Archive of ‘Technology’ category

Desktop as a Service (DaaS) – Is it the Silver Bullet we’ve been waiting for?

With Amazon’s recent announcement of Workspaces offering and VMware’s Horizon DaaS offering, customers have started to inquire about to relevance and reality of such a solution.  As a Sales Engineer, I address these questions from customers on a daily basis. While I believe DaaS is here to stay and might be a perfect fit for some (especially in the SMB space),  I dont think it is a solution for a majority of the enterprise customers out there today. I thought I would post my views why I believe DaaS is not the Silver Bullet. I want to be clear that the views expressed here are my own.

Cost:

While upfront, DaaS seems like a cost effective solution (Amazon Workspaces and VMware Horizon DaaS offering starts at $35/month), it offers you a very limited environment. When you size something similar to what end users are used to having as their corporate devices (beefy processor, 4Gigs of Memory, 100 GB HD), all of a sudden that cost is  higher (upwards of $65). Now how about your power users? You get the idea. This does not take into account applications. So when you factor everything and the costs associated with maintaining some multi tiered applications on premises, I would argue that the cost of DaaS could be a wash or higher when compared to an on premises solution. I am sure over time the  cost of DaaS will come down significantly and the application architectures will change and will suit the DaaS model. But as of today, cost is not a reason to move to a DaaS model for most enterprise customers.

Uptime, Reliability & SLA’s:

When considering DaaS, keep in mind is that the customer has no control over the backend infrastructure and is totally at the mercy of the service provider when it comes to reliability, DR and uptime. If a large service provider like Amazon can have outages, and be down for extended periods of time, you have to seriously question the reliability of DaaS. One way to mitigate risk is to define a robust Service Level Agreement (SLA), but this can be challenging due to lack of flexibility by the service provider. In an on premises XenDesktop implementation, the customer can architect a fully redundant and fault tolerant solution that the customer has full control of.

Performance/Complexity:

For customers looking to provide a desktop with just Office productivity applications, DaaS could be a viable option. Small businesses would be an example where such a solution would be a good fit. However, in the Enterprise space, the application portfolio is much larger and consists of a variety of tiered client server applications. Most customers are hesitant to move the backend data into the cloud for various reasons. So in order to make the DaaS solution work for enterprise customers some sort of a VPN tunnel is required that bridges the cloud infrastructure with the customer on premise infrastructure. The customer has to manage infrastructure on premises and in the cloud. This adds complexity, makes troubleshooting harder, could lead to performance issues, and could make DR and SLA agreements extremely complicated. Also in a scenario where users connect from different parts of the world and have data living locally, there could be various challenges as well. To summarize, some of the key technical challenges are:

  • Performance issues – If the DaaS provider does not have a presence across the globe, there could be serious performance issues when accessing the desktop. Few cloud vendors have presence outside the US. In a lot of cases, businesses or clients might control where the data is stored. If certain application data is stored locally in a different part of the world, there could be challenges in having the data synchronized at all times and could also lead to performance issues. In a traditional VDI model, desktops move closer to the applications in the data center which leads to better performance whereas with DaaS, desktops move further away from applications which is bound to impact the application performance and user perception.
  • Connectivity and bandwidth issues: One of the assumptions when going down the DaaS route is that the user is always connected. The challenge is that if there is any form of connectivity issues either at the service provider or the user, user loses access to the desktop. Also for a large enterprise to access thousands of desktops in the cloud, there could be a significant bandwidth requirement that could drive up the cost of the DaaS solution.
  • Maintaining infrastructure both on premises and in the cloud: In a lot of cases, data and application infrastructure will reside in the customer’s private cloud with the DaaS infrastructure living in the public cloud. This leads to added administrative overhead, challenges in troubleshooting end user issues, added bandwidth requirements and costs to list a few challenges.

Licensing challenges with DaaS

Licensing is one of the key challenges in a DaaS implementation. Microsoft does not offer a Service Provider License Agreement for desktop OS. As a result, most DaaS implementations are based on shared Windows Server OS or a dedicated Server OS/user. While the shared/dedicated server based DaaS environment could work fine for some users, it does not offer the same level of personalization/customization that true VDI solution based on a Desktop OS offers.

In order for a service provider to host a true windows desktop based VDI solution for a customer,  customer needs to own the Desktop OS licenses and transfer it over to the DaaS provider. Such a configuration leads to increased costs for the customer.

Persona Management:

The degree of user customization offered within a DaaS solution can be significantly limited as compared to on premises VDI solutions. These include USB peripheral support, printer management and profile management to name a few. Peripherals such as those that rely on a fast USB connection will not be able to communicate quickly with the service provider data center. Login times can be impacted if some of the profile data lives on premise. Printer driver support can become challenging as most DaaS providers rely on universal print drivers. Print job spooling could consume a lot of bandwidth and impact user performance.

Security/Trust 

Most companies are still very reluctant to host their confidential data in the public cloud where they do not have full control. In some cases, companies are not allowed to host data in the cloud due to regulations and compliance laws. At the end of the day, who owns the data? If the service provider is subpoenaed it is likely that can they divulge customer data without the customers consent.

No Offline Access

DaaS providers do not provide any form of offline access. Users need to be connected at all times in order to access their desktops. An on premises Citrix XenDesktop implementation on the other hand offers solutions that allow the user to access their desktops offline with bidirectional synchronization of data with the datacenter. If offline access is a requirement, then the DaaS solution is not a fit.

While this post might make it seem like I am anti DaaS, that is not the case. There are definitely use cases for DaaS in every enterprise, but it is not a solution for ALL use cases within an environment.

