Category Archives: Business Continuity Planning

What BCP Availability Strategy for Citrix DaaS? Service Continuity (SC) or Local Host Cache (LHC)

Consider this an evergreen article with *pro-active adds/moves/changes inclusive of errors/mistakes until I remove this statement.

Architectural Doodle
The diagram below provides a high level architectural difference between Local Host Cache (LHC) v Service Continuity (SC) and how you can weaponise Citrix Analytics for Performance to enable pro-active management of your workloads in a single hypersacler cloud or multi-cloud hyperscater strategy.

Visualising the Value of Change using a Force Field Analysis (FFA)
A FFA is a business methodology helping to visualise through a meaningful contextual analysis, why a business and or e.g technology decision for “change” is the right and relevant direction of travel. It helps by amplifying the understanding of ”the what the change is, the how, the what if and the why change” towards anew future desired state e.g buy a music title per song vs. a music subscription to rent the music over a period of time.

The example analysis below is a technology change decision shifting from Local Host Cache (LHC) current to Service Continuity (SC) future state – improving IT’s operational resiliency capability and capacity considering todays current climate and threat of digital warfare aligned to internal business priorities and or executive KPIs ranging from strict security compliance & governance, hybrid multi-cloud failover (between cloud hyperscalers) to becoming cloud first/native adopting aaS tooling where right and relevant e.g I/PaaS to help IT accelerate DEX at the required pace and execution agility.

This example analysis is representative of my personal field technologist landscape experience and backed by a robust and diverse pool of customers ranging in size and verticalisation. Remember you do not have to agree with my field experience the concept is to weaponise this business tool as a force for good change in organisations wanting change that is well meaningful and or to back and better understand cost v value driven business strategies during forces of change.

Score Hindering Forces Service Continuity (SC) Driving Forces Score
3 Traditional method doesn’t rely on cloud services Modern method to reduce and derisk operational outage 5
5 Strict Governance & Compliance requirements for on-premises workloads only – High security organisations e.g UK Gov entities e.g MoD/M6 Better employee affordance during outages with SC 5
5 Security requirement for on-premises remote access Gateway POP’s controlled by IT/Security to reduce attack surfaces by adversaries including derisking operational outages Cloud first Turn-Key Global v Regional POP Gateway as a Service Strategy 5
2 No support for Citrix Workspace Site Aggregation to On-Premises CVAD environment No technical implementation debit 5
2 â–“ Limitations of Service Continuity for Internet Browsers – use case 3rd parties VPN-Less access without installing CWa on supported endpoints No technical waste and debit – LHC management & monitoring 5
3 Citrix Receiver not supported – use case support for outdated thin clients Citrix Workspace app (CWa) aligned to employee affordance (EX strategy) – Business KPI 5
Alignment to Cloud first Time to Value strategy – Business KPI 5
No LHC BCP testing program to valid solution and verify sizing & scaling annualised changes 5

20

40

â–“ Updated 07/03/2022 – Several SC limitations e.g Internet Browsers as a barrier to adoption have now been address learn at – https://www.citrix.com/blogs/2022/03/01/service-continuity-in-citrix-cloud-a-recipe-for-resiliency/.

The outcome of this analysis reveals that while a number of key inner or outer loop stakeholders maybe opposed to the technology change strategy, the FFA outcome is well clear that the driving forces for change is in favour of Service Continuity (SC). You should make every attempt to remediate against the identified hindering forces for change which could be the simple result of:

1. The decision maker(s) perception through experience wasn’t positive.
2. Company culture is adverse to agile change.
3. IT Operations is required to retain more “control” when consuming cloud based I/PaaS services to better derisk outages.
3. Cloud security policies and frameworks have not been approved to enable new types of technologies like SC to be on-boarded and accepted by Enterprise/Cloud/Security Architects.
4. Accept the current business risks are they are and re-evaluate at a future time as the current value out weighs the micro hindering forces.

Understanding Service Continuity (SC)
This a modern way to reduce and derisk availability access to (virtual) applications and desktop during an outage provided the employees endpoint has the capability to access Citrix workloads within your hybrid and or hybrid multi-cloud resource location(s).

Cost v Value Driven Strategies
The following are generic but meaningful examples of the cost and value driven strategies why adopting Service Continuity (SC) to underpin your BCP/DR strategy is the right strategy.

  1. Modern field leading practise or method to reduce and derisk PaaS outages.
  2. Time to value is immediate – its a turn-key out of the box SaaS style experience with no configuration nor IT skills required, no technical nor technology debit incurred.
  3. Leverages Citrix Cloud global turn-key Gateway Service fabric – its service availability uptime is healthy as it operates between two hyperscaler public cloud providers, details accessible using the “Cloud Assurance” micro site on the Citrix Trust Centre at – https://www.citrix.com/about/trust-center/cloud-assurance.html then filtering to the Gateway service + Gateway POPs.
  4. No requirement for bi-annual v annual stress testing and compliance checks for BCP/DR testing. Typically this would involve up to 2-3 days (or more) for enterprise organisations to stress test each site/resource location excluding a further 5 full  business days of planning activities, virtual meetings, whiteboards, approvals e.t.c with multiple stakeholders prior to testing – its an expensive exercise.
  5. No pro-active requirement to manage and monitor a StoreFront pair/cluster configuration, SSL/TLS certificate management, LHC cache integrity at each site/resource location which significantly reduces overhead of monitoring and associated OS licensing and VM operating costs.
  6. The employee affordance (experience) is far superior vs Local Host Cache as a strategy – Icons are greyed out amplifying to the employee that his/her (virtual) application or desktop is unavailable while anything coloured is still accessible and available – this design thinking affordance feature is often overlooked by IT Professionals but evaluation through the lens of a employee e.g PA amplify what is and what is not available.
  7. Supports modern authentication however there are limitations that will occur when SC is evoked see – https://docs.citrix.com/en-us/citrix-workspace/optimize-cvad/service-continuity.html#requirements-and-limitations.

