Category: Citrix

Long Live Citrix Virtual Apps and Desktops – Key Highlights from Citrix Synergy 2019!

This year was my 9th year attending Citrix Synergy, but somehow the feeling never gets old. Its always great to meet colleagues, friends from the community, customers and others and learn about their challenges, their perception of Citrix and how we help address their challenges. This year was no different! One of the common themes I heard though from many was that Citrix is no longer serious about Virtual Apps and Desktops (CVAD)! Many felt a lack of love to the loyal base who have been CVAD customers for many many years. This sentiment while understandable couldn’t be farther from the truth and that is exactly why I decided to spend some time blogging about all the innovation around CVAD that was discussed in many of the breakout sessions and highlighted in the expo hall. I have linked the relevant sessions and demos when possible. So here goes…

ITSM Adapter for ServiceNow has come a long way!!!

One of the major announcements at Synergy 2018 was the ITSM Adapter for ServiceNow. The initial release primarily focused around allocating pre-provisioned virtual apps and desktops to users based on approval workflows via ServiceNow and logging this in the CMDB. However the PM and engineering team have been hard at work on many new exciting features based on feedback from our customers. Here are a few that come to mind:

  • If a user requests a desktop (Dedicated or otherwise) and if it does not exist, the desktop will be provisioned. In the past the desktop had to be pre-provisioned.
  • If pre-defined performance thresholds are exceeded, one can automate the addition of capacity to delivery groups.
  • Integration with Director whereby if an alert is triggered, a ticket can automatically be created in ServiceNow. These could be related to license usage, connection failure, CPU usage etc to name a few. Similarly App Probing failures
  • Citrix Analytics Integration
  • Citrix Endpoint Management Integration such as enrolling devices from service catalog self service and in bulk by admins.
  • Citrix Access Control integration (automate the addition of users to SaaS apps)

ITSM Adapter: App Provisioning Demo

ITSM Adapter: Director Integration Demo

ITSM Adapter: MCS Provisioning

ITSM Adapter: UEM Integration Demo

So Much HDX Goodness!

HDX has been the secret sauce for many many years and innovation hasn’t stopped. There were plenty of updates shared at Synergy that I will try to summarize below. However I highly recommend that you watch the HDX session (SYN211) led by our PM team that I have embedded here.

  • Citrix VDA Update Service: Cloud service fully managed by Citrix. No requirement for customer to have a Citrix cloud entitlement. Cloud agent goes on Cloud connector (for cloud customers) or delivery controller (on-prem customers). Cloud agent informs service on VDA versions within customer environment and the service informs customer about current versions and if an upgrade is recommended. Customer can then either do a manual update or schedule an automated update based on scheduled maintenance window or idle time. This is particularly useful when it comes to persistent desktops or Remote PC deployments as you no longer need software distribution tools to manage the upgrades.
  • VDA installer improvements: Enhancements to the VDA installers to improve the upgrade process and reduce upgrade errors.
  • VDA Rollback: During the upgrade process, all changes are written to an XML file. If the VDA upgrade process fails, the XML file is read to determine the changes that were made and those changes can then be undone.
  • Unified Communications:
    • Microsoft Teams:
      • Optimization for the web client was introduced in the CVAD 1809 release with Browser Content Redirection on chrome browser. Linux will soon be supported as well.
      • Teams Desktop App will be supported in the upcoming CVAD 1906 release. The media engine is now integrated into Workspace App (WSA) and no separate installation is necessary. The desktop version will support optimization for audio, video and screen-sharing. Policies will be controlled via Studio. One major improvement is that the new teams client will be installed to C:\Program Files (x86) as opposed to AppData. This bodes well for shared environments. This also means that future enhancements will be delivered via WSA. So if teams optimization is something that you are keen on, then you are better off sticking to the current release as opposed to LTSR (at least when it comes to the client).
  • Other Platforms:
    • Cisco is working closely with Citrix on a Webex optimization pack for both Web and the Desktop version of the Webex. Jabber optimization pack already exists and is available through Cisco.
    • Zoom has also released an optimization pack for CVAD.
    • Other vendors with optimization packs include BlueJeans, Avaya etc.
    • Citrix will also be working with Google in the near future for optimization packs for their multimedia collaboration solutions.
  • Protocol Enhancements:
    • Adaptive Throughput (1811): Increases maximum throughput of ICA over TCP leading to a better overall user experience. Throughput is adjusted based on session interactivity. Up to 5x improvement in file transfer speeds.
    • EDT Lossy + Enlightened Virtual Channels: Individual virtual channels can elect which protocol to use leading to overall improved performance. The demo in the session showed a 3D image of a car rendered with almost no lag over a 300msec link with 5% packet loss.
    • Local Text Echo is back in 1811! The functionality is on par with XA 6.5 but future releases will add enhancements.
  • Graphics:
    • Automatic Graphic Providers: No need anymore to install separate 3DPro VDA. Unified VDA installation package detects GPU at run time and installs necessary components.
    • Generic GPU support (Citrix Indirect Display Driver)
    • Preferred Modes: Understand client capabilities during session establishment and switch settings as needed.
    • Thinwire+Progressive Display: Dynamic image quality based on bandwidth availability
    • H.264 Build to Lossless: Pixel perfect image quality for the most demanding use cases.
    • Lossy Graphics: Unifying Thinwire and Framehawk (leveraging EDT Lossy)
    • Dynamic 3D Pro: Optimize for 3D workloads automatically in session.
    • HDX Graphics Monitor: In session details about graphics mode in use. Admin can enable or disable this feature. GPU is not a requirement.
    • Virtual Display Layout: Slice a single monitor into multiple displays. Allows customers to use a single large monitor and slice it however they like.
  • Other Updates:
    • Workspace Printing: Mobile print solution that gives you the ability to print from the virtual session but save the document outside the session as a pdf in Sharefile which can then be accessed via Workspace App.
    • CVAD 1903 and up now supports Stylus for note taking on Windows devices.
    • Biometric Authentication using FIDO2: FIDO2 is based on asymmetric cryptography with the goal of eliminating passwords as a whole. Biometrics can be used as a second form of authentication or the primary authentication mechanism. The goal is to support FIDO2 based biometric authentication within a virtual session via USB redirection. The other use case would be to leverage integrated biometrics (Windows Hello, TPM) etc for authentication within a virtual session.

Identity Story Beefs Up With Okta Integration and more to follow!

When it comes to IdP vendors, Okta probably has a significant market share and a lot of customers have made sizeable investments in their identity platform and hence want to make the most of their investment and leverage Okta as the identity provider for Citrix Workspace. At Synergy, we announced that we will integrate Workspace with Okta such that users can authenticate with Okta and login to Citrix Workspace. Furthermore Citrix Cloud Federated Authentication Service can be used in conjunction with Okta to provide single sign on Citrix virtual apps and desktops.

In the near future, Okta SaaS and web apps can be delivered within the Citrix workspace such that users will have unified access to both the Citrix delivered apps and Okta apps within Citrix Workspace with SSO.

Okta integration will go into public tech preview in the coming weeks.

In order to learn more, do watch the session below. The live demo starts around the 12:11 timestamp.

In addition to the Okta integration, Citrix also announced plans to integrate with Google Identity Platform as an identity provider for Citrix workspace.

Customers can also leverage their on premises Netscaler to integrate with third party identity providers and authenticate with Citrix Workspace. This capability is currently in tech preview and expected to release later in Q3.

Citrix App Protection Policies To The Rescue

Citrix Armored Client was announced at Summit earlier this year. This has now been re-branded to Citrix App Protection Policies. Citrix App Protection Policies allow administrators to protect HDX, SaaS and Web App delivered via the Workspace App from key-loggers and screen capture tools installed locally on the users endpoint. This takes security to a whole new level especially when combined with the existing HDX policies, and Citrix ADC End Point Analysis in conjunction with SmartAccess, SmartControl. Scott Lane demonstrates these new capabilities in the video above (25:15 time stamp)

Citrix Managed Desktops! A True DaaS Solution!

Citrix Managed Desktops (CMD) was officially announced at Synergy and compliments the Citrix Virtual Apps and Desktops offerings. CMD is meant for niche use cases like seasonal workloads, temporary workers, mergers and acquisitions, business continuity, or for SMB customers who have limited requirements. The main advantage of CMD is the consumption based billing or the “Pay As You Go” model. Some key highlights:

  • Supports domain joined or non domain joined desktops
  • Designed for Windows Virtual Desktop (Multi session Win 10)
  • Supports network connectivity to backend resources on premises.
  • Buy the whole solution from Citrix
  • Customers can bring their own image or Citrix can provide customers a base image with all the patches and updates.
  • Leverages the industry leading HDX protocol.
  • Consumption based billing
  • 11 Global Azure Gateway POPs can be leveraged.
  • Been in limited tech preview since Jan. Opening up tech preview to more customers after Synergy. General Availability slated for Q3.
  • VM types include B2s, D2sv3, D4sv3 and D8sv3 as of today
  • Regions include East US, Australia East, West Europe and West US today.
  • Basic monitoring is also provided as part of the solution.

