy of shoving pure BS down my throat and insulting my intelligence.

 

Synergy Recap Part 2 – XenMobile Announcements

Continuing on the topic on Synergy, changes to the XenMobile product suite was the other big announcement..

Lets take a step back..

Up until the beginning of this 2013, Citrix’s approach to mobililty was Mobile Application Management through their CloudGateway product. The strategy was that enterprises would have the ability to deliver SaaS, Web, Windows and mobile applications all from a unified portal with integrated identity management. Enterprises could wrap corporate applications (MDX wrapped apps) and then deploy these applications to mobile devices.. These applications would then be containerized and live within its own bubble on the mobile device. Policies could be applied to each wrapped application and they could talk to each other but not with the users personal applications and data. Everything within the container could be wiped without affecting the users personal data. In addition, CloudGateway provided Federated IdentityReceiver would be the single client that would be used across all devices.

While this was a great strategy for BYOD, there was a lot of push back from companies who still wanted to manage corporate owned devices, where they wanted the ability to do full wipes, enforce various policies at the device level and also other features like Geo Fencing.

Fast Forward to Jan 2013..

Based on the market demands, Citrix felt that it needed add MDM capabilities to its mobile management solution and hence acquired Zenprise (Gartner Magic Quadrant for MDM) and re branded the product XenMobile. With the addition of Zenprise, Citrix had a complete solution in XenMobile with both MAM and MDM capabilities. As part of the initial offering, there were two editions, the MDM edition which was basically Zenprise rebranded and the Mobility Solutions bundle which offered both MDM and MAM functionality. The other unique feature about the licensing model was that Citrix offered a per user licensing model, which makes a lot of sense in this day n age where most users have at least 3 devices.

While this was all great, there were some customers who only needed the MAM functionality and others who felt the features did not justify the cost. Also from an end user perspective, the solution was a bit kludgy.  There were three clients namely the enroll agent (for enrolling the users device), connect (used to download profiles and enforce policies) and receiver (for delivering the containerized applications). All the clients were available through App Store (iOS) and Google Play (Android)

So what did we announce at Synergy?

XENMOBILE EDITIONS UPDATED

Going forward, XenMobile will be available in three editions – MDM edition, APP edition and Enterprise Edition. I really liked this announcement as I know of a number of customers in my space that are only interested in the MAM piece and now they have an options as opposed to just having to purchase the Enterprise edition. I am not going into MAM and MDM much as it has already been discussed earlier in the post, but in short, MDM = Zenprise and APP Edition = CloudGateway functionality.

The Enterprise edition will include App Edition, MDM, Sharefile (Citrix’s own follow me data product) and GoToAssist. This definitely adds a great amount of value to the product suite and provides customers with an all encompassing solution that allows them to:

    • Manage mobile devices (both BYO and corporate owned) and enforce policies.
    • Deliver SaaS, Windows, Internal Web and mobile applications to mobile devices.
    • Identity management
    • A secure follow me data solution through Sharefile with cloud and on-premise storage.
    • Ability to remotely troubleshoot mobile devices with GoToAssist

 The solution keeps both IT management and end users happy as IT management gets the security profile they desire while the end users feel empowered and become more productive with all their corporate apps made available on their personal devices.

XENMOBILE COMPONENTS REBRANDED

As I mentioned earlier in the post, prior to Synergy the key end user facing Xenmobile components were Enroll and Connect. Receiver was used to deliver MDX wrapped applications. Going forward, the components will rebranded as Worx Enroll and Worx Home. Worx Enroll will be the device enrollment piece and Worx Home will be store for Mobile, Web and SaaS applications including Worx Mobile Apps (previously MDX wrapped apps) like Worx Web Worx Mail, Sharefile etc . Receiver will still be used to deliver XA/XD resources, but I think it is safe to assume that eventually XA/XD resources will be made available through Worx Home in the future. All the applications delivered via Worx Home will be available on the home screen along with all the other applications on your device. However each of these applications live within its own container and will be fully encrypted. Worx Home and Worx Enroll will be available through App Store (iOS) and Google Play (Android).

