Tag Archives: Azure

Deploying a Hyper Responsive Web Service with(out) NetScaler?

The views expressed here are my own and do not necessarily reflect the views of Citrix.

Shortened Names
CONTENT DELIVERY NETWORK – cdn
SECURITY ASSERTION MARKUP LANGUAGE – saml
FEDERATED AUTHENTICATION SERVICE – fas
LOAD-BALANCING – l/b
NETSCALER UNIFIED GATEWAY – nug or netscaler ug
NETSCALER – ns
XENAPP – xa
XENDESKTOP – xd
XENAPP/XENDESKTOP – xad
INTERNET SERVICE PROVIDER – isp
MANAGED SERVICE PROVIDER – msp

Introduction
Yes I will be talking about Citrix NetScaler only here as I am a Citrite, this blog post is more about methods vs. technical guidance so lets begin. In a previous life prior to my current role at Citrix I worked for a managed Internet Service Provider (mISP) or MSP where the customers I used to manage where required to deploy app, database & web servers (infrastructure) to service + support customer transactions at a massive scale but also ensuring a fast vs. efficient user experience at scale vs. normal usage. Today I am go explore how to optimise the delivery of web-based service fronted with(out) a Citrix NetScaler from startup to a global organisation we all can’t live without!

My scenario will focus on taking a web based service that you’ve developed as a start-up running on a single VM at instance type of any size running LAMP to be a continually hyper responsive web service as the load increases or popularity of the web service by first implementing simple but very effecting SysAdmin techniques. Your company is now born you’ve found a niche in a market segment/vertical and you’ve adopted a framework for development to build your web service platform on and you’ve identified where to host vs. run your web service from.

Optimising your Web Service to be Hyper Responsive with(out) NetScaler

You can deploy a successful vs. highly available web service without any ADC yes that is right, however there does come a point when its right vs. relevant and you will need to implement an ADC like Citrix NetScaler. So how can you? Well it comes down to thinking like a SysAdmin sometimes how can I optimise by removing stuff vs. consolidating roles or migrating them to alternative platforms.

Lets examine your Web Service that we’ve just launched its currently a single VM instance for argument sake its hosted in a public cloud like AWS vs. Azure vs. GCP or even a private cloud perhaps running on a XenServer host :-). You’re happy and believe your ready to begin your journey with your new startup so you begin promoting it socially on Twitter, LinkedIn, Instagram e.t.c and slowly over a few weeks the demand for the web service begins to grow steadily and you notice that the responsiveness isn’t 100% what it was a the time of launch so you schedule a maintenance window at say 04:00 GMT and scale up the VM instances compute resources to 4vCPU and 24GB of RAM including attaching another SSD HDD and you shift the content e.g images, CCS style sheets and JQuery files onto this HDD to improve performance by shifting I/O Reads for content onto another HDD.

Customers
EDGE
Web, Database & Content Roles running on a single Web Server

Happy days your web service is now back to that 100% (Initial launch experience) but now fast forward a few more weeks vs. months and your web services popularity increases organically vs. social and traditional marketing campaigns so your back to its not quiet as responsiveness anymore vs. isn’t 100% what it was a the time of launch so you schedule a maintenance window to perform some careful real-time investigation work to understand where are the bottle neck(s)? Each Web Service today in my personal opinion will have difference bottle neck(s) this is down to how its developed to run (standard alone vs. h/a cluster vs. globally distributed) vs. coded (framework vs. ground up framework) so careful monitoring of your web service platform from inception to the current date and the future is critical to help you continually truly scale your web service.

After reviewing the gathered insights from various tool(s)* you can see that the number of Reads to the HDD is quiet high and all to often I have seen decisions made to shift the database away from the web service onto another VM instance without checking what service is responsible for all those Reads and what location on the HDD the Reads are occurring from!? In my personal experience its mostly like not the database BUT the content e.g images, scripts, stylesheets that cause the high I/O Reads on the HDD when serving up content to load the web pages for customers on there end-points however with proper coding of your web service you can reduce this by caching the content on the users device (Laptop, PC, Mac, Smartphone, Tablet, Thin client) so when they change web pages there isn’t a hit on the web server (look at NetScalers HTTP Compression technology aswell) for the exact same content BUT only for what has changed perhaps image(s) of items they you want to acquire including its price + title + description collected from the database e.g change of search or click on the next/back buttons of there found vs. filtered results.

