In recent article “Accelerate migrations to the CVAD Service” – http://axendatacentre.com/blog/2021/09/30/accelerate-migrations-to-the-cvad-service/ I explored and shared how to accelerate and migrate an on-premises Citrix Virtual Apps & Desktops (CVAD) environment to the CVAD Service from a field perspective working with customers in the City of Greater London – England. Often another prominent and common question rears its head how do I migrate to your Gateway Service, how does the Gateway Service differ from the a traditional Gateway physical or virtual appliance deployment strategy?

Accelerate and Automate your Migration Strategy to @Citrix CVAD Service with less effort + friction while reducing technical debit + financial costs by adopting the Gateway Service – https://t.co/PE4DIuTPjY for CVAD workloads. Don’t forget to pause & reflect for fleet mgmt v/a’s pic.twitter.com/MECOHQcRdA

— Lyndon-Jon (L-J) Martin 👨🏻‍💻 📲 (@lyndonjonmartin) October 18, 2021

There are handful of migration strategy’s to moving to the Gateway Service from an on-premises Gateway V/A environment:

Start A-Fresh
If you have a IT team that is battling with the economics of time, restricted financial budget(s) for projects, doesn’t have the required Citrix ADC networking skill sets due to M&A activities or people movements e.t.c then reset and restart by standardising and unlocking the IT and Employee affordance of the Citrix Gateway Service which is a turn-key service in the Citrix Cloud Platform and enabled by default for any “New” Citrix Cloud RL’s out of the box.

Evaluate & Pivot
There are a handful of very important technology and business reasons why you would want to pause before exciting this strategy, before adopting the Gateway Service for the CVAD Service.

1. Your existing Citrix ADC utilises the Unified Gateway capabilities e.g it supports SSO with modern authentication e.g Google OAuth, OKTA or ADD SAML to Web, SaaS, Intranet web apps, Clientless apps through a universal portal and delivered through the Citrix ADC. This strategy is likely the most complex to evaluate before you pivot to the Gateway Service and typically requires a workshop to understand how the ADC is been used, what if it wasn’t there and what other ADC functions and features are been utilised e.g EPA scanning – http://axendatacentre.com/blog/2016/11/14/setup-pre-authentication-endpoint-analysis-epa-policy-with-an-azure-netscaler-unified-gateway-11-x-n/ or your performing advanced load-balancing of internal web vs. apps servers to employees e.g Finance systems.
2. Another is reasonable or sensible reason to pause and evaluate is if you are running a fleet of Citrix ADC V/A’s managed by Citrix Application Delivery Management (ADM) V/A on-premises BUT which is regularly feed and watered then migrating this ADM configuration to the ADM Service in the Citrix Cloud platform aides in reducing the IT administrative and technical debit of managing an on-premises control plane for Citrix ADC Networking while retaining the status quo of remaining as is but enabling smart and not harder administration.
3. The final potential reason to pause could be that you deploy and run you’re own Regional e.g Northern Europe vs. GEO e.g EMEA vs. Global Point of Presence (POP) in which you deploy and manage your own Private DIY style Gateway POP fabric globally using different clouds providers for economical costs, employee experience to reduce latency or Hybrid Mulit-Cloud resiliency for Disaster Recovery (DR) and Business Continuity. In these scenarios understand could you shift the purely the Gateway (ICA Proxy) only functionality for secure remote access for CVAD workloads to the Gateway Service and leave the existing ADC + ADM deployment to load-balance, accelerate and protect web, app servers and SQL databases.

Automate & Migrate
Current existing Citrix ADC virtual appliances (V/A) are only utilising the Gateway functionality for ICA Proxy enabling secure remote access to apps and data anytime, anywhere on any device. This strategy considerably reduces CAPEX and OPEX expenditures over a contract term reducing costs licensing the V/A; Premium Hypervisor (Optional); VM Instance costs – (v)CPU, RAM and HDD (IaaS vs. Other Cloud); Complexity of IT logical costs e.g Identity and Access Management (IAM), IP traffic routing e.t.c. This strategy significantly reduces the IT administrative and technical debit through a smile and single “Toogle” per Citrix Cloud Resource Location (RL) – https://docs.citrix.com/en-us/citrix-gateway-service/support-for-citrix-virtual-apps-and-desktops.html#enable-the-citrix-gateway-service, by default now the Gateway Service is enabled for all “New” Citrix Cloud RL’s out of the box.

The views expressed here are my own and do not necessarily reflect the views of Citrix.