Citrix Managed Desktops: Pricing

Do watch the session below for more details including a detailed demo (32:31 time stamp)

Performance Analytics For All!

Performance Analytics was one of the most exciting announcements for most customers. Performance analytics can provide user experience scores across all Citrix products taking into account both the end user and the infrastructure point of view to calculate the score. Today customers use multiple tools to assess and troubleshoot performance issues and even with all these tools, they struggle to understand what user experience is really like as there is no end to end visibility. They are inundated with data but very little insights. This is the problem that performance analytics attempts to solve. Some highlights below:

  • User-centric experience score that helps quantify user experience. These scores can be used to identify users experiencing poor performance and correlate with potential infrastructure issues.
  • Quantify app performance
  • Multi site aggregation and reporting
  • Available for both on premises and cloud CVAD customers.
  • Visibility into ICA traffic channels
  • Actionable insights
  • Drill down views available to determine what exactly is causing poor user performance (Eg: slow logons, GPO policies, network latency etc)
  • On premises customers need to upgrade DDC and Director to 1906. Customers require a Citrix Analytics Service account and outbound connectivity on port 443.
  • Next LTSR release slated for Q4, 2019 will have performance analytics integration.
  • Q2 Tech Preview
  • To address data sovereignty concerns, the goal is to have targeted availability in EMEA and APAC

Performance Analytics: How To Get Started

Watch the recorded session above for further details including a demo (24:00 time stamp)

Citrix Virtual Apps and Desktops Service Updates

  • Auto scale: Available via Citrix Cloud Studio. Schedule based or load based power management for workloads (power up or power down VMs to keep public cloud consumption costs under control. Capacity and cost savings information will be available with Director.
  • Delegated Admin and Config Logging now available for CVAD service
  • Machine Creation Services support on Google Cloud Platform is coming soon. This will allow customers to leverage GCP as a resource location with CVAD service and automate the provisioning of workloads. In addition Linux Virtual Apps and Desktops is now certified for GCP
  • App Layering enhancements include Azure Gov support, Office 2019 certification as an App Layer and Server 2019 certification as an OS layer.
  • License management and reporting capabilities have improved significantly including daily active use and monthly active use reporting. Admins can also release licenses from users that have changed roles or left the company.
  • There is a lot of focus on an API drive approach including enabling direct API access for seamless automation. An Orchestration API is now available as a limited tech preview. Customers can also leverage OData APIs for reporting.
  • Citrix Brand Personalization Service is now in public tech preview and allows customers to personalize application name, icons, app color themes etc for Workspace App and other Citrix products like Secure Mail, Secure Web and Citrix Files.
  • Secure Browser service has a number of updates including auto-selection of region for best user experience, client drive mapping, expanded region support and admin localization.

Watch the session below to learn more!

Access Control for SaaS and Web Apps with On-Premises Storefront

One of the major challenges preventing customers from adopting Citrix Access Control was the dependency on the Citrix Workspace service. Most customers still leverage on premises Citrix ADC and Storefront to aggregate their resources and not ready to migrate from Storefront to Citrix Workspace. In order to enable these customers to be able to adopt Citrix Access Control, Citrix announced Access control integration with on premises Storefront. This new capability allows customers to secure SaaS and Web Apps using the Access Control capabilities and deliver these apps either using the embedded browser within Workspace App or via the Secure Browser depending on the use case. To learn more about these capabilities, review this blog post by Chris Fleck.

Citrix Workspace: Addressing The Security Conundrum [Session Recorded at Citrix Synergy 2019 in Atlanta, Georgia]

 

Scott Lane and I had the privilege to lead a session at Citrix Synergy this year around the security benefits of Citrix Workspace. When most people think about the Citrix Workspace, then tend to focus on the user experience and productivity benefits. While these are very important, there are also a number of security use cases that the solution addresses. The goal of this session was to walk through these benefits with a demo centric approach. We also had Chris Fleck (Vice President and Technical Fellow at Citrix) join us as our mystery speaker and he shared some cool projects that he’s currently working on. Hope you enjoy this session! I would love to get your feedback!

 

Key Takeaways from Citrix Synergy 2018 Announcements That Did Not Make The Keynote

Just like many of you, I had the pleasure of attending another awesome Citrix Synergy last week in Anaheim. Had the chance to meet many of the community members, customers and fellow Citrites in person. As is always the case, I was not able to attend a lot of sessions due to customer/internal meetings and such and spent some time this week catching up on content. While Workspace, ServiceNow Integration and Analytics were front and center, what I’m realizing is that there were plenty of great announcements made during the breakout sessions that many of you probably missed. If you want to learn more about what was announced as part of the keynote read Jason Samuel’s blog post.  I wanted to spend some time summarizing some of the most interesting announcements that were not part of the keynote. I am still in the process of reviewing the sessions and will update this post over time.

Workspace Environment Management (WEM) To Be Offered As A Citrix Cloud Service

WEM is Citrix’s solution for user environment management and resource optimization along with UPM. On average, customers see a 30% improvement in server scalability and login times can also be improved significantly. WEM did require certain infrastructure components to be deployed. However, at Synergy it was announced that the Citrix will be offering a WEM service essentially hosting, managing and maintaining all the infrastructure components such that the customer only has to deploy the agents and the cloud connector. This should make the solution even more appealing to customers and help with server scalability and user experience in a hybrid cloud environment. 

Learn more about this announcement in SYN231 (Recording below. Start at around 6:15)

Seamless Roaming O365 Outlook Email Cache and Search Index Database using UPM

A new feature is coming in UPM that allows handling of large files specifically designed for O365. And it is controlled with a single policy setting in UPM. Once the policy is enabled, a per user search index db is created and all outlook requests are redirected to the database thus enabling a roaming search index for the user for both virtual apps and desktops. Its limited to 32 bit version of Office for now. The search index and OST file will be wrapped in a VHDX container and stored in the profile. Learn more about this feature in the SYN231 video posted above. Start watching at 22:30. 

 

WEM and UPM Capabilities Now Extended To Manage Physical Endpoints

As part of Citrix’s Unified Endpoint Management strategy, WEM and UPM will soon be able to manage physical endpoints. This is a welcome change and will help customers use the same solution set to manage both physical endpoints and the virtual workloads. Learn more in the SYN231 video above. Start watching at 30:52.

PVS Management Directly From Citrix Cloud

On prem PVS workloads can soon be managed directly from Citrix Cloud. In addition a new PVS cloud license will be introduced. A customer can download the PVS cloud license from MyCitrix and install on onprem license server to manage PVS from Citrix cloud.

More info in the SYN131 video below. Watch from 28:40

Azure QuickDeploy for XenApp and XenDesktop Service

Azure Quickdeploy is a feature that is available for the XenApp Essential customers that makes it extremely easy to build Citrix workloads in Azure. The same wizard has now been ported over to XA/XD service. You can specify your Azure subscription info, connect to a resource location, upload a custom image, provide domain information and the machine catalog will be created for you. This is perfect for small deployments and POC’s. This feature will be released in the coming weeks for XA/XD service. It will only support Server VDAs. Also important to note that Quick deploy cant be used in conjunction with studio. Its an either/or. To learn more in the video. Watch from 32:00

 

Extending Citrix Cloud Support For Google Cloud Platform and Oracle Cloud

While Google cloud got plenty of attention at the keynote (and I will have a follow up blog looking specifically into Citrix Cloud and GCP), it is also worth noting that we will be extending platform support for Oracle cloud infrastructure. This is of particular interest for customers who have a significant investment in Oracle cloud today. Its all Hyper-V based which is also appealing to many customers. There is an Oracle deployment guide already published and the planned availability for support in Oracle cloud is Q2, 2018. Learn more in the SYN131 video above and start watching at 34:20

 

 

 

Citrix Director Enhancements

There were a lot of Citrix Director enhancements announced including Resource App prediction based helping admins predict future resource usage, ability to generate custom reports, a set of predefined default smart alerts (as opposed to admins having to go and define alerts manually), detailed breakdown of logon duration including a breakdown of “interactive session”, NMAS integration, the ability to troubleshoot XenMobile devices right from Director and last but not the least App Probing. App probing in particular is really exciting as it allows you to define and automate app probes for your published apps and desktops thereby helping admins be proactive about how the published resources are performing and getting ahead of potential issues. Lots of features to get excited about!! Watch SYN126 (below) for further details.

