XenApp/XenDesktop 7.8 – A Big Step Forward In Image Management


Citrix released XenApp and XenDesktop 7.8 on 02/25 and with it came numerous feature enhancements. In this post, I want to focus on two of these features as it addresses a major challenge most Citrix administrators have to deal with today.

The Problem

It is safe to say that every enterprise customer that I work with uses Provisioning Services for XenApp and Pooled VDI for all the management, storage and performance benefits. However, a majority of these customers end up having to manage multiple images (sometimes >10). In most cases, applications are locally installed, in a few cases, App-V is used in conjunction with locally installed apps and in rare occassions, SCCM/LANDESK and similar ESD tools are used. For Pooled desktops, its a combination of locally installed apps and apps delivered via XenApp for the most part. On some occassions third party tools are also used. The net result is that multiple dedicated resources spend most of their time updating these images and managing application updates.

So what does XA/XD 7.8 offer to solve this problem?


I constantly have discussions with my customers around how to solve the problem of image management, and it usually boils down to separating the applications from the operating system as far as possible. XA/XD 7.8 introduces AppDisk, which provides the ability to manage your applications independently of the base image. AppDisk falls under application layering, which has been around for a while now. You can add any number of applications to an AppDisk and the AppDisk can then be tied to multiple machines at the same time running different operating systems. So if you are an Enterprise customer that has multiple XenApp silos today due to different business units requiring different applications for instance and have multiple PVS images that you manage for this purpose, you could potentially cut down to one image for each OS and then use AppDisk to layer the applications thereby making management of the images a lot easier. Not only that, application updates become a lot easier and the maintenance windows will reduce significantly. Also if you wanted to replicate your applications across multiple datacenters, it is as easy as copying these appdisks over.

Integration of AppDisk with AppDNA

There are a number of vendors today that offer layering solutions, including some that partner with Citrix. What truly differentiates AppDisk is our integration with AppDNA. When there are multiple layers tied to a delivery group for instance, AppDNA lets the administrator know how a change in one layer could potentially impact compatibility between layers and can reorder the layers if needed. Similarly, AppDNA can also inform the administrator if an AppLayer is incompatible with a specific OS. So if I were to tie the same AppDisk to multiple delivery groups delivering different operating systems, thanks to AppDNA, you can quickly determine if that AppDisk is compatbile with the target OS. This is truly a differentiator and removes a lot of the guess work and manual labor involved in compatibility analysis.

With all that said, layering is not a one size fits all solution for application deployment. There are various challenges. When you use mutiple Appdisks for instance, it is important to understand the dependencies between layers to make sure the layers can working with each other and there are no conflicts. In large environments, there could be hundreds of layers, each layer having a large number of applications. So management could get complex in those cases. Also, AppDisk is not supported on dedicated desktops today. Also important to note that PvD and Appdisk cannot be used together today

App-V Packages

Another key feature in XenApp/XenDesktop 7.8 is the ability to publish App-V packages that are stored in a network share without needing the App-V infrastructure. The process is no different from publishing a natively installed application. You may ask why even go down this path when you could address most use cases directly with AppDisk. There are a couple of reasons. First, AppDisk does not provide application isolation. So, if you require application isolation, perhaps to run multiple versions of the same application for instance, you would need to use a technology like App-V. Secondly, if you already have your desktop teams leveraging App-V to sequence packages, it makes sense to deploy the same packages within your Citrix environment instead of reinventing the wheel.

Final thoughts

Its human nature to be enamored by the latest shiny toy. But in the case of application management, there is no one size fits all solution. But with the XA/XD 7.8 release, there are various options available for packaging and delivering applications thanks to the tools Citrix added. Does that mean the tools we provide will address 100% of the use cases out there? Probably not. We have a number of partners who add further value through their solutions. Fine examples are Liquidware Labs, FSLogix and Unidesk.

I believe that a lot of enterprise deployments, will continue to deploy core applications natively in the base image, either locally installed or using App-V and the likes. However, AppDisk with AppDNA is a great solution to manage business unit specific applications that were silo’d in the past and increased the infrastructure and operational overhead substantially. To conclude, I would highly recommend that you try XenApp/XenDesktop 7.8 in a lab environment and get familiar with AppDisk and App-V package deployment.


Step by step guide on configuring the Rasperry Pi to deliver Citrix Apps and Desktops to your End Users!


Why The Raspberry Pi?

In working with my customers over the years, end point management is something most struggle with to this day. Some choose to still provide their end users with fat clients, having to figure out how to manage the operating system and applications while making sure the device is secure. This tends to be a daunting challenge both from an operational and financial perspective. Others choose to leverage thin clients when possible but struggle in deciding what the right device is from a price and functionality pespective. A lot of times, they spend upwards of $500 on these thin clients, which still run a Windows Embedded OS that still needs to be managed and in some ways defeats the purpose of a thin client. While this is not true in every case, I would say that the end point management dillema is one of the biggest factors in virtualization initiatives stalling at my enterprise customers.

Over the past couple of weeks, I have been taking a closer look at the Rapsberry Pi. For those of you not familiar with the Raspberry Pi, I would highly recommend you check this out. While the use cases for the Pi are immense, what peaked my curiosity were recent blogs by Martin Rowan and Trond Eirik Haavarstein around how they leveraged the Pi as a thin client replacement for Citrix workloads.

Now before we go further, its important to understand why this was interest to me. First off, the device can be made highly secure by running stripped down Linux OS. Secondly, a Raspberry Pi 2 costs roughly $35. Tack on a case and adequate storage, the device is still under $50. So if there was a way to effectively deliver Citrix workloads leveraging this device, this would be the cheapest thin client out there! Not to mention a simple support and maintenance strategy, GET A NEW ONE! 🙂

How Does One Get Started?

I decided to get myself a Raspberry Pi 2 and give it a test run. I ordered the Vilros Raspberry Pi 2 Complete Starter Kit off of Amazon for around $55 (its around $70 now but price fluctuates). I would highly recommend going for a starter kit, either the one I got or the even more popular Canakit as these include everything you’ll need including wi fi adapter, case, hdmi cable, heat sinks, storage, power adapter etc. I also ordered a couple of additional micro SD cards. I wanted to have different OS builds on each of the cards, making it easy for me to showcase different solutions by just switching the micro SD cards on the Pi.

I looked at ThinLinx, Raspian Jessie and the Raspberry Pi Thin Client Project as potential options, but decided to start with ThinLinx and Raspbian Jessie. Before you get started, I highly recommend you read the this blog by Eric on Running Citrix workloads on ThinLinx and this blog by Martin Rowan on configuring and optimizing Citrix Receiver on Raspbian Jessie.

Approach 1: ThinLinx

Lets start with the ThinLinx build. ThinLinx OS (TLXOS) helps make effective thin clients out of old PC’s, Intel Compute Stick, Intel NUC and Raspberry Pi. TLXOS supports various protocols including Citrix HDX, RemoteFX 8.1, RDP. Intel showcased their NUC devices running ThinLinx at Citrix Summit this year. Check out the video. In addition Rachel Berry wrote an excellent blog about how Citrix leveraged Intel NUCs running ThinLinx for our Demos and Labs at Citrix Synergy 2015.

The process is as follows:

  • Go to this website and download the TLXOS Installer for Raspberry Pi.
  • Connect your micro SD card to your PC and run the TLXOS installer. This will format your micro SD card and copy the TLXOS image on the card.
  • From the same website mentioned above, download the ThinLinx Management Software (TMS) and install the software on a windows test machine. This is fairly lightweight software and can run on a VM as well.
  • Insert the micro SD card with TLXOS into the Raspberry PI and start it up.
  • Run the TMS app on your PC, which will detect the PI running TLXOS. You can configure the PI running through the management software.
  • In my case, I used TMS to make sure Citrix HDX is selected under the “Protocol” section. You could also choose “Web” and run in Kiosk mode if you’d like user to connect in that manner. You can also speficy a name for the device, upgrade software on the device, push SSL certs (required if your backend resources are running internal certs) etc.
  • On the PI, specify the Native Receiver URL. You will then be prompted for your credentials. Once thats set, you are good to go! You should see your apps and desktops, which you can then launch.

Video showcasing Citrix on a Raspberry Pi 2 running TLXOS

My Thoughts on the ThinLinx Option.