Citrix also announced the Worx App Gallery, a place wheresoftware vendors/partners/independent developers can showcase their work enabled applications. Mark Templeton in his keynote mentioned that there are over 80 Worx enabled applications at present.

AVAILABILITY?

The new XenMobile offerings should be made available by end of June/early July

OVERALL IMPRESSIONS

I thought the XenMobile announcements were significant, offering solutions that fit most customer needs. There is significant value in the Enterprise edition with the addition of Sharefile and GoToAssist.  I feel the pieces are finally coming together and my hope is that the end user experience is painless (only time will tell) and that the backend infrastructure gets more streamlined in the future. Gartner has positioned Citrix in the Magic Quadrant for Enterprise Mobility Management and rightly so in my opinion. I believe Citrix has the most complete solution in the market at present and more importantly the right people at the helm to lead this forward.

 

Synergy 2013 Recap: Part 1- XenDesktop 7

I was fortunate enough to attend Citrix Synergy this year at Anaheim, CA. The event was great as always with around 6500 attendees, 125+ unique sessions, the ever popular Geek Speak Live and Maroon5 who brought the house down. For me though, the highlight was MarkT’s keynote and Brad Peterson’s demos.  Noone can tell a story like MarkT and BradP is the best at what he does. I wanted to focus this post on XenDesktop 7

XenDesktop 7 was probably the most exciting announcement for the traditional Citrix customer running XenApp and XenDesktop. Lets dig deep into the announcements around XenDesktop 7:

Unified Architecture: Flexcast Management Architecture

Today, with XA 6.x and XD 5.x, the infrastructure for each are completely independent of each other with around 22 consoles in all. So it is an understatement to say that the infrastructure could be simplified. Morever, the workflow for deploying Hosted Shared Desktops and Apps is different from the workflow for deploying traditional VDI.

The key goals for the XD7 release were mobility and simplicity while maintaining security. With XD7, Citrix is moving to a unified architecture aka Flexcast Management Architecture (FMA), thereby giving administrators the ability to deploy Hosted Shared Desktops, Physical PC’s, published applications and traditional VDI from the same console using the same methodology. The overall infrastructure requirements will significantly reduce for environments that run both XenApp and XenDesktop today. I was one of the early adopters and had the Tech Preview running in my lab back in November 2012. It took me less than 20 minutes to get the infrastructure up and running and another hour or so to have XA and XD workloads available to users. The process involved building a Windows Server and desktop image, installing the VDA on the image and then using Studio to spin up desktops and applications and assigning them to users. Citrix has really done a fabulous job in simplifying the installation process and more importantly making the process dummy proof (with various configuration checks along the way).

Director and Studio

The number of consoles have been reduced to two – Director (geared more towards Helpdesk staff for preliminary troubleshooting) and Studio (geared towards administrators).  With Studio, you can now build and assign server/desktop workloads to users, publish applications, create and manage user profiles, manage policies, monitor and troubleshoot infrastructure components, review logs, manage PVS infrastructure and manage Storefront, ALL FROM WITHIN THE SAME CONSOLE!! This to me is huge. In addition, Machine Creation Service, can now be leveraged to deploy XenApp workloads which drastically simplifies the deployment process. Ofcourse you can still leverage PVS as well (new release included with XD7).