 

My Rebuttal to the latest VMware FUD: Citrix XenDesktop is for “Purely Virtual” use case

I recently got hold of a sales campaign email from VMware which focused around “taking out” existing XenApp customers by upselling them the VMware Horizon suite. The objective was to prevent customers from upgrading to XenDesktop. While I am all for competing with VMware and having a healthy debate on our competing strategies when it comes to Desktop Virtualization, I don’t appreciate FUD being spread that is ABSOLUTELY BASELESS. A lot of times, I walk into customers who have been completely misinformed on our solution. Below is the latest claim from VMware that I’d like to address in this post.

“Coach the customer in keeping XenApp and complimenting it with Horizon Suite for best in class virtual desktops, to manage physical desktops (this is key – Citrix is pure virtual, we on the other hand can do it all including physical via H. Mirage and virtual via H. View) “

Citrix is purely “Virtual”???? REALLY ??

Much before VMware acquired Wanova Mirage (2012), Citrix had XenClient which is a type 1 hypervisor that runs on physical endpoints and allows for centralized management of virtual desktops while providing offline access and bi directional synchronization. With XenClient 5, Citrix has further enhanced this product to integrate the personal vDisk technology thereby allowing for a single image to be shared by thousands of users while allowing customization and personal applications to be installed leveraging personal vdisk. Moreover, the users personalizations stored in the personal vDisk is available both in the hosted VDI environment and within XenClient. We’ve also extended this solution to Macs with the Desktop player for Mac which provides the same functionality via a type 2 hypervisor. XenClient is an ideal solution for physical desktops and laptops alike providing offline access, centralized management and layering of user personalization, apps and data.

Provisioning Services has been around for a long time as well as part of the Citrix XenDesktop suite which allows for streaming of images to physical endpoints, physical servers, virtual desktops and virtual servers. PVS also allows for centralized management of these images and to easily scale up/scale down capacity, rollout/pull back updates etc. Granted this solution is not an offline solution and not for mobile users, but it is a solution for physical endpoints and scales to thousands of endpoints from a single PVS server

If I were a customer, I would feel insulted with VMware’s strategy of shoving pure BS down my throat and insulting my intelligence.

 

Synergy Recap Part 2 – XenMobile Announcements

Continuing on the topic on Synergy, changes to the XenMobile product suite was the other big announcement..

Lets take a step back..

Up until the beginning of this 2013, Citrix’s approach to mobililty was Mobile Application Management through their CloudGateway product. The strategy was that enterprises would have the ability to deliver SaaS, Web, Windows and mobile applications all from a unified portal with integrated identity management. Enterprises could wrap corporate applications (MDX wrapped apps) and then deploy these applications to mobile devices.. These applications would then be containerized and live within its own bubble on the mobile device. Policies could be applied to each wrapped application and they could talk to each other but not with the users personal applications and data. Everything within the container could be wiped without affecting the users personal data. In addition, CloudGateway provided Federated IdentityReceiver would be the single client that would be used across all devices.

While this was a great strategy for BYOD, there was a lot of push back from companies who still wanted to manage corporate owned devices, where they wanted the ability to do full wipes, enforce various policies at the device level and also other features like Geo Fencing.

Fast Forward to Jan 2013..

Based on the market demands, Citrix felt that it needed add MDM capabilities to its mobile management solution and hence acquired Zenprise (Gartner Magic Quadrant for MDM) and re branded the product XenMobile. With the addition of Zenprise, Citrix had a complete solution in XenMobile with both MAM and MDM capabilities. As part of the initial offering, there were two editions, the MDM edition which was basically Zenprise rebranded and the Mobility Solutions bundle which offered both MDM and MAM functionality. The other unique feature about the licensing model was that Citrix offered a per user licensing model, which makes a lot of sense in this day n age where most users have at least 3 devices.

While this was all great, there were some customers who only needed the MAM functionality and others who felt the features did not justify the cost. Also from an end user perspective, the solution was a bit kludgy.  There were three clients namely the enroll agent (for enrolling the users device), connect (used to download profiles and enforce policies) and receiver (for delivering the containerized applications). All the clients were available through App Store (iOS) and Google Play (Android)

So what did we announce at Synergy?

XENMOBILE EDITIONS UPDATED

Going forward, XenMobile will be available in three editions – MDM edition, APP edition and Enterprise Edition. I really liked this announcement as I know of a number of customers in my space that are only interested in the MAM piece and now they have an options as opposed to just having to purchase the Enterprise edition. I am not going into MAM and MDM much as it has already been discussed earlier in the post, but in short, MDM = Zenprise and APP Edition = CloudGateway functionality.

The Enterprise edition will include App Edition, MDM, Sharefile (Citrix’s own follow me data product) and GoToAssist. This definitely adds a great amount of value to the product suite and provides customers with an all encompassing solution that allows them to:

    • Manage mobile devices (both BYO and corporate owned) and enforce policies.
    • Deliver SaaS, Windows, Internal Web and mobile applications to mobile devices.
    • Identity management
    • A secure follow me data solution through Sharefile with cloud and on-premise storage.
    • Ability to remotely troubleshoot mobile devices with GoToAssist

 The solution keeps both IT management and end users happy as IT management gets the security profile they desire while the end users feel empowered and become more productive with all their corporate apps made available on their personal devices.

XENMOBILE COMPONENTS REBRANDED

As I mentioned earlier in the post, prior to Synergy the key end user facing Xenmobile components were Enroll and Connect. Receiver was used to deliver MDX wrapped applications. Going forward, the components will rebranded as Worx Enroll and Worx Home. Worx Enroll will be the device enrollment piece and Worx Home will be store for Mobile, Web and SaaS applications including Worx Mobile Apps (previously MDX wrapped apps) like Worx Web Worx Mail, Sharefile etc . Receiver will still be used to deliver XA/XD resources, but I think it is safe to assume that eventually XA/XD resources will be made available through Worx Home in the future. All the applications delivered via Worx Home will be available on the home screen along with all the other applications on your device. However each of these applications live within its own container and will be fully encrypted. Worx Home and Worx Enroll will be available through App Store (iOS) and Google Play (Android).

