Partners - 12/11, 2:00 p.m. EST Citrix NetScaler Advanced Webinar

9:28 PM Add Comment
Partners - 12/11, 2:00 p.m. EST Citrix NetScaler Advanced Webinar -

This is the second webinar of the Americas Networking Webinar Series Cloud

[

in this webinar, we will continue to develop NetScaler 101 delivered via webinar on November 24 and will go through the advanced NetScaler capabilities. We will also talk about deploying NetScaler NetScaler best practices and basic and high availability configuration using the Web interface.

NetScaler Advance Features Agenda

  • NetScaler Editions
  • NetScaler DataStream
  • action Analytics
  • Features NetScaler security
  • SPDY gateway
  • multi-path TCP
  • Mobile TCP Experience
  • NetScaler Insight Center
  • deployment Best practices
  • High availability
  • configuration NetScaler

This webinar will not go into detail configuration for each of the modules mentioned above. However, as part of Americas Cloud Networking Webinar Series , we will make about 2 dozen webinars covering each topic in detail

Go to http :. //www.citrix. com / partnercalendar to register for this and all future webinars as they are planned. Your login Partner Central is needed.

NetScaler Advanced Gateway End Point Analysis

8:27 PM Add Comment
NetScaler Advanced Gateway End Point Analysis -

NOTE: NetScaler functionality EPA gateway is available on Windows and Mac desktop platforms only (like May 1 2014).

With the release of NetScaler 10.1.0.1316.e Gateway, Citrix has significantly improved its end point analysis (EPA) capabilities. As a quick introduction to what is new and advanced with the EPA

  • New Advanced Engine EPA with thousands of pre-configured scans
  • Certificate Checks of device

for those who are new to the EPA, this ability let NetScaler Gateway evaluate the input endpoint device for posture, and evaluates policies that define this type of session will be provided to the user, if applicable. Note that a device check is different and complementary to, user authentication. While user authentication ensures that a valid and reliable user access to your corporate resources, machine control ensures that a valid user from a sound device.

In general, as an administrator, you may want to differentiate between users, based on the devices as follows:

  • users from companies owned assets
  • users from personal sound devices
  • users from unhealthy devices

so, as you can see, the EPA is a very powerful concept, and provides granular control in terms of AAA policies and session parameters, depending on the position of the apparatus.

EPA Advanced Engine

NetScaler Gateway had a classic EPA engine, which offered great flexibility and power to the directors in terms of creating scans to detect a variety of things such as versions of the operating system, the presence or absence of certain software, domain join status ... the real power of the classic EPA engine comes in terms of a powerful political editor, who can create analyzes based on the register / Files / process controls and thus provides tons of customizable options.

What this classic motor EPA lacked was out of the box pre-configured scans, an administrator can activate and go

Advanced EPA engine now provides this infrastructure, with the following advantages :.

  • thousands of pre-configured scans, available out of the box
  • New scans are automatically provided, the new software is available
  • easy maintainability, based on analysis that can provide minimal versions. As well as new versions come, admin may not have to go necessarily change the configuration.

Note that the current version of Advanced EPA provides preconfigured analyzes for pre-authentication checks only.

Device Certificate Checks

Device certificates are client certificates are issued to devices, as opposed to the concept of common issuance of certificates to users. As a user certificate identifies a trusted user, device certificate identifies a trusted device.

These certificates are commonly used to distinguish between corporate assets and BYOD assets. Assets belonging to the enterprise can be deployed with a device certificate by the enterprise CA, and the presence of such a certificate, is what identifies / mark the device as an asset of the company. Similarly, the lack of this certificate, mark another device as a possible BYOD device.

NetScaler Gateway now supports devices certificate checks to differentiate between these two classes of devices. Configuration is fairly homogeneous and essentially requires an admin to enable this check, and provide details Enterprise CA is responsible for issuing these certificates. Note that the CA provide information is a critical input, since you do not want to trust user certificates provided by another CA of the company, which could be issued user certificates.

NetScaler Gateway supports the parallel configuration of authentication by user certificate and check device certificate. In such a configuration, user authentication is managed as part of the SSL handshake. Once established, a device certificate verification is performed. Such verification ensures all the obvious calculations about the validity of the certificate, the certificate trust chain, the presence of the private key on the control endpoint and OCSP for corresponding certificates revoked.

So in essence, this version of NetScaler Gateway brings some powerful and advanced EPA to platform capabilities, and provides real value to any director safety conscious.

for a more detailed overview of the new version of NetScaler Gateway, see my previous post.