The New Edgesight

Being an SE at Citrix and talking to customers all the time, I am particularly excited about the new Director! Citrix has also completely re-architected monitoring and reporting for XenApp and XenDesktop from the ground up. While Edgesight has always been an invaluable tool within a Citrix environment, the learning curve was quite steep and it required additional infrastructure. I have spoken to a number of administrators who have gone down the path of installing and configuring Edgesight and eventually not using the product because of the effort involved in getting meaningful data relevant to their environment. With XD7, the product management team clearly understood these pain points relayed by the customers and addressed them. What you would traditionally consider as Edgesight monitoring and reporting is now fully integrated into Citrix Director. All the information is presented to the administrator in the form of graphs/dashboards and administrators have the ability to drill down further as needed. There is also a helpdesk view which allows helpdesk to perform basic troubleshooting and remediation tasks such as shadow a user session, kill a hung process, clear the user profile and personal vdisk, log off a session etc. In XD7, Edgesight no longer requires additional infrastructure or an agent on the endpoint. The edgesight components are built into the Virtual Delivery Agent (VDA). XD Platinum licensing is required for historical reporting (>1 week of data)

HDX Insight

With Netscaler 10.1, Citrix has now introduced HDX insight which allows you to correlate network metrics with application behavior. HDX insight provides end to end ICA visibility. All the HDX Insight data and reports are available right within Director. HDX Insight requires Netscaler 10.1 Enterprise or above. XD/Netscaler Platinum is required for historical reporting.

HDX and HDX 3D Pro

With XenDesktop 7, Citrix is leveraging H264 based codec for all video workloads (as opposed to just 3D graphics in the past). As a result, there is a 2x increase in frame rate without an increase in bandwidth requirements. What this means is that you would be able to deliver high def videos to mobile devices, even over 3g connections. In the internal lab tests, Citrix was able to deliver 18 frames per second on an 800 kbps 3g connection. The new H264 based codec dynamically adjusts to network conditions and adjusts the quality accordingly. Also Windows Media redirection (client side fetching) is now being extended to Mac, iOS and Android devices. With the new Virtual Channel and HDX Realtime SDK for real time voice and video, there are significant improvements around Unified Communications. Microsoft, Cisco and Avaya are the first to embrace the new SDK.

One of the highlights of the keynote was the demo showing virtulized 3D workloads being delivered from the cloud leveraging GPU sharing. While GPU sharing was available in the past for XenApp, it was not supported for OpenGL workloads. For XenDesktop, the solution used to be cost prohibitive as there was no GPU sharing and each physical server typically supported only 4 GPU’s. With XD7,  HDX 3D Pro with GPU sharing is now supported on hosted shared desktops and published applications for OpenGL and DirectX workloads. GPU sharing is primarily targeted towards tier 2 3D Professional graphics users. This will significantly reduce the costs of delivering 3D workloads to high end users over high latency links while securing the intellectual property. In addition to GPU sharing via Hosted Shared Desktops, GPU sharing will also be available for VDI workloads. Tech Preview will be available in Q3 2013.

Reverse Seamless Applications

Reverse Seamless Apps has been one of the most requested features for quite a while. In essence it allows a local application window to be presented within a VDI/Hosted Shared Desktop window. So for instance, if your corporate delivered desktop is locked down and has only the core applications and the user wants to access his locally installed iTunes from within his VDI session, with reverse seamless apps, technically this would be possible. One caveat is that this is a PLATINUM ONLY FEATURE.

Desktop Player For Mac

As most of you are probably aware, XenClient a type-1 hypervisor for intel based workstations/latops primarily targeted for offline use of VDI was previously not able for Mac users. As a result it was not possible to access a VDI instance offline on a Mac. At Synergy, Citrix announced the Desktop Player for Mac, which is a type-2 hypervisor (much like Parallels) that allows users to check out a VDI instance and work offline. This VDI instance is delivered via the Xenclient Infrastructure and can be centrally managed. This adds a much needed piece to the Flexcast stack and helps Citrix compete in the Mac offline VDI space along with Mokafive, Mirage etc.

XenDesktop App Edition

With the announcement of XenDesktop 7, Citrix added a new licensing level for XenDesktop called the App Edition. This is intended for existing XenApp customers who would like to move to the new XenDesktop architecture but maintain only XenApp functionality, ie Hosted Shared Desktops and published applications.