ThinLinx adds about $10 to the cost of the solution, bringing it to $69 in my case. However that is still a lot cheaper than your main stream thin clients. In addition, you get complete management capabilities which is absolutely necessary in an Enterprise environment. TLXOS was extremely easy to get going and the functionality was superb both for regular compute and for multimedia. The Citrix HDX protocol on TLXOS supports H264 decode upto 30 fps at 1080p resolution. There was no tinkering to get receiver to work. It just worked! I did notice some artifacts with the mouse cursor (as you might notice in the video) but not all the time. Overall I was very pleased with the simplicity of the solution and the overall performance of Citrix Workloads on TLXOS.

Approach 2: Raspbian Jessie

Raspbian OS is based off of Debian Linux. Jessie is the current version. There are two versions available for the PI – a full desktop image and a minimal image. I went with the full image for my tests. The Raspbian Jessie solution that I tested was unmanaged, unlike ThinLinx. So I had to install the OS, install receiver, tweak parameters to optimize performance etc. Nonetheless, the end result was a great performing thin client. I followed Martin Rowan’s blog for the various tweaks. I will try and outline them once again but wanted to call out that the tweaks were from his blog. So here are the steps:

  • Download the Raspbian Jessie full desktop image from this link.
  • Download Win32DiskImager and install on your system
  • Extract the Raspbian Jessie Image from the zip file
  • Connect your micro SD card to your PC
  • Run Win32DiskImager and use the extracted image as your source and the micro SD as your destination. This will format and copy the Raspian Jessie image on the SD card.
  • At this point, remove the SD card from your PC and plug it into the Pi and boot the Pi.
  • Run the following optimization commands in Raspbian Jessie. Once again, read Martin’s blog for more details.
    • Expand Filesystem
      • Run sudo raspi-config and select option “1 Expand Filesystem“. Reboot the Pi.
    • Run sudo raspi-config and select option “4 Wait for Network at Boot“, then select the option for “Slow Wait for network connection before completing boot“.
  • Install Citrix Receiver for ARM
    • Download Citrix Receiver for ARM (ARMHF) from the following link (under Debian packages)
    • Also download the USB Support package (ARMHF)
    • Install the Receiver: sudo gdebi icaclient_13.2.0.322243_armhf.deb
    • Install the USB Support package: sudo gdebi ctxusb_2.5.322243_armhf.deb
    • Further Optimizations (Optional)
      • Increase Frame Buffer – Section 2.1 in Martin’s blog
      • Switch to using libjpeg62-turbo – Section 2.2 in Martin’s blog
      • Disable H264 Graphics – Section 2.3 in Martin’s blog
      • Disable Mulimedia (HDX Mediastream redirection) – Section 2.4 on Martin’s blog.
      • Overclock your Pi – Run raspi-config to overclock your Pi and get some additional juice.
    • Start Receiver and specify URL to connect to your Citrix Storefront server. At this point you will be prompted for credentials.
    • Now you will have access to your desktops and apps.
  • I did run into an issue with Audio being routed over HDMI and not the headphone jack. To switch this back to the headphone jack, follow the instructions here

Video showcasing Citrix on a Raspberry Pi 2 running Raspian Jessie

Thoughts on Raspbian Jessie

My experience so far with Raspbian Jessie has been good. A little more tweaking and hacking as compared to ThinLinx, which worked out of the box. You get to install the latest receiver though. General performance for productivity apps was great and on par with ThinLinx. The boot was a lot faster than ThinLinx (<10 seconds).

Final thoughts based on testing so far

Is the Rasperry Pi a good solution for all use cases at the moment? Probably not. Does it fit a majority of the use cases? I would say so based on the testing so far. There are definitely some gaps, like having a power button perhaps (hopefully in Raspberry Pi 3), multi montor support to name a couple. Another major requirement for most organizations out there is Unified Communications, and in most cases, its Skype For Business. Citrix has excelled in supporting Lync and now Skype for Business in a virtualized environment while offering a native-like user experience with out of band peer to peer communication as far as voice and video traffic goes. Watch this video which compares the native vs optimized user experience side by side. One of the pieces that makes this possible is the Real Time Media Engine (RTME) which is installed on the client. Today, there is no RTME client for the ARM processor. You can still support Sype but all the processing will occur on the backend servers. I am sure an ARM based RTME client is on the list of good to have’s for Citrix and its probably just a matter of time, especially with the rapid popularity of ARM based devices like the Pi and Intel Compute Sticks. Hoping my friend and fellow citrite Scott Lane will work some magic to make this happen 🙂 Read this blog by Chris Fleck on why he believes the Raspberry Pi could totally disrupt the PC industry. I tend to agree with Chris.

Whats Next?

I will soon be testing the Raspberry Pi Thin Client Project, specifically the 1.99 release which has Citrix Receiver 13.3 bundled in. I hope to have a follow up blog on this. On the fun side, I plan to build an Arcade Machine for my kids based on the Pi and perhaps even a media center, although I really love my Roku 🙂 Check out some of the fun projects out there based on the Pi. As always I look forward to everyone’s feedback and do comment if you have ideas on future blog topics.

More soon..


Citrix Monthly Newsletter – January ’16

General Announcements and News

Citrix Appoints Kirill Tatarinov as President and CEO

Citrix announced that Kirill Tatarinov has been appointed President and CEO, effective January 25, 2016. A veteran Microsoft executive, Mr. Tatarinov will also join the Citrix Board as a director at that time.

Citrix Acquires Comtrade’s SCOM Management Packs IP

The acquisition of Comtrade’s management packs for Microsoft System Center Operations Manager (SCOM) provides Citrix users with comprehensive, end-to-end monitoring, delivering single pane of glass visibility into the entire Citrix desktop virtualization, network and mobility environment. Customers can proactively monitor the quality of the Citrix end user experience and infrastructure health performance across market-leading products, such as XenDesktop, XenApp, XenMobile and NetScaler, all while leveraging the existing monitoring platform.

Citrix and Microsoft Unveil “v2” Solution for Skype for Business

HDX RealTime Optimization Pack 2.0 delivers a truly native Skype for Business UI experience. And it adds numerous features to what was previously available in version 1.8. HDX RealTime Optimization Pack 2.0 is more than just a technology solution. Citrix and Microsoft provide a joint support model for this solution. And each vendor can open trouble tickets with the other vendor as needed.

Our Best Platinum Edition for XenApp and XenDeskop Yet!

This blog post focuses on rolling up today’s keynote announcements that specifically add new value to XenApp and XenDesktop Platinum editions – and by extension, the Citrix Workspace Suite. Collectively, they raise the bar even higher on simplifying the management and delivery of apps, and monitoring and optimizing app, desktop and user performance, and provide compelling reasons to upgrade to our most value-packed edition ever.

Citrix Makes XenApp/XenDesktop & Workspace Cloud Annoucements

Citrix has made several announcements at the company’s Summit, all of which are focused on their XenApp/XenDesktop and Workspace Cloud product lines, offering new features and packages for large enterprises and channel partners.

Mobile payments will account for a third of consumer-to-business transactions in 2016, says Citrix

In a series of predictions for 2016 Mikko Disini, director Product Marketing at Citrix, examines the pace of change in network functions virtualisation (NFV), security and mobile payments.

Chalan Aras Explains Why Company is Uniquely Positioned for SD-WAN

This year should see the mass-market adoption of SD-WAN, a technology that meets the needs of today’s applications by providing large and reliable bandwidth. Citrix has a unique slant on all this, Aras said, given it has offerings and expertise both on the enterprise application front and in terms of Layer 4 through 7 networking products.

Collaboration: With Citrix ShareFile & Microsoft Office Online, It’s Simple

Citrix ShareFile is always looking for new ways to integrate with the intention of increasing the value we bring to our customers. In today’s world, collaboration is the key to getting many tasks done. Citrix recognizes this, and that’s why many Citrix ShareFile customers are taking advantage of the ability to edit Microsoft Office documents directly from the web application through our Microsoft Office Online integration, announced earlier this year (part of Microsoft’s Cloud Storage Partner Program).

Citrix Call Home Technology Preview

Citrix introduced the Call Home (v1) technology in the XenApp 7.6.300 VDA in Sep 2015 to collect a core set of diagnostic data for troubleshooting. This version required manual interaction to upload information to the Citrix Insight Services. Manually interacting with each VDA does not scale for large deployments and forces administrators to develop their own strategies to trigger uploads. This Tech Preview release offers automated scheduled uploads to alleviate this pain-point.