The New Citrix Files Application

The new Citrix Files application (new Sharefile client for desktop) has combined the capabilities of Sync, Drive Mapper and Deskop into a single application. Just like drive mapper, it provides a single pane of glass for all your data (network drives, sharepoint, personal cloud, OneDrive For Business etc). You also now have the ability to perform workflows directly from windows explorer or finder. You now also have the ability to map multiple drives to specific sub folders within sharefile or connectors like OneDrive for Business. The configuration can be through Citrix policies within Studio. Watch SYN100 below from 19:25 to learn more.

Intelligent Traffic Management (formerly Cedexis) Is Awesome!

Earlier this year, Citrix announced the acquisition of Cedexis to add to the Netscaler portfolio. People like to describe Cedexis as the Waze of Traffic Management. Its not far from the truth. Cedexis collects 14 billion data points on a daily basis from over 900 millon end user sessions and 40,000+ networks around the world to intelligently route traffic thereby offering the best possible user experience and intelligently avoiding application disruptions. Watch SYN123 below to get a quick overview of Cedexis.

HDX Enhancements

There were quite a few updates covered in SYN206 around HDX. I’ve tried to highlight a few below. I would highly recommend reviewing the recording below.

Browser Content Redirection 2.0

Backported as a stand-alone compatible component with LTSR 7.15. Chrome (Q3) and Edge will also be supported. Modern portocols such as HLS, DASH and Web Assembly will be supported. The rendering engine will be made part of the Workspace App. Browser content redirection 2.0 will be able to offload WebRTC as well!

Citrix Ready Partners in the Video multicasting industry like Qumu, vBrick, Ramp and Haivision will support Client side fetching and Browser content redirection for live video events where Receiver client side fetch can fetch the video from the branch office edge caching appliance.

Real Time Optimization

Skype RealTime Optimization Pack support coming for Chromebooks (that can run android apps) in H2 2018. Hardware acceleration for endpoints with AMD GPUs is also expected around the same time frame. 

Microsoft Teams Support Strategy 

In the short term, Citrix plans to support the Microsoft teams web client with browser content redirection 2.0. Chrome browser will be the first to be supported and windows endpoints will initially be supported with Linux endpoints to follow. File uploads might have limitations with browser content redirection 2.0 and MS Teams. The workaround is to use Sharefile or other such solutions to upload the files. 

Long term goal is to develop a receiver side media engine on all supported platforms (Windows/Mac/Linux) for real time optimization of MS Teams UC content. 

Delivery of Cisco Jabber from virtualized desktops

 

Workspace App and Citrix Receiver

After the keynote, in conversations with customers and partners there were a lot of questions around Workspace App and what it means for customers running Citrix receiver today. This is covered in great detail in SYN133. If you are a customer leveraging Citrix receiver, it will be automatically upgraded to Workspace app via Citrix auto update and it is fully backward compatible. All the new Workspace capabilities above and beyond virtual apps and desktops will only get enabled if you subscribe to the various Citrix Workspace services. So in other words, if you are an on premises customer leveraging  Storefront or an on premises customer leveraging Citrix Workspace just for site aggregation (more below on site aggregation), your client will be automatically updated to Citrix Workspace app but none of the functionality changes other than than UI having a new look. Watch the video below from 21:10. The session also provides a deep dive into Citrix Workspace App and demos of the new capabilities. 

Workspace and Site Aggregation

The new site aggregation feature now allows customers to tie their existing on premises deployments to Citrix Workspace (four step workflow). For customers who are on Web Interface or an older version of Storefront now have the option of leveraging Workspace to aggregate their virtual apps and desktops and deliver it to their end users with the new modern user experience. Moreover with Workspace, customers no longer have to worry about upgrading (as you would with on premises storefront) as Citrix manages and maintains the Workspace. 

Gateway Service Updates

When the Gateway service was introduced a while ago, the primary function of the service was secure ICA proxy. The service has evolved quite a bit and now supports single sign on to Enterprise Web and SaaS apps including a library of 40+ pre-defined SaaS templates. Gateway service can also be integrated with an on premises storefront deployment and supports hybrid deployments as well with Workspace aggregation. Direct connect to VDA without the need for connectors was also announced which will lead to increased scalability. Another key announcement was the much requested two factor authentication natively through the gateway service. This will be made possible with native One Time Password (OTP) support.

For an update on all Citrix Cloud services, I highly recommend watching SYN100. It also includes a lot of great demos. 

Citrix Synergy 2018 – Breakout sessions you do not want to miss!

Every year, I publish a list of my recommended Citrix Synergy breakout sessions. A number of people asked me if I had put one together this year and while its late this year, better late than never! As always I tend to pick sessions based on topics that are most relevant to customers and the quality of content and speakers. So here are my top 20 for this year!

SYN231: Manage your user experience from Workspace Environment Management Service

Who should attend: XenApp/XenDesktop Administrators, EUC Architects

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=110

SYN233: The geek’s guide to the workspace 

Who should attend: EUC/Cloud Architects, Management

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=112

SYN123: Deliver the best user experience for your customers and users with Intelligent Traffic Management (Cedexis) 

Who should attend: Network Administrators, Network Architects, EUC Architects

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=61

SYN704: Deep insights across the Citrix portfolio with Citrix Analytics 

Who should attend: EUC Architects, Citrix administrators, Security Architects, Management

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=149

SYN238: Implementing Federated Authentication Service: real world examples

Who should attend: Identity/Cloud/XenApp/XenDesktop Architects, XA/XD Adminstrators

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=117

SYN230: Discover Citrix Workspace Hub

Who should attend: Desktop Adminstrators, XA/XD administrators, EUC Architects

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=109

SYN504: Security: getting the most from your resources

Who should attend: C level executives, Security Architects, EUC Architects

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=295

SYN714: Citrix Rx for success in healthcare

Who should attend: Healthcare customers

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=157

SYN207: XenApp and XenDesktop tech update (May 2018 edition)

Who should attend: Everyone 

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=86

SYN131: Central image management: Provisioning Services and Machine Creation Services today, tomorrow and beyond

Who should attend: XenApp/XenDesktop Administrators, EUC Architects

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=69

SYN239: From StoreFront to Citrix Workspace

Who should attend: XenApp/XenDesktop Administrators, Cloud Architects, EUC Architects

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=119

SYN127: Everything you need to know about Windows 10, Server and Citrix

Who should attend: XA/XD Administrators, EUC and Cloud Architects, Management

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=210

SYN201: Citrix App Layering: top 10 lessons learned

Who should attend: XA/XD Administrators, EUC architects

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=213

SYN204: Identity and access management and SSO with NetScaler Gateway Service

Who should attend: Netscaler Administrators, XA/XD Administrators, EUC/Network/Cloud Architects

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=83

SYN241: How to break the cyber kill chain of ransomware

Who should attend: Security Architects, EUC architects

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=172

SYN226: Demystifying NetScaler SD-WAN for infrastructure architects

Who should attend: Network administrators, Network architects

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=105

SYN224: How to deploy NetScaler in public clouds and use it to provide SSO to on-prem and SaaS apps

Who should attend: Netscaler Administrators, Cloud Architects

 More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=103

SYN222: Next-gen of Native-OTP: now with Push Notification

Who should attend: EUC/Security/Network Architects, Netscaler administrator

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=101

SYN103: Expand the value of Office 365 with ShareFile

Who should attend: EUC architect, Management, Cloud architect

More info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=41&conference=synergy

SYN501: Workspace IoT

Who should attend: Executives, EUC/Cloud/Network/Security architects, IoT enthusiasts 

More Info: https://citrix.g2planet.com/citrixsynergy2018/myevent_session_view.php?agenda_session_id=290

In addition to these, I will be co-presenting two sessions at Citrix Synergy both cloud focused. The first, with Christiaan Brinkhoff, will focus around best practices and architectural considerations when deploying cloud workloads. The second, with Daniel Feller, takes a look at innovative and cost effective approaches to business continuity by leveraging Citrix Cloud. Details about the sessions below.

Look forward to seeing you at Synergy!

Sites vs Zones in XenApp/XenDesktop 7.x – Design Considerations When Choosing Between The Two

Introduction

Zones, a key design element that administrators and architects have learned to love in XenApp 6.5 was reintroduced in Xenapp and XenDesktop 7.7 FMA architecture. Prior to 7.7, building multiple sites was generally recommended when spanning multiple data centers or regions but now customers  now have the option of leveraging Zones. While Zones is a potential option, it might not always be the right option based on your situation. In this post, my goal is to review basic concepts around Sites and Zones and dig into design considerations to help choose between the two.