Ten useful tools - to maximize XenServer

7:26 PM Add Comment
Ten useful tools - to maximize XenServer -

I have put together a page useful tools for the study and profiling Citrix XenServer. It is designed as part of a site that we put in place to help those designing applications for XenServer to test and optimize their environments, but will also be useful for administrators enthusiastic system to identify bottlenecks and implementing performance improvements for XenServer (see my post on XenServer performance tuning). This should be useful for those working with Citrix XenServer for server virtualization or as a platform for XenDesktop, CloudPlatform, Netscaler SDX or similar. In addition to advice on tools to study specific features such as GPU or passthrough vGPU can be found here

So here you go 10 useful tools for understanding XenServer (alphabetical) :.

1. Bonnie ++

This is an open source project that helps to measure and investigate the network load and includes tools to investigate a IO and large creation / deletion of small files file. There are a lot of user guides and blogs on this tool.

2. CPU-Z

CPU-Z can be especially useful if you plan: How to study and use the Turbo mode, C and P United States in XenServer

3. IOMeter

IOMeter is an open source tool, a tool I / O measurement subsystem and characterizing single and clustered systems. IOMeter is an easy way to generate stress on the I / O system and as such can be very useful in product development tests that interact with and generating load on the OVS.

4. iperf

iperf is an open source utility that can be very useful for diagnosing network problems in a XenServer environment. There are many how-to-guides and introductory tutorials available as here.

5. OProfile

OProfile is an open source tool available from http://oprofile.sourceforge.net/news/. Xen specific Vary is currently shipping in XS6.1 versions and upwards. It is detailed here: http://xenoprof.sourceforge.net/xenoprof_2.0.txt

6. vhd-util

vhd-util is an unsupported tool comes with XenServer and as such should never be used as an "API" around which to build an application based on its disposal or stability of the results. However, it is very useful as a tool to work with and VHD snapshots. It can be used to check, display and understand the VHD files including strings of clichés. There is little documentation and you will probably need to refer to using command line by typing "vhd-util" to the XenServer command line and ask for help to the desired option, for example

[root@dot56 ~] # vhd-util
use: vhd-util COMMAND [OPTIONS]
COMMAND: = {create | snapshot | query | read | set | repair | resize | complete | coalesce | change | scan | check |} return
[root@dot56 ~] # vhd-util check -h
Options: -n [-i ignore missing primary footers] [-I ignore parent uuids] [-t ignore timestamps] [-p check parents] [-b check bitmaps] [-s stats] [-h help]
[root@dot56 ~] #

Some additional information is available:

  • on this blog Citrix
  • research in the Citrix knowledge base for " vhd-util "
  • research in the Citrix support forums

7. WinDbg

WinDbg is one of a number of tools available for Debugging Windows guest on XenServer (see link for details)

8. XenCenter

A wide range of settings are available for XenServer including: C-state, P-State IOPS, Latency and much more. Not all of these are enabled by default. The full range of settings available for hosts and virtual machines are described in Chapter 9 of XenServer 6.2 Administration Guide. This chapter also details how you can explore these settings via XenCenter.

9. xentop

xentop displays real-time information on a Xen system. It comes with the Xen tools. This Citrix article details later use: http://support.citrix.com/article/CTX127896.

10. xl

The xl utility is actually a part of the hypervisor Xen upstream developed as open source, such as the utility is not maintained by Citrix XenServer, but Xen.org.

We would generally does not recommend the use of XenServer developer xl regularly to configure test cases or the like because it affects only a portion of toolstack and as such the XenAPI XAPI and not to be aware of the changes that can lead to a very confused toolstack and some rather strange effects.

xl can, however, be of some use for debugging and diagnostics, especially investigative options such as info [-n, --numa] by which you can request information from equipment such as cores_per_socket and threads_per_core and similar data that you can connect or keep in comparative assessments.

I wish to update the page on which it is based blog, please do so to add more to the comments below, or review gotchas known with those I have suggested.

User Search Director

6:25 PM Add Comment
User Search Director -

Hi there!

We hope you enjoy the many benefits of deploying XenDesktop 7 in your environment and have a great time using the troubleshooting and monitoring console - Director ! I wanted to take a little time to describe the most fundamental feature in Director - Research username !!

For a director administrator who is able to easily get the details of the session of a user / machine is of paramount importance. The "Search for users" Manager UI control is designed to provide exactly this capability to administrators.

Helpdesk admins may find monitoring the research on landing page and Helpdesk rest all directors can find both on the landing page as well as on the top right of each page.

In XenDesktop 7, the scope of the research is users . Administrators can search for a specific user by typing a search token in the search area. The search token can be the beginning of the first or the user's name or the name or the display name or account name windows.