At this point you can do one of three things (1) you can migrate the database to an external VM instance and change the web service to connect to the database on now a remote server which is most commonly down without proper investigative work (2) if your in a public cloud you could choose to utilise a PaaS database service this option is not for everyone in my personal opinion just yet and its not necessarily a technology vs. security adoption blocker but I believe its a analytics blocker if the public cloud provider chooses to come into my market and also its way to NEW for me most common theme (3) keep the database exactly where is it and begin to or shift to delivering your Content via a CDN model or sometimes referred to as an Image Farm i.e the bits that make your website look good and the way it looks e.g images, logo, CCS style sheets, JQuery scripts that provide functionality + experience. This approach will help improve the users overhaul experience at any stage because the content is delivered via CDN model or method – https://en.wikipedia.org/wiki/Content_delivery_network (Example www.youtube.com) and not via the web server servicing up the webpage(s) from the web service anymore and typically the responsiveness of web service leads to a better experience for customers and there satisfaction goes up using your web service! This approach free’s up vital compute + I/O resources on your web server running your web service. Visit your favourite online retailer, ISV e.t.c and view the HTML source you’ll see what I mean! Most organisations typically don’t implement this earlier enough and often will implement this strategy after the ADC is deployed as the right vs. relevant skillset for managing your web service at scale simply is not available within the business yet.

Customers
EDGE
Web & Content Roles on single Web Server
Database Role on separate remote Server

Happy days! Your developer suggests to implement lets just keep it simple Round-robin DNS https://en.wikipedia.org/wiki/Round-robin_DNS so that he can make the web service multi web server enlightened e.g clustering so after some tests he/she deploys the new code onto the PROD web server and deploys 1-2 more web servers completes his tests and implements and deploys Round-robin DNS. Personally this is NOT something I would ever implement as if you don’t manage your DNS correctly with someone who knows what they are doing you could fall victim to DNS cache poisoning – https://en.wikipedia.org/wiki/DNS_spoofing or worse and bye bye web service = bye bye business! In a previously life prior to Citrix working at a mSP DNS management was taken very seriously for customers as without it your business would not be available online and the net outcome is simple you cannot transaction business to turn a profit and keep shareholders happy! Back to the blog so you know have a cluster enlightened web service platform to give you scale although its not prefect in my personal opinion with this strategy.

Customers
DNS
Round-robin DNS
EDGE
Web & Content Roles on Web Server
■ ■ ■
Database Role on separate remote Server

Happier Days lie ahead as more bottle necks in your web service have been resolved and the web service is becoming even more and more popular with customers in the particular City vs. County that you initially launched the web service from BUT now as more time passes and the business continues to growth from strength to strength, month on month you once again notice that the responsiveness isn’t 100% what it was a the time of launch vs. the last architectural change(s) that where made to enlightening web service platform and that you choose to switch the database to a remote VM instance, and I also am going to assume you did not implement the CDN concept for content (images, CCS, scripts e.t.c). So your business is now profitable and at a level where you have on-boarded the right vs. relevant skillset within the business to help take your web service to the next level i.e regional vs. GEO vs. global scale or you hire in external but experienced ADC professionals to help with the re-architecture of your web service platform or your go Serverless (Follow-up article!) but we’ll leave that one for todays post as its another blog post all on its own.

Upon investigation utilising various *tools (Network, Cacti, SmokePing, TOP e.t.c.), reviewing historical data points vs. graphs the decision is made that your web service platform now needs to adopt an (NetScaler) Application Delivery Controller (ADC) to scale smarter, intelligently and more efficently on-demand as the business grows while also ensuring high-availability 99.xxxxx% (You choose your 9’s) uptime 24/7/365 and to also maintain that initial customer experience during your startup phase or day 1 trading of business. In my view when implementing an ADC correctly the responsiveness should equal at scale if not be better than that first time you deployed your web service. At this stage most likely dependant upon the web service (What is it? game platform vs. online store e.t.c) you’ll potentially implement the following architecture to easily support a GEO or a region(s) within a GEO e.g EMEA or global scale and remove that Round-robin DNS method!