Primer on Sites and Zones

Sites

A site is what you define when you deploy XenApp or XenDesktop under the FMA architecture. It acts as a logical boundary with all objects defined being part of that site. It is also an administrative boundary. Each site has one or more delivery controllers and requires its own site configuration database. A site always have one primary zone defined by default. Sites can span multiple data centers and regions but there are a number of factors that need to be taken into consideration and we will review these a little later.

Zones

Zones are defined within a site to keep applications and desktops close to the user location while also simplifying administration by leveraging a single instance of Studio, Director and configuration database regardless of the number of zones. With zones, users in remote regions can get to their resources without having to traverse the WAN.

There are two types of zones – Primary zones and Satellite zones. Primary zones typically have two or more controllers and have the site configuration database locally whereas satellite zones can have a single controller or more. While similar, zones in the new FMA architecture in 7.x is not the same as XenApp 6.5. For instance, the concept of a zone data collector no longer exists.

With the introduction of Zone preference in conjunction with Optimal Gateway Routing, users can be homed to a specific zone when accessing their apps and desktops based on predefined conditions and rules. This greatly improves the user experience. Disaster recovery can also be handled intelligently.

For detailed information on Zones and Zone preference I would recommend you review the official documentation. Carl Stalhood has a very good blog on this topic as well.

There is also a great overview of Zone Preference in the XenDesktop 7.11 Master Class starting at the 58 minute mark.

When to use Sites

While zones simplifies overall administrative overheard and potentially infrastructure requirements, leveraging sites is a more prudent choice in certain scenarios. Lets look into these:

Latency

Latency will impact user performance. Latency and concurrent user requests should be taken into consideration and tested before deciding to use zones. See the chart above for different scenarios tested. There are two great blogs, one by Chris Gilbert and another by William Charnell on how latency affects brokering performance from satellite zones in XA/XD 7.7 where they collect metrics under various latency conditions. Definitely worth a read. However these metrics have improved significantly in 7.11 and above. In fact, 250 ms latency, XenApp and XenDesktop 7.11 outperforms the 7.7 code at 90 ms. With 7.11 or later, users experience quicker brokering of resources, even with latency between a broker and the SQL server. The official citrix documentation covers latency and the impact on zones, registration storm impact and how this can be tuned in great detail.

Fault Domains

When we talk about large deployments with greater than 5000 users, it is best practice to break the environment down into smaller PODs. This helps split the enviroment into multiple fault domains such that when any of the pods are affected, only a small set of users are impacted if any. Even when all users connect in to a single datacenter, it is still beneficial to break the infrastructure down to multiple sites and PODs. Here are the slides from a great session at Synergy 2015 that covered the benefits of a POD based architecture. This blog is also worth a read.

Administrative Boundaries/Regulatory Compliance

For environments that require complete administrative isolation between different regions or business units, going with separate sites is recommended. While Role Based Access Control is available, it does not meet the needs of every customer. In addition I have worked with customers that have gone with multiple sites so as to isolate environments to meet compliance requirements such as PCI or regulated environments where upgrades are not as frequent.

While multiple sites requires additional infrastructure, the resources from the various PODs can be aggregated from a user access perspective. Monitoring and troubleshooting can also be simplified as Director can manage multiple sites. A number of the tasks can also be automated by leveraging script. Image management can be greatly simplified by leveraging PVS.

When to use Zones

When designing a XenApp/XenDesktop infrastructure for an environment with multiple datacenters with latency being a non factor (within acceptable limits), zones can certainly be an option. The number of users per satellite zone can play a factor when making that determination as discussed earlier. Fault tolerance should also be taken into account as all the zones share one common site configuration database and connectivity issues could impact all the users. The resources that users connect to can be controlled based on zone preference and failover. 

Using a combination of Sites and Zones is also an option. For instance if a customer environment is spread across the globe but also has multiple datacenters within each region, they could use Sites for each region and the leverage Zones for the datacenters within each region assuming low latency between the datacenters. This would help reduce the overall complexity and administrative overheard when compared to deploying a site per datacenter.

From The Field

Here is some feedback from Jason Samuel, one of our CTP‘s based on his experience.

“Most of my customers completed their migrations from 6.5 to 7.x when either zones weren’t available in FMA yet or was still new.  They went with a site per data center.  My bigger customers embraced localized pods within each datacenter itself.  This is often self contained pods built on HCI as the backend.  Application and image management is controlled through PowerShell scripts to help with administration of multiple sites.  Since these customers have been using this model for a few years now and it is a mature process for them, they continue with this approach.  My customers that are doing greenfield 7.x deployments are the ones that really consider zones vs. doing individual sites.”

Ryan Mcclure, Senior Architect at Citrix Systems had this to say: 

“So armed with this data and information, what should you do? Stick to multiple sites? Design with zones wherever possible? Some scenarios just beg for zones, while others are obvious use cases for sites/pods, but more commonly, both are technically viable and it is a matter of weighing the pros and cons. If your workload is mission critical and your deployment lives in one or two datacenters, multiple sites are probably a good option for you. They provide additional fault tolerance, shrink failure domains and increase flexibility during upgrades. If, on the other hand, you have a number of semi-well connected locations where application back-ends reside, one site per location may prove prohibitive from an administrative perspective. These sorts of deployments are where zones should really be considered. The combination of sites and zones also shouldn’t be overlooked. The geographic distribution cited above is one example, but sites and zones can also be combined to strike a balance between manageability and availability. Rather than all VDAs in a zone mapping to a single primary site, multiple primary sites can be deployed.

When the decision isn’t obvious, our most successful customers ask the same question:

“What are other customers in similar situations doing?”

The strategy around sites and zones definitely isn’t one size fits all, but up until now, most of our large enterprise customers have gravitated towards separate sites. Many do so based on their desire to shrink failure domains and minimize risk wherever possible. You may have even heard recommendations to skip zones because sites have been available longer in the FMA world. At the time, this recommendation may have made sense, but the IT space is as dynamic as ever and leading practices need to be updated with the times. Over the last few months, this trend around steering clear of zones has started to shift, and more customers are taking a hard look at how zones can help simplify environment management. In most scenarios, zones shouldn’t be viewed as a total replacement for sites, but if your deployment can be simplified and/or management streamlined by implementing zones where the make sense, now is the time to give them a good look.”

Final Thoughts

Zones in XenApp/XenDesktop 7.9+ is a welcome addition and offers greater flexibility when planning out deployments. However, it is not necessarily the solution for every use case as discussed above. Latency, number of users/location, concurrent logins etc need to be carefully considered before deciding whether to go with multiple sites or leverage zones instead.

 

 

 

Which Sessions Should I Attend at Citrix Synergy 2017? A Q&A approach!

 

Over the last couple of years I have been compiling a list of recommended synergy sessions  that I encourage my customers to attend. Since most attendees come with different objectives, coming up with a top 10 list didnt seem logical. So this year I decided to take a different approach and organize my picks based on the reasons why customers and partners have decided to attend Synergy.

My Top Picks Overall (In no specific order):

  • SYN301: XenApp and XenDesktop Tech Update: May 2017 edition

  • SYN134: Citrix Workspace User Experience

  • SYN412: StoreFront: top 10 lessons learned from the field

  • SYN102: Is it Time to Upgrade to XenApp 7.x?

  • SYN321: XenMobile Deployments

  • SYN330: Optimize and scale your XenApp and XenDesktop platform the CTP way

  • SYN303: Independent Citrix experts’ deep dive on Remote Graphics, user experience and GPUs

  • SYN316: Increase your security posture with Sharefile Enterprise

  • SYN115: Why should I use ShareFile if I already have Office 365?