A Running Start for XenServer in 2016

The year started with a significant XenServer product release (v6.5) containing, amongst other things, new product editions, some new features and a raft of performance and scalability improvements. XenApp customers (license holders) were also, for the first time, entitled to use XenServer features without needing a XenDesktop license. Now, all Citrix XenApp or XenDesktop customers have access to licensed and supported XenServer features as a part of their existing Citrix license agreements.

Citrix Workspace Cloud: Broader Reach, New Pricing, Updated Packages

Citrix Workspace Cloud offers the simplest, fastest, and most flexible way to deliver secure mobile workspaces on the market today. Customers offered feedback in how we can improve our pricing and package options. So later in Q1 you’ll see Citrix decrease the annual subscription price for ourVirtual Apps and Desktops package, as well as a reduced price to our Integrated Apps and Data Suite package.

Citrix NetScaler CPX a Lightweight Alternative for Cloud Providers

Citrix NetScaler, a full-fledged application delivery controller (ADC) has recently introduced a new, lighter version of itself. Made to fit in small-scale cloud applications and container-style deployments, the new CPX is a micro-form of NetScaler.

Best Practices/Reference Architecture Documents/Blogs

Deep Dive: XenApp and XenDesktop 7.7 Zones

One of the new features of the 7.7 release of XenApp and XenDesktop is the ability to define ‘zones’ in a site and to place elements from the site into different zones. The motivation behind this feature is described in a separate blog, but this article goes a little deeper into how this all works and what the implications are when you put items such as controllers, hypervisor connections and catalogs into zones.

Deploying NetScaler Gateway in ICA Proxy Mode

This document takes the user through the steps of configuring a NetScaler Gateway and Storefront for a XenApp/XenDesktop VDI solution. The document first describes the steps for configuring the NetScaler Gateway component and then, for configuring the Storefront.

Desktop Notification Tool For Citrix XenDesktop

With Director 7.7, XenDesktop administrators have the capability of configuring policies and conditions that will alert administrators when the configured threshold has reached in the XenDesktop 7.7 environment.

Setting up XenDesktop 7.7 against Microsoft Azure

Setting up integration between XenDesktop and Microsoft Azure  is now a supported integration in 7.7. This integration allow us to provision virtual machines directly from Studio.

How to Deploy Skype for Business & Lync 2013 in VDI Environment

With the release of the Feature Pack 2 for Citrix XenApp and XenDesktop 7.6, we now support audio and video optimization for Microsoft Skype for Business and Lync 2013 Client and Server deployments using the Citrix HDX RealTime Optimization Pack for Lync. This level of Lync optimization is unique in the market. The latest revision of the Optimization Pack adds support for MAC endpoints in addition to our support for Windows endpoints and 32 bit Linux endpoints.

Integrating Citrix XenMobile with Azure Active Directory

With the release of Citrix XenMobile 10.3, we are providing integration with Azure Active Directory (Azure AD) to modernize enterprise mobility on Windows 10. With this integration, we are simplifying the MDM enrollment flow for Windows 10 devices. When a user joins their Windows 10 device to Azure AD, it will automatically be enrolled with a management server (i.e. Citrix XenMobile).

SSO to Office365 with NetScaler Unified Gateway

This blogpost shows you how-to configure Office365 as a SaaS Application in a Citrix NetScaler Unified Gateway. We will also make use of a SAML Based Authentication to realize a Single Sign-On experience. To get this working it is necessary that your Office365 Account is configured as a SAML Service Provider.

Director 7.7: Managing and Configuring Alerts & Notifications Using Powershell

With Director 7.7, you have the capability of configuring policies and conditions that will alert you when the configured threshold is breached in a XenDesktop 7.7 environment. This post will help you configure your proactive alerts and notifications using the POSH cmdlets.

Proactive Troubleshooting & Predictive Trending with Director 7.7

It may be difficult for admins to constantly monitor the Director console for issues, but it’s important, as problems can arise at any point in time. So, what can we do? Using the Proactive Notifications and Alerts feature, not only an administrator can be notified when an issue arises, he can proactively look for warning signs by configuring thresholds and severity against conditions.

XenMobile Security Considerations

Over the course of the last year or so, I have been hearing IT organizations of all shapes and sizes focused more and more on one key concept … SECURITY! If your organization is like many of those we have been working with lately, you are probably wondering which of those knobs to turn and checkboxes to select so that your XenMobile deployment is ‘secure’. Or maybe you just want to know what other customers are doing on this front and what you should be thinking about.

Turbo Charging Performance with PVS 7.7

We snuck something into the 7.7 code that can really improve target device streaming.  And it’s not like streaming performance was poor before, it’s just better now. Why? The key PVS driver, which takes over after the bootstrap, is now optimized for multi-core systems.

SCOM Alerts in Citrix Director

With Director 7.7, you can view the alerts from SCOM server for various management packs on director. This will help the XenDesktop admins to manage the infrastructure on which the XenDesktop is built upon without needing to go to another console like operations manager console.

Support Articles/Security Bulletins

XenApp and XenDesktop Servicing Options (LTSR) FAQ
Lync/Skype Autodiscovery Support – HDX RealTime Optimization Pack 1.8
How to Install XenDesktop/XenApp 7.x Controller Hotfixes
XenApp Servers Do Not Start Automatically After Disabling Maintenance Mode on Delivery Group
XenMobile Enterprise set up in double-hop DMZ deployment.
XenMobile 10.3: How can VPP apps be installed on devices without having Apple id configured.
Webcams Not Working in XenDesktop, Being Redirected as Optimized USB
FAQ: Connection Leasing in XenApp/XenDesktop 7.6
How do I Configure HDX Insight?
How-To Configure NetScaler to do Content Switching to LoadBalance DNS Requests to different DNS Servers based on Domain Name’s
How to Configure LDAP Authentication on NetScaler
How to Create a New Citrix Account ID/Org ID

Upcoming Events

2016 HIMSS Annual Conference & Exhibition (Mar 29 – Apr 4, 2016) – Register Now
Citrix TechEdge (May 23, 2016) – Register Now
Chicago User Group Community (Feb 4, 2016) – Register Now
Netscaler Master Class (Feb 3rd, 2016) – Register Now
5 Things VMware Doesn’t Want You to Know About Horizon View…(Feb 11, 2016) – Register Now
XenApp and XenDesktop Tech Update (Feb 17, 2016) – Register Now
Delivering Apps as a Service Courtesy of Central IT (Feb 25, 2016) – Register Now
Secure Remote Access to Windows, Web and SaaS Apps (Recorded) – Register Now
Desktop and Apps Master Class – January (Recorded) – Register Now
SDN Update: Customer Strategies for Software Defined Everything (Recorded) – Register Now

Citrix Lifecycle Management: A step by step walk through of an automated deployment on ANY cloud!


Citrix released Citrix Workspace Cloud (CWC) earlier this week. Most people I talk to agree that CWC is one of the most innovative solutions in the industry right now. You can read more about my thoughts on CWC here.

In this post, I want to focus on one of the components of CWC namely Citrix Lifecycle Management (CLM). CLM provides customers and partners alike an orchestration and automation engine that they can use to build an end to end infrastructure that meets industry and their own best practices on ANY cloud.It also helps you manage and monitor the environment as well as conduct operational tasks and upgrades.

What is truly great about this solution is that CLM is not limited to deploying Citrix infrastructure. It can be used to deploy Microsoft infrastructure (AD, SQL etc), partner solutions (Atlantis USX, LoginVSI, Xangati etc) in addition to Citrix infrastructure (XenApp/XenDesktop/Netscaler/Storefront etc). There are various blueprints that are already pre populated and the list will continue to grow. In addition customers and partners can create their own blueprints based on their own best practice. Because blueprints are leveraged, deployments are easily reproducible and error free. For instance, a senior architect could develop a complex blueprint and then once complete, hand off to a junior resource who could very easily deploy the same blueprint anywhere he pleases with consistent results. From a partner perspective, this makes deployment of solutions extremely simple and consulting engagements and proof of concepts should end up being much more successful and predictable.

In the next part of the blog, I would like to walk through an on premises deployment of an on premises XenDesktop POC that I built leveraging CLM.