Content via CDN
Customers
EDGE
NetScaler ADC
□ □
Web/App Servers
■ ■ ■ ■ ■
Database Servers
■ ■
Content Servers
■ ■

What is NetScaler?
It’s a Layer 4-7 networking appliance https://www.citrix.com/networking/ that allows for securing and acceleration of workspace, web and app workloads while remaining transparent to customers. It comes in many different flavours vs. roles from providing secure BUT contextual remote access for SaaS, Web apps, virtual apps & desktops, R/A VPN with end-point scanning, microVPN e.g XenMobile apps e.t.c to virtualising your WAN by bonding multiple internet uplinks together through to supporting and monitoring a deployed web service(s) at local, regional, GEO or global scales all the while also providing deep insight and analytics into your organisation see the below video and much much more.

So Why Implement a NetScaler?
Implementing an NetScaler has many benefits it allows for offloading of TLS or HTTPS traffic https://docs.citrix.com/en-us/netscaler/12/ssl.html freeing up vital compute resources or cycles spent on decrypting the traffic where as now the web servers running your web service can have greater scale as they are now free to get on process transactions, monitor the health – https://docs.citrix.com/en-us/netscaler/12/load-balancing/load-balancing-builtin-monitors.html of each web server that is load-balanced (l/b) – https://docs.citrix.com/en-us/netscaler/12/load-balancing/load-balancing-how-it-works.html by NetScaler and if one or more web server(s) are performing poorly it will receive less transactions until it becomes more responsive, Datastream – https://docs.citrix.com/en-us/netscaler/12/datastream.html enables connection multiplexing to your database servers e.g more efficient writes + reads means faster transactions which means better performance of the web service with a net outcome of better user experience for customers, if don’t use the CDN concept for content take a look at the integrated cache feature – https://docs.citrix.com/en-us/netscaler/12/optimization/integrated-caching.html which allows the NetScaler to store and serve specific content saving a request to the server holding the desired content this further improving the responsiveness of your web service, support for Googles SPDY (Speedy) https://docs.citrix.com/en-us/netscaler/12/optimization/spdy.html and or implement HTTP Compression – https://docs.citrix.com/en-us/netscaler/12/optimization/http-compression.html which compresses responses from servers to compression aware-browsers example – https://developers.google.com/web/fundamentals/performance/optimizing-content-efficiency/optimize-encoding-and-transfer even enable and allow SAML and OAuth – https://docs.citrix.com/en-us/netscaler/12/aaa-tm/oauth-authentication.html logins to now only SaaS apps but also Windows apps used inline with FAS within XAD 7.9+. The list goes on and on so be sure to check out the NetScaler online documentation at – https://docs.citrix.com/en-us/netscaler/12.html and remember NetScaler is an advanced ADC but can also do the following Secure Web Gateway, Web AppFirewall, Unified Gateway and SD-WAN.

I’ll be presenting at UCDay 2017 and why you should consider attending yourself!

The views expressed here are my own and do not necessarily reflect the views of Citrix.

This year I am honoured to be presenting at UCDay 2017 (founded by MVP Andrew J. Price) which is described as being the UK’s Premier Microsoft Community Conference (check out the speakers for a starters!) which is to be held on 9th October at National Motorcycle Museum, Birmingham, UK with this years sessions key focus on Microsoft Azure, Skype for Business, Office365, Exchange & Cloud. Personally I’ll be delivering the following community session entitled “Deploying Citrix (Cloud) Workloads in Azure and Beyond ARA” details about my session are available at – http://www.ucday.co.uk/timetable/event/deploying-citrix-cloud-workloads-in-azure-and-beyond-ara/ and if you have any asks vs. requests for me to cover during my session please feel free to DM on Twitter @ https://twitter.com/lyndonjonmartin or LinkedIn @ https://www.linkedin.com/in/lyndonjonmartin.

On a personal note I am seriously keen myself to take the opportunity to learn, network, connect with my peers and attend some of the other knock out sessions (when its NOT my session), so be sure to check out all the sessions at – http://www.ucday.co.uk/schedule/#not-set:all delivered by community IT Pro’s focused on EUC, UEM, Workspaces, Public Cloud (Azure), UC & Collaboration and more and then get registered for a ticket at – http://www.ucday.co.uk. For me attending UCDay is an absolutely MUST weather you’re a customer vs. partner vs. consultant vs. vendor (think Microsoft eco-system) and it will enable you to gain invaluable insights from industry experts focused on the above topics and more from around the globe YES thats right not just the UK! Check out the speakers bios at – http://www.ucday.co.uk/ourspeakers/.