For example, consider a user below:

Name - Sai

Name family - Peyyeti

display name - Sai Peyyeti

account name - SAIP

potential research tokens can be "s", "p", "his", "pe", "sai", "pey", "SAIP", "sai p", "sai pe", etc.

Director displays the user above at one of these tokens. Apparently more research slightest token the number of results since it would help to isolate the exact Director user. The search results will look like "display name (Domain Name Account name)"

To help understand this manager is doing when searching for a specific user, we'll talk about what happens behind the scenes. Upon connection manager creates a connection to the global catalog server domain administrator (who logs in Director) and the global catalog server domain the Director machine. In some cases, both the user and the domain of the machine will be identical. In such a case, there will be only one connection to the global catalog server. The reason for opening a connection to a global catalog is because a global catalog is designed to manage and respond to the domain controller requests a faster way. Particularly in a multi-domain scenario, it is faster to obtain information on domain objects from a global catalog server that individual domain controllers.

When a type of administration of a search token manager sends an LDAP query to the global catalog server. The LDAP query translates to - back to all users whose first or last name or the display name or account name begins with the particular token. These results also come in the sort order (sorting is done according to the account name) and returned to the admin.

So many customers asked if my Active Directory is a bit complex and my XenDesktop deployment is not that simple? Director is designed to provide customizations for such deployments listed below. These are provided as configurable application settings in IIS for the manager webapp. You can use inetmgr to start the IIS manager and go into the application parameters of the Director webapp to make these changes. Note that you must restart the Director AppPool to make the changes effective

  1. Disable wide forest research -. By default filmmaker makes a forest search throughout the admin logged Director and machine areas. In some situations, it might not be necessary to obtain large forest outcomes and results of the broad research area might be enough. To do this, create an entry called Connector.ActiveDirectory.ForestSearch and set it to false in the application settings in IIS Director. This solution can also be used in a rare case where the search fails or takes too long because of the subdomains that are not functional in a forest
  2. Added several areas of research -. By Director default global catalog searches the user logged into the admin area and the area of ​​Machine Manager. This can be extended to other areas that are not present in the forests of the domain admin or domain Machine Manager. This can be done by adding a coma (,) separate domain names for input Connector.ActiveDirectory.Domains called. e.g: (user), (server), domain1.xyz. The assumption here is that the forest of the user logged into the domain administrator is approved by the forest of the field also added if different. Director interprets the text "(user)" as "research in the logged in the admin area (forest)" and the text "(server)" as "research in the field of machine manager (forest)" and all other names (braces not necessary) as "research in the field xyz (forest)." As mentioned above research is done on the level instead of the domain forest if Connector.ActiveDirectory.ForestSearch is false
  3. return lessor or more the number of search entries -. By default filmmaker returns a total of 20 users search entries max. Suppose if there is a need to increase the number of results (eg if there is a difficulty to type a specific user name), this can be configured via the UI.GlobalSearchMaxResults entry. This value is set to 20 by default, which is recommended, as it was arrived at the basis of many tests to experience the best user interface.

Hope this information is useful and also provides an overview of how research works Director.

-sai Peyyeti

2014 Predictions Enterprise Mobility Management

5:24 PM Add Comment
2014 Predictions Enterprise Mobility Management -

The predictions are like noses, everyone has them. At the end of the year, it's fun to look back, but it is also good to think ahead and consider next year the old closes. Mobility moves quickly, and where once in technology, we think of 3-5 years, today it is enough just to get a law of the year. I posted some of my 2014 predictions for the mobility of businesses here VMBlog.com. Let me know what you think.

So how do we on the forecast for the previous year? Certainly one of the main areas was predicted consolidation among MDM providers. This began in earnest with the last, began with the acquisition in January Zenprise by Citrix, and capped with Fiberlink purchased by IBM last month. This acquisition makes a lot of sense as IBM moves its Smart Cloud and Fiberlink initiative is all about the cloud. Literally. There will be more acquisitions in the next year too. Of course, some providers of MDM hoping IPO, as reported here, most of the greatest players of MDM still private, but need money to expand offerings and continue the pace of development. All these IPOs will be successful, certainly there is a race to be the first.

Like other predictions, I think that many, including myself, expected that security and containerization would play a greater role than it did in 2013. containerization is used to separate and protect corporate data from staff, especially on phones that users themselves purchased (BYOD). BYOPD still happens, and I think that the adoption of containerization is yet to really take off in 2014. Until recently, there has not been a lot of offers on the market Citrix just released his latest package in June. Those who were outside were expensive or not well integrated in MDM. But containerization gained steady traction and is the most popular version of our tools MDM today. Mainly because it is integrated into the EMM and security global offer.