Once you log into CLM. The first thing you want to do is to go ahead and define your resource zones. Today CLM supports the resource zones listed below. In my case, I leveraged an on premises XenServer 6.5 host.

Resource Zones

The next step in the process is to install the CLM connector on Windows Server 2012 R2 server. This is similar to a CWC deployment. The connector is what facilitates communication between the CLM orchestration engine and your resource zone. Once the connector is installed, you define the connection details for your host and you are all set. As you can see from the screenshots below, I defined two resource zones in my lab, both XenServers.

connector install


Screen Shot 2015-08-25 at 9.34.37 AM Screen Shot 2015-08-25 at 9.35.01 AM

Screen Shot 2015-08-25 at 9.35.06 AM

Now that we have our resource zones, the next step is to go through the blueprint catalog and pick the one we want to deploy. As mentioned earlier, there is a pretty good list of blueprints already available and this list will continue to grow over time. Once you know the blueprint you’d like to use, you click the “+” symbol to add the blueprint to your library.


blueprint catalog For the purposes of my test, I used the XenApp and XenDesktop Proof of Concept Blueprint and added it to my library. The blueprints that I choose will show up under the “Design and Deploy” tab. Within “Design and Deploy” you now click on “Actions” next to the selected blueprint and choose “Deploy”. Note that you have the ability to edit, clone or share the blueprint if you want to. This will allow you to customize the blueprint as you please.

Design and Deploy

Once you hit “Deploy”, you are provided a description of the blueprint along with the various infrastructure components. After reviewing the details, click “Start Deployment Setup” and give the deployment a name. You can also choose an existing deployment profile if you’ve gone through this process before.

Deployment Overview

Deployment Name
As part of the template I chose, I have some additional options like providing a KMS Server address, configure a Netscaler, create a server VDI instance etc. I have stuck to the defaults for the test. I also specified the resource zone that I would like the solution to be deployed on.


Next, you’ll see a pre deployment checklist based on the resource zone you selected. Review this carefully!! One of the key pieces to having this work properly is to make sure you have a Windows Server 2012 R2 template ready on your XS host. Below are some things to keep in mind:

  • Make sure the image is sysprepped with the /generalize /shutdown /unattend options. Use the unattend file to provide login credentials among other things. A sample unattend file can be found here.
  • Make sure RDP access is enabled in the template
  • Make sure the Windows Firewall allows outbound connections on port 443
  • Install the latest XenServer tools and reboot the machine as many times as needed to ensure the process is complete.

Pre Deployment checklist

On the next screen, hit edit on each of the VMs and define the various parameters. Some of the key things you need to make sure include selecting the right VM template, NIC and providing the correct credentials. I have included screenshots for one of the VMs below.







After going through the configuration for each of the VM’s hit “Next” and provide additional configuration parameters in relation to the domain, XenDesktop and computer names. You can also import a config file to fill these parameters. Once complete, give the deployment profile a name and description.

Additional Parametes

profile name

On the next screen, review the configuration and hit “Deploy”. This starts the deployment process. If you look at your hypervisor host you will notice that VM’s being to get created.

Final Deploy Screen

Next click on the “Manage” tab and click on your current deployment to check the progress of the deployment. You will obtain a detailed breakdown of each step of the process.

Deployment progress

Deployment progress2You will also be notified via email as each VM is successfully created and also when the whole deployment is complete.




The entire process in my case took about 2 hours on really old hardware. I will be redoing this test in the coming weeks on much faster SSD drives to see how much time I can shave off.

In addition to allowing you to deploy solutions, CLM also has inbuilt monitoring and alerting. You get a snapshot of how the VMs are performing and you can also set thresholds for the alerts.


CLM also allows you to define operational tasks such as installing updates, running certain scripts etc right from within the CLM engine. These tasks can also be scheduled.


You can also define rules for dynamically tearing down, scaling up and also failover/fallback rules with the CLM engine. In the future I plan to play around with these a little more.

Scale and Redundancy

Final Thoughts

I am truly excited about the potential this platform holds and the value it brings to customers and partners. CLM helps automate the deployment, manage and monitor the environment and tear down whether you want to deploy just within your datacenter, a public cloud, private cloud or a hybrid cloud. In other words it helps through the entire lifecycle of a deployment. The simplicity of the platform along with the blueprints ensures that you dont need to have expert level skills on any of the solutions to deploy the blueprints. I would encourage everyone to try it out. I am sure if you do, you will end up being just as impressed as I am today!



















Geo Maps for HDX Insight (NS Insight Center 11) – Overview and Configuration

NS Insight Center 11 was released earlier this month, and with this release Geo Maps is now available for HDX Insight. It was earlier available for Web Insight only. For those of you not familiar with HDX Insight, it is a tool from Citrix that provides end to end visibility from an end user experience perspective for ICA connections that are proxied through the Netscaler. So for instance, if a user reported a slow Citrix session, HDX Insight would help you determine if it is a client side issue (workstation/ISP etc), server issue, application issue, network issue etc. It also provides breakdown on how the bandwidth consumption within the ICA channel (printing/usb/screescrapes). More information on HDX Insight can be found here.


With the 11.x release of NS Insight center, a new feature called Geo Maps has been added to HDX Insight. Geo maps as the name suggests provides a pictoral representation of all the locations from where users are connecting from. By click on any location, you get a summary of the end user experience metrics for that region. This helps you identify performance issues isolated to a specific region quite easily. In addition you can also quickly determine if users are connecting from regions that you dont expect and thereby potentially mitigate a security threat. Geo Maps is an extremely neat addition to HDX Insight and a feature that will greatly benefit customers, specially customers with employees spread across the globe!



Installation and Configuration

My focus in this blog is the configuration of Geo Maps. For basic instructions on how to install Netscaler Insight Center, please refer to this edoc

With regards to Geo Maps. Below are the steps that you need to follow:

Download maxmind “GeoLite City” data base (http://dev.maxmind.com/geoip/legacy/geolite/)

2015-07-28_15-50-14Upload database to NS Insight Center (dat file) under Configuration –>Netscaler Insight Center –> Geo Database Files


Also, you need to check “Enable Geo data collection for Web and HDX Insight”  for the Device added in the inventory.





Once you’ve followed the steps above, reboot Insight Center and you should be all set. I am yet to test whether Geo Maps shows up under Director as well. Will update the post once I have more information on that. Hope this helps!


Chromebook + Citrix Receiver For The Win!


The IT landscape has changed a lot the past 5 years. Security is the top concern of most enterprises that I deal with, some being constantly attacked/hacked on a daily basis. IP theft is a major concern with executives and top engineers travelling around the world with highly sensitive data. Up until recently, the options were pretty limited. Typically IT departments provide travelling users encrypted laptops that are fairly locked down, and users leverage VPN to access enterprise applications.The data  still resides on these laptops. In a scenario that the laptop is compromised, not only could there be IP theft, but with the VPN access, a malicious user could connect back to the corporate network and cause havoc. There have been a number of incidents in foreign countries where laptops have been stolen and data breached.

A Chromebook running Citrix Receiver is a great option to solve this problem.

Chromebooks are secure by design

First off, Chromebooks are inherently secure due to the following reasons:



Since each application on a chromebook runs in a restricted sandboxed environment, if that application is compromised for whatever reason, it cannot affect other applications that are running or the base OS in any way. The threat is effectively contained.

Verified Boot

When a chromebook boots, it does a check to make sure the system has not been tampered and that there is no corruption of any sort. If it detects either of the two, it will try to self heal and if that fails, the system wont boot.

Data Encryption

While you don’t typically store data on Chromebooks. they still have built in TPM chips which ensure that any data that is cached on the device (browser cookies, temp files etc) are fully encrypted and protected

Device Management


Another benefit of using Chromebooks is that they can be fully managed via the Chrome Management platform. Every OS feature and every Chrome browser function can completely controlled and locked down.

Citrix Receiver for Chrome

I purchased my first chromebook about 18 months ago and remember feeling so underwhelmed back then with the device. I didn’t like the fact that offline capabilities were very limited. The display options were not that great compared to a regular ultra-book. When it came to accessing enterprise applications using Citrix Receiver, again there were some limitations in terms of capabilities as compared to Windows/Mac/Linux.