Citrix also announced the Worx App Gallery, a place wheresoftware vendors/partners/independent developers can showcase their work enabled applications. Mark Templeton in his keynote mentioned that there are over 80 Worx enabled applications at present.

AVAILABILITY?

The new XenMobile offerings should be made available by end of June/early July

OVERALL IMPRESSIONS

I thought the XenMobile announcements were significant, offering solutions that fit most customer needs. There is significant value in the Enterprise edition with the addition of Sharefile and GoToAssist.  I feel the pieces are finally coming together and my hope is that the end user experience is painless (only time will tell) and that the backend infrastructure gets more streamlined in the future. Gartner has positioned Citrix in the Magic Quadrant for Enterprise Mobility Management and rightly so in my opinion. I believe Citrix has the most complete solution in the market at present and more importantly the right people at the helm to lead this forward.

 

Synergy 2013 Recap: Part 1- XenDesktop 7

I was fortunate enough to attend Citrix Synergy this year at Anaheim, CA. The event was great as always with around 6500 attendees, 125+ unique sessions, the ever popular Geek Speak Live and Maroon5 who brought the house down. For me though, the highlight was MarkT’s keynote and Brad Peterson’s demos.  Noone can tell a story like MarkT and BradP is the best at what he does. I wanted to focus this post on XenDesktop 7

XenDesktop 7 was probably the most exciting announcement for the traditional Citrix customer running XenApp and XenDesktop. Lets dig deep into the announcements around XenDesktop 7:

Unified Architecture: Flexcast Management Architecture

Today, with XA 6.x and XD 5.x, the infrastructure for each are completely independent of each other with around 22 consoles in all. So it is an understatement to say that the infrastructure could be simplified. Morever, the workflow for deploying Hosted Shared Desktops and Apps is different from the workflow for deploying traditional VDI.

The key goals for the XD7 release were mobility and simplicity while maintaining security. With XD7, Citrix is moving to a unified architecture aka Flexcast Management Architecture (FMA), thereby giving administrators the ability to deploy Hosted Shared Desktops, Physical PC’s, published applications and traditional VDI from the same console using the same methodology. The overall infrastructure requirements will significantly reduce for environments that run both XenApp and XenDesktop today. I was one of the early adopters and had the Tech Preview running in my lab back in November 2012. It took me less than 20 minutes to get the infrastructure up and running and another hour or so to have XA and XD workloads available to users. The process involved building a Windows Server and desktop image, installing the VDA on the image and then using Studio to spin up desktops and applications and assigning them to users. Citrix has really done a fabulous job in simplifying the installation process and more importantly making the process dummy proof (with various configuration checks along the way).

Director and Studio

The number of consoles have been reduced to two – Director (geared more towards Helpdesk staff for preliminary troubleshooting) and Studio (geared towards administrators).  With Studio, you can now build and assign server/desktop workloads to users, publish applications, create and manage user profiles, manage policies, monitor and troubleshoot infrastructure components, review logs, manage PVS infrastructure and manage Storefront, ALL FROM WITHIN THE SAME CONSOLE!! This to me is huge. In addition, Machine Creation Service, can now be leveraged to deploy XenApp workloads which drastically simplifies the deployment process. Ofcourse you can still leverage PVS as well (new release included with XD7).

The New Edgesight

Being an SE at Citrix and talking to customers all the time, I am particularly excited about the new Director! Citrix has also completely re-architected monitoring and reporting for XenApp and XenDesktop from the ground up. While Edgesight has always been an invaluable tool within a Citrix environment, the learning curve was quite steep and it required additional infrastructure. I have spoken to a number of administrators who have gone down the path of installing and configuring Edgesight and eventually not using the product because of the effort involved in getting meaningful data relevant to their environment. With XD7, the product management team clearly understood these pain points relayed by the customers and addressed them. What you would traditionally consider as Edgesight monitoring and reporting is now fully integrated into Citrix Director. All the information is presented to the administrator in the form of graphs/dashboards and administrators have the ability to drill down further as needed. There is also a helpdesk view which allows helpdesk to perform basic troubleshooting and remediation tasks such as shadow a user session, kill a hung process, clear the user profile and personal vdisk, log off a session etc. In XD7, Edgesight no longer requires additional infrastructure or an agent on the endpoint. The edgesight components are built into the Virtual Delivery Agent (VDA). XD Platinum licensing is required for historical reporting (>1 week of data)

HDX Insight

With Netscaler 10.1, Citrix has now introduced HDX insight which allows you to correlate network metrics with application behavior. HDX insight provides end to end ICA visibility. All the HDX Insight data and reports are available right within Director. HDX Insight requires Netscaler 10.1 Enterprise or above. XD/Netscaler Platinum is required for historical reporting.

HDX and HDX 3D Pro

With XenDesktop 7, Citrix is leveraging H264 based codec for all video workloads (as opposed to just 3D graphics in the past). As a result, there is a 2x increase in frame rate without an increase in bandwidth requirements. What this means is that you would be able to deliver high def videos to mobile devices, even over 3g connections. In the internal lab tests, Citrix was able to deliver 18 frames per second on an 800 kbps 3g connection. The new H264 based codec dynamically adjusts to network conditions and adjusts the quality accordingly. Also Windows Media redirection (client side fetching) is now being extended to Mac, iOS and Android devices. With the new Virtual Channel and HDX Realtime SDK for real time voice and video, there are significant improvements around Unified Communications. Microsoft, Cisco and Avaya are the first to embrace the new SDK.