Well an easy prediction for 2014 is that the pace of change and innovation in enterprise mobility is not letting up. With the advent of wearables, Internet of Everything, the increased use of context, mobile commerce, services you location-based name it. Next year will be another great and interesting year.

Happy holidays in what you celebrate, and good luck to you in the new year.

Phil Redman is Vice President of Mobile Solutions and Strategy at Citrix and is very mobile.

XenMobile: WorxWeb Single Sign On with NetScaler

4:23 PM 1 Comment
XenMobile: WorxWeb Single Sign On with NetScaler -

WorxWeb is the mobile web browser, deployed as part of your deployment XenMobile. Similarly to WorxMail (the client secure mobile messaging) WorxWeb provides seamless and secure access to your entire set of company resources HTTP / HTTPS.

WorxWeb is an excellent example of our MDX technology. With MDX, we take a native mobile application, wrap it with our MDX technology, and provide a layer:

  • applies MDX policies for maintaining the level of application
  • international Monitors and controls access to the application, according to policies defined by the administrator
  • monitor and control network access - MicroVPN - for access to corporate resources

One of the coolest things about WorxWeb, is its ability to Single Sign on users in enterprise resources. So each time you access your internal corporate portal, via WorxWeb, you do not hit your LDAP credentials again. WorxWeb manages for you. Or by technical precision - NetScaler manages for you

There is a conscious choice for the sake of greater security, we do the identification of the user cache information on the endpoint (not by default -. We do not allow basic rules caching, if you choose). So if the credentials are not available on the final point, how this SSO?

NetScaler's the magic.

Initially, when you start any MDX application WorxHome ensures that you have a valid session MicroVPN available with NetScaler. As part of this implementation, the user would need to provide his / her LDAP credentials, assuming that LDAP is one factor configured to authenticate the user on NetScaler. Now, as part of this LDAP authentication, NetScaler is able to access and record the user's credentials for future use without welding SSO on behalf of the user.

So when a user opens WorxWeb, launching say an internal portal page, here's what happens in the background :.

  1. Often the portal page return an HTTP 401 error, indicating that the user authorization is required to access the
  2. NetScaler is aware of this transaction, and seeing a 401 returned intercepts it and responds with the user credentials on the Web server.
  3. If the user's credentials are playing well, and the web server accepts this transaction, it will return the requested page with a status HTTP 0 OK.
  4. This page is then returned to WorxWeb on the end user device. In essence, we have just completed a Single Sign On

Note that the Single Sign On tempted, depends on the following :.

  1. authentication credentials resources are the same as one of the factors in place on NetScaler. Note that the NetScaler ability to replay the user's credentials is intrinsically linked to the assumption that NetScaler has access to these credentials. NetScaler now never stores these credentials on disk, in a similar case that a safe password could do. But in the context of the creation of the session on NetScaler, it stores the credentials used to log on, in the context of the user's session (safely encrypted). And if those credentials match the credentials required for access to resources, in theory, we can achieve SSO.
  2. Above factor is not sufficient to perform SSO. The other thing that is important NetScaler be able to see the challenge 401. NetScaler of the ability to see a 401 is possible if the session being bridged via NS, not end to end encrypted SSL. Therefore, a session is HTTPS, the rear end can not be peeped in, and therefore an attempt to SSO, not possible. That said, NetScaler is an intelligent device, and provides a possible workaround. NetScaler has several modes in which a customer can interact with the NetScaler to achieve real backend resource. Two of them are:
    1. MicroVPN Micro VPN is a complete VPN tunnel, but application specific. In a Micro VPN communications protocol most commonly used in XenMobile, NetScaler suffers from the limitation above - lack of capacity peep in an HTTPS session
    2. SecureBrowse :. In SecureBrowse mode, NetScaler down the HTTPS session in two - Customer NetScaler NetScaler and the backend resource server. In this manner, NS has complete visibility of all transactions between the client and the server. Given this, NS is now able to peep inside and see a 401 in. And whenever 401 is seen, NS can replay the user's credentials for SSO
  3. There is a third factor that comes into play, which can decide on the capacity of NetScaler SSO -. Supported the auth methods. Each challenge 401 lists auth methods that can be used by the client to perform a user authentication. According auth methods supported by the server, and the auth profiles configured on NetScaler, it may or may not be able to provide SSO. Following single authentication methods are supported on NetScaler
    1. HTTP Basic Authentication NetScaler automatically, as long as SSO to Web applications is activated in the session profile
    2. [ HTTP Digest authentication :. NetScaler automatically, as long as SSO to Web applications is activated in the session profile
    3. NTLM NetScaler automatically, as SSO to Web applications is activated in the session profile
    4. Kerberos Impersonation :. This configuration requires the NS for Kerberos SSO. This is explained here
    5. Kerberos Constrained Delegation :. This configuration requires the NS for Kerberos SSO. This is explained here
    6. SAML authentication :. This configuration requires the NS for SAML SSO as part of policy of traffic. This is explained here
    7. Form Fill Authentication :. This configuration requires the NS, for the form-based SSO as part of policy of traffic. This is explained here.