As I published this blog post it got me thinking as this is my very first UCDay I’d like to understand the origins of UCDay, how as a presenter vs. attendee on the day I can benefit from attending this great event. So I posed the following questions to the Founder of UC and Cloud Day Andrew J. Price http://lyncme.co.uk (Personal Site) whom is also an Office Servers and Services MVP.

1. How has UCDay changed vs. evolved since you first founded it and delivered that first opening keynote?

UC Day has evolved from a dedicated Microsoft UC Event into a leading Community Conference focusing on all the whole Microsoft 365 stack. When I originally started this journey I never expected it to grow as much as its done over the past 3 years. There is a lot of work happening in the background to continue the growth of this event to becoming a leading EMEA region conference that is free for all to attend.

2. What can attendees expect from the day based upon your experience?

Attendees can expect an action pack day full of networking with sponsors, peers and industry leaders in all things Microsoft Cloud related. UC and Cloud Day is a perfect platform for like minded invidiuduals to learn and grow as IT Professional and create new partnerships with our sponsors.

3. What are the key takeaways for attendees about the day vs. sessions?

Attendees will be able to take away knowledge from real world scenarios that our speakers encounter during their engagements with customers, as well new professional contacts that may assist with existing or future projects.

4. You are a MVP for Office Servers and Services what is it and how many other MVP’s will be at UCDay?

MVP Status is given to community leaders who go above and beyond the call of duty to share their experience with the Microsoft Community. I am recognised as Office Servers and Service MVP for my work within the Office 365 and Skype for Business communities. This year we will have over 20 MVPS across multiple award categories from around the global.

5. Any hints for what you’ll be discussing in your keynote at UCDay this year?

I will be talking about the “evolution” of UC Day and handing over to Microsoft who will be delivering the latest message about the “evolving” marketspace.


I hope to see you at UCDay this year.

All the best,
L-J

XenApp Essentials Services Understood powered by Citrix Cloud

The following content is a brief and unofficial prerequisites guide to setup, configure and test delivering virtual apps from the Microsoft Azure Marketplace powered by the Citrix Cloud XenApp Essentials Service prior to deploying in a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessarily conform to industry descriptions or best practises. The views expressed here are my own and do not necessarily reflect the views of Citrix.

Shortened Names
XENAPP – xa
XENDESKTOP – xd
XENAPP/XENDESKTOP – xad
MACHINE CREATION SERVICES – mcs
AZURE REMOTEAPP – ara
XENAPP ESSENTIALS SERVICE – xes
HIGH DEFINITION EXPERIENCE – hdx
REMOTE DESKTOP SERVICES – rds

What is it?
It is a replacement for the deprecated Microsoft Azure RemoteApp (ARA) – https://blogs.technet.microsoft.com/enterprisemobility/2016/08/12/application-remoting-and-the-cloud/ (“…Support existing Azure RemoteApp customers on the service through August 31st, 2017..“) which provides simplicitic beauty of Microsoft Azure RemoteApp now with the “Secure by Design” enterprise security methodology, platform scalability with FMA in 7.x and HDX virtual app delivery protocol capabilities & power of Citrix XenApp.

ARA brought Remote Desktop Services (RDS) capabiltiies from a multi private cloud deployments on Windows Server to Azure with non-persistent RDS/RDP sessions delivered from the Microsoft Azure Cloud only! The XA Essentials Service is only available from Microsoft Azure Marketplace hosted on Azure and only supports the delivery of Windows apps delivery from Windows Server 2012 R2, 2016 prepared Templates or Bring Your Own Templates (BYOT) uploaded. Citrix has prepared a full FAQ available at – https://www.citrix.com/global-partners/microsoft/resources/xenapp-essentials-faq.html

Overviews & Demonstrations
Introducing XenApp Essentials Service is a demonstration of the Service by Citrix.

Extend the Microsoft RDS platform in Azure through Citrix solutions was a presentation at Microsoft Ignite 2016.

