Blog

  1. Maximising value from your Citrix XenApp/XenDesktop licenses

    Maximise Citrix XenApp and XenDesktop licensesJason Poyner, Technical Director, Deptive.

    Great, you’re an existing Citrix customer. Pat yourself on the back for your wise purchasing decision. You’ve got a bunch of XenApp or XenDesktop licenses, but are you making the most of your existing investment? To figure this out you will need to find out 3 things:

    What Citrix product are you licensed for?

    XenApp or XenDesktop? The answer may be surprising, just because you’re only running XenApp doesn’t mean you have XenApp licenses. XenApp licenses are included with XenDesktop Enterprise & Platinum licenses so it’s entirely possible you have XenDesktop licenses – especially if the licenses were purchased within the last 2-3 years.

    What product edition are you licensed for?

    XenApp comes in Advanced, Enterprise and Platinum editions, while XenDesktop comes in VDI, Enterprise and Platinum editions. Each edition provides you with access to different features and/or products. See the XenApp and XenDesktop Feature Matrix for more information.

    Do you have active Citrix Subscription Advantage (SA)/Software Maintenance (SWM)?

    Subscription Advantage/Software Maintenance provides customers access to the latest product version updates made available during their membership term, so if you have current SA/SWM you have access to the latest version of XenApp/XenDesktop at no additional (Citrix licensing) cost.

    Even if you have let your Citrix SA/SWM elapse, you may still be able to upgrade at no cost – check the Citrix Product Subscription Advantage Eligibility Dates table to determine your upgrade eligibility.

    Based on these three pieces of info there are way too many unique combinations for me to cover here, so I’ll concentrate on the top 6 ways we help our customers make the most of their existing Citrix investment.

    1. No cost Citrix product upgrade:

    Let’s keep this above board; I’m referring to Citrix licensing costs only. An upgrade may well incur Microsoft Windows, Office and RDS CALs license costs, but if you’ve got current Citrix Subscription Advantage (or your SA elapsed after the release of the version you want to migrate too – see point 3 above) you have full entitlement to the latest version of XenApp and/or XenDesktop. Just login to MyCitrix.com and re-allocate your license file – you may need to upgrade your Citrix license server to make use of the new licenses. Now give these guys a call to help you design and build your new XenApp/XenDesktop environment – I hear they’re very good 😉

    2. Drastically reduce the management effort and increase consistency:

    One of key benefits of XenApp/XenDesktop isworkload provisioning. Ok, so what does that really mean? Most of us who have been in the Citrix game a while know that managing a large, or even not so large Citrix environment has some challenges. Consistency is one issue; how do you ensure users get a consistent experience as they connect to different Citrix servers/desktops? How do you quickly and consistently add capacity? How do you easily rollout new applications and updates, and how can you easily rollback those changes? Citrix provide two ways to remove these headaches which means your IT staff spend less time building, troubleshooting and maintaining the environment, and your users get a consistent experience. Citrix Provisioning Services (PVS) and Citrix Machine Creation Services (MCS) provide this virtual desktop management nirvana. To get your hands on PVS you need XenDesktop Enterprise, XenDesktop Platinum, or XenApp Platinum. For MCS, you’ll need XenDesktop (any edition), or XenApp 7.x. If you’ve got the right product/edition, there is no additional licensing cost for MCS or PVS. For more information on PVS, see this Deptive blog.

    3. Faster logins, less profile corruptions:

    User profiles are a common source of issues in any desktop environment. In a Citrix environment where users are roaming between XenApp servers, profile management is even more important. Citrix Profile Management is included with all editions of both XenApp and XenDesktop so get in and start using it now.

    4. Increase adoption:

    A lot of Citrix customers use XenApp only, and while we find XenApp will deliver apps and desktops to 80% or more of users, there are some use cases that don’t fit with XenApp – such as:

    • 16-bit apps: Since XenApp 6.0, XenApp runs only on 64-bit Windows Server. If you have a 16-bit application you either need Windows Server 2003, or a 32-bit desktop OS.
    • Resource intensive apps: With XenApp users are sharing CPU and memory which means that one user can impact other users. Generally this is not a major issue, but some applications are very CPU and/or memory hungry and as not ideal candidates for XenApp.
    • Requirement to install applications: If users need to be able to install applications, then XenApp is out. They need their own OS.