XenMobile is a global mobility management solution, and the power packed with tons of features. This article attempts to provide guidance on just one of these mechanisms.

"New" Citrix Best Practices

3:22 PM Add Comment
"New" Citrix Best Practices -

Overview

He best practices , then there reality ... they told me that for years. Because I think too many people think some best practices are set in stone and should be implemented or followed, regardless of the situation. To be honest, this could not be further from the truth. That's why many professional services organizations (CCS included) use the phrase "it depends." There is also a reason why our legal team at Citrix cringes when we use the term "best practice" ... because to a certain location in a certain client with a certain set of business requirements, this practice we recommended might not really be "better" or really optimal, and it could result mean downtime, disaster, unhappy customers, lost revenue, etc. and the word "best" may end up having legal implications, which is why we tend to use "best practices" in our documentation instead these days. But the point is better or best practices change ... some best practices change over the years ... a "best practice" in a situation with a client could be a bad practice to another customer. It really depends.

For this article, we begin 2014 and as I was doing some thinking on my almost 10 years at Citrix, I thought about what particular Citrix best practices have changed the most over the years. What best practices are old flat-out wrong these days? None of them are actually "new" as the title of my article might imply - but I hear a lot of these "myths" or old common best practices being said or implemented every day. So what follows is a collection of some of the most popular myths and best practices that have most changed dramatically in recent years in this world we live Citrix. I hope this finds everyone well into the new year and please do not be afraid to challenge the leading practices in the future ... the best practices are for change and I create new practices every day. 😉 (The list below is in no particular order by the way.)

Common Myths and "New" Best Practices

  • session Reliability is Bad. I can not tell you how many times in the past, I recommend disabling PMC or the "Session Reliability". Honestly used to encode poorly and eventually causes excessive network traffic and hiding real problems network, while providing little or no use to the end user comments. But after our smart engineers in the UK got a hold of it a few years ago we moved to a less-IMA architecture XD in v5, CGP has changed. and it changed in the right direction. Now we recommend leaving SR / PMC enabled! Check this and this for more info.
  • XenApp VM 2 vCPUs. this was another practice that has for some time there are about 5 or 6 years. But with recent advances in hardware schedulers hypervisor and NUMA awareness, I think we have finally proven it wrong. We are recommending XA VM with larger features VM all the time these days, such as 3, 4 or even 8 vCPUs. Check this and this for more info.
  • PVS Must be physical. Our original position on PVS was to physics. But after setting 10Gb + network, progress around things like LACP and understand how PVS so we can properly size, we almost always recommend virtualizing PVS these days. Check this and this for more info.
  • Isolate the PVS traffic flow. This is still somewhat controversial, especially because we dated technotes saying you should do this for performance or troubleshooting reasons (both invalid reasons in my opinion by the way). But again, with recent advances in virtualization and networking, I would say that there is little to gain from it. Our customers who keep their simple designs usually have the most success with PVS. Find out for more.
  • Only Redirect Some Shell Folders . Not really specific Citrix, and more specific MSFT, but always something I wanted to address from the profile design is near and dear to my heart. We used to recommend that the lever folder redirection for specific records, such as shell and MyDocs AppData (and perhaps in the office, in some cases). But since MSFT re-designed profile namespace there are about 5 years and even told everyone they recommend to redirect all shell folders, we said the same thing. You can discuss the merits of the reorientation AppData, but is a bit beside the point here - we want you redirecting nearly everything you can so that 'ntuser.dat is roaming in and out
  • MCS! You can not scale. I can still hear it said by many people and they do not even know why half the time. MCS can evolve. Especially if you pair it with thin provisioning and IntelliCache. And it does not require or generate 1.6x IOPS compared to MCS as we thought a few years ago (it is more like today 1.2x). Yes, there are still some operational challenges associated with MCS use in a part of the company ... but it absolutely can "scale" and it works fine. And it will get much better in the future, without the complexity of additional infrastructure and configuration introduced in PVS network.
  • Multiple Farms are Bad. I tried to debunk this myth for years. XenApp several batteries are not a bad thing in my mind. Neither are many XD "sites" (really, they are firm, too - we just call them sites). I'm a big believer in horizontal scalability and "pod" architecture for scalability and stability known. We have many tools to manage multiple farms XA these days, too. And with virtualization and hypervisors be mainstream, I will always argue that spinning and management of some additional controllers or controllers These worth over failure caused by trying to vertical scale. Find out for more.
  • 20 virtual machines per LUN must be strictly observed . First, it is a good rule of thumb. But it applies block-based storage only (FC, iSCSI, FCoE, and so on). I see too many people still quote this number or the design using this rule when you use NFS, which is file-based. I also see people designing this rule in mind, but they use vSphere VAAI and a network capable of! Save yourself the nightmare of managing the management of hundreds of tiny LUN - you can probably go a little bigger. Check this and this for more info.
  • Pagefile RAM Should be 1.5x. Thanks again to the assistant, MarkR to debunk this myth for us all. This best practice is probably a decade now, and should never, never be followed! Please ask if you even need the ability of a complete memory dump ... and then do some simple tests and understand what size to make the swap file in your particular environment. Find out for more.
  • SSD and shared storage are the only answer. I still get a ton of questions about whether SSDs are good, bad or ugly ... and if shared or local storage is the way to go. The bottom line is SSDs are still expensive and they are not all created equal in terms of write performance and longevity (yes, prices have fallen and we made some improvements in recent years, but still ...). And shared storage arrays major iron suppliers will always be expensive. This is why many 3rd party companies have sprung up over the last 5 years, the likes of Whiptail, Nutanix, Nimble, GreenBytes, etc. This is also why I think the dynamic storage tiering with QoS and storage virtualization are the future ... many customers get smart in that area and go with a hybrid approach already in terms of combination of SSDs and spinning disks ... and perhaps even using local storage for VDI deployments altogether to save a ton of money (especially when HA or reliability of non-persistent desktops are little interest!). So before you simply buy SSD or the next table million of our friends there at EMC, ask yourself if you really need for your virtualization project. Take a look at the I / O workloads generate first. Analyze your needs again. Look at how it could affect your business model. Or can you perhaps take a more intelligent approach is different this time, contrary to what you have done for the last decade?