  • SYN318: A to Z: best practices for delivering XenApp and XenDesktop from Microsoft Azure using Citrix Cloud

  • SYN103: XenApp and XenDesktop App Layering

  • SYN107: XenServer Tech Update

  • SYN111: What’s new with Citrix Cloud and what’s to come

  • SYN123: SD-WAN case study: How a XenApp customer improved application delivery to the branch

  • SYN118: What’s new with NetScaler ADC

  • SYN310: Powering the digital workspace using Citrix Cloud: a deep dive into architecture and configuration

  • SYN319: Securing devices, apps and data with XenMobile

  • SYN312: Authentication: deep dive on Citrix solutions

  • SYN712: Analysis of a hack: how to defend and protect with Citrix

  • SYN131: Citrix Workspace IoT

  • SYN127: Introducing Smart Tools for the Xen product family; faster POCs and efficient operations on-premises or in the cloud

  • SYN325: Automating NetScaler: talking NITRO with PowerShell

For existing XenApp/XenDesktop customers looking to optimize their environments and/or learn whats new:

  • SYN301: XenApp and XenDesktop Tech Update: May 2017 edition
  • SYN709: Monitoring the Citrix virtual workspace
  • SYN412: StoreFront: top 10 lessons learned from the field
  • SYN104: XenApp and XenDesktop: What’s new and roadmap
  • SYN103: XenApp and XenDesktop App Layering
  • SYN106: Fantastic four: the do’s, don’ts and lessons learned of Citrix implementations
  • SYN312: Authentication: deep dive on Citrix solutions
  • SYN111: What’s new with Citrix Cloud and what’s to come
  • SYN302: Keys to a successful XenApp and XenDesktop user experience
  • SYN102: Is it Time to Upgrade to XenApp 7.x?
  • SYN330: Optimize and scale your XenApp and XenDesktop platform the CTP way
    SYN706: Build a XenApp real-time session monitoring dashboard
  • SYN409: Overcoming challenges in a double-hop XenApp session
  • LAB609: Deploying Workspace Environment Management for XenApp and XenDesktop
  • LAB613: Configuring ShareFile in a Citrix environment
  • SYN303: Independent Citrix experts’ deep dive on Remote Graphics, user experience and GPUs
  • LAB610: Gain end-to-end insight and control with NetScaler Management & Analytics System

For attendees curious about how Citrix complements Microsoft Azure and O365:

  • SYN115: Why should I use ShareFile if I already have Office 365?
  • SYN318: A to Z: best practices for delivering XenApp and XenDesktop from Microsoft Azure using Citrix Cloud

For Microsoft Intune customers looking to see how XenMobile can complement their existing solution:

  • SYN415: XenMobile Essentials for Microsoft Enterprise Mobility Suite
  • SYN116: Admin and end user experience with XenMobile Essentials for Enterprise Mobility Suite

For attendees who would like to learn more about Sharefile, and how it compares with other solutions:

  • SYN316: Increase your security posture: deep dive on ShareFile security and compliance
  • SYN314: Extend existing storage investments with ShareFile
  • SYN702: Why choose ShareFile over Box, Dropbox, Egnyte, Syncplicity, and other EFSS vendors

If you are new to Citrix App Layering:

  • SYN103: XenApp and XenDesktop App Layering
  • LAB611: Installing and configuring application layering

Interested in learning more about Citrix Cloud:

  • LAB605: Deploying and configuring XenApp and XenDesktop Service on Citrix Cloud
  • SYN310: Powering the digital workspace using Citrix Cloud: a deep dive into architecture and configuration
  • SYN111: What’s new with Citrix Cloud and what’s to come
  • LAB615: Deploying and automating Citrix solutions with Citrix Cloud and AWS

Attendees who have a strong networking background or networking focused:

  • SYN123: SD-WAN case study: How a XenApp customer improved application delivery to the branch
  • SYN411: Guidelines for NetScaler ADC sizing and capacity planning
  • SYN118: What’s new with NetScaler ADC
  • LAB601: Increase your NetScaler IQ to better manage your NetScaler ADCs
  • LAB602: Gain competitive advantage with key new features in NetScaler SD-WAN
  • SYN130: Getting started with NetScaler Management and Analytics System
  • SYN323: Migrate your NetScaler deployments to the cloud
  • LAB610: Gain end-to-end insight and control with NetScaler Management & Analytics System

For those considering migrating workloads to a public cloud:

  • SYN318: A to Z: best practices for delivering XenApp and XenDesktop from Microsoft Azure using Citrix Cloud
  • SYN111: What’s new with Citrix Cloud and what’s to come
  • SYN310: Powering the digital workspace using Citrix Cloud: a deep dive into architecture and configuration
  • SYN313: Identity, security, availability: best practices with Citrix Cloud
  • LAB615: Deploying and automating Citrix solutions with Citrix Cloud and AWS
  • LAB612: Architecting Citrix in the cloud era with XenDesktop Essentials and NetScaler in Azure
  • SYN110: Select the right cloud or hybrid cloud for your deployment? How, when and where
  • SYN104: XenApp and XenDesktop: What’s new and roadmap
     

For attendees interested in learning more about XenMobile:

  • SYN117: XenMobile: What’s new and roadmap
  • SYN319: Securing devices, apps and data with XenMobile
  • LAB603: Implementing XenMobile Services within Citrix Cloud
  • SYN320: Take your XenMobile environment to the cloud
  • SYN405: Modernizing mobility in manufacturing

For attendees who have a strong security background/interest:

  • SYN312: Authentication: deep dive on Citrix solutions
  • SYN313: Identity, security, availability: best practices with Citrix Cloud
  • SYN316: Increase your security posture: deep dive on ShareFile security and compliance
  • SYN125: Security challenges and uses cases you can solve with Citrix Workspace Suite
  • SYN414: Access and authentication options in a Citrix environment
  • LAB607: Building a successful Federated Authentication Service POC
  • SYN124: Securing high-value applications in bank IT infrastructure
  • SYN329: FedRAMP – Security and compliance in a cloud world
  • SYN712: Analysis of a hack: how to defend and protect with Citrix

For attendees still running XenApp 6.5:

  • SYN102: Is it Time to Upgrade to XenApp 7.x?

For attendees evaluating VDI solutions and would like to compare and contrast XenApp and XenDesktop with VMware Horizon:

  • SYN304: Comparison: delivering virtual desktops with XenDesktop 7.x or Horizon 7.x

For current Azure Remote App customers:

  • SYN334: XenApp Essentials the fastest way to deliver apps from Azure

For those who are new to IoT and would like to learn about Octoblu:

  • SYN401: Fireside chat with IoT experts about automating Citrix with Octoblu
  • SYN131: Citrix Workspace IoT

For attendees looking to cut costs, specifically around hypervisor licensing:

  • SYN107: XenServer tech update: boot PVS desktops faster, protect against zero days, and patch without reboots
  • SYN416: XenServer for VMware admins
  • LAB617: Extending the security of your XenApp and XenDesktop environment with XenServer and Bitdefender Hypervisor Introspection (HVI)

If Automation and Orchestration peaks your curiosity :

  • SYN401: Fireside chat with IoT experts about automating Citrix with Octoblu
  • SYN127: Introducing Smart Tools for the Xen product family; faster POCs and efficient operations on-premises or in the cloud
  • LAB608: Workspace IoT makerspace
  • SYN325: Automating NetScaler: talking NITRO with PowerShell
  • SYN131: Citrix Workspace IoT
  • SYN322: Guidelines for automating service orchestration and analytics in your datacenter

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Getting Started with the Citrix HDX Pi – A step by step walkthrough

1463594298798

A few months back, I wrote a blog on how to configure the Raspberry Pi thin client to access Citrix workloads. If you are completely new to the HDX Pi and want to learn more about the benefits, this is a good place to start. Since then Citrix announced the HDX Pi and I have received requests from members of the community to blog on configuring the HDX Pi. So here it is!

What you need:

  • One or more HDX Pi’s ( Microcenter edition)
  • ThinLInx Managment Software

Configuration

The HDX Pi comes pre licensed for the ThinLinx Management Software (TMS). So you can go to the ThinLinx website and download TMS and install on a windows PC. Once installed, run TMS.

Connect the HDX Pi to the network in addition to the obvious (keyboard, mouse, display). Once the Pi boots up, you will see the client within TMS.

8-5-2016 4-23-57 PM

 

8-5-2016 4-24-25 PM

 

8-5-2016 4-24-44 PM

You can now update a number of parameters and push files to the device within TMS

  • Change the name
  • Change protocol to HDX if you prefer
  • Push SSL certs if needed (If you are using private certs on Storefront for instance)
  • Change network parameters (if you dont want to use DHCP for instance or use a custom DNS server)
  • Change display parameters.

8-5-2016 4-25-05 PM

 

8-5-2016 4-25-33 PM

 

 

8-5-2016 4-26-23 PM

TMS is also how you would push new firmware to the device.

Once you are done with the configuration changes, reboot the device. Once rebooted, you should see the updated parameters within TMS.

8-5-2016 4-26-43 PM

 

Once rebooted, you will have to specify the URL that you want the Pi to connect to. This is your Netscaler Gateway URL.

After you enter the URL, you will be prompted for credentials.

Once authenticated by the Netscaler, you get prompted to pick the Store after which you see your applications and desktops.