    For those users who fit into one of the above scenarios, XenDesktop can be used to introduce VDI and compliment XenApp. With VDI each user has their own Windows Desktop OS which gets around the above limitations of XenApp. XenApp and VDI are only two of Citrix’s five “FlexCast” desktop delivery options, so if you’ve got other use cases, chances are one of the FlexCast models will fit. You will need XenDesktop Enterprise or XenDesktop Platinum to take advantage of all the FlexCast models. If you’re one of the many Citrix customers who has XenDesktop Enterprise or Platinum licenses, but have only deployed XenApp, then you’re all licensed up for XenDesktop. If you have XenApp licenses you’re not completely left out; Citrix have a trade-up to XenDesktop program which reduces the cost associated with moving from XenApp to XenDesktop.

    5. StoreFront:

    We’ve all been using Citrix Web Interface for many years now, but Web Interface is no longer being developed by Citrix and will be end-of-life in August 2016. StoreFront is the successor to Web Interface, and like Web Interface, it’s free. StoreFront allows you to create an enterprise app store where users can browse available applications and choose those applications required for their role. I believe the most useful StoreFront feature is allowing laptop users and mobile device users to roam between your internal network and the internet and access their Citrix applications using the same method. For laptop users, then can mean using the same start menu shortcut in the office sitting at their desk, and when working from home at the dining room table.

    6. App-DNA:

    When you are considering upgrading OS, upgrading applications, installing new applications or upgrading/changing internet browser, App-DNA is your friend. App-DNA will analyse your Windows or web apps against your target OS or browser and provide an in-depth report on compatibility, and can even provide fixes. This knowledge is invaluable for estimating the effort required for a project, and for architecting an application and desktop delivery solution which will meet your requirements. App-DNA is included with XenApp Platinum and XenDesktop Platinum.

     

    Note: This blog post is the 2016 updated version of a post by the same name published on 23 October 2014.

  2. Considerations and Best Practice for a BYOD Policy

    Jason Poyner, Technical Director, Deptive

    While not every organisation has a formal BYOD programme, every organisation should develop policies regarding the use of personal devices for work. These policies provide a framework for BYOD working, and need to address factors including:

    1. Eligibility: Identify who can use personal devices for work and scenarios where it is inappropriate due to data security or worker type, for example. In enterprises that allow a BYOD device to replace a corporate endpoint, this decision is typically optional for the worker and it’s a management decision to allow or decline its use.
    2. Allowed devices: BYOD programs should allow people to use whatever type of device best meets their needs. Inclusivity of devices is a cornerstone of great BYOD.
    3. Service availability: Think about the services and apps you want to make available on BYOD devices and whether they differ by work groups, user types, device types and network utilised. BYOD needs to be tailored to specific needs.
    4. Rollout: Provide guidance to help people decide whether to participate, choose the right device and understand the responsibilities that come with bringing their own device, including how data can be accessed, used and stored. BYOD will make their lives easier, but they need to understand how it works.
    5. Cost sharing: Some organisations provide a subsidy for BYOD devices and other services, especially in cases where a corporate device is no longer provided. Think about your options, and what will work best for you and your people.
    6. Security: Confidential business information should reside on the endpoint only in isolated, encrypted form, and only when absolutely necessary. Multi-layered security should include granular policy-based user authentication with tracking and monitoring for compliance; control over print capabilities and client-side storage; and mandated antivirus/anti-malware software. IT should consider remote wipe mechanisms if business information is allowed on the device.
    7. Support and maintenance: Spell out the type of incidents IT will support and the extent of this support. A loan pool of devices allows uninterrupted productivity during service, especially when a BYOD device is used in place of a corporate device. Consider providing key personnel with additional, concierge-style support.

    Note: This blog post is the 2016 updated version of a post by the same name published on 20 November 2013.

  3. Desktop Virtualisation – Viable for New Zealand Businesses?

    Jason Poyner, Technical Director, DeptiveJason Poyner, Technical Director, Deptive

    These days I find most CIOs are familiar with the benefits of desktop virtualisation (whether VDI, or otherwise), but the costs involved are a lot less clear. There have been significant developments on the storage side in the last few years, particularly with hyperconverged infrastructure (HCI), hybrid and all-flash arrays, and RAM cache for Citrix Provisioning Services (PVS), so it’s timely that Citrix have released the Virtual Desktop Acquisition Cost Analysis White Paper.

    In writing this blog I want to supplement the US perspective in the whitepaper with our own Kiwi viewpoint.

    Virtual desktops and PC desktops – not comparing apples with apples!

    For the majority of our NZ customers, their desire to move away from traditional PC-based desktops is led by business need. The most common drivers are reducing the effort required to manage PC-based desktops, enabling local teleworking, providing off-shore partners with desktops, and enabling IT to become more agile. But for most organisations even the best new technology requires a costed business case. If you need to get into the numbers – this white paper is for you.

    More about the benefits of desktop virtualisation.