Service Continuity Support Matrix

Platform/Feature/Service Learn More Supported Notes
Citrix Workspace for Web (Chrome/Edge) https://docs.citrix.com/en-us/citrix-workspace/optimize-cvad/service-continuity.html#service-continuity-in-browser âś“* 1.*Requires CWa for Mac 2112 or Windows 2109
2.Kiosk usage is not supported e.g Hotdesking
3.Support internet browsers Google Chrome and Microsoft Edge with plug-in’s installed.
Mac https://docs.citrix.com/en-us/citrix-workspace-app-for-mac/whats-new.html#2112 âś“ CWa 2106+
Windows https://docs.citrix.com/en-us/citrix-workspace-app-for-windows/about.html#21121 âś“ CWa 2106+
Andriod https://docs.citrix.com/en-us/citrix-workspace-app-for-android/whats-new.html#whats-new-in-2220 âś“ CWa 22.2.0
Linux https://docs.citrix.com/en-us/citrix-workspace-app-for-linux/whats-new.html#2109 âś“ CWa 2106 (GA 2109)
iOS https://docs.citrix.com/en-us/citrix-workspace-app-for-ios/whats-new.html#whats-new-in-2225 âś“ CWa 22.2.5 Tech Preview 03/2022
Security & Connectivity Limitations:
EPA Scans
Enlightened Data Transport (EDT) – During outages
Citrix Workspace IdP (Authentication) https://docs.citrix.com/en-us/citrix-workspace/optimize-cvad/service-continuity.html#requirements-and-limitations SAML 2.0
AD
AD plus Token
Azure AD
OKTA
Citrix Gateway (primary user claim must be from AD)
Authentication limitations:
SSO for FAS
SSO to VDA
Local mapped accounts
Only AD Domain joined VDAs are supported as of 03/2022

Technical Deep Dive
One of my fellow Citrix Technology Advocates (CTA) and current fellow Citrites Gavin Connolly – https://citrixie.wordpress.com/author/technologistgav/ has written a brilliant in-depth blog post on how it works, how to configure + test it and the employee experience “Affordance” – https://citrixie.wordpress.com/2020/12/22/service-continuity-for-virtual-apps-and-desktop-service/ – Service Continuity for Virtual Apps and Desktop Service.

Understanding Local Host Cache (LHC)
This is the traditional method while equally robust it requires a fair bit of feeding and watering to ensure cache accuracy and resiliency at scale when required to derisk PaaS or a hyperscaler region outage.

Cost v Value Driven Strategies
The following are generic but meaningful examples of the cost and value driven strategies why retaining your current strategy of using Local Host Cache (LHC) which underpins your BCP/DR strategy is the right strategy under the current strict compliance and or risk requirements.

  1. Strict regulatory compliance to maintain some form of “control” when using cloud services.
  2. Industry Specific by Certification and or Government regulation requirements that prohibit cloud based services from being consumed and where an on-premises IT strategy is the only viable option on the table.
  3. Greater control through a co-shared IT responsible operating model e.g brokering workloads using the vendors PaaS but owning the outage risk.
  4. Profound value based platform reliability and stability for bad app farms delivering mission cirtical line of business virtual apps that cant be moved to modern OSes and if become unavaiable may cause significant fiancial harm e.g Utilities
  5. Long term service release strategy alignment objectives

Understanding Citrix Analytics Service (CAS) for Performance
Coming…

The views expressed here are my own and do not necessarily reflect the views of Citrix.

Citrix Virtual Apps & Desktops or CVAD Service Migration Strategies

The path to operating from the Citrix Cloud Platform for Citrix Virtual Apps and Desktops often can appear like your need to climb to the summit of K2, this is purely because for IT its foreseen as another key yet, rapid IT Transformation project to solve a multitude of business and business IT challenges (its different organisation by organisation). I’ve therefore put together a simple blended digital doodle on this very topic highlighting some key learnings, leading practises from the field and my own thoughts and thinking on this very topic.

If you want to go deep or even get started on your own migration project today, then i strongly recommend that you read and review the “Proof of Concept: Automated Configuration Tool” available at – https://docs.citrix.com/en-us/tech-zone/learn/poc-guides/citrix-automated-configuration.html, which covers off a step by step guide from installation to migration of on-premises CVAD configurations to the CVAD Service operating and run in the Citrix Cloud Platform – https://citrix.cloud.com. The following series of TechZone articles list at – https://docs.citrix.com/en-us/tech-zone.html#citrix-virtual-apps-and-desktops will also add value in your pivot to the CVAD Service.

If you have the right subscription access at https://training.citrix.com, then you can also complete the following on-demand eLearning course “eCWS-2014 | Automated Configuration Tool for Virtual Apps and Desktops” – https://training.citrix.com/elearning/coursequests/1/quest/184, which took me around 45 minutes to complete.

The views expressed here are my own and do not necessarily reflect the views of Citrix.