Wrap-Up

this last point is probably a good ending because it's sort of the point of this article - i really want to encourage everyone to challenge old ways of thinking and to question some of the best age-old practices. Sometimes we are wrong to Citrix. Sometimes our people CCS could follow or implement the best ancient practices. And if we do, please let us know about it and we will repair. Even leave me a comment below and I will make it my personal mission to repair. And then we'll get communicated throughout our organization and community that the world is a better place.

Have you another "myth" or best practices that you think has changed considerably over the years? If so, please leave me a comment below and I'll either answer or perhaps even add to the above list with an update of the article. I'm a big believer that this kind of transparency can help customers design and partners and implement better solutions Citrix compatible in the future. 2014 will be a great year.

Cheers, Nick

Nick Rintalan, Lead Architect, Americas Consulting, Citrix Consulting Services ( "CCS")

Updated: Registration for the deployment of 1Y0-300 Citrix XenDesktop 7 Review Solutions Summit 2014

2:21 PM Add Comment
Updated: Registration for the deployment of 1Y0-300 Citrix XenDesktop 7 Review Solutions Summit 2014 -

Registration is still open for onsite examinations certification, including the 1Y0-300 Deploying Citrix XenDesktop 7 examination. The test center's capacity was increased due to demand!

Hours Certification Center

Monday 1/13: 13h00-21: 00
Tuesday 1/14: 8h00-15h00

This a few tests that can take up to 4 hours to complete - make sure that you manage your time accordingly. The examinations that require four hours or more to complete the following:

  • 1Y0-300: Deploying Citrix XenDesktop 7 Solutions
  • 1Y0-A22: XenApp 6.5 Advanced [1945004administration]
  • 1Y0-A25: Engineering a Citrix Virtualization Solution exam
The last time to take one of these would 4 pm on Monday. or 10 hours on Tuesday
Sign up: http://www.citrixsummit.com/special-activities/certification-center.html and if you have problems with registration, submit a request Citrix Education support.