One of the highlights of the keynote was the demo showing virtulized 3D workloads being delivered from the cloud leveraging GPU sharing. While GPU sharing was available in the past for XenApp, it was not supported for OpenGL workloads. For XenDesktop, the solution used to be cost prohibitive as there was no GPU sharing and each physical server typically supported only 4 GPU’s. With XD7,  HDX 3D Pro with GPU sharing is now supported on hosted shared desktops and published applications for OpenGL and DirectX workloads. GPU sharing is primarily targeted towards tier 2 3D Professional graphics users. This will significantly reduce the costs of delivering 3D workloads to high end users over high latency links while securing the intellectual property. In addition to GPU sharing via Hosted Shared Desktops, GPU sharing will also be available for VDI workloads. Tech Preview will be available in Q3 2013.

Reverse Seamless Applications

Reverse Seamless Apps has been one of the most requested features for quite a while. In essence it allows a local application window to be presented within a VDI/Hosted Shared Desktop window. So for instance, if your corporate delivered desktop is locked down and has only the core applications and the user wants to access his locally installed iTunes from within his VDI session, with reverse seamless apps, technically this would be possible. One caveat is that this is a PLATINUM ONLY FEATURE.

Desktop Player For Mac

As most of you are probably aware, XenClient a type-1 hypervisor for intel based workstations/latops primarily targeted for offline use of VDI was previously not able for Mac users. As a result it was not possible to access a VDI instance offline on a Mac. At Synergy, Citrix announced the Desktop Player for Mac, which is a type-2 hypervisor (much like Parallels) that allows users to check out a VDI instance and work offline. This VDI instance is delivered via the Xenclient Infrastructure and can be centrally managed. This adds a much needed piece to the Flexcast stack and helps Citrix compete in the Mac offline VDI space along with Mokafive, Mirage etc.

XenDesktop App Edition

With the announcement of XenDesktop 7, Citrix added a new licensing level for XenDesktop called the App Edition. This is intended for existing XenApp customers who would like to move to the new XenDesktop architecture but maintain only XenApp functionality, ie Hosted Shared Desktops and published applications.

RIP Application Streaming

Citrix has stopped developing application streaming and will not be supporting it on Windows 8 or Windows Server 2012. Customers can continue to use application streaming on existing XenApp deployments, however when the users migrate to Windows Server 2012, customers will have to migrate from application streaming to App-V. Current XenApp customers have App-V entitlements as part of the RDS CAL’s.

AppDNA for XenApp included in XD Platinum Licenses

A stripped down version of AppDNA is now included with XenDesktop Platinum licensing. This version of AppDNA allows users to test applications to see whether they are compatible to be hosted on XenApp. This functionality is available for unlimited apps.
I think that about sums it up from a XenDesktop perspective. I will be following up with posts on Sharefile, Merlin etc soon. Stay tuned!

My response to Vmware’s post – “Enhancing a Citrix XenApp implementation with VMware View and Thinapp”

Vmware published an article  a couple of days back on how they believe Thinapp and VMware View enhances Xenapp. My personal belief, on the contrary is that XenApp ELIMINATES the need for View and Thinapp in a lot of  use cases. In many scenarios, customers want “VDI” without really understanding whether it is the right fit and without understanding what else is out there. I will save this argument for another day, but for now, I want to try and go through VMware’s claims on why they feel View and ThinApp enhance XenApp:

1. “Requires only a single application instance: With ThinApp in a XenApp implementation, you need only one copy of the virtualized application stored on a ThinApp file share. With other applications presented with XenApp, you must install the same application on each of the XenApp Servers in your server farm, and each of these native installations must be individually maintained.”  

This claim is totally FALSE. XenApp includes an application streaming utility known as the Application Streaming profiler which I consider to be ThinApp on steroids. There is no need to install the same application on every XenApp server. Application streaming profiles can be stored on file shares just like ThinApp and deployed to servers. To take it a step further, the security model around the delivery of app streaming profile packages is a lot better. Based on my experience with ThinApp, it is great for virtualizing stand alone applications, but when it comes to cross linkages or any application that goes beyond a snapshot, it gets very complex with ThinApp. The application streaming profiler is a much more robust tool.

In addition to the application streaming profiler, the XenApp platinum license also includes Citrix Provisioning Server which provides the ability to have one golden image streamed to thousands of XenApp servers. So when there is an application update that needs to be rolled out to large number of servers, you only need to update the golden image.

2. “Application conflict is eliminated: To avoid application conflicts, Citrix isolates applications from each other via XenApp silos, which requires additional hardware. ThinApp isolates applications with software, not hardware. ThinApp virtual applications are isolated from each other and therefore can be placed on the same XenApp Server.”

Again this is FALSE.  XenApp provides multiple ways of addressing application conflicts. One way is to create silos or worker groups which host certain applications. The other method is to use application streaming profiles to co host conflicting applications on the same XenApp server. For instance you can run Office 2010 and Office 2007 on the same server, or IE 6 and IE 8.

3.  “Recovery is simpler: If a XenApp Server fails, you have to reinstall the XenApp server. However, if you have stored your virtual applications separately on a ThinApp file share, you have only the baseline XenApp server to reinstall, and you do not have to reinstall the applications.”

My response to the first claim addresses this as well, but to summarize, all of what can be done with ThinApp can be achieved with application streaming profiles. In addition with the help of Provisioning services, we can easily provision additional XenApp servers within minutes since all the servers can boot off the same golden image that is streamed to the server.