What Feature’s Are Available?
The following feature matrix compares XenApp, XenDesktop Platinum vs. XenApp & XenDesktop Service vs. Azure Marketplace XenApp Essentials vs. Azure Marketplace XenDesktop Essentials
https://www.citrix.com/content/dam/citrix/en_us/documents/reference-material/xa-xd-deployment-options-feat-comp-matrix.pdf.

High Level Getting Started, System Requirements & Pre-requistes
1. You’ll need an Azure subscription with a resource group defined with a virtual network.
2. Define your preferred Azure region which you can ref from – https://azure.microsoft.com/en-gb/regions/.
3. Decide on your AD stratergy which can be Active Directory sat in the Azure resource location using a min A3 Standard VM instance for AD or you can utilise “Azure Active Directory Domain Services” and eDocs suggested that you review – https://docs.microsoft.com/en-us/azure/active-directory-domain-services/#main prior to implementing AAD for the XA Essentials Services vs. traditional AD.
4. Define your preferred OS strategy for the service which currently supports server OSes for Windows Server 2012 R2 or 2016 and you’ll need to define master image stratergy e.g BYO image or a Citrix prepared image for the service! Notes: “(a)BYO with your own Server OS template including apps + licenses for those apps or choose Citrix prepared templates with Apps. (b)RDS CALS w/SA to Azure or purchase RDS SALs.
5. Customer owned Azure Subscription as is responsible for per monthly IaaS consumption costs e.g compute, network, bandwidth & storage
6. Only MCS based provisioning is support for public (Iaas) clouds and for this Service hosted by Microsoft Azure.
7. Subscribe to XenApp Essentials Service through Azure Marketplace at – https://azuremarketplace.microsoft.com/en-us/marketplace/apps/Citrix.XenAppEssentials?tab=Overview.
8. Connect your Azure subscription to Control Plane operated by Citrix Cloud. Citrix Cloud controls customer Azure subscription via Citrix Cloud Connectors to provide capabilities to manage, provision and monitor your XenApp servers which will deliver your HDX virtual apps

Deploying your Virtual Apps (Draft!!!)

The above is an graphic from the official XA Essentials Service documentation from Citrix eDocs at – http://docs.citrix.com/en-us/citrix-cloud/xenapp-and-xendesktop-service/xenapp-essentials.html and the below is my personal text based step by step summary explaining how to get started with the XA Essential Service powered by Citrix Cloud and Microsoft Azure based upon the Ignite session at – https://www.youtube.com/embed/Ck0mtVXqOuM. Please note that these steps can change as the service is delivered from Citrix Cloud which is a secure SaaS style evergreen control plane – http://docs.citrix.com/en-us/citrix-cloud/overview/about.html.

1. Before you begin you will requires a subscription to XenApp Essentials Service from
2. Azure Marketplace + Server Images + RDS CALS w/SA
3. Create app collection similar to ARA
4. Create a name
5. Domain Joined (Popular) or Non-Domain Joined (TBC)
6. Link Azure subscription to XAE and select Resource Group, Virtual Networks & Subnet
7. Enter in Domain details which include Domain name, OU, Srv acct + passed
8. Select template image Citrix provided or your OWN
9. Select capacity and mange costs  by selecting instance type and power settings scheme (saver logoff after 10min; standard after 1hr; performance after 4hrs or always on i.e do not perform any power mgmt
10. Enter in # of users concurrent and you’ll receive an estimate cost calculator prior to provisioning to understand the costs based on 40hr usage per month
Summary and the deploy
11. Time access is short as CC will provision your instances in your subscription
12. Select app collection click Apps tab then select apps to publish
13. Select users tab and search domain by user or group 
14. Return to Manage home and you’ll see that your app collection is now ready with a green tick
15. Select app collection and you’ll see the StoreFront URL to send to users
16. Users login with domain\user + passed
17. Users are now able to launch there HDX virtual apps secured by there organisations Cloud-hosted StoreFront FQDN which provides secure remote access via the NetScaler Gateway Service also review caveats re bandwidth through-puts below.

Caveats, Current Known Issues with the Service
The list of current know issues one are my ones to pay attention to most as of 04/04/2017 and a full list is available at http://docs.citrix.com/en-us/citrix-cloud/xenapp-and-xendesktop-service/xenapp-essentials.html so please check and read them all!