Chromebooks have certainly come a long way since then, In addition to having addressed display and other hardware limitations and being extremely secure as discussed above, they are also enterprise ready by enabling end users to be productive, thanks to Citrix Receiver for Chrome.

Citrix Receiver allows users to securely access all their enterprise applications running in the datacenter. In addition, users can be subjected to various posture assessments prior to providing them access to the resources thanks to the Netscaler, which acts as a secure reverse proxy for all Citrix traffic. Depending on the results of the posture assessment, granular controls can be applied, for instance an authenticated user connecting from a trusted device (appropriate av definitions/service packs etc) and a trusted network can be allowed to print and map drives while a user who fails the assessment can be provided a read only environment with no ability to print/clipboard/map drives.

While we’ve had HTML5 Receiver for Chrome for a while now, the latest version (1.7) is extremely feature rich including USB redirection, file upload and download, access to google drive, bi directional audio, h264 video rendering, clipboarding, printing. These features provide users the same experience that they are used to on a desktop/laptop while providing a much more secure and mobile platform.

All in all, I strongly believe Chromebooks running Citrix Receiver is the perfect solution for enterprises trying to find the most secure and mobile solution for their travelling users. If you havent yet tested a Chromebook, I highly recommend you do! The Toshiba CB35 is a great choice!



Synergy 2015 – A condensed recap of everything you need to know!

For those of you who were not able to attend Citrix Synergy this year & dont have the time to sit through the key note recordings, I decided to put together a condensed version of some of the key announcements. So here goes!

Citrix Workspace Cloud

  • Citrix hosted control plane that enables customers to deliver a comprehensive mobile workspace to end users.
  • Gives customers the flexibility to host workloads on premises, in public or private clouds.
  • Control plane also provides end to end monitoring of user connections.
  • Evergreen infrastructure since Citrix maintains all core infrastructure components.
  • Workspace Cloud Connector installed on premises on a Win 2k12 server that establishes SSL communication between control plane and customer environment. Used to talk to infrastructure components like Active Directory and hypervisors hosting workload
  • General Availability in Q3

I wrote a blog on CWC and the value proposition a month back that you can find here.

SYN 217 –  Workspace Cloud – Technical Overview [Video]


Citrix Lifecycle Management

  • Comprehensive cloud based service that can be used to design, deploy and manage both Citrix and other enterprise applications.
  • Based on the ScaleXtreme technology.
  • Lifecycle Management enables customers/partners to deploy infrastructure not only on premises but also public/private clouds (resource locations)
  • Customers/Partners have the ability to create blueprints to automate infrastructure deployments end to end. Examples of blueprints include a XD deployment for instance where you could not only install all the XD infrastructure but also automate the installation of all supporting infrastructure like Active Directory, SQL etc.
  • Vendors have the ability to create blueprints as well that can then be consumed by customers and partners alike.
  • Customers/Partners also have the ability to incorporate scripts (new/existing) into the deployment.
  • Once a blueprint is developed, its added to a library. Any resource within the library can then be deployed to a resource location (on premises, public/private cloud)
  • Another key benefit of the Lifecycle Management technology is the ability to automate application upgrades.
  • General Availability in Q3

X1 Mouse


  • Citrix announced the X1 mouse at Synergy which allows users to pair a mouse with Citrix receiver on an iOS device, works with any XA/XD app/desktop.
  • iPad paired with an X1 mouse and a bluetooth keyboard offers users a complete mobile workspace.
  • X1 mouse available now


  • Xenapp 6.5 maintenance extended till end of 2017, EOL extended till 06/2018. Details here
  • New Feature Pack for XA 6.5 (enhance storage performance, Lync support enhancements, UPM enhancements, Director “Help Desk” troubleshooting”, Storefront 3.0, Receiver.next)
  • XenApp/XenDesktop 7.6 FP2  (End of Q2)
    • New Receiver X1
    • Lync 2013 on Mac
    • Touch ID Support
    • HDX with Framehawk
    • Native Receiver for Linux
    • Linux Apps and Desktops (Redhat and SUSE support)
    • Desktop Player for Mac 2.0 (June)
    • Desktop Player for Windows (Tech Preview)

SYN 233 – Whats new in XenApp and XenDesktop [Video]

SYN 319 – Tech Update for XenApp and XenDesktop  [Video]

Receiver X1

  • Single Enteprise App Store from Windows, Mobile, Web and SaaS apps
  • UX lives on a server, you decide when, and if, it changes. Citrix will still release new versions of the client (bug fixes etc), but customer is always in charge of the UI across clients on ALL platforms with a consistent look and feel.
  • Customer logos and color schemes – but also deeper changes like
  • Click-through dialogs or messages of the day; integration with back end approval systems or links to your service status dashboards.
  • Ensure that certain applications are hidden, highlighted or float to the top of search results. All of these things are possible, and many remarkably straightforward. Changes will apply to receiver on all platforms.
  • App Categories: Grouping of applications based on business units with custom skin and showcased on home screen. Applications grouped based on keywords within Studio.

Citrix Receiver and Storefront Demo from Keynote [Video]

SYN 321 – Whats new in Receiver [Video]


  • Realtime collaboration with HTML 5 and Chromebook – WebRTC technology, H264 encoding (H2, 2015)
  • New graphics stack for HDX, new algorithm,  20% more users/server, 30% lower bandwidth (based on tests conducted with LoginVSI medium workload)

Keynote Demo – HDX [Video]

SYN 230 – HDX Update: Whats New [Video]

SYN 324 – HDX: Refresh you basic and advanced knowledge [Video]


  • Layered disk with apps for both XA/XD
  • AppDNA is integrated for compatibility checks with different delivery groups (Server and Desktop OS)
  • Integrated into Studio for easy management
  • Limited Tech Preview in Q2, Beta in Q3.

XenServer 6.5 SP1

  • Pricing
    • USD 625 Std/socket
    • USD 1250 Enterprise/socket
  • Double density – 1000 VM/host
  • CoreOS and Win 10
  • Docker containers support
  • Best in class graphics
  • GPU config via UI
  • GPU pass through for Linux VMs
  • In-memory read cache usage visibility within XenCenter
  • Supplement pack installs from Xencenter

SYN 219 –  Whats new in XenServer 6.5 [Video]


  • Cloudbridge Virtual WAN  – increase bandwidth, reduce costs, allows you to aggregate an internet broadband link and MPLS link to create a low cost active active WAN network. Failover from one link to another possible in <1msec
  • Internet Broadband 5% or less cost compared to MPLS
  • Netscaler Control Center – OpenStack, CloudPlatform, Vmware, ACI, OpenAPI
  • Netscaler Unified Gateway (Feature of Netscaler 11)
    • Single URL for all forms of access
    • Each logon point can be fully customized
    • SmartControl – SmartAccess controls on NS as opposed to various farms
    • Consolidate Gateway SSL VPN infrastructure
      • Web Apps
      • SaaS
      • VPN
      • VDI
      • Client/Server
      • SmartPhones
  • Netscaler 11 to be released end of Q2

SYN 212 – Software Defined Networking delivered by Citrix and Cisco [Video]

SYN 309 – Whats new with Netscaler Gateway in 11.0 [Video]

SYN 210 – Scale WAN bandwidth while increasing reliability with Cloudbridge Virtual WAN solution


  • MDX App Updates
    • Containerized SalesForce App
    • WorxTasks – Outlook task synchronization
    • WorxChat – Containerized Lync client, first release will have instant messaging and presence. Future releases will incorporate audio/video capabilities.
    • Slidestream – Mobile presentations from iphone with controls from iwatch
  • Dynamic Containerization – Containerize any application available in the App Store dynamically. No need to obtain ipa/apk and wrap via MDX wrapping tool.