4. “Updates are simpler and faster with ThinApp: With a standard Citrix XenApp setup, you must update each natively installed application on each XenApp Server, and you need to take each server offline to update the applications. If you use ThinApp to virtualize applications, you update only the single application on the file share, and ThinApp applications can be updated automatically while in use.”

This once again is a repetition and is already addressed above. Application streaming profiles can also be updated while the application is in use.

5. ThinApp can virtualize IE6, and the migration to Windows 7 is eased: ThinApp allows you to virtualize Microsoft Internet Explorer 6 (IE6), and you can package IE6 along with a legacy application that depends upon IE6 or an older version of Java. Users can run virtual IE6 alongside a later version of native IE on the same desktop. The migration to Windows 7 or to later Windows versions becomes easier if you have the option of carrying forward any IE6-dependent legacy applications.

Application streaming has the same functionality. In fact, application linkage is a lot easier in the application streaming profiler as compared to ThinApp thanks to Inter-Isolation profiles. One of the clients I was recently working at (which by the way was a VMware shop with NO citrix) wanted to evaluate ThinApp and Application streaming profiler. After seeing the complexity of application linkage in ThinApp, which includes text file editing among other things, they decided to to give XenApp application streaming profiler a shot. We got the application packaged and deployed in less than an hour. They had invested over 10 hrs on ThinApp and failed.

So while XenApp can definitely do IE 6 linked to other legacy apps, the important point is that we can virtualize a lot more legacy apps that are complex in nature as compared to ThinApp.

6. “Users have their own desktops, with their own operating system and applications: XenApp provides users with a shared operating system and shared applications, and users can conflict with each other. VMware View provides users with their own desktop environments, with their own operating system instance and their own applications. Users do not conflict with each other.”

I am not sure how this claim proves that “VIEW ENHANCES XENAPP”. XenApp does provide users with a shared operation system, but users run their own instances of application within their session. The claim that users conflict with each other is FALSE! Published desktops in XenApp has been around a long time and is a proven solution. Users can have their own customization using profile management solutions. The look and feel can be completely skinned to look like a desktop operating system. This is much more cost effective as compared to a solution like VMware View. Not to mention, if we want to talk apples for apples, Citrix does offer XenDesktop!

7.”You can eliminate physical desktops and cut costs: Eliminating the maintenance of physical desktops saves time and money. See The Business Case for Desktop Virtualization.”

HUH? And XenApp does not? I thought the whole premise of using XenApp is to virtualize your applications and thereby reduce costs on desktop hardware refresh!

8. “The underlying infrastructure is familiar: If you have used VMware vSphere to virtualize your XenApp Servers, you can use your vSphere expertise to run View virtual desktops on the familiar infrastructure.”

Ah! I was waiting for this one. VMware’s favorite point to convince customers to go View! Just like View, XenDesktop also runs on vSphere. Oh but wait, XenDesktop also runs on XenServer and Hyper-V! In addition, in a lot cases, there wont be a need for View or XenDesktop when XenApp is in place!

Bottom line is that View and ThinApp by NO MEANS enhances XenApp. If anything, XenApp eliminates the need for View and Thinapp in a lot of scenarios.

Exchange 2010 – TLS negotiation on Send Connectors

Over the past month of so, I’ve been troubleshooting an issue that I felt I should blog about. What we would notice was that when Exchange receives emails with attachments, it took an awfully long time to forward the email to the smart host. An email with a 1Mb attachment would typically take between 10-15 minutes to be delivered to the external recipient. The issue only occurred when send emails to external domains via the smart host. To make things worse, while the mail with the attachment was processed, all other emails would be queued up.

 

 

To figure out exactly where the slowness was occuring, I decided to try a different smart host. We noticed that mail delivery was working perfectly with the new smart host. So my initial theory was that this was a smart host specific issue. After opening a ticket with the vendor, they informed me that they believe its an Exchange issue (surprise surprise!).  They sent me debug logs which showed that Exchange would open up an SMTP connection and just keep it open for 10 minutes before actually send ing the data to the smart host. What puzzled me was why I was not seeing the same behavior with the other smart host. You would think that if it was an Exchange bottleneck, the behavior should not be any different irrespective of the smart host.

So I finally decided to do a packet capture on the Exchange Hub Transport server. To my surprise I noticed that all the SMTP traffic including the MIME traffic was fully encrypted. So I quickly checked the Send connector and Smart host authentication was completely turned off. This really confused me as there are no other obvious settings to turn off TLS authentication. I wanted to rule out the possibility that encryption is the cause for slowness. So I did some research and found this article:

http://webbanshee.blogspot.com/2009/09/disable-tls-in-exchange-2007.html

 

For those who want a summary of the article, Exchange 2010 Hub Transport enables TLS encryption on the Send connectors by default and even if the setting is disabled in EMC, it is not truly disabled. To disable the setting, you need to use powershell and type the following commands:

 

Get-SendConnector | FL

This will list all the Send Connectors that are configured within the Exchange environment. The next step is to determine the send connector that is being used and look for the IgnoreStartTLS setting. If this setting is set to False (which is true by default), TLS encryption is enabled. This was true in our case. To disable TLS encryption for the send connector, issue the following command:

Set-SendConnector -Identity “Name of Send Connector” -IgnoreStartTLS: $TRUE

After issuing this command, restart the MS Exchange Transport Service. After I did this, mail flow was smooth and mails with very large attachments would take just a few seconds to forward to the smart host.

My conclusion was that there was some issue with TLS encryption between our smarthost and Exchange. We had TLS encryption enabled between Exchange and the second smart host as well and we did not face the same issues. So it seems isolated to the Sonicwall smart host in question.

All in all it was a good feeling to resolve the issue using packet captures. As they say, a packet capture never lies!