1. Live.com accounts cannot be used for authenticaiton
2. Users cannot launch and app if an existing RDS session is present on the XA VDA worker.
3. Machine catalogue failures may occur if deploying a VM instance size in a region that does not support that instance type any more.
4. A premium storage account is not supported see “Prepare Your Azure Subscription
5. Each end-user is limited to 1-GB outbound data transfer per month but you can increase the limit via by acquiring a 25 GB add-on via the Azure Marketplace see “StoreFront and NetScaler Gateway in XenApp Essentials Service
6. See eDocs for more…

What’s New in XenApp & XenDesktop 7.13

The following content is a brief and unofficial prerequisites guide to setup, configure and test delivering virtual apps and desktops powered by XenApp & XenDesktop 7.13 prior to deploying in a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessarily conform to industry descriptions or best practises. The views expressed here are my own and do not necessarily reflect the views of Citrix.

Shortened Names
SECURITY ASSERTION MARKUP LANGUAGE – saml
LOCAL HOST CACHE – lhc
XENAPP – xa
XENDESKTOP – xd
XENAPP/XENDESKTOP – xad
WINDOWS – win
VIRTUAL DELIVERY AGENT – vda
HIGH DEFINITION EXPERIENCE – hdx
VIRTUAL DESKTOP – vd
CUSTOMER EXPERIENCE IMPROVEMENT PROGRAM – ceip
VIRTUAL APPS – va
DATA TRANSPORT LAYER – edt
FIREWALL – f/w
ACCESS CONTROL LISTS – acl
ADVANCED MICRO DEVICE – amd

What’s New
A full and complete list of what’s new is avaiable at – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-13/whats-new.html. I’ll start with one of my Citrix passions which is any and everything surrounding HDX technologies.

1. HDX Adaptive Transport is disabled by default in XAD 7.13* also referred to as EDT is a new HDX graphics mode that utilises both the UDP and TCP protocols with a fallback to TCP where UDP isn’t available. The HDX engineering team have engineered this new Citrix protocol called Enlightened Data Transport (EDT) which utilises the existing Citrix ports 1494 (ICA/HDX) and 2598 (Session Reliability) for both TCP and now new UDP so f/w ACL changes are near enough straight forward. To test this new graphics mode internally:

– Configure the ACL between your test end-point and through your internal network (over a VPN) VM running the 7.13 VDA to allow UDP and TCP for 1494, 2598
– Your test VM instance could be running in Azure (connected on-prem via a VPN) or on XenServer 7.1 and remember must be running the latest desktop or server VDA
– Your test end-point must be running the following min Citrix Receiver versions for Windows 4.7, Mac 12.4 and for iOS 7.2
– *In Studio create a machine catalogue, delivery group or use an existing one with your VDA upgraded from e.g 7.12 to 7.13 and then create a new HDX policy e.g HDX-TestofEDT and select the following HDX policy entitled “” and choose “Preferred“.

2. AMD Multiuser GPU (MxGPU e.g GPU Virtualization works with vSphere only) on the AMD FirePro S-series server cards for HDX 3D Pro workloads only e.g Desktop OSes ref – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-13/hdx/gpu-acceleration-desktop.html+ with support for up to 6 monitors, custom blanking & resolution, high frame rate and only GPU Pass-through is supported on the following hypervisors XenServer and Hyper-V. For further details please ref to the AMD website at – http://www.amd.com/en-us/solutions/professional/virtualization.

3. Intel Iris Pro (5-6th Gen Intel Xeon Processor E3) graphics processors supports H.264 h/w encoding for virtual apps & desktops, HDX 3D Pro support for up to 3x monitors (Ref to install options+), custom blanking & resolution, high frame rate. For further details and compatible Intel processors ref to – http://www.intel.com/content/www/us/en/servers/data-center-graphics.html

4. Other HDX enhancements include:

– Bidirectional content redirection – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-13/policies/reference/ica-policy-settings/bidirectional-content-redirection.html
– Wacom tablets improvements & connection methods – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-13/hdx/usb.html and also see http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-13/policies/reference/ica-policy-settings/usb-devices-policy-settings.html
– File copying performance enhancements for client drive mapping