    Key differences for NZ businesses

    The white paper uses an example of 2,500 desktops, which is a size we’re quite used to working with, but don’t be put off if you have substantially less than that – a number of our current customers have less than 100, or a few hundred desktops.

    Ironically, smaller companies, particularly with around 100 desktops often find desktop virtualisation highly cost-effective, as they already have the server hardware that is capable of supporting a desktop virtualization infrastructure. In this case it might just be licencing, client devices and software that we need to consider.

    Is there a minimum number of users to make Virtual Desktops viable?

    In short, there really is no minimum – it’s more about your business use case. For example, what is the value of your senior managers or account managers being able to access company/customer data whenever and wherever they are?

    For many clients there’s a financial trigger that sets the wheels in motion – the need to upgrade the desktop operating system being the classic example. With Windows 10 upgrades on most CIOs’ radars, they know the cost is coming and have a reasonable budget already set aside – it’s about spending the upgrade budget in the smartest way.

    Desktop virtualisation VDI

    It’s a common misunderstanding, but desktop virtualisation doesn’t necessarily mean VDI (virtual desktop infrastructure). VDI is just one method of achieving desktop virtualisation. The ‘Virtual Desktop Acquisition Cost Analysis’ white paper covers Citrix options for server-based desktops, pooled VDI and personal VDI – and the different capabilities and costs associated with each of them.

    What about storage?

    In the white paper, Citrix has generally taken a good approach to storage by utilising SSD drives within the local physical servers. This approach is excellent for non-persistent virtual desktops, and an approach we have used at Deptive since 2012. Non-persistent virtual desktops write temporary data with heavy write IOPS to disk, which is an expensive workload to cater for on traditional SAN storage.

    For persistent virtual desktops (Personal VDI) and other persistent data such as user profiles, user data and Provisioning Services virtual disks, shared storage is required. The ‘Virtual Desktop Acquisition Cost Analysis’ white paper takes a simplistic view of cost per GB to calculate shared storage costs. In reality, the shared storage costs could range from a big $0, to six-figure values and beyond.

    As noted earlier, a small company may well have existing shared storage they could use, so there would be no additional cost for this. But if your current storage is inadequate, SAN (Storage Area Network) storage for desktop virtualisation can get expensive due to the IOPS requirements. A game-changer technology here is hyperconverged infrastructure.

    With hyperconverged infrastructure, your compute and storage are integrated into the server, so you’re not paying separately for storage costs. This is why we find customers keen to talk about hyperconvergence. You get very high performance and linear, building-block scalability, without the large price tag of traditional SAN storage.

    For those wanting to stick with a traditional server and SAN architecture, the recent proliferation of modern storage vendors offering hybrid and all-flash storage arrays provide plenty of options with the IOPS grunt required for persistent virtual desktops. And without the level of investment required only a few years ago.

    We work closely with leading-edge providers of hyperconverged infrastructure, including Nutanix and Atlantis Computing, plus Nimble and Pure for ‘modern SANs’.

    Desktop Virtualisation Costs Two guys at laptop

    Image management

    When using Citrix XenApp or XenDesktop for desktop virtualisation, one of the largest benefits is from the image management provided with Citrix Provisioning Services (PVS) and Machine Creation Services (MCS).  Both give you one place to update your image for 100s or even 1000s of desktops. This alone can massively reduce IT management costs, plus increase agility (IT can roll out changes more quickly and also can roll back if necessary).

    Some comments on costs of desktop virtualisation used in the white paper

    The useful XenDesktop Savings Calculator  which is mentioned in the whitepaper allows you to analyse different prices for each item, and different scenarios for your company’s desktops.  Here are a couple of pointers for our local market:

    Client devices

    The example in the white paper assumes US$100 per client device excluding keyboard, mouse or monitor, which is a bit on the low side for New Zealand. A more realistic figure is probably NZD$300 – $600 +GST per pure thin client device. Although for a real bargain, have a look at what can be achieved with Raspberry Pi2 and ThinLinx.

    BYOD

    The whitepaper assumes zero cost for BYOD devices. However, there are many different ways to operate a BYOD policy. Often in New Zealand, it’s a mixed (optional opt-in) arrangement. If employee opts into the BYOD policy they are usually given a lump sum every three years to buy a device that meets set criteria. Currently around $2,000 – $2,500 is the norm in NZ.

    We’re here to help

    Desktop Virtualisation is viable for New Zealand businesses both large and small, but its new territory for many IT departments, let alone other areas of the business. If you want to talk about VDI, Provisioning Services, SAN, or hyperconvergence to get a better sense of the cost of Desktop Virtualisation in your organisation, we’re very happy to help.  An important part of our job is to provide whatever you need to confidently lead the change.