 

The iPad – Views from a geek who sold his arm to Microsoft and his leg to Apple

As most other geeks out there, I was eagerly awaiting Steve Job’s announcement yesterday about the iPad. My buddy Adam and I were “Working” and following the live blog feed on engadget. As a person who started off his career being a Microsoft cool aid drinker, but then converted to a Mac user, I feel I am in a position to give an unbiased review of the phenomenon that is the iPad as I havent sold my soul to Steve Jobs (yet). So here goes!

1. The Name – First off, the name iPad leaves a sour taste in my mouth. I would have been much happier with iSlate or iTablet or heck iTab. iPad brings some gross thoughts in my head, especially after my buddy Jay showed me this.

2. Design – Steve Jobs said it best – “Technology meets Liberal Arts”. And just like the Mac, the iPod and the iPhone, the iPad is a beauty in terms of design. I wont go into the details, but it is a sight to behold. I also feel the form factor makes it a great eReader and potentially THE Kindle Killer. The one regret I have though is the lack of a keyboard. A tilt slideout keyboard would have been nice and made it more useful. Granted there is a dock and a keyboard that you can buy (if you are willing to shell out one trillion dollars), but its not quite the same. One of my biggest regrets about the iPhone is the same. I hate to chat/sms or send emails using the iPhone and unfortunately I think the same will be true about the iPad.

3. The User Interface – I think the UI is just a blown up iPod touch on steroids. I love the iPhone/iPod touch OS and hence feel that Apple got it right trying to use the same design for the iPad. Since the infrastructure already exists in the form of the app store with the countless developers hoping to make a buck, I think this was the right move. During his presentation, Steve Jobs showed how a bunch of developers have recoded some of the iPhone apps/games for the iPad and boy was that sweet! Shows the tremendous potential. If you thought 3 billion app downloads was a lot, wait till this puppy is out!

4. Connectivity – The iPad comes with WiFi (802.11 a/b/g/n) connectivity and Bluetooth 2.1. In addition there is the OPTIONAL (yes u heard right … OPTIONAL) 3g connection. Personally, I am very happy that they made 3g optional as it brought down the price of the non 3g iPad to a price I would be willing to pay. Having said that, $130 bucks for 3g connectivity which I bet is some small chip that cost some manufacturer in South East Asia a buck to make seems a little stiff! Not to mention the 30 bucks you have to pay AT&T for unlimited broadband. So in short, am I willing to pay 30 bucks for my iPhone and another 30 bucks for my iPad and the additional $130 for the 3g version of the device?? A BIG NO! Seems stupid to me that someone with an iPhone will actually do it. But the American people might prove me wrong 🙂

5. Storage – This is an area that I (along with almost all my geeky buddies) am disappointed. The iPad comes with a 16GB ($499 – non 3g), 32GB ($599 – non 3g) or 64GB flash drive ($699 – non 3g). There is NO REMOVABLE STORAGE!!!!! Why Apple Why??? This is something I did not like about the iPhone and they have disappointed yet again! Because of the lack of removal storage, I would say that if you plan to buy one, it would be a wise move to get the model with the maximum storage you can afford!

6. Battery Time – The iPad comes with an inbuilt 25 Whr rechargeable lithium polymer battery that based on what Steve Jobs claims holds up to 10 hrs of battery time when in use and about a month of standby. That is pretty phenomenal if you ask me. But like most claims about battery life, I will believe it when I see it! Even if it lives up to 80% of the claim, I would say its pretty darn good.

7. Audio/Video Formats – The iPad supports most of the common formats (MP3, AAC,MP3 VBR, Apple lossless, AIFF, WAV, mp4, m4v, mov etc) and I am particularly happy that it supports MP4 AND M4V. I own a few Apple TVs and my entire movie collection is encoded in M4V. Now I can just create a playlist and drag and drop the movies I want on my IPad (please note how I’ve already assumed that I’m getting one.. wifey are you listening???) to a playlist and just sync. No need to worry about re encoding (as is the case with the iPhone).

8. Display and Performance – We have to wait and see here, but I am sure the iPad wont disappoint in terms of Display. As far as performance goes Apple is introducing their own custom designed 1ghz A4 processor. I don’t know if its just me, but I am sure the processor will rock. Look at everything Apple has made to date. However I am a bit disappointed that applications cant still run in the background just like the iPhone. I hope they fix this soon. I would like to listen to music and maybe play a game or browse the net. I cant do that right now in the coming version from what I understood.

With all that said, am I getting one??? HELL YEAH! Can I live without it? Probably.. If I had to choose between the iPhone and iPad what would I choose? The iPhone without a doubt. Which one do I think is a more revolutionary device? Once again the iPhone without a doubt! I dont see the iPad as a replacement to my netbook/laptop or the iPhone, but more as a entertainment device that I will use in conjunction with my other toys. I will probably use it when I travel as an entertainment source to watch movies, play games etc. I hope my insights were of use to those who read this blog. Do post your feedback. I would love to hear from you all!

Why use Twitter and how to make it work for you!

 

Its hard to believe that there is anyone out there, especially in the IT industry who have not heard about twitter. For those of you who are not familiar with it, you can think of it as the facebook status message in someways. You are allowed to post 140 character updates and also include tags that help others search for certain topics. For instance, during the idol finale, there were a ton of people tweeting using the same tag. So if I searched for that tag, I could find updates flowing in real time. Another example I would like to include is Citrix synergy, which is an annual conference held by Citrix. There were so many attendees tweeting during the conference using the same tag about their favorite sessions, insights, freebies etc. This served as a pulse of the conference for me and helped me make wise decisions in terms of how to make the most out of the conference.