Some Caveats to keep in mind

One catch with TMS today is that the URL does not persist unless you save it at the Pi itself. To do this, while at the storefront screen, use the Ctrl+Alt+C key combination and hit “Save Settings”. Now reboot. The HDX Pi will now authenticate and take you right to your apps once rebooted.

The TMS server will only discover devices on the same subnet. So make sure that your TMS server and Pi are on the same subnet will configuring the devices or else discovery will fail.

Viewsonic version of the HDX Pi is also available. However the configuration procedure is a little different and will be covered in a future blog post.

Once the configuration URL is saved, as mentioned earlier the device will boot straight into storefront using credentials provided initially. In order to configure a new store, you can clear config and reset to default on the device or you can factory reset the device via TMS.

Keyboard Shortcuts:

  • ctrl alt r twice to factory reset
  • alt f4 to exit HDX screen
  • ctrl alt v – volume
  • ctrl alt c – config screen
  • ctrl alt t – terminal

To learn more about performance check my previous blog. I look forward to your feedback!

 

Citrix Appdisks How To Guide – Administration Basics and Gotchas

AppDisk, an application layering solution was part of XenApp/XenDesktop 7.8 released in late February this year. This post is not meant to cover the basics of application layering or image management as a whole. You can refer to my blog for a quick overview. My goal in this post is to cover the administrative aspects of application layering using Citrix AppDisks. With that said, lets dig right in!

Creating an AppDisk

There are couple of approaches to creating an AppDisk. The first method is to manually create it at the hypervisor level and then import it within studio. The second approach is to create and assign the AppDisk right from within Studio. You can read more about both approaches here.

To create an AppDisk from within Studio:

Click on the AppDisks node within Studio and then select “Create AppDisk” from the Actions menu.

3-29-2016 11-55-07 PM

On the next screen, select the size of the disk. There are predefined options of 3, 20 or 100 GB or you could pick a custom size. This is also where you would import an existing AppDisk that you have created manually. Keep in mind that on a 3GB AppDisk a good chunk of the space is already used up and you would most likely get less than 1 GB for any new applications you are looking to install into that layer. 

3-29-2016 11-55-53 PM

Next, you select the machine catalog you would use for the VM used to install applications into this AppDisk. Only the compatible options will be made available. For instance in the screenshot below, the only two options available are the NonPersistentVDI catalog and the Win 7 Pool. Reasons are provided as to why the remaining machine catalogs are not made available. Also worth noting that AppDisks can only be assigned random pool catalogs. The machine catalog should have at least one available VM for the AppDisk creation to work.

3-29-2016 11-58-49 PM

Next, give the AppDisk a name and the AppDisk creation process initiates. In my lab, I have seen anywhere from 10 minutes for a 3GB disk and under 20 minutes for a 20GB AppDisk (SATA storage). Creation of these disks on SSD storage was about 30% faster.

Once the AppDisk is created, you can install the required applications.

3-30-2016 11-33-18 AM

Installing Applications within an AppDisk

Within Studio, click on the newly created AppDisk. It should say “Ready to Install Applications”. Under the details section for the AppDisk, the preparation machine information is provided. Within the hypervisor management console, login to the preparation machine and install the required applications.

3-30-2016 11-33-48 AM

 

Once you have installed the applications, within studio, highlight the AppDisk and under the Actions pane, select “Seal AppDisk”. This starts the sealing process and once that is completed, you can run AppDNA compatibility analysis for that AppDisk.

3-30-2016 11-46-40 AM

 

 

3-30-2016 11-47-42 AM

 

Keep in mind that AppDisk Layering cannot be used for applications that have file system drivers and services.  AppDisk does not include application isolation. App-V or Turbo.net provides that functionality. 

Configuring AppDNA and Analyzing an AppDisk for Compatibility Issues

The main differentiator between AppDisk and the other layering technologies out there is the integration with AppDNA for Delivery group compatibility analysis. For instance, once we create an AppDisk we can test compatibility against multiple XenApp Images or a pooled Windows 10 delivery group as examples. This gives the administrator the assurance that the AppDisk is going to work with that delivery group without having to go through extensive regression testing. When you have multiple AppDisks assigned to a delivery group, the AppDNA compatibility analysis also makes sure that all the AppDisks play well together and reorders the AppDIsk assignment if need be based on the analysis. AppDNA integration is a XenApp/XenDesktop Platinum Only feature. 

Before you can run any compatibility analysis, AppDNA needs to be configured within Studio. Click on the AppDNA section under configuration and specify the AppDNA connection settings. Make sure the connection test passes.

3-30-2016 12-00-12 PM

Getting back to where we were in the AppDisk creation, we had just started the sealing process. Once this process is complete, the AppDNA compatibility analysis will automatically kick in if AppDNA connection settings are configured. The compatibility analysis is done against the machine catalog that the preparation machine belongs to. When you assign an AppDisk to a delivery group, compatibility analysis is carried out automatically against that delivery group. If there are multiple AppDisks assigned, then the AppDisks will be reordered if needed based on the analysis. There is an option to “Auto Order” the AppDisks when you assign an AppDisk to a delivery group. 

3-30-2016 11-53-32 AM

 

3-30-2016 12-00-00 PM

To view the report, click on “View Report” next to the AppDisk that you just sealed.

3-30-2016 12-01-10 PM

You can also view the reports from within the AppDNA console under the reports section. Here you have various views including the Application Issues, Application Actions, Issue View and Action View.

3-30-2016 12-58-45 PM

Assigning an AppDisk to a Delivery Group/Groups

To assign an application to a delivery group, click on Delivery Groups within Studio, highlight the Delivery Group that you want to assign the AppDisk to. Under the Actions pane, select “Manage AppDisks”.

3-30-2016 1-01-58 PM

The next screen shows you the currently assigned AppDisks and gives you the ability to add AppDisks. Once you assign your AppDisk, select Auto Order.

3-30-2016 1-02-12 PM

 

 

3-30-2016 1-02-28 PM

 

3-30-2016 1-02-48 PM

 

 

 

You can then select the rollout strategy. You can either reboot all the machines within that Delivery Group immediately or you can assign the AppDisk at the next machine reboot. You can then review the configuration and then click Finish. This initiates an AppDNA compability analysis if you have XenApp or XenDesktop Platinum entitlement and have configured your AppDNA server within Studio.

You can assign an AppDisk created with one OS to delivery groups running other OS’s as well so long as the application is compatible with the target OS. Within my lab, I tested assigning two AppDisks created with a Win2k12 preparation VM to a Win 7 random pool.

To assign an AppDisk to a delivery group, that delivery group needs to using the same storage. To assign an AppDisk to a delivery group on different storage, you would have to create a new VM at the hypervisor level tied to the target storage, clone and associate the AppDisk to the new VM and the reimport it within Studio. I am hoping this process will be simplified in upcoming releases of the product.

3-30-2016 1-03-01 PM

 

3-30-2016 1-03-09 PM

Updating an AppDisk

Currently there is no version management built into AppDisk. This means that each time you need to make an update, you are essentially cloning the existing AppDisk, making changes to it and then reassigning the new AppDisk to the Delivery Groups. It is also worth noting that you CANNOT resize an AppDisk when creating a new version.  

To update an AppDisk, click on the AppDisk node within Studio, highlight the AppDisk you would like to update and select “Create New Version” from the Action pane.

On the next screen, select the Pooled Random machine catalog that you would like to use for the preparation VM. Again a VM needs to be available within that Machine Catalog to perform the update.

You then name the AppDisk with version information and click “Create New Version”. This kicks off the AppDisk creation process as detailed earlier. AppDNA compatibility analysis will be carried out against the preparation VM machine catalog once the new version of the AppDisk is created.

Once the new version is ready, you can assign the AppDisk to the required delivery groups and unassign the old version. This will once again kick off the AppDNA compatibility analysis.

3-30-2016 1-21-46 PM

Resizing an AppDisk

There are no options to resize an AppDisk from within studio today. You would have to resize at the hypervisor level and then reimport and reassign the AppDisk. I am hoping that this is addressed in the near future.

Deleting an AppDisk

To delete an AppDisk within Studio, click on AppDisks, highlight the AppDisk you would like to delete and select “Delete AppDisk” from the Action pane.

3-30-2016 1-39-02 PM

 

Final Thoughts

As I described in my previous blog on Image Management, AppDisk takes us one step further in simplifying Image Management. However App Layering is not a one size fits all solution and should be used in conjunction with other solutions like application isolation and the likes. I am quite impressed with AppDisks for a v1 product. The performance has been very good considering I conducted most of my testing in my lab using SATA storage. However, I do hope that certain administrative tasks (like AppDisk resizing and versioning) improve in the near future.