RIP Application Streaming

Citrix has stopped developing application streaming and will not be supporting it on Windows 8 or Windows Server 2012. Customers can continue to use application streaming on existing XenApp deployments, however when the users migrate to Windows Server 2012, customers will have to migrate from application streaming to App-V. Current XenApp customers have App-V entitlements as part of the RDS CAL’s.

AppDNA for XenApp included in XD Platinum Licenses

A stripped down version of AppDNA is now included with XenDesktop Platinum licensing. This version of AppDNA allows users to test applications to see whether they are compatible to be hosted on XenApp. This functionality is available for unlimited apps.
I think that about sums it up from a XenDesktop perspective. I will be following up with posts on Sharefile, Merlin etc soon. Stay tuned!

My response to Vmware’s post – “Enhancing a Citrix XenApp implementation with VMware View and Thinapp”

Vmware published an article  a couple of days back on how they believe Thinapp and VMware View enhances Xenapp. My personal belief, on the contrary is that XenApp ELIMINATES the need for View and Thinapp in a lot of  use cases. In many scenarios, customers want “VDI” without really understanding whether it is the right fit and without understanding what else is out there. I will save this argument for another day, but for now, I want to try and go through VMware’s claims on why they feel View and ThinApp enhance XenApp:

1. “Requires only a single application instance: With ThinApp in a XenApp implementation, you need only one copy of the virtualized application stored on a ThinApp file share. With other applications presented with XenApp, you must install the same application on each of the XenApp Servers in your server farm, and each of these native installations must be individually maintained.”  

This claim is totally FALSE. XenApp includes an application streaming utility known as the Application Streaming profiler which I consider to be ThinApp on steroids. There is no need to install the same application on every XenApp server. Application streaming profiles can be stored on file shares just like ThinApp and deployed to servers. To take it a step further, the security model around the delivery of app streaming profile packages is a lot better. Based on my experience with ThinApp, it is great for virtualizing stand alone applications, but when it comes to cross linkages or any application that goes beyond a snapshot, it gets very complex with ThinApp. The application streaming profiler is a much more robust tool.

In addition to the application streaming profiler, the XenApp platinum license also includes Citrix Provisioning Server which provides the ability to have one golden image streamed to thousands of XenApp servers. So when there is an application update that needs to be rolled out to large number of servers, you only need to update the golden image.

2. “Application conflict is eliminated: To avoid application conflicts, Citrix isolates applications from each other via XenApp silos, which requires additional hardware. ThinApp isolates applications with software, not hardware. ThinApp virtual applications are isolated from each other and therefore can be placed on the same XenApp Server.”

Again this is FALSE.  XenApp provides multiple ways of addressing application conflicts. One way is to create silos or worker groups which host certain applications. The other method is to use application streaming profiles to co host conflicting applications on the same XenApp server. For instance you can run Office 2010 and Office 2007 on the same server, or IE 6 and IE 8.

3.  ”Recovery is simpler: If a XenApp Server fails, you have to reinstall the XenApp server. However, if you have stored your virtual applications separately on a ThinApp file share, you have only the baseline XenApp server to reinstall, and you do not have to reinstall the applications.”

My response to the first claim addresses this as well, but to summarize, all of what can be done with ThinApp can be achieved with application streaming profiles. In addition with the help of Provisioning services, we can easily provision additional XenApp servers within minutes since all the servers can boot off the same golden image that is streamed to the server.

4. “Updates are simpler and faster with ThinApp: With a standard Citrix XenApp setup, you must update each natively installed application on each XenApp Server, and you need to take each server offline to update the applications. If you use ThinApp to virtualize applications, you update only the single application on the file share, and ThinApp applications can be updated automatically while in use.”

This once again is a repetition and is already addressed above. Application streaming profiles can also be updated while the application is in use.