Watch Out for Dark Shadows! Side-by-side comparison for HDX 3D Pro and vSGA

1:20 PM Add Comment
Watch Out for Dark Shadows! Side-by-side comparison for HDX 3D Pro and vSGA -

Last week I blogged about what happens behind the scenes with 3D technologies alternative Citrix and VMware. All these technologies seem to solve the same problem, and indeed, may even seem similar in assessments to the untrained eye. Pins are easier and faster to execute and measure, so many people use these applications to do a spot check before switching to real production applications. It is necessary to cut through the hype, and learn different abilities and their relevance to high professional graphics range of use cases. Even for the case of less demanding use, a robust 3D rendering engine provides greater scalability and leads to happy and satisfied end users.

benchmark tests contain several telltale signs that give a pretty good indication of the capabilities, performance, and scalability expected in complex 3D applications in production. Check out these alongside videos that quickly show the strength of the Citrix + NVIDIA architecture. Pay attention to the call-outs that highlight important differences between the two interpretations. On the right side is configured with VMware View defaults vSGA and Max Video RAM (512 MB) on the NVIDIA GRID K2 card. On the left is the comparable K0 vGPU, fueling Citrix XenDesktop on exactly the same type of GRID K2. Videos are recorded when four users simultaneously share the GPU. Click here to see the video:

It quickly becomes apparent that vSGA is unable to leverage the power of NVIDIA GRID card, management of illusion to "smooth" playing at the expense of rendering spotted and image losses. HDX 3D Pro easily offer the expected performance, both in terms of detail and frame rate. In his fantastic blog about how to watch out for shadows during the testing and proof of concepts, Rachel Berry note if you are evaluating vSGA against vGPU or similar, it can be very insightful to put them in place running side coast and play spot the difference. To make an informed decision, beware of tricks these benchmarks can play.

vSGA VMware is designed for knowledge workers, and is not suitable for applications CAD, CAM, 3D modeling and video. The table below shows clearly the major graphics applications that are not appropriate for use with VMware shared 3D technology. It is in fact comes from VMware deployment guide. Furthermore, all applications work well with Citrix HDX 3D Pro using NVIDIA GRID vGPU. For flexible deployment, there are multiple profiles within vGPU and two of these profiles, GRID K100 and K0 vGPU are designed for knowledge workers, as vSGA. However, they exploit native drivers NVIDIA, like other profiles vGPU. This allows K100 and K0 to support complex use cases much better than VMware vSGA (with custom SVGA drivers). This differentiation is critical for enterprise customers looking to meet 3D design engineering requirements with virtualization

Source :. deploying VMware Virtual Machine Graphics Acceleration Guide in May 2013

on the way Citrix Summit 2014 Orlando?

We'll talk more about planning and deployment assessments HDX 3D Pro at the session SUM224 evasion in January 13, at 14 pm at Citrix Summit, Orlando. Do not hesitate to go and say hello.

App Orchestration 2.0 API

12:19 PM Add Comment
App Orchestration 2.0 API -

In December 2013, we issued 2.0 App Orchestration in the Cloud Provider Pack 2. I encourage all our CSP partners to check, download and start using AO to orchestrate and automate your cloud deployments of XenDesktop and XenApp. It has many new features that will make it much easier to scale and manage your business.
Of course, our innovative and imaginative partners will certainly find new ways they would like to use App Orchestration, integrate into existing systems, or to extend to Citrix feature has not yet considered. For this, we have created an accessible API full public that exposes all the functionality available in the App Orchestration.

Of course, an API is as good as its documentation. For this reason, we, from day one, built a full API documentation in the product itself, including documents explaining the high-level concepts and use of the API, all along documentation of the individual methods, the valid properties and values ​​for each property in the API. Each API data structure and includes examples to get you started right away

There are two ways to access the API documentation :.

  1. In App Orchestration system running, point your browser to the following address on the server:

    https: // [server] / cam / api / help

    the advantage of this approach is that you always have access to correct, update documentation for the version of the App Orchestration you have installed. Even if there are changes to the API through versions or patches, you can be assured that you always have the correct documentation.

  2. Download the offline version of the API of this blog. I will also work to get it available for download from the download page Pack Cloud provider. Meanwhile, it is attached to this blog. Just unzip to a folder on your computer, then open the "index.html" file in your browser.
    The advantage of this approach is that you can read through the API before you install App Orchestration.

I would like to hear comments on the API and API documentation we provide. Let us know about your experiences in the comments!

Happy coding!