Video demonstrating Dynamic Containerization

SYN 304 – Managing Corporate and Employee Devices with XenMobile [Video]


  • Restricted Storage Zones – Customer keeps encryption keys, metadata and file encryption
  • Sharefile Platinum Edition(June)  – Includes RightSignature, Unlimited Data Storage
  • Office 365 Integration – Open Sharefile documents right within Office apps and save to Sharefile.
  • iWatch integration – Dictate speaker notes and present
  • DLP Integration – Symantec DLP

SYN 201 – Data Loss Prevention and Enterprise File Sync and Sharing [Video]

Mark T announcing Sharefile Platinum Edition


  • Free Edition for upto 3 users
  • Instant Join via HTML 5
  • Active Directory Integration & Single Sign On

Citrix Melio

  • Clustered File system, Non-blocking storage, allows concurrent read/write access from two or more servers to one or more storage pools at block level
  • Active/Active Storage Access
  • Block level mirroring between nodes as opposed to asynchronous replication
  • Continuous availability of data without replication
  • Core technology behind Workspace POD
  • Storage agnostic – any disk
  • Workload aware QoS
  • Geo clustering in a Multi Nodal architecture
  • Product Editions (Available now)
    • VDI edition
    • Enterprise Edition – Geo distributed and HA for Citrix PVS

Citrix Concierge

  • Real time communication with a person right within an app (video/audio/chat)
  • CoPilot
    • Enable Agents and Customer to interact in 4 diff ways
      • Share real time contents of your mobile screen with agents
      • Provide agent dynamic info of device (network info, battery level, OS info etc)
      • Share camera
  • Tech Preview Available today (iOS and Android).
  • Concierge integrated into upcoming GTM version (GTM with mobile screen sharing) which allows screen sharing from iOS device.

Citrix Concierge Desktop and Concierge Pilot [Video]

Citrix GoToMeeting with Mobile Screensharing [Video]

Workspace Automation

  • Cloud hosted
  • “Leveraging the power of IoT for a better workspace experience”
  • IoT enables IoE (Integration of Everything)
  • Project Octoblu can run on very small devices, completely self contained. Can also run behind a firewall or in the cloud.
  • Can talk to physical devices, sensors, apps, business processes etc.
  • “Flow designer” – Graphical – shows in step by step how a flow should work.

SYN 222: Meet Octoblu: A new IoT Platform from Citrix

Workspace Hub

  • Single Stick with VGA and HDMI connectors, dual WiFi and low energy Bluetooth chips
  • Workspace hub takes video feed from mobile device and output that to connected screen. It also connects workspace to local printers and other attached devices. When the mobile device leaves premises, the workspace is transferred back to the device away from the workspace hub.
  • When user with mobile device walks into a room with a Workspace hub, the hug advertises itself and mobile device can connect to hub.

Citrix Workspace Hub [Video]

Citrix Workspace Office [Video]

Citrix Workspace Pod

There was not a whole lot of new announcements around Workspace Pod other than what was announced at Summit. However the hardware vendors that are part of this ecosystem has expanded. For those of you who are not familiar with this offering from Citrix, Dane Young wrote an excellent blog on Workspace Pod that is a must read! The video below provides a great overview of the technology as well.

SYN 322 – Technology, Architecture and Solutions Design [Video]

Citrix Newsletter – April ’15

General Announcements

Citrix Offers Customers the Key to Securing Their Confidential Information

Citrix announced it is simplifying the way sensitive documents are shared. Citrix ShareFile customers can now send encrypted emails from Microsoft Outlook to secure the content of messages in compliance with industry regulations such as HIPAA. Since the capability works from within the inbox, emails can be securely exchanged with clients and vendors without disrupting current processes. The capability, tailored for small and medium-sized organizations today, joins data protection innovations like ShareFile Restricted StorageZones for enterprises in a portfolio of Citrix solutions designed to meet the needs of businesses of all sizes – from small to large.

Citrix Powers “Always-On” Branch Workspaces

Citrix announced the CloudBridge Virtual WAN Edition, which reduces the cost of delivering applications, documents and IT services to branch offices by up to 80 percent, while ensuring nearly 100 percent application availability. The new CloudBridge Virtual WAN solution provides businesses with the flexibility to employ multiple cost-effective WAN technologies, offering the ability to scale WAN bandwidth at dramatically lower cost than traditional approaches. The solution also ensures the best possible user experience by securely sending mission-critical, delay-sensitive data over the highest performing path. The new CloudBridge Virtual WAN solution extends the CloudBridge platform and its integration with the company’s HDX and application acceleration technologies, to offer the most cost effective and highest performance solutions for securely delivering mobile workspaces with the applications, documents and IT services people need to work better in remote and branch offices.

Citrix Sponsors OpenStack Foundation To Help Drive Cloud Interoperability Standards

Citrix announced that it has become a Corporate Sponsor of the OpenStack Foundation. By joining the foundation’s community of contributors, Citrix demonstrates its continued commitment towards driving interoperability among standards-based cloud platforms and meeting the increasing demand for choice and flexibility in private, public and hybrid cloud solutions. NetScaler™ and XenServer™ solutions from Citrix are used as core infrastructure for some of the largest cloud infrastructure providers in the world, and this announcement brings the power of these products to customers choosing to build their clouds on OpenStack.

Feature Pack 1 for XenApp and XenDesktop 7.6 is Now Available

Citrix continues to add more functionality to our feature-rich, industry-leading XenApp and XenDesktop product lines with the release of Feature Pack 1, which is now available for download on Citrix.com.

While efforts for Feature Pack 1 were publically announced at Citrix Summit, our annual channel partner conference in January, today XenApp and XenDesktop customers with active Subscription Advantage (SA) or Software Maintenance (SWM) as of March 25, 2015 will be eligible to enhance their existing app and desktop virtualization solution

Citrix Expands vGPU Hypervisor Support

A large user base of Citrix XenApp and XenDesktop continues to be successfully deployed and officially supported on VMware’s popular vSphere hypervisor for non-graphics workloads. Citrix will offer the same level of quality support to customers who deploy XenApp or XenDesktop for NVIDIA GRID vGPU, starting from day one that VMware vSphere 6 is generally available (March 12, 2015) with the capability.

Announcing the DesktopPlayer for Windows and Mac Tech Previews!

After Citrix released DesktopPlayer for Mac last year, one of the major capabilities customers asked for was support for Windows devices, which would allow users to run DesktopPlayer on MacBooks and Windows laptops and PCs.

This customer feedback reinforced our vision for client virtualization and, as a result, we accelerated development of extending the functionality of DesktopPlayer for Mac to Windows devices. At Citrix Summit 2015, we announced and demonstrated a forthcoming preview of this solution with the DesktopPlayer for Windows Tech Preview. Today, we are excited to announce the availability of the DesktopPlayer for Windows Tech Preview!

This Tech Preview adds Windows platform support to DesktopPlayer by enabling users to access a local virtual desktop on their Windows laptop or PC, regardless of wireless network conditions – or even if no network connection is available. Moreover, the Tech Preview preserves existing user data, apps, and settings with an easy, non-disruptive install. Users can also switch between local (DesktopPlayer) and hosted (XenDesktop) virtual desktops with ongoing synchronization of data and profiles for a seamless experience on any device.

VCE Announces a new VDI Integration Service for Citrix that Accelerates Mobile Workspace Deployments

VCE announced a new VDI integration service for Citrix that accelerates mobile workspace deployments by combining app and desktop delivery from Citrix XenApp and XenDesktop with the power of NetScaler SDX. With this announcement, VCE and Citrix are drawing upon our industry leadership and strong partnership to offer our mutual customers a simple rapid path to app and virtual desktop delivery via private or hybrid cloud, with users enjoying an unmatched experience with the freedom to work from anywhere.

Best Practices/Reference Architecture Documents/Blogs

An Introduction To Session Recording (XA/XD 7.6 Feature Pack 1) – Installation, Configuration and User Experience 

On March 31st, Citrix released the much anticipated XenApp and XenDesktop 7.6 Feature Pack 1. Among the goodies included, one of the new additions in terms of functionality is Session Recording. For those of you who are new to what session recording is, I recommend this blog by Paul Murray. At a high level, session recording allows organizations to record on-screen activity within a published application or hosted shared desktop. While the benefits are fairly obvious, some of the most common use cases for auditing purposes, troubleshooting application issues, understanding workflow within an application and potentially improve processes and lastly compliance purposes. What I am covering in this blog is how to get your feet wet with the product by setting up a single server session recording environment and test functionality. I will not address HA, scalability and other design considerations in this article. Please review edocs for details on these.

Citrix Director Tool: Automated Daily and Weekly Custom Report Emails

This post, we details how you can send custom reports as email in addition to built-in reports available in the Director Trends page.

Citrix XenApp vs VMware Horizon – User Experience

Have you ever been running late for a meeting, but you first needed to modify a PowerPoint, print a document or transfer a file to a USB device? Every second that passes feels like an eternity. But even without the pressure of being late, a system that lets you complete your work faster is perceived as better and has a higher user acceptance.