Citrix Monthly Newsletter – February ’16

General Announcement and News

XenApp 7.8 & XenDesktop 7.8 Available for Download

Customers with active Software Maintenance (SWM) or Subscription Advantage (SA)–effective February 17, 2016–can download XenApp 7.8 and XenDesktop 7.8 on Citrix.com. The XenApp and XenDesktop 7.8 release greatly simplifies application management, delivering a 90% time savings over traditional methods. It enhances the user experience, while introducing scalability improvements, enabling a 40% memory reduction and a 20% increase in CPU efficiency for select behavior. Plus new features strengthen security and compliance.

Citrix Improves the Economics of Managing Mobile Traffic

Citrix announced the availability of the new NetScaler T1000 series which integrates proven ByteMobile optimization technology with the highly scalable, higher performance NetScaler platform architecture. This innovative Citrix solution vastly improves the economics of mobile traffic handling.

Now Playing! XenApp & XenDesktop in “The Citrix Supportability Pack

The Supportability Pack is a collection of support utilities developed by Citrix engineers to help diagnose and troubleshoot XenDesktop and XenApp on the Microsoft Windows platform.

Address 3 Business Impacts of Windows 10 with App & Desktop Virtualization

The latest release of Windows introduces another level of complexity for IT. Although the new Windows 10 OS promises consumers many improved features, it also means that managing a controlled migration is no longer in the hands of IT.  This shift has potential business impacts that enterprise IT teams must address, and app and desktop virtualization offers a reliable solution for maintaining a seamless, “business as usual” transition.

Can the Raspberry Pi Disrupt the Thin Client Market.. And the PC Industry

The Raspberry Pi (with Citrix HDX ) has created the opportunity to disrupt the Thin Client and Business PC market.

Welcome CTP–Citrix Technology Professional–Class of 2016!!

The Citrix Technology Professionals (CTP) Program award recognizes the contributions of individuals who have invested significant  time and resources to become experts in Citrix products and solutions.

Secure Web & SaaS Apps with XenApp Secure Browser

Browsers, despite their ascendance have historically been one of the most vulnerable pieces of software on any endpoint. The security concerns with browsers are legendary and involve complex settings, third-party plugins, active content, Flash, Java and other components that must be kept under strict control.

Announcing Storefront 3.5

Citrix announced the general availability of StoreFront 3.5. This release significantly revamps the administration console and PowerShell SDK, which makes the administration of StoreFront much easier.

Share Sensitive Documents—Anywhere—with Citrix Sharefile!

ShareFile facilitates the safe exchange of confidential financial documents between employees and with customers. Individual files and folders can be securely downloaded via a custom-branded client vault or through email. Employees can access, sync and securely share files within the organization, across lines of business and with third parties and clients, on any device via any network and repository, including existing network file drives and SharePoint sites.

Best Practices/Reference Architecture Documents/Blogs

Director Load Balancing using NS 11

Carl Stallhood walks through how the Netscaler can be used to load balance Citrix Director instances in this blog.

Framehawk Guide for XA/XD 7.8

The Framehawk virtual channel optimizes the delivery of virtual desktops and applications to users on broadband wireless and lossy long-haul broadband network connections, when high packet loss or congestion occurs. You can use Citrix policies to implement either Framehawk or Thinwire for a set of users in a way that is appropriate for your network characteristics, and is aligned with overall scalability and performance expectations.

Remote Display Analyzer

Use Remote Display Analyzer to easily analyze the result of your configuration and change settings on the fly to assess the best possible end user experience for every user, on every device on every location

Netscaler and Traffic Flow Explained

In this blog, Marius Sandbu attempts to explain Netscaler basics and traffic flows.

Configuration Notes on n-factor

nFactor authentication gives administrators an easy, flexible way to authenticate users, based on different kinds of user access, credentials provided or application demands.

Troubleshooting XenDeskop Slow Logons with HDX Data

The updated script presented in this blog, now covers the entire logon process, from the moment the user clicks on the published resource until the Desktop is available. The new module works by querying the XenDesktop Monitor service via OData API. The Windows session ID is translated to a XenDesktop SessionKey which is used in the OData API query.

Deploying Citrix Apps & Desktops: Resource Location Blueprint

How to deploy the Citrix Lifecycle Management Apps & Desktops: Resource Location & Service Setup Blueprint to create a Resource Location in your Amazon Web Services account for use with Citrix Workspace Cloud Apps & Desktops service.

Application Virtualization vs Application Layering

Marius covers the difference between two very popular solutions for application deployment, namely application virtualization and application layering.

Whats New in XenApp and XenDesktop 7.8

A quick guide detailing the new features introduced in XA/XD 7.8

Support Articles/Security Bulletins

Events/Webinars

Mar 2 Master Class: Back to basics: Server Load Balancing on NetScaler and Admin partitions
Live technical webinars to learn about the most critical elements of cloud infrastructures and enterprise datacenter architectures.

Register Now 

Mar 8 Solution Webinar: What’s New in XenApp & XenDesktop 7.7 and 7.8

Join us as we dive into the latest updates to see how we are simplifying application management, expanding our Microsoft Integration, and improving the user experience.

Register Now 

Mar 9 Master Class: EMM for Windows 10 and the latest Citrix XenMobile MDX features

Please join our technology experts for another deep-dive session on XenMobile as they cover Windows 10 MDM/MAM, shared devices and shared apps, MDX containerization, MDX app integrations using the SDK, working with MDX app policies and SSO capabilities with MDX.

Register Now 

Oct 2015 – Mar 2016 Seminars: From vulnerable to secure: Strategies to mitigate mobile security threats

Join us at a city near you for a mobile and virtualization security focused complimentary luncheon, filled with use case scenarios and live demos, to learn how you can protect apps and data and mitigate security threats with Citrix.

Register in a city near you

Mar – Apr 2016 Seminars: Q1 NetScaler Master Class Seminar Series

Join us at a city near you for an in-person master class covering best practices for installing and securing your website with Citrix NetScaler and a deep dive on the role that NetScaler plays in SDN.

Register in a city near you

Mar – May 2016 Seminars: Cisco on the Road (Formerly Cisco Live Local Edition; Cisco Tech Days)

One day educational and training event, organized by Cisco Enterprise, Commercial and Public Sector Teams. Customer attendance rate ranges from 100-500 attendees per event, in which 80% are Technical Contributors and the rest 20% are in IT Management, Sr. Management and Executives

Register in a city near you

DEMINARS

Every Tuesday and Thursday Deminars: Intro to Citrix Mobile Workspaces

Join us for an interactive, technical session on the benefits and capabilities of Citrix Workspace Suite in these demo-focused webinars.  Each session will begin with a valuable use case review that you do not want to miss! Register now to select the date that works best for you.
Register Now: Tuesday SessionThursday Session  |  Contact for More Info

Every Wednesday Deminars: Intro to Citrix NetScaler

Join us for an interactive, technical session on the benefits and capabilities of Citrix NetScaler in these demo-focused webinars.  Register now to select the date that works best for you.
Register Now: Wednesday Session  |  Contact for More Info

On Demand  |  Year to date

Jan 12 Solution Webinar: Secure Remote Access to Windows, Web and SaaS Apps

Register Now 

Jan 14 SDN Update: Customer Strategies for Software Defined Everything

Register Now 

Jan 20 Desktop Master Class: What’s New with XenApp and XenDesktop 7.7

Register Now 

Jan 22 Live Stream Webinar: Citrix Networking Field Day 11

Register Now 

Jan 27 Mobility Master Class: What’s New in Citrix XenMobile

Register Now 

Feb 3 Master Class: Back to basics: setting up your first NetScaler + NetScaler 11: New feature release

Register Now 

Feb 18 Solution Webinar: How SD-WAN helps with application delivery

Register Now 

 

 

 

 

 

Step by step guide on configuring the Rasperry Pi to deliver Citrix Apps and Desktops to your End Users!

IMG_20160209_012418

Why The Raspberry Pi?

In working with my customers over the years, end point management is something most struggle with to this day. Some choose to still provide their end users with fat clients, having to figure out how to manage the operating system and applications while making sure the device is secure. This tends to be a daunting challenge both from an operational and financial perspective. Others choose to leverage thin clients when possible but struggle in deciding what the right device is from a price and functionality pespective. A lot of times, they spend upwards of $500 on these thin clients, which still run a Windows Embedded OS that still needs to be managed and in some ways defeats the purpose of a thin client. While this is not true in every case, I would say that the end point management dillema is one of the biggest factors in virtualization initiatives stalling at my enterprise customers.