    Summary

    Key take-aways :

    • Keep the big picture in mind: whilst the focus of this post and white paper are on costs, organisations primarily move to desktop virtualisation for the benefits that it brings.
    • You may already have enough storage today for desktop virtualisation.
    • Desktop virtualisation doesn’t necessarily mean VDI – there are different flavours and different costs associated with them.
    • The cost of desktop virtualisation has dropped because new technologies have made storage and ongoing management much more efficient – especially hyperconverged infrastructure and Citrix Provisioning Services (PVS).
    • The white paper is a good high level view, but the devil is often in the detail and that is where it pays to work with an experienced partner, to ensure the best user experience, resulting in maximum benefits to the business, including lower IT support costs.

    If you’d like to have a chat about your situation, just get in touch via the contact details below. We’ll guide you through all the options.

    Related content

    Virtual Desktop Acquisition Cost Analysis White Paper

    XenDesktop Savings Calculator

    What is Citrix Provisioning Services (PVS) and why should you use it?

    Why do they hate Citrix?’ for five key benefits of desktop virtualisation.

  4. What is Citrix Provisioning Services (PVS) and why should you use it?

    Jason Poyner, Technical Director, Deptive

    Citrix Provisioning Services (PVS) allows you to have a single instance image management of your XenApp and/or XenDesktop VMs – otherwise known as desktop management nirvana! This means you only have to update a single image which is then streamed to hundreds, or thousands of desktops. No more unreliable software deployments across your desktop fleet, just install the new software once on the master image and when the PVS clients (‘target devices’ in PVS speak) reboot, they get the updated image with the new software.

    Easy roll-backs and troubleshooting

    Every update to a PVS image (vDisk) creates a new version of the vDisk which provides some version control. Having versioned vDisks allows changes to be rolled-back as easily as they were rolled-out. Rather than an unreliable software uninstall, a roll-back with PVS uses the previous version of the vDisk from BEFORE the updates were made, which guarantees a successful roll-back. The other key benefit to PVS is that troubleshooting is greatly reduced; have an issue with a desktop? Just reboot it and the desktop will stream the vDisk like the first time it booted (I’ll explain this further below).

    Citrix Provisioning Services PVS basic architecture

    Citrix Provisioning Services basic architecture

    How to set it up

    A production PVS environment consists of at least two PVS servers for HA which have been sized correctly for your environment (memory being the most important consideration). A disk image is taken from a computer which has been built up with all patches, applications etc installed and configured, and the vDisk image is imported into PVS. The imported vDisk image usually sits on locally attached storage on each PVS server (other options are available). ‘Target device’ VMs are created without a C: drive and set to boot from network. The MAC addresses of the VMs are added to the PVS database so that when the VMs PXE boot the PVS server knows which vDisk to provide. The first time a vDisk is streamed to a target device the vDisk is cached in memory on the PVS server. Now when another 10 or 1,000 VMs boot they stream the vDisk from the PVS server memory – your read IOPS are now served from memory!

    Since we are streaming a single vDisk to multiple computers, the vDisk must be read-only to avoid corruption. But Windows can’t run off a read-only disk, so where do the writes go? PVS has a ‘write cache’ which, as the name suggests, is a location for the disk writes. Again, there are several options for the location of the write cache, however DO NOT use the default option of using the PVS server for the write cache (it’s too slow and breaks PVS HA). Attaching a small (10GB) disk to each VM for the write cache is a good approach – this disk can reside on local host storage, the SAN, or if you really want some performance, use Atlantis ILIO (see my blog on the desktop virtualisation ‘secret sauce‘). When the PVS target device reboots, the write cache is cleared so each boot is a ‘first boot’. To ensure there is no data loss, use redirected folders and a good profile management system. Since PVS 7.1, Citrix introduced a new and awesome write cache option called ‘Cache in device RAM with overflow on hard disk’. The option takes a chunk of VM memory and uses it as a disk cache which provides a massive performance boost over other write cache options – for more info see 30 x IOPS with Provisioning Services RAM cache.

    Love for PVS

    What I have found is that IT managers love the concept of PVS due to the consistency to brings to virtual desktop environments. IT staff take some time to adjust to the new way of managing a PVS environment, but again they love it once the new process has been adopted.

    An alternative for smaller deployments

    Since 2009, most of our Citrix projects have included Provisioning Services – some smaller deployments have not used PVS, as there is a moderate amount of infrastructure that is required. With the release of Citrix XenDesktop 7, Machine Creation Services (MCS) can now also be used for XenApp (or should I say XenDesktop Apps Edition….) which will be great for smaller deployments. MCS provides most of the benefits of PVS without the infrastructure. That sounds like the topic of another blog.