NetScaler Troubleshooting with Citrix Insight Services

Citrix has developed tools and online analysis capabilities to help you collect environment information, analyze that information and receive tailored recommendations based on your Citrix environment and configuration.The tools are focused on a single mission–data collection–and their impact to your environment is minimal in terms of disk space, prerequisites and performance impact during the data collection process. Citrix Insight Services analyzes the data captured in the support bundle and provides you with Tailored Recommendations, specific to your environment. To leverage Citrix Insight Services, you’ll need to harvest a NetScaler tech support bundle.

Taking DaaS to the Next Level: A New Cisco-Validated Design for Citrix-Based DaaS

Deploying and scaling a business-ready Desktops-as-a-Service (DaaS) environment can become time-consuming and complex, particularly across multiple datacenters and clouds. Citrix and Cisco understand that management scale and simplicity is critical to the service provider business model, and have teamed to develop a new DaaS solution architecture as a Cisco Validated Design (CVD) titled “Desktop-as-a-Service for Service Provider 2000-Seat Virtual Desktop Infrastructure”. The complete CVD for Citrix Service Providers is available here. It gives service providers an excellent starting point for implementing a comprehensive DaaS solution. This blog summarizes the solution architecture, its components, and the testing performed to provision tenants and subscribers.

Now Available: The XenMobile 10 MDM Migration Tool!

Citrix released the migration tool to move from XenMobile version 9 to version 10. This is now available for download at MyCitrix.com. The Migration tool is embedded in the XenMobile 10 Server and the option can be selected during theFirst Time Use configuration.

Now LIVE! The Citrix XenApp Migration Web Service Beta

Designed to simplify the XenApp migration experience, Project Serenity is an easy-to-use web service you can use to help your existing XenApp 6 or 6.5 customers extract their current farm configurations (settings and policies) and select the specific configurations they would like to import into a new XenApp 7.6 site using their MyAccount credentials.

Spring Forward to Receiver for Windows 4.2.100

Citrix billed Receiver for Windows 4.2 as the best ever Receiver for Windows due all the great new features we were able to add.  Since the release of Receiver for Windows 4.2, we on the Citrix Receiver team have listened to your feedback and have worked on making further improvements, so that more of you can take advantage of its advanced features. Citrix is pleased to announce that Receiver for Windows 4.2.100 is now available with more than 45 fixes and enhancements to help you get the most out of your Citrix XenApp and XenDesktop experience.

XenMobile Timeouts: How Do They Work?

This blog focuses on WHY we would configure timeouts one way or another to get the balance between user experience and security that we are after.

Smart Card Configuration Guidance

A 237 page Smart Card configuration document, entitled “Configuring Citrix XenDesktop 7.6 and NetScaler Gateway 10.5 with PIV Smart Card Authentication” has been published and is now available as PDF on Citrix.com. The guide’s intent is to describe how to configure a smart card “test environment” from beginning to end. It covers smart card configuration with XenApp, XenDesktop and NetScaler Gateway.  The document includes an introduction to the problem set and marches its way through detailed configuration guidance including certificate management and numerous screen shots of configuration settings.

What’s in a Name? (The Art of Renaming a Site Database)

Ever wondered if it’s possible to rename your existing FMA Site Database without making a complete mess of your environment? No?? It turns out it’s a relatively simple matter, but one that requires a few more steps then you might initially think…

XenApp/XenDesktop Site Design (v2015)

In this blog, the author talks about FMA Site Design, which applies to both XenApp & XenDesktop 7.x, which use the FMA architecture. The author tries to shed some light on some interesting designs we’re doing in the field when there is more than one data center.

Guide for Microsoft Lync 2013 in VDI environment

With the release of the Feature Pack 1 for Citrix XenDesktop 7.6, we now support audio and video optimization for Microsoft Lync 2013 Client and Server deployments using the Citrix HDX RealTime Optimization Pack for Lync. This level of Lync optimization is unique in the market. While the optimization pack is the best way to deliver Lync to end-users in most scenarios, XenApp and XenDesktop also provide additional options which should be considered as part of the project planning phase. This deployment guide discusses all options in detail, provides best practice recommendations and step-by-step installation instructions.

UDP Audio Through A NetScaler Gateway

Citrix Receiver can now use User Datagram Protocol (UDP) to support audio remoting of a XenDesktop session through a Netscaler Gateway. This blog details some of the configuration specifics.

Support Articles/Bug Fixes

Upcoming Events

Feb 19 – Jun 23 Seminar Series: Managing the Unmanageable: How to Secure the Enterprise

Join us at this live security-focused seminar series to learn about how to secure sensitive data on managed and under-managed devices, measures that enforce security across unmanaged apps and network, models that control access to sensitive data, specific to application usage and access, and how to develop and enforce policies to “manage the unmanageable.”

Register Now  |  Download Invitation  |  Contact for More Info

Mar – May 7 In-person Master Class Seminar Series: Protect Your Mission Critical Web Apps With Citrix NetScaler

Join us for this in-person master class. We will demo and discuss best practices to secure your network and apps against threats.

Register Now  |  Download Invitation  |  Contact for More Info

Ongoing (Tuesdays, Thursdays) Weekly Deminars: Citrix Workspace Suite

Take a close look at the capabilities of Citrix Workspace Suite in these twice weekly technically-focused, demo-led webinars.
Register Now  |  Contact for More Info

Ongoing (Wednesdays) Weekly Deminars: NetScaler

Join us to understand how Citrix NetScaler can empower your organization with the most comprehensive set of application security, acceleration, load balancing, and monitoring tools.

Register Now  |  Contact for More Info

Ongoing (Wednesdays) Weekly Deminars: Empowering Mobility with XenMobile and ShareFile

See how Citrix can empower your organizations to provide secure, remote access to company resources through mobile app and device management as well as data sharing.

Register Now  |  Contact for More Info

On Demand Webinars

Solution Webinar: Move From Cisco ACE to a Software Defined World

Solution Webinar: Discover the Power of Application Centric Infrastructure

Master Class: How to Upgrade from XenApp 6.5 to XenApp 7.6

Solution Webinar: How to Effectively Replace BlackBerry Devices and Gain User Acceptance

Master Class: NetScaler VPX. Spotlight: Admin Partitions

Solution Webinar: Mobile Workspace Delivery – Any App, Any Device, Any Network, Any Cloud

Solution Webinar: Top Use Cases for App Virtualization

Solution Webinar: How to Build a Solid BYO Policy and Mitigate Security Risks

Solution Webinar: Don’t Settle for “Good Enough” Email for Mobile Employees

Solution Webinar: Managing the Unmanageable: The Network Security Perspective

Solution Webinar: One Company’s Journey to Mobilize Their Workforce with Enterprise Mobility Management

Master Class: NetScaler Deployment Modes and Server Load Balancing

 Master Class: What’s New in Citrix XenMobile 10.0

Solution Webinar: Enable SDN and Dev Ops with Cisco ACI and Citrix NetScaler

 Desktop Master Class: Deliver Microsoft Lync with XenApp and XenDesktop

 Solution Webinar: 5 Things VMware Doesn’t Want You to Know About Horizon View


An Introduction To Session Recording (XA/XD 7.6 Feature Pack 1) – Installation, Configuration and User Experience


On March 31st, Citrix released the much anticipated XenApp and XenDesktop 7.6 Feature Pack 1. Among the goodies included, one of the new additions in terms of functionality is Session Recording. For those of you who are new to what session recording is, I recommend this blog by Paul Murray. At a high level, session recording allows organizations to record on-screen activity within a published application or hosted shared desktop. While the benefits are fairly obvious, some of the most common use cases for auditing purposes, troubleshooting application issues, understanding workflow within an application and potentially improve processes and lastly compliance purposes. What I am covering in this blog is how to get your feet wet with the product by setting up a single server session recording environment and test functionality. I will not address HA, scalability and other design considerations in this article. Please review edocs for details on these.