Over the past couple of weeks, I have been taking a closer look at the Rapsberry Pi. For those of you not familiar with the Raspberry Pi, I would highly recommend you check this out. While the use cases for the Pi are immense, what peaked my curiosity were recent blogs by Martin Rowan and Trond Eirik Haavarstein around how they leveraged the Pi as a thin client replacement for Citrix workloads.

Now before we go further, its important to understand why this was interest to me. First off, the device can be made highly secure by running stripped down Linux OS. Secondly, a Raspberry Pi 2 costs roughly $35. Tack on a case and adequate storage, the device is still under $50. So if there was a way to effectively deliver Citrix workloads leveraging this device, this would be the cheapest thin client out there! Not to mention a simple support and maintenance strategy, GET A NEW ONE! 🙂

How Does One Get Started?

[Best_Wordpress_Gallery id=”6″ gal_title=”RPI”]

I decided to get myself a Raspberry Pi 2 and give it a test run. I ordered the Vilros Raspberry Pi 2 Complete Starter Kit off of Amazon for around $55 (its around $70 now but price fluctuates). I would highly recommend going for a starter kit, either the one I got or the even more popular Canakit as these include everything you’ll need including wi fi adapter, case, hdmi cable, heat sinks, storage, power adapter etc. I also ordered a couple of additional micro SD cards. I wanted to have different OS builds on each of the cards, making it easy for me to showcase different solutions by just switching the micro SD cards on the Pi.

I looked at ThinLinx, Raspian Jessie and the Raspberry Pi Thin Client Project as potential options, but decided to start with ThinLinx and Raspbian Jessie. Before you get started, I highly recommend you read the this blog by Eric on Running Citrix workloads on ThinLinx and this blog by Martin Rowan on configuring and optimizing Citrix Receiver on Raspbian Jessie.

Approach 1: ThinLinx

Lets start with the ThinLinx build. ThinLinx OS (TLXOS) helps make effective thin clients out of old PC’s, Intel Compute Stick, Intel NUC and Raspberry Pi. TLXOS supports various protocols including Citrix HDX, RemoteFX 8.1, RDP. Intel showcased their NUC devices running ThinLinx at Citrix Summit this year. Check out the video. In addition Rachel Berry wrote an excellent blog about how Citrix leveraged Intel NUCs running ThinLinx for our Demos and Labs at Citrix Synergy 2015.

The process is as follows:

  • Go to this website and download the TLXOS Installer for Raspberry Pi.
  • Connect your micro SD card to your PC and run the TLXOS installer. This will format your micro SD card and copy the TLXOS image on the card.
  • From the same website mentioned above, download the ThinLinx Management Software (TMS) and install the software on a windows test machine. This is fairly lightweight software and can run on a VM as well.
  • Insert the micro SD card with TLXOS into the Raspberry PI and start it up.
  • Run the TMS app on your PC, which will detect the PI running TLXOS. You can configure the PI running through the management software.
  • In my case, I used TMS to make sure Citrix HDX is selected under the “Protocol” section. You could also choose “Web” and run in Kiosk mode if you’d like user to connect in that manner. You can also speficy a name for the device, upgrade software on the device, push SSL certs (required if your backend resources are running internal certs) etc.
  • On the PI, specify the Native Receiver URL. You will then be prompted for your credentials. Once thats set, you are good to go! You should see your apps and desktops, which you can then launch.

Video showcasing Citrix on a Raspberry Pi 2 running TLXOS

My Thoughts on the ThinLinx Option.

ThinLinx adds about $10 to the cost of the solution, bringing it to $69 in my case. However that is still a lot cheaper than your main stream thin clients. In addition, you get complete management capabilities which is absolutely necessary in an Enterprise environment. TLXOS was extremely easy to get going and the functionality was superb both for regular compute and for multimedia. The Citrix HDX protocol on TLXOS supports H264 decode upto 30 fps at 1080p resolution. There was no tinkering to get receiver to work. It just worked! I did notice some artifacts with the mouse cursor (as you might notice in the video) but not all the time. Overall I was very pleased with the simplicity of the solution and the overall performance of Citrix Workloads on TLXOS.

[Best_Wordpress_Gallery id=”3″ gal_title=”TLXOS”]

Approach 2: Raspbian Jessie

Raspbian OS is based off of Debian Linux. Jessie is the current version. There are two versions available for the PI – a full desktop image and a minimal image. I went with the full image for my tests. The Raspbian Jessie solution that I tested was unmanaged, unlike ThinLinx. So I had to install the OS, install receiver, tweak parameters to optimize performance etc. Nonetheless, the end result was a great performing thin client. I followed Martin Rowan’s blog for the various tweaks. I will try and outline them once again but wanted to call out that the tweaks were from his blog. So here are the steps:

  • Download the Raspbian Jessie full desktop image from this link.
  • Download Win32DiskImager and install on your system
  • Extract the Raspbian Jessie Image from the zip file
  • Connect your micro SD card to your PC
  • Run Win32DiskImager and use the extracted image as your source and the micro SD as your destination. This will format and copy the Raspian Jessie image on the SD card.
  • At this point, remove the SD card from your PC and plug it into the Pi and boot the Pi.
  • Run the following optimization commands in Raspbian Jessie. Once again, read Martin’s blog for more details.
    • Expand Filesystem
      • Run sudo raspi-config and select option “1 Expand Filesystem“. Reboot the Pi.
    • Run sudo raspi-config and select option “4 Wait for Network at Boot“, then select the option for “Slow Wait for network connection before completing boot“.
  • Install Citrix Receiver for ARM
    • Download Citrix Receiver for ARM (ARMHF) from the following link (under Debian packages)
    • Also download the USB Support package (ARMHF)
    • Install the Receiver: sudo gdebi icaclient_13.2.0.322243_armhf.deb
    • Install the USB Support package: sudo gdebi ctxusb_2.5.322243_armhf.deb
    • Further Optimizations (Optional)
      • Increase Frame Buffer – Section 2.1 in Martin’s blog
      • Switch to using libjpeg62-turbo – Section 2.2 in Martin’s blog
      • Disable H264 Graphics – Section 2.3 in Martin’s blog
      • Disable Mulimedia (HDX Mediastream redirection) – Section 2.4 on Martin’s blog.
      • Overclock your Pi – Run raspi-config to overclock your Pi and get some additional juice.
    • Start Receiver and specify URL to connect to your Citrix Storefront server. At this point you will be prompted for credentials.
    • Now you will have access to your desktops and apps.
  • I did run into an issue with Audio being routed over HDMI and not the headphone jack. To switch this back to the headphone jack, follow the instructions here

Video showcasing Citrix on a Raspberry Pi 2 running Raspian Jessie

Thoughts on Raspbian Jessie

My experience so far with Raspbian Jessie has been good. A little more tweaking and hacking as compared to ThinLinx, which worked out of the box. You get to install the latest receiver though. General performance for productivity apps was great and on par with ThinLinx. The boot was a lot faster than ThinLinx (<10 seconds).

[Best_Wordpress_Gallery id=”4″ gal_title=”JESSIE”]

Final thoughts based on testing so far

Is the Rasperry Pi a good solution for all use cases at the moment? Probably not. Does it fit a majority of the use cases? I would say so based on the testing so far. There are definitely some gaps, like having a power button perhaps (hopefully in Raspberry Pi 3), multi montor support to name a couple. Another major requirement for most organizations out there is Unified Communications, and in most cases, its Skype For Business. Citrix has excelled in supporting Lync and now Skype for Business in a virtualized environment while offering a native-like user experience with out of band peer to peer communication as far as voice and video traffic goes. Watch this video which compares the native vs optimized user experience side by side. One of the pieces that makes this possible is the Real Time Media Engine (RTME) which is installed on the client. Today, there is no RTME client for the ARM processor. You can still support Sype but all the processing will occur on the backend servers. I am sure an ARM based RTME client is on the list of good to have’s for Citrix and its probably just a matter of time, especially with the rapid popularity of ARM based devices like the Pi and Intel Compute Sticks. Hoping my friend and fellow citrite Scott Lane will work some magic to make this happen 🙂 Read this blog by Chris Fleck on why he believes the Raspberry Pi could totally disrupt the PC industry. I tend to agree with Chris.

Whats Next?

I will soon be testing the Raspberry Pi Thin Client Project, specifically the 1.99 release which has Citrix Receiver 13.3 bundled in. I hope to have a follow up blog on this. On the fun side, I plan to build an Arcade Machine for my kids based on the Pi and perhaps even a media center, although I really love my Roku 🙂 Check out some of the fun projects out there based on the Pi. As always I look forward to everyone’s feedback and do comment if you have ideas on future blog topics.

More soon..

George