5ThinApp can virtualize IE6, and the migration to Windows 7 is eased: ThinApp allows you to virtualize Microsoft Internet Explorer 6 (IE6), and you can package IE6 along with a legacy application that depends upon IE6 or an older version of Java. Users can run virtual IE6 alongside a later version of native IE on the same desktop. The migration to Windows 7 or to later Windows versions becomes easier if you have the option of carrying forward any IE6-dependent legacy applications.

Application streaming has the same functionality. In fact, application linkage is a lot easier in the application streaming profiler as compared to ThinApp thanks to Inter-Isolation profiles. One of the clients I was recently working at (which by the way was a VMware shop with NO citrix) wanted to evaluate ThinApp and Application streaming profiler. After seeing the complexity of application linkage in ThinApp, which includes text file editing among other things, they decided to to give XenApp application streaming profiler a shot. We got the application packaged and deployed in less than an hour. They had invested over 10 hrs on ThinApp and failed.

So while XenApp can definitely do IE 6 linked to other legacy apps, the important point is that we can virtualize a lot more legacy apps that are complex in nature as compared to ThinApp.

6. ”Users have their own desktops, with their own operating system and applications: XenApp provides users with a shared operating system and shared applications, and users can conflict with each other. VMware View provides users with their own desktop environments, with their own operating system instance and their own applications. Users do not conflict with each other.”

I am not sure how this claim proves that “VIEW ENHANCES XENAPP”. XenApp does provide users with a shared operation system, but users run their own instances of application within their session. The claim that users conflict with each other is FALSE! Published desktops in XenApp has been around a long time and is a proven solution. Users can have their own customization using profile management solutions. The look and feel can be completely skinned to look like a desktop operating system. This is much more cost effective as compared to a solution like VMware View. Not to mention, if we want to talk apples for apples, Citrix does offer XenDesktop!

7.”You can eliminate physical desktops and cut costs: Eliminating the maintenance of physical desktops saves time and money. See The Business Case for Desktop Virtualization.”

HUH? And XenApp does not? I thought the whole premise of using XenApp is to virtualize your applications and thereby reduce costs on desktop hardware refresh!

8. “The underlying infrastructure is familiar: If you have used VMware vSphere to virtualize your XenApp Servers, you can use your vSphere expertise to run View virtual desktops on the familiar infrastructure.”

Ah! I was waiting for this one. VMware’s favorite point to convince customers to go View! Just like View, XenDesktop also runs on vSphere. Oh but wait, XenDesktop also runs on XenServer and Hyper-V! In addition, in a lot cases, there wont be a need for View or XenDesktop when XenApp is in place!

Bottom line is that View and ThinApp by NO MEANS enhances XenApp. If anything, XenApp eliminates the need for View and Thinapp in a lot of scenarios.

Beyond Carlton – A Safer Earth

 

 

The Beyond Carlton movement has been in force for almost two years now, with the second anniversary of the fire tragedy coming up on Feb 23, 2012. This song is the theme song of the movement. It is a ‘trilingual’, with Hindi, English and a regional language that will help adapt it for various states/regions. We’ve started with Malayalam, with Rahul Soman wielding the pen, and Tamil and Kannada versions are under development.

Please visit and ‘like’ Beyond Carlton’s Facebook Page and express your solidarity with a cause that is as much yours as it is ours.

Music and English/Hindi lyrics: Nitin Dubey
Malayalam lyrics: Rahul Soman
English Vocals and harmonies: George Kuruvilla
Hindi and Malayalam vocals: KB Unnikrishnan
Electric lead and rhythm guitars: Sudeip Ghosh
Bass guitar, acoustic rhythm guitars, drum programming and piano: Nitin Dubey
Additional vocals: Navin Prabhakar and Arunaditya Basu
Special thanks: Sanour Sunny

Mere Dil Mein (From the album Trunk Call, Blogswara 2011)

I am pleased on post an original composition that I worked on in 2011. It is called Mere Dil Mein. The song and credits can be found at the link below. Do provide your feedback!

http://blogswara.in/bls/2012/01/01-mere-dil-mein-hindienglish/

Some of my recent work

For the past two years, I have only been posting my work on Muziboo, Facebook and Soundcloud. Going forward, my blog and facebook will be the primary source for all my music. I have a number of original compositions on the way, but to get things started, I thought I would post some of my most recent work. Enjoy!