Components: The Nuts and Bolts

So what makes up the session recording infrastructure? There are essentially six components:

  • Session Recording Agent – This piece needs to be installed on every Server OS machine that is used to publish applications and hosted shared desktops. The session recording agent is the component responsible for capturing the on screen activity, recording it and transferring the content to the recording server.
  • Session Recording Server – There are two components that make up the session recording server namely the broker and the storage manager. The broker is responsible interacts with the session recording player and handles requests for files, search queries etc and also interacts with the session recording policy console to make sure the appropriate recording policies are enforced for every XA/XD session. The storage manager as the name suggests is responsible for managing the recorded session files received from the recording agents.
  • Session Recording Player – This is a windows player that allows authorized users to view recorded sessions. Users also have the ability to search for sessions via the recording server and play them back.
  • Session Recording Database – SQL database that stores the recorded data.
  • Session Recording Policy Console – The policy console allows an administrator to define policies governing the sessions that are recorded and the ones that are not and also whether the users are informed when the session is recorded. You can filter based on server, user groups etc.
  • Session Recording Authorization Console – The session recording authorization console allows administrators to enable Role Based Access Controls. For instance, you can specify who is allowed to view recordings, who can modify policies etc.

Installation: So how do we get this thing to work!

After having gone through the process of installing and configuring session recording, I have to admit that its not the typical next -> next -> next process. You have to pay attention to the instructions and make sure all the pre-requisites are in place. Else you will be going back and forth a number of times. All the installation components are available as a single zip file via MyCitrix under the XA/XD FP1 download section. Once you extract the zip file you will find three folders as shown below. I will walk you through the installation of each of these components.



 Session Recording Administration Components

Under the Session Recording Administration Components, you will find two files, “SessionRecordingAdministrationx64” and “Broker_Powershellsnapin_x64”. You can choose to install all the session recording administration components on a single server or split them up. I installed all the components on a single Windows Server 2012 VM in my environment. I believe you can install these components on Server 2008 R2 as well.

The Broker powershell snap-in allows you to script various parameters of session recording and configure options via command line. Its a straightforward installer with nothing to configure as part of the install process.

“SessionRecordingAdministrationx64” installer is what installs the core infrastructure and there are a number of gotchas that you have to take care of prior to running the installer:

  • On the windows server you plan to install the administration components, make sure the following Windows server components are installed:

Screen Shot 2015-04-01 at 1.06.16 AM

  • Make sure you have access to a SQL server (Express, 2014, 2012, 2008 R2) and make sure the NT Authority\System account has sysadmin SQL server role permissions. I used SQL 2012 Express Edition and I installed it on the same server.
  • Having SQL Management studio installed really helps as well!.
  • If you install SQL server on a stand alone server you need to make sure SQL Server Browser service is running and that the TCP/IP protocol is enabled under the SQL server Network Protocol configuration.
  • You need to download and install certain components from the  SQL Server 2008 R2 SP3 Feature pack namely SharedManagementObjects and CLR Types. You can find the download here
  • Make sure a valid computer certificate is present on the server. The recording server uses SSL/HTTPS by default for communication (and rightly so)

Once you’ve got these pieces installed (I really wish these were documented better as I had to waste a lot of time during the configuration process) you are all set to run the installer. Some screenshots below:

Once all the components are installed, you need to run the Session Recording Server Properties executable which allows you to configure a number of parameters such as the folder where the recordings are stored, which certificate to use for encryption, file threshold parameters and session duration, allow playback of live sessions and what notifications (if any) is sent to the user when a session is being recorded. Below are the screenshots.


sessionrecording3 sessionrecording4 sessionrecording5 sessionrecording6 sessionrecording7


The next step is to run the Session Recording Authorization Console and make sure the appropriate users are given access to administer the environment.



Now, run the session recording policy console and define the appropriate policies to filter what server/user sessions are recorded, whether they are notified and which sessions are not recorded.

sessionrecording11 sessionrecording12


And with that, the server components are installed and configured!

Session Recording Agent

As mentioned earlier, the session recording agent needs to be installed on your server workloads that are used to publish applications and desktops. In my case I used a server 2012 machine with the XD 7.6 VDA installed that was a template for my server workload deliver group. You need to install ASP.NET and the Microsoft Message Queuing (including subcomponents) features prior to installing the agent. Once the agent is installed, launch Session Recording Agent properties and specify the recording server name/ip address and the port that is used by the recording server.




Session Recording Player

The player needs to be installed on a desktop OS, Windows 7 in my case. No special configuration is required while running the installer. Once the installation is complete, you need to launch the session recording player and go into Tools –>Options to specify the recording server info. Once this is configured, an authorized user can search for user sessions and play back recorded sessions.

player1 player2 player3 Player4 Player5 Player6 Player7 Player8 Player9 Player10


User Experience

If notification is turned on via policy, the user will notice a warning message (customizable) every time they launch an app or hosted shared desktop. This obviously can be disabled.




Director Integration


Session Recording can also be integrated with Citrix Desktop Director whereby recording can be turned on or off for a specific user session. To enable this integration, run the following command on the server running Director and specify the session recording server and protocol information.

C:\inetpub\wwwroot\Director\tools\DirectorConfig.exe /configsessionrecording


While the installation process was a little tedious, once its up and running, it is an extremely useful tool with minimal configuration moving forward. I have installed the agent in my Server workload template and control whether a session is recorded or not via policy. Works like a charm! I would highly encourage everyone to try out this functionality and provide feedback.

Citrix Workspace Cloud – Forget the sausage making process, just eat it!

If you think back how managing a Citrix environment used to be about 10 years ago, a typical Citrix administrator had one product to worry about – Metaframe/Presentation Server. Even with that single product, administrators found it difficult to maintain Citrix environments due to the effort it required. Fast forward to 2015 and now the infrastructure supporting our Mobile Workspaces has many moving parts (XenApp, XenDesktop, XenMobile, Sharefile, Netscaler). Planning and completing infrastructure upgrades in large organizations can take months and sometimes years.

Wouldnt it be nice if someone could magically make all of the Citrix infrastructure a black box so to speak that you didnt have to worry about so your valuable resources can start focusing on the things that mattered to the business as opposed to working on mundane operational tasks. In addition, wouldnt it be nice to always be evergreen and have the latest and greatest features at your disposal as opposed to waiting and figuring out how to upgrade your environment. These challenges are exactly what Citrix plans on solving with Citrix Workspace Cloud (CWC).

CWC is a hosted control plane that is fully supported end to end by Citrix. It includes all the infrastructure components required to deliver a mobile workspace to the end user. An IT admin would be able to launch a web based management console and provision a workspace that encompasses windows apps, mobile apps, windows desktops, data and manage their mobile devices all from a single pane of glass. The customer would still maintain the supporting infrastructure such as Active Directory, DNS etc thereby maintaining the security boundary that most require. Additionally there is no requirement for a VPN tunnel between the Citrix Control Plane and the customer’s data center. Instead the Workspace Cloud Connector is installed on a Windows server in the customer data center that communicates via SSL with the Citrix Control Plane. Citrix will also handle lifecycle management which will help customers automate the entire infrastructure deployment by providing you blueprints that follow industry best practices. The solution will also include end to end monitoring capabilities for your infrastructure and provide you true visibility into how resources are being consumed.

CWC makes total sense for an SMB customer or a mid-market customer with limited resources to administer their IT environment and probably have limited infrastructure to host these solutions. Such customers typically prefer an on demand hosted model where they pay based on consumption, which is exactly what CWC is! But how about Enterprise customers who have large dedicated Citrix teams who have very defined processes and workflows. I would argue that there is a place for CWC even in that space. Most enterprise customers have multiple Citrix farms/sites, some of mine having upwards of 30 XA/XD farms/sites. Now if you want to design a totally redundant and highly available infrastructure, think of the number of servers involved and the operational challenges on a month to month basis. With CWC the IT organization would be able to reduce their data center footprint and reduce OpX significantly.

CWC can also be looked at as a great DR solution. Many of my customers today spend millions on hot standy DR data centers that are rarely actually utilized. What if you could setup the barebones DR infrastructure leveraging CWC and then spin up additional capacity only in a true DR scenario. This could lead to significant CapX and OpX savings.

I have always been a proponent of new technology solutions, but only when it makes business sense to my customers. I believe CWC is promising in that regard and for that reason I am truly excited for what the future holds!

If you plan on attending Citrix Synergy 2015, be sure to take a look at my recommended sessions this year. There are some great sessions by Joe Vaccarro, Harsh Gupta and the rest of the CWC team covering the solution in depth. Watch out for some awesome announcements too!!!

– George