    But wait, there’s more!

    To further your desktop management nirvana, Citrix has released AppDisk with XenApp/XenDesktop 7.8. With AppDisk, applications are installed into a virtual disk (VHD/VHDK) which is then attached to VMs at boot. This allows an application, or group of applications, to be installed once, and used across multiple ‘silos’. For larger, or more complex environments, AppDisk can be used with PVS to reduce the number of unique PVS vDisks. I’m not really doing AppDisk justice (again it sounds like another blog topic), so take a look at Daniel Feller’s blog AppDisk Episode 1: Create and Deploy

    Note: This blog post is the 2016 updated version of a post by the same name published on 22 Oct 2013.

  5. Deptive achieves Citrix Virtualisation Specialist status

    Jason Poyner, Technical Director, DeptiveUpdate 11 November 2015: Today, Citrix have recognised Deptive’s continued business growth and customer success by awarding them with Solution Advisor Gold Partner status. This accolade comes hot on the heels of their technical expertise-focused Specialist Partner achievement. According to Jason Poyner, Technical Director, Deptive (pictured): Its great to see our investment of time and energy in becoming Citrix Specialists is being rewarded by sales success.


    Deptive has recently completed the Citrix Virtualisation Specialisation to be awarded Citrix Specialist Partner status one of only two Citrix Partners in New Zealand to do so. The Specialist Partner Programme is designed to recommend partners with demonstrated technical competency and end-to-end service delivery of mobile workspace solutions to customers.

    To achieve the Specialisation, Deptive had to demonstrate deep, hands-on experience and customer success. The rigorous requirements included completing demanding training and a practicum exam, plus validation of the standard of their work through documented, successful customer implementations. Specialist Partner status proves Deptive is prepared for complex, technical projects and delivering holistic solutions.

    With a Citrix Specialisation in Virtualisation, clients know Deptive has the skills and ability needed to successfully plan, design, implement, manage and support XenDesktop solutions that meet customers needs.

    Being recognised as a Citrix Specialist is validation from Citrix and, importantly, our clients of the credibility and quality of our expertise. It allows our customers to have full confidence in Deptive to deliver their Citrix solutions with complete technical, sales, and service delivery capability, says Jason Poyner, Technical Director, Deptive.

    According to Russell Andrews, Citrix New Zealand Partner Manager: By gaining these accreditations, Deptive has demonstrated its advanced skills and deep knowledge of virtualisation. Deptive has a long and successful history of delivering proven mobile solutions to customers, and Citrix is delighted to formally recognise this with the Citrix Virtualisation Specialisation.

    Want to know more?

    To find out more about our services:

    Telephone: 0800 000 141

    Email: info@deptive.co.nz

  6. Why do they hate Citrix?

    Jason Poyner Technical Director, Deptive.

    Jason Poyner, Technical Director, Deptive

    Given my position, I’m used to hearing great feedback from Citrix XenApp/XenDesktop users, but it’s true to say myself and the Deptive team do come across negativity from time to time. It’s high time I addressed these concerns in this blog – we can only talk to so many people!

    So, why the negativity?

    Complaints we’ve heard include: “I worked somewhere where it was crap, our users tell me it’s crap, it takes ages to log in, there’s a lag when typing, it looks like Windows XP, fuzzy display, slow to scroll images, video/audio is terrible. Are these features of XenApp? Is that just the way it has to be? No way! Citrix is the market leader for a reason: no one can rival their end-to-end suite of products and they have strong vision.

    Were not disputing these complaints are based on real user experiences; it is absolutely possible to deliver a bad user experience if things are not done right in the first place and/or managed effectively once operating.

    To add some balance, I’ve heard comments from users in traditional desktop environments that they would only turn off their laptop/desktop when absolutely necessary, because it took so long to boot up and log in!

    Lets look at the facts

    Here in New Zealand, there is a growing base of innovative organisations that are very happy Citrix XenApp/XenDesktop users, including Icebreaker, Flight Centre and Mainfreight.

    Globally, adoption of desktop virtualisation has doubled in the last four years, with the largest amount of that growth having occurred in the last two years. Citrix XenDesktop is used by more than 100 million active users around the world. XenDesktop transforms desktops and applications so that users can access them from any location, via any device and at any time.

    According to a new Enterprise Management Associates Research Study on Desktop Virtualisation: Keeping pace with emerging requirements for improved application and data mobility, security, and high-availability, desktop virtualization is enjoying a new renascence in adoption and technological advancement.