AppOrchestrationApiDoc.zip

One More Time: Citrix is ​​placed in the Leaders Category IDC MarketScape Software Virtualization Client

11:18 AM Add Comment
One More Time: Citrix is ​​placed in the Leaders Category IDC MarketScape Software Virtualization Client -

I am honored to announce that for the third consecutive time, Citrix was placed in the leaders category of the IDC MarketScape latest report "Worldwide client virtualization software 2013 evaluation of suppliers." Here's a great quote from Brett Waldman, research director at IDC, which summarizes how XenDesktop VDI only different from other vendors on the market

With the introduction of Citrix XenDesktop 7 the company provides a complete solution for applications and virtual desktops, fully integrated into a single platform management ... the market for client virtualization software is not a one-size-fits type of market, and Citrix's ability to provide customers a comprehensive and flexible solution is one of the greatest strengths of the company ... IDC Citrix placed in the category leaders in this MarketScape IDC. Citrix position reflects the leadership and the ability to advance the client virtualization agenda for the rest of the securities industry in society.

Compare XenDesktop vs Horizon View

Download - IDC MarketScape :. Customer Worldwide Virtualization Software 2013 evaluation of suppliers is available from IDC and on the Citrix website

XenDesktop 7 - A unified platform to deliver virtual applications and desktops as mobile services

XenDesktop with FlexCast technology allows you to deliver applications and desktops without the restrictions of traditional VDI - at a fraction of the cost. If you have not already explored the service FlexCast watch this video and see how XenDesktop can help workers and business addresses IT needs

  Citrix XenApp and XenDesktop with FlexCast  
   

As always, please leave your comments.

@vishalg

  • IDC MarketScape vendor analysis model is designed to provide an overview of the ICT competitiveness ability of suppliers in a given market. The research methodology utilizes a rigorous scoring methodology based on both qualitative and quantitative criteria that results in a single graphical illustration of each vendor's position within a given market. The capabilities score measures the provider of the product, go-to-market and execution of short-term business. The score Strategy alignment measurement of supplier strategies with customer requirements in a period of 3-5 years. the supplier's market share is represented by the size of the circles. Vendor year on year growth rate relative to the given market is indicated by a plus, neutral or minus next to the vendor name
  • IDC MarketScape :. Worldwide Client Virtualization Software Vendor Assessment, Doc # 245100, December 2013

New in VDI-in-a-Box 5.4: Improved SSL Certificate Wizard

10:17 PM Add Comment
New in VDI-in-a-Box 5.4: Improved SSL Certificate Wizard -

One of the defining characteristics of VDI-in-a -Box is the all-in-one management console. From a single Web interface, you can monitor and configure all aspects of a VDI-in-a-Box environment. In VDI-in-a-Box version 5.3, a new feature has been added to the Web-based management console: SSL certificate manager. I even wrote a blog last year.

The SSL certificate manager presented a simple point and click method to request a new CA signed certificates, or generate new self-signed certificates. With VDI-in-a-Box 5.4, Citrix has added the ability to import pre-existing certificates through the same graphical interface as well as the opportunity to request or generate SAN (Subject Alternative Name) certificates that are valid for multiple host names.

Ability to import pre-existing certificates allows administrators to use generic certificates they already have, rather than having to request a new certificate to match the hostname vdiManager. Be able to request certificates SAN also provides the greater flexibility administrator. SAN certificate let the administrator to generate a certificate valid for all vdiManagers in a grid, and the address of the grid, while being more affordable than applying for a new generic certificate.

customers VDI-in-a-Box can download version 5.4 now the Citrix Product Download page. Anyone can try the new version by downloading the free trial version. Documentation available on Citrix eDocs. And you can always go to support portal VDI-in-a-Box for all technical information VDI-in-a-Box.

Let us know what you think of the VDI-in-a-Box 5.4 release. Tell us about VDI-in-a-Box support forum, a group of LinkedIn users, or on Twitter @VDIinaBox

For more information on what is new in the VDI-in-a- Box 5.4: / blogs / 2013 / 11/08 / citrix vdi-in-a-box-5-4-release /

XenMobile: - Establishment of the certificate + LDAP authentication certificate on the basis of being in option

9:16 PM Add Comment
XenMobile: - Establishment of the certificate + LDAP authentication certificate on the basis of being in option -

This post is relevant to the Nike (8.6) and above the output XenMobile Enterprise Edition

  • Construction Manager devices: -8.6.33292
  • AppController - 2.9.0_111000
  • Netscaler construction: - NS10.1: build 0.1316 .e.nc

prerequisites for this configuration is that the CA is configured and the settings on the MDM server are made to provide the device user certs

on the AppController> settings> deployment> Edit Add the gateway NetScaler

  • type certificate Set session opening
  • does not require passwords to be unchecked
  • external URL should be set to the URL NSG
  • StoreFront Settings
    • Allow Storefront aggregate AppController Apps: - set to YES
    • server authentication: - Set NO

on the Netscaler, Netscaler Gateway> virtual Servers (prerequisite NSG is already added and configured) > Open the NSG

Add the root certificate of the CA as CA