So the next question is, why is this any different from all the other social networking tools. Why do you need twitter? I would like to speak from my experience. I was VERY skeptical about twitter initially. I did not even have an account till about March. Then I decided to sign up, and just like any other social networking tool, I decided to import all my contacts from gmail and followed everyone under the sun. As a result, it was nothing more than a slew of irrelevant information like where someone is heading to dinner, changing his hair color, a new car, new job, hating his wife etc. Totally worthless!!!!! My real purpose of using twitter was to make it work from a career perspective and to stay on top of industry trends and new developments in my areas of expertise. I also use it to let folks know about my latest music (since i love to sing). Since my intial approach did not really serve the purpose, I decided to start all over again. I completely cleaned up all the people I was following and started following industry experts in the field of application/server/client virtualization. I also looked at who they were following. It was clear that they were very selective in who they followed, and I also saw some trends among the various experts. This really helped me define the list of people I’d like to follow. The end result was a very refined list of updates from my friends list that ended up being a plethora of information in my field, things I would normally have to go to a gazillion blogs to track, all in one page and that too in a very concise format. I have not looked back since. Twitter is now my one stop shop from a career advancement and industry insight perspective. I get to know of the latest and greatest developments, the latest rumours in my field, whats happening where, latest product releases/reviews etc. I always feel enlghtened 🙂 It has also helped me network tremendously and also spread the word with regards to my music.

If you havent yet used twitter, I would strongly urge you to do so. When I compare all the tools out there, this is the most useful tool to stay on top of things that interest you and ONLY the things that interest you. Dont miss the boat on this one as it is here to stay! No doubt about it. Also, I would urge you to check out Tweetdeck. Below is a screenshot. I think the picture says it all 🙂 Good luck tweeting!!!!

twitterdeck

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading ... Loading ...

Synergy 2009 – An analyst’s perspective.

After a truly exhilarating week at Synergy 2009 spending 12-14 hrs every day trying to absorb as much as I can from all the geniuses around, I am at the airport waiting to board. I thought this would be a good opportunity for me to pen down my thoughts and share them with you all. I learnt a lot these past few days, and amongst them the most important realization is that Citrix is probably the only vendor out there that TRULY has an end to end virtualization solution. They make it seamless to the end user with the introduction Desktop receiver client that acts as a one stop shop regardless of whether you are using a fat client, thin client, mobile device or whatever else it might be. The other highlight from Synergy is that Citrix understands that their bread and butter product going forward is going to be XenDesktop and the VDI solution (VDI is expected to be a 56 billion dollar industry in 5 yrs). They are slowly shifting focus from XenApp to XenDesktop and it was quite obvious all through the conference.

As far as the keynotes were concerned, I thought Mark Templeton did a great job showcasing Citrix’s vision and showcasing their technologies. Most of the demo’s worked well. The key takeaway for me was the emphasis on Simplicity and how Citrix can make life simple for its customers with their end to end approach to application and desktop delivery (whether it be remote or in house). Some of the key announcements were:
a)  Citrix Desktop Receiver and integration with iPhone
b) Citrix Dazzle and how it fits into the Software as a Service model
c) XenServer Enterprise going free!
d) Introduction of the XenClient Client Hypervisor (although its not ready for primetime yet)
e) Netscaler VPX (Virtual Netscaler appliance for small-medium businesses and lab environments)
f) New advancements in XenDesktop including Flash remoting, multi monitor support, High Definition video (although the audio/video sync leaves a lot to be desired), enhancements in USB redirection etc

A few years back, I was really puzzled with all of Citrix’s acquisitions (Sepago, Net6, XenSource, Netscaler, Ardence etc) and wasn’t quite sure of what their end goal was. But now everything fits into place. I was also very impressed with their SaaS (Software as a service) model with the introduction of Dazzle. i think this gives many organizations, including my own the ability to bill various departments based on appication usage. Citrix’s partnership with Amazon in the Cloud Computing arena was also a very interesting development for me. I think the “pay as you go” model will work well for a lot of companies, especially small to medium businesses who want to reduce the administrative overhead and might not necessarily have the skills/manpower in house.

There were a lot of things that I liked about Synergy this year such as the iForum technical sessions, the various demo’s at the Expo, Dom Mcmillan’s stand up comedy session (if you havent checked him out yet, YOU MUST!), the various demo’s presented during the keynote sessions (particularly the desktop receiver demo on the iphone and the Xen Client hypervsior on the Mac!). But my favorite part about Synergy HANDS DOWN were the GeekSpeak sessions. It was great hearing from Citrix Technology Professionals and Industry experts like Brian Madden, Ruben Spruijt, Brad Pedersen, Jeroen van de Kamp, Rick Dehlinger, Simon Crosby, Jason Conger, Shawn Bass, Alex Danilychev, Benny Tritsch etc.. They gave a totally unbiased, highly technical and insightful look at everything Citrix like the VDI strategy and how its evolved, the future of Cloud computing, Security trends, the future of XenApp etc. The debates (like the one between Benny Tritsch and Brian Madden on TS vs VDI) showed how passionate these folks are about what they believe in. Truly inspirational! There are two key GeekSpeak sessions that I would like to talk about in greater detail:

  • The first was on Project Virtual Reality Check by Ruben Spruijt and Jeroen van de Kamp. Without getting into too much detail, last yr, these two guys decided to demystify some of the myths and marketing claims made by various vendors about peformance. So they built their on test environment, built a set of benchmark criterion/scenarios (totally unbiased and accurate I must add) and conducted a TON of tests. They then went on to publish their results to educate the industry on their findings. They also developed a tool for benchmarking that they give out for free!!! Totally awesome session. If you folks havent checked out project Virtual Reality Check, you must! You will be surprised at some of the findings (User density on Win2k3 was better than Win2k8 etc)
  • The second GeekSpeak session that I loved (more than others) was the one by Shawn bass on XenDesktop 3 and how far its come. Shawn Bass is an independent consultant and a CTP based out of Chicago who is highly regarded in the Citrix community. At Synergy 2008, Shawn presented at GeekSpeak on XenDesktop and basically concluded that its probably not ready for prime time. This was not well received by all at Citrix for obvious reasons 🙂 This year he looked at the advancements in XenDestkop and had a much more favorable opinion about XenDesktop 3. He talked about the advantages of going with a Citrix VDI solution (hypervisor agnostic, host platform agnostic, Host OS agnostic, Endpoint agnostic and connection agnostic) and also talked about the advancements in the new released that he cared about including Flash acceleration, Speedscreen Multimedia acceleration and USB redirection. It was as exremely information session, not to mention that hearing from someone you know is unbiased really helps!

Now coming to the iForum breakout sessions and labs, overall I was quite satisfied. Back when I was consulting, I have attended a number of Citrix Hands On labs. 90% of the time, I would find these to be half baked and totally uninformative for an individual with a decent background in Citrix technologies. This time at Synergy, I attended the XenApp 5.0 Hands on lab and was pleasantly surprised. The lab was first of all running on XenServer and the test machines were XenDesktop based hosted desktops. What better way to showcase your technology and make your customers true believers! For the most part it worked like a charm. The content of the lab was terrific. They covered key concepts such as Preferential Load Balancing, User Profile Management, Application Streaming and more importantly linkage between various streamed application profiles (in the past, if you had multiple streamed profiles that were not linked, file associations etc would not work well. An example would be if you had Firefox and Reader as two different application streaming profiles that were available to a user, and if the user launched Firefox and launched a pdf from within Firefox, it wouldnt work. This has been fixed with the linkage) etc. The iForum technical sessions that stood out for me were two on XenApp, “From A to XenApp” and “How to transform your XenApp farm from average to awesome”. Talk about cramming every minute of your 50 minute session!! I also found some of the XenDesktop sessions quite insightful. Unfortunately with the overlapping sessions, I couldn’t attend some of the sessions on Cloud computing that I really wanted to.

One observation however was that among the Citrix consultants, information seemed to be silo’d. You would think that every consultant within the Citrix team would know quite a bit about all their products. I did not find this to be the case especially when it comes to XenDesktop. I wanted to gain an in depth understanding of the various VDI options with regards to XenDesktop (hosted/streamed/offline etc). I also wanted to understand a little more about licensing. I was sent from one consultant to another (3 times) and it took about 20 minutes to find a guy who knew his stuff!

Twitter is another thing I wanted to talk about a bit. I’ve been using twitter for the past few months. I follow some of the Citrix industry experts and get updates on everything Citrix. But Synergy took it to a whole new level. Most of the CTP’s and experts were tweeting using a specific tag (#citrixsynergy). So by doing a search on the tag, in essence you could get the pulse of Synergy. They were tweeting in between sessions about which sessions are worth attending etc. Very useful. I also found out through twitter on Thursday that they were allowing people to register for odd numbered Citrix exams for FREE!  Needless to say that I went  and took one of the exams 🙂 If it wasnt for twitter, I would have to spend 150 bucks on that exam!

I have to be honest, I was a little skeptical going into Synergy this year. But now in hindsight, I am so glad I attended the conference. It was totally worth my time and my organization’s money. I understand the big picture now and I believe my organization will benefit from this a great deal!  Kudos to Citrix on hosting a FANTABULOUS event! Cant wait for Synergy 2010!!!

[nggallery id=5]

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

My Home Network

As promised, here is a brief description of my home network. My entire infrastructure is based on VMware ESX server.

For those of you who are not familiar with VMware, they are the leaders when it comes to server virtualization solutions. Server virtualization in a nutshell is the concept of hardware abstraction whereby you can place multiple workloads on a single physical server thereby leading to much more efficient usage of hardware resources. In the past, most corporate networks had a one to one mapping between applications and servers. Now with server virtualization, you can place multiple application workloads on a single physical server. This also leads to reduced cost in cooling, reduced data center space requirements, reduced power consumption, reduced hardware costs, less administrative overhead.

I currently have one physical server, an HP DL380 G3 with two Xeon 3.06Ghz processors, 6 GB RAM and 3 72 GB SCSI HDDs in RAID 5 configuration thus giving me a net storage capacity of about 140 GB. As of today, I have the following virtual machines running on this physical server:

  • Windows Server 2003 Domain Controller for the internal domain – GKLAB.org
  • Windows Server 2003 running Microsoft Exchange 2003 – Accepts mail for georgeandroshan.org, gksden.org, randg.org
  • Citrix Presentation Server 4.5 hosting applications such as Microsoft Office, Various administration applications etc.
  • Citrix Secure Gateway 3.1 for remote access into the Citrix farm.
  • Windows Server 2003 template for additional servers if required.
  • Windows Server 2008 template.

So in short, I have 6 virtual servers/workloads running on 1 physical server sharing the available resources.

In addition to this, I have another workstation that is used to host my website, photo gallery and my wordpress based blog.It is Windows XP machine running Apache, MySQL and PHP. This is a low end PC that I bought a long time back with just 512 megs of RAM, but it works like a charm.

I have only one public IP and since I have multiple resources to publish externally, I take advantage of virtual host headers in apache which allows you to distinguish resources based on the incoming host header request. The various resources published via Apache are:

Currently, I have a flat network and dont do any fancy routing with multiple VLANs etc, but in the coming months, I plan to segment my network based on functional role.
That is my network in a nutshell. Feel free to email me should you have any questions. I am planning to post a few pics soon.
Best,
George

1 2 3