5. StoreFront 3.9 support for the following below and for a closer look check out the following CTX blog article – https://www.citrix.com/blogs/2017/02/24/whats-new-in-storefront-3-9/

– HDX Adaptive Display
– CEIP automatic enrollment by default. To disable please ref to http://docs.citrix.com/en-us/storefront/3-9/install-standard.html#par_anchortitle_8ea6
– Importing of NUG configurations (ZIP file or via PowerShell) into StoreFront to setup through the XAD Wizard using the latest NetScaler UG 11.1.51.21+ ref – http://docs.citrix.com/en-us/storefront/3-9/integrate-with-netscaler-and-netscaler-gateway/import-netscaler-gateway.html to reduce and avoid misconfigurations.
– Not new but if you’re looking to security harden your StoreFront standalone or cluster ref to – http://docs.citrix.com/en-us/storefront/3-9/secure.html
– SAML auth through against your preferred Store with NetScaler Unified Gateway configured as your IdP – http://docs.citrix.com/en-us/storefront/3-9/configure-authentication-and-delegation/configure-authentication-service.html#par_anchortitle_d712

5. The Connection Quality Indicator is not part of the XAD 7.13 release but an invaluable Citrix tool for Citrix SysAdmins check out its capabilities at – https://www.citrix.com/blogs/2017/02/22/citrix-connection-is-slow-not-really/ and you can download it from – https://support.citrix.com/article/CTX220774 and it also inclues group policies for better SysAdmin controls to enable or disable the tool which is supported from XAD 7.6 LTSR and upwards ref the CTX220774 article. The below image is taken from a Window 10 virtual desktop powered by XenDesktop 7.x.

6. Linux Seamless published applications from a Linux supported OS using the 7.13 VDA – http://docs.citrix.com/en-us/linux-virtual-delivery-agent/7-13/whats-new.html and also please read the publishing apps for Linux at – http://docs.citrix.com/en-us/linux-virtual-delivery-agent/1-4/suse/configuring/publish-apps.html for advanced tips and guidance on seamless mode vs. window manger configuration.
7. LHC in 7.13 introduces a new support feature for brokering operations for Citrix Cloud when the internet connection between the Citrix Cloud Connector and the Citrix Cloud control plane at – https://citrix.cloud.com/ is in a failed state or unavailable due to an ISP outage. You can also force an outage following the documentation available at – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-13/manage-deployment/local-host-cache.html++ by creating and manually modifying the following registry entry “HKLM\Software\Citrix\DesktopServer\LHC with entry of OutageModeForced” set to the value in the documentation++ to force an outage for testing and or evaluation purposes prior to implmenting Local Host Cache. I’ve embedded below a simple architectural recap of LHC introdcued in XAD 7.12 and you can read in more depth detail about Local Host Cache from a previous blog post available at – http://axendatacentre.com/blog/2016/12/13/whats-new-in-xenapp-xendesktop-7-12/.

Finally LHC still provides support for brokering operations for traditional XAD Controller Site Database on-prem ref ++. I’d also recommend that you watch this TechTalks To Go covering LHC in XAD 7.12 release.

8. Provisioning Services 7.13 now supports Linux streaming and a brand new caching technique only available and supported on XenServer 7.1 called PVS-Accelerator. Check the following YouTube video from Citrix entitled “Introducing PVS-Accelerator, only available with XenServer!” via https://twitter.com/juancitrix/status/835202277317148672.

9. HDX Thinwire enhancements in 7.13 have resulted in up to 60% bandwidth savings. Take a look at the following CTX blog post at – https://www.citrix.com/blogs/2017/01/11/hdx-next-cuts-bandwidth-by-up-to-60-yes-sixty-percent/ which has some great high level LoginVSI 4.1.6 graphics comparing Thinwire in 7.12 vs. 7.13 on Windows Server 2012 R2 and 2016.
10. AppDNA what’s new ref – http://docs.citrix.com/en-us/dna/7-13/whats-new.html now includes support for Windows 10 Anniversary Update (AU) and now defaultor analysis and reporting, Secure Web reports and finally improved importing to process to analysis OSes and apps. There are a few more to be sure to check out the whats news!