    Some of the key findings in this study include:

    • While all survey respondents indicated their organisation had achieved some business value from the adoption of desktop virtualisation, the most frequently noted advantage was an increase in business agility
    • 95% of survey respondents reported their organisation had achieved measurable cost savings since the introduction of a desktop virtualisation platform.

    Five key benefits of desktop virtualisation (or virtualization!)

    If an organisation isn’t seeing these benefits, then something isn’t right:

    • Improved Security: With the desktop in the data centre, your sensitive data also stays in the data centre.
    • Productivity: Easy file sharing, synchronisation and collaboration, with a secure, branded workspace on any mobile device.
    • Easy BYOD: Desktop virtualisation is a great platform for enabling BYOD (Bring Your Own Device).
    • More Agility: New desktops in the company can be brought into the fold with ease.
    • Radically simplified desktop management: Application deployments, operating system updates and migrations become simple tasks which are easily reversed.

    It needs to be done right to get the benefits

    Its vital to take the time to plan out and adequately resource your desktop virtualisation implementation. Below are six key pieces of advice that we give our clients:

    • Understand your users, their apps and how they work: I’ve seen large projects in serious trouble because IT assumed they knew how the business worked. Without the upfront analysis, you risk failure. When all you have is a hammer, everything becomes a nail a single flavour of desktop doesn’t suit everyone, but when you’ve only got one desktop offering – it becomes your hammer. Don’t force a solution on your users without understanding them. Use Citrix AppDNA for app compatibility testing as a Citrix Gold Partner, Deptive has access to AppDNA licenses to perform this work for you.
    • Take a fresh approach/carefully review your infrastructure: Delivering desktops and applications from your data centre is NOT the same as hosting infrastructure services. Just because your team did a great job virtualising all those servers doesn’t mean they have the right skills and/or background for virtualising desktops. Likewise, the server and storage platform powering your server virtualisation may not be a good fit for desktop virtualisation.
    • Get the rights skills in the project team: While the workloads are running in the data centre, they are desktop/app workloads, which is a different skill set to a server engineer/virtualisation geek. Part of the team must be end-user experts – the guys/girls who understand the end user and their needs, and EUC technology.
    • Don’t under spec the client: The best designed and built desktop virtualisation backend will mean nothing if the client device doesn’t have the horsepower to render today’s graphically intensive workloads. It’s all about the user experience! That $100 thin client is $100 for a reason.
    • Communication/marketing: Don’t spring this on your users, communicate and get them involved. An internal marketing campaign exploring the benefits of the solution and the reason for the project will start the project off on the right foot. One project even created a cartoon character named Cedric to bring some humour to what most staff consider dull comms from IT (meaning they don’t read IT comms at all!)
    • Ensure you have the BAU team to support your users: Either in-house or outsourced to Citrix specialists. Having the right IT support team will keep your users happy, and ensure your investment continues to deliver the benefits of security, productivity, and agility.

    Stop the complaints!

    Enough crawling; it may only take some minor tuning, or something more substantial, but Citrix XenApp/XenDesktop can most definitely sing and dance.

  7. Customise NetScaler Gateway user interface on a per vServer basis

    The following guide provides details on how to create customised logon page on the same NetScaler for different NetScaler Gateway virtual servers.

    Citrix currently do not provide the ability to create separate NetScaler Gateway themes on a per NetScaler Gateway virtual server basis. If a theme is applied to the NetScaler it is applied at a global level, affecting all virtual gateway servers. There is also no native method for providing separate images and logos for different NetScaler Gateways.

    Service providers using NetScalers to host multiple NetScaler Gateways for different companies require the ability to customise the logon page on a per virtual server basis. This includes changing logos and the text displayed on the portal page.

    The following procedure will show you how to change the logo used on the logon page for a particular NetScaler Gateway virtual server based on the requesting URL used.

    Procedure

    When landing on the NetScaler Gateway logon page, users are directed to the following URL: https://example.com/vpn/index.html

    This index.html file exists in the following directory on the NetScaler: /netscaler/ns_gui/vpn/index.html
    The index.html file by default references /netscaler/ns_gui/vpn/images/caxtonstyle.css which provides the style sheet giving the logon page the look and feel. It also specifies the logos and images used.

    Scenario; You require a different logo displayed to users who access a different NetScaler Gateway virtual server on the same NetScaler using a different URL (e.g. https://companyname.com).

    This can be achieved by copying the index.html file and renaming to index_companyname.html and copying the caxtonstyle.css to caxtonstyle_companyname.html. Copy the files and leave them in their original directories. Ensure once copied, update the permissions and owner of the files as per their originals.