You are My King (Chris Tomlin)

Dirty Diana (Michael Jackson)

Sau Gram Zindagi (Guzaarish)

Forbidden Colors (ryuichi sakamoto)

Everything (Michael Buble)

Earth Song (Michael Jackson)

Rocketeer (Far East Movement)

Gaby Turns 1

As cliche’d as this sounds, its hard to imagine that its been a year since Gaby was born. Roshan and I feel so blessed and grateful to God for all the happiness that Gaby has brought to our lives. Every day is an adventure as she learns something new. Now she walks, says words like book, light, calls me Dada, calls Roshan, Mimi, screams in perfect pitch and louder than anyone else in church, her innocent smile is the highlight of our day. While I am on the train on my way back home, all I think about is how she’s going to greet me that night. She has totally changed our life and its been the most amazing year! A lot of you have been following Gaby’s growth and have been very supportive. Roshan and Iwant to thank you for the same. Below are pics from her Birthday Parties.

 

Exchange 2010 – TLS negotiation on Send Connectors

Over the past month of so, I’ve been troubleshooting an issue that I felt I should blog about. What we would notice was that when Exchange receives emails with attachments, it took an awfully long time to forward the email to the smart host. An email with a 1Mb attachment would typically take between 10-15 minutes to be delivered to the external recipient. The issue only occurred when send emails to external domains via the smart host. To make things worse, while the mail with the attachment was processed, all other emails would be queued up.

 

 

To figure out exactly where the slowness was occuring, I decided to try a different smart host. We noticed that mail delivery was working perfectly with the new smart host. So my initial theory was that this was a smart host specific issue. After opening a ticket with the vendor, they informed me that they believe its an Exchange issue (surprise surprise!).  They sent me debug logs which showed that Exchange would open up an SMTP connection and just keep it open for 10 minutes before actually send ing the data to the smart host. What puzzled me was why I was not seeing the same behavior with the other smart host. You would think that if it was an Exchange bottleneck, the behavior should not be any different irrespective of the smart host.

So I finally decided to do a packet capture on the Exchange Hub Transport server. To my surprise I noticed that all the SMTP traffic including the MIME traffic was fully encrypted. So I quickly checked the Send connector and Smart host authentication was completely turned off. This really confused me as there are no other obvious settings to turn off TLS authentication. I wanted to rule out the possibility that encryption is the cause for slowness. So I did some research and found this article:

http://webbanshee.blogspot.com/2009/09/disable-tls-in-exchange-2007.html

 

For those who want a summary of the article, Exchange 2010 Hub Transport enables TLS encryption on the Send connectors by default and even if the setting is disabled in EMC, it is not truly disabled. To disable the setting, you need to use powershell and type the following commands:

 

Get-SendConnector | FL

This will list all the Send Connectors that are configured within the Exchange environment. The next step is to determine the send connector that is being used and look for the IgnoreStartTLS setting. If this setting is set to False (which is true by default), TLS encryption is enabled. This was true in our case. To disable TLS encryption for the send connector, issue the following command:

Set-SendConnector -Identity “Name of Send Connector” -IgnoreStartTLS: $TRUE

After issuing this command, restart the MS Exchange Transport Service. After I did this, mail flow was smooth and mails with very large attachments would take just a few seconds to forward to the smart host.

My conclusion was that there was some issue with TLS encryption between our smarthost and Exchange. We had TLS encryption enabled between Exchange and the second smart host as well and we did not face the same issues. So it seems isolated to the Sonicwall smart host in question.

All in all it was a good feeling to resolve the issue using packet captures. As they say, a packet capture never lies!

 

Go to top