Deploying XenApp 7.13 for Evaluation & Testing Purposes
The fastest way to deploy and test the latest new features from Citrix XA 7.13 release with little to no effort is to deploy the “Citrix XenApp 7.13 Trial” from Microsoft Azure available and accessiable at – https://azuremarketplace.microsoft.com/en-us/marketplace/apps/citrix.citrix-xa?tab=Overview.

Removed from XenApp and XenDesktop 7.13
Please be sure to read and review the complete removed features and future removal features within XAD 7.x platform topics on Azure Classic, AppDisks, Desktop OS support and supported HDX Graphics Modes e.t.c –
https://docs.citrix.com/en-us/xenapp-and-xendesktop/7-13/whats-new/removed-features.html.

Viso Stencils from Citrix’s Ask the Architect – https://twitter.com/djfeller for XenApp and XenDesktop 7.13.


Image credit: https://twitter.com/djfeller/status/836557405173477376

https://virtualfeller.com/2017/02/28/visioxenappxendesktop713/

Front XenApp 7.11+ in Azure with NetScaler (Unified) Gateway 11.x.n

The following content is a brief and unofficial overview of how-to front your virtual apps & desktops powered by XenApp 7.11 with NetScaler 11.x.n using Microsoft Azure (ARM). The views, opinions and concepts expressed are those by the author of this entry only and do not necessarily conform to industry descriptions, best practises. The views expressed here are my own and do not necessarily reflect the views of Citrix.

Shortened Names
XENAPP – xa
XENSERVER – xs
XENDESKTOP – xd
XENAPP/XENDESKTOP – xad
VIRTUAL DELIVERY AGENT – vda
HIGH DEFINITION EXPERIENCE – hdx
INDEPENDENT COMPUTING ARCHITECTURE – ica
NETSCALER – ns
NETSCALER UNIFIED GATEWAY – nsug
AZURE RESOURCE MANAGER – arm
IDENTITY ACCESS & MANAGEMENT – iam
MULTI-FACTOR AUTHENTICATION – mfa
SECURITY ASSERTION MARKUP LANGUAGE – saml

Why this Blog Article?
I’ve had a lot of cloud 1st strategy conversations with IT Pro’s, Citrix SysAdmins & organisations alike recently so I thought everyone whom is searching for how-to front XenApp with an Azure NetScaler could benefit from this blog post :-). This blog post covers a how-to even with NetScaler in single IP mode to achieving https://FQDN (Image 2) for the gateway vs. https://FQDN:8443 (Image 1) when deploying NetScaler in Azure (ARM).

Deploying NetScaler 11.x.n using Azure Resource Manager (ARM)
1. Login to https://portal.azure.com
2. I presume that you have setup a your network, IAM if not refer to https://azure.microsoft.com/en-gb/get-started/ for getting started how-to from Microsoft.
3. Click on + New in the top left of the ARM web ui and type in NetScaler and select NetScaler VPX Bring Your Own License or for a quick review check out – https://azure.microsoft.com/en-gb/marketplace/partners/citrix/netscalervpx110-6531/.
4. Click Create
5. Enter in a name for your NS virtual appliance e.g ne1nug01 and select the VM disk type
5. Enter in a username and choose auth to be either SSH public key or Password I choose password to access the NS Admin WebUI for simplicity of all readers of this blog.
6. Select your chosen of default Subscription if you have more than one and then select your existing Resource Group where you XenApp 7.11+ environment and XenApp 7.11+ VDA Workers and your mgmt. VM running AD/DNS server resides. Remember I am keeping this simple as it’s intended for PoC’s only!
7. Continue to select your chosen Azure instance for NetScaler I choose DS2_V2 Standard which consists of 2 Cores, 7GB of RAM.
8. Select your storage account, virtual network & subnet e.t.c and high availability set then click Select to continue.
9. Review your purchase of NetScaler and then click Ok to purchase and Azure will begin building your NetScaler VPX in your Azure chosen subscription which will take no more typically than 10 minutes.

Setting up & Licensing your NetScaler on Azure
Firstly be aware that when deploying a NetScaler instance on Azure for virtual apps & desktops you’ll be setting up NetScaler to run in single IP mode (YES!) which means that you’re connecting to internal TRU resources on the NetScalers IP addr (NSIP) but you connect using different ports e.g ICA Proxy on 8443 so lets begin with the setup.

1. Login into your NetScaler using the NS