    Customise NetScaler Gateway user interface

    Modify the index.companyname.html file to reference the caxtonstyle_companyname.html as shown below:

    Customise NetScaler Gateway user interface

    To update the following logo for a given customer, update the caxtonstyle_companyname.html file as shown below:

    Customise NetScaler Gateway user interface

    Customise NetScaler Gateway user interface

    Copy the company logo into /netscaler/ns_gui/vpn/images/ using WinSCP.

    To apply this new logon page, associated style sheet and image to a particular Gateway virtual server we will use a responder policy. This responder policy will detect when a particular URL is entered and redirect the user to the new logon page.

    To ensure the Responder feature is enabled, From the GUI, navigate toSystem >Settings. InModes and Features, selectConfigure Advancedfeatures (ensure that you select the Responder feature), clickOK, and then click Close.

    Customise NetScaler Gateway user interface

    The following commands create the responder action and policy required:
    add responder policy res_custom_companyname_nsgw_logon_pol “HTTP.REQ.HOSTNAME.EQ(\”companyname.com\”) && HTTP.REQ.URL.CONTAINS(\”index.html\”)” res_custom_companyname_nsgw_logon_act
    add responder action res_custom_companyname_nsgw_logon_act redirect “\”https://companyname.com/vpn/index_companyname.html\””
    Then bind this responder policy to the NetScaler Gateway virtual server requiring the customisations.
    bind vpn vserver gw_vsvr_companyname.com-443 -policy res_custom_companyname_nsgw_logon_pol -priority 100 -gotoPriorityExpression END -type REQUEST

    Now test and ensure the desired new functionality is working for the NetScaler Gateway.
    The NetScaler /netscaler/ns_gui/vpn folder runs in memory and any changes to this directory are not written back to disk. Therefore to ensure the custom files are persistent on reboot, we need to save the files to the /var/ directory. A scheduled task will be created on system boot which will copy the files from the /var directory to /netscaler/ns_gui/vpn
    Create the following folder /var/customisations/companyname/vpn/
    Copy index_companyname.html into /var/customisations/companyname/vpn/
    Copy companyname_logo.jpg and caxtonstyle_companyname.html into /var/customisations/companyname/images/
    If the /flash/nsconfig/rc.netscaler file does not exist, create it:
    cd /flash/nsconfig
    touch rc.netscaler

    Now edit the file and add the following copy commands to be initated on system reboot.
    cp -rf /var/customisations/companyname/images/ /netscaler/ns_gui/vpn/images/

    cp -rf /var/customisations/companyname/vpn/ /netscaler/ns_gui/vpn/

    Restart the NetScaler and test to ensure your new customisations are persistent.

    References
    http://support.citrix.com/article/CTX126206
    http://support.citrix.com/article/CTX123736

    By Daniel Almond
    Twitter: @AlmondDaniel
    Daniel’s LinkedIn

  8. Citrix Insight Services.

    citrix insight services

    Citrix Insight Services is a Citrix initiative which focuses on simplifying the support of Citrix environments. Citrix has developed tools and automated online analysis capabilities to help collect environment information,then analysis and return recommendations based on your Citrix configuration. These recommendations are based on best practices and the in-depth product knowledge Citrix has acquired from their support services.

    Who can use Citrix Insight Services?

    If you have a MyCitrix logon, then this service is free. This tool currently provides analysis for Citrix XenDesktop (5.x and 7.x), Citrix XenApp (6.x), Citrix NetScaler and Citrix XenServer.

    How does it work?

    The following example steps through using Citrix Insight Services for analysing a Citrix NetScaler configuration.

    Step 1: Generate a NetScaler support file and download to your local machine.

    citrix insight services step by step guide

    Step 2: Login onto https://taas.citrix.com/AutoSupport/ with your MyCitrix account and upload your compressed NetScaler support file.

    citrix insight services step 2

    Citrix Insight Services will then start to analyse the contents of the support file.

    citrix insight services step by step guide

    Once the analyses has completed, you will be presented with the results as shown below.

    citrix insight services instructions for set up

    References

    Citrix Insight Services FAQ
    http://support.citrix.com/article/CTX131233

    Citrix Insight Services Portal
    https://taas.citrix.com/AutoSupport/

    Written by Daniel Almond: nz.linkedin.com/pub/daniel-almond/11/766/b64

  9. NetScaler Block URLs

    netscaler block urls

    When deploying a NetScaler virtual load balancer to provide reverse proxy access to a web servers, you may have a requirement to block certain URLs being accessed.For example:

    www.mycompany.com/useradmin

    www.mycompany.com/private

    This can be achieved using the Rewrite and Pattern Sets.

    The following example will create a Pattern Set for the URLs that will be denied to users and a Rewrite Policy that will redirect the user back to www.mycompany.com

    add policy patset pattern_deny_url_set

    bind policy patset pattern_deny_url_set private -index 2 -charset ASCII

    bind policy patset pattern_deny_url_set useradmin -index 1 -charset ASCII

    add rewrite action rw_url_deny_act replace HTTP.REQ.URL.PATH_AND_QUERY “\”/\””

    add rewrite policy rw_deny_url_pol “HTTP.REQ.URL.PATH.GET(1).TO_LOWER.EQUALS_ANY(\”pattern_deny_url_set\”)” rw_url_deny_act

    Now bind the new rewrite policy to the required load balancing virtual server to enforce the blocked URLs.

  10. Citrix NetScaler the networking Swiss Army knife

    citrix netscaler

    Citrix NetScaler is a leading and feature rich Application Delivery Controller (ADC). A recent presentation from Citrix showed the NetScaler as a Swiss Army knife which I thought was a great representation of this product. There are many use cases for this product and it is easily scaled out or up.

    citrix netscaler swiss army knife

    NetScaler features are provided through four different licensing options: NetScaler Gateway (available only in the VPX10 edition), NetScaler Standard, NetScaler Enterprise and NetScaler Platinum. There are also three flavours of appliances. A VPX which is a virtual appliance that can be imported into Citrix XenServer, VMware vSphere and Microsoft Hyper-V. There is also an MPX series which is a hardware appliance that is rack mounted. Then the last is the SDX which is basically a mixture of both where you have multiple NetScaler VPX instances on a dedicated, purpose built hardware appliance. The MPX’s and SDX’s have a range of models ranging from entry-level to very high-end depending on how much grunt is required. The Service delivery networking platform that the SDX provides is in a league of its own. It provides enterprise level and cloud data centre architecture to support complex and scalable designs. Citrix have also partnered with Cisco to provide complete solutions that bridge the gaps between the products they provide.

    More information on the MPX appliances: http://www.citrix.com/products/netscaler-application-delivery-controller/features/platforms/mpx.html 

    More information on the SDX appliances: http://www.citrix.com/products/netscaler-application-delivery-controller/features/platforms/sdx.html

    The editions available are Free, Standard, Enterprise and Platinum.

    What do I use NetScaler for? NetScalers are commonly used as a Gateway, Load Balancing, Global Server Load Balancing (GSLB), Content Switching, SSL Offload. NetScaler Gateway (formerly known as Access Gateway) is used to secure remote access for external users to internal services and resources like XenDesktop and XenApp. Load Balancing is also a very useful way of spreading resources across your backend application services or infrastructure. You can either load balancing Citrix services like StoreFront or Web Interface so you have resilience for the services they provide or you can load balance other services like databases or Microsoft Exchange, SharePoint and SAP.

    Why use NetScaler? If you already use other Citrix products then it’s a no brainer because of how easy it is to configure remote access and integrate with your existing Citrix products. If you don’t currently use Citrix then it may take a little more work to decide on what Application Delivery Controller (ADC) you would like to purchase. Here’s a link to some differentiating factors from the competition.

    For administration should I use the GUI or the CLI? This is a question which most people either lean one way or the other. I am big fan of the CLI and this is because I find it easier to find how an appliance is configured. In saying that there are benefits to the GUI because it gives you a very quick visual representation and most things are grouped or accessible from the same place. The choice is entirely yours as almost everything can be done from both and most of the items in eDocs for NetScaler will provide steps via the GUI and CLI.

    i.e. To view the saved configuration of a NetScaler

    citrix netscaler configuration

    The GUI is accessed from an Internet Browser and requires Java. The CLI is accessed via an SSH client like PuTTY. You can also use a SCP client like WinSCP to transfer files to and from the NetScaler.

    Tips:

    1. Vserver Virtual Server. Do not think of this as a Virtual Machine. I describe it as more like a connection point for the services that you configure. The main thing to realise is that it is not a Virtual Machine that runs on a Hypervisor.
    2. Saved vs Running configuration – There are two distinctive states for configuration. The Saved configuration is the configuration that will be loaded when the NetScaler starts but the Running configuration is what is running from memory and is lost on a reboot, unless it is saved. From both the GUI and the CLI you can compare the Saved vs Running configuration to see if there are any differences.
    3. NetScaler Command Reference Guide I refer to this guide as my CLI bible and search it to find commands that can be used from the CLI. It can be downloaded from http://support.citrix.com/article/CTX132384
    4. When using the CLI the Tab key is your friend The Tab key autocompletes as well as provides help.

    Written by Alistair Pin:  nz.linkedin.com/in/alistairpin

Subscribe to our Newsletter



Please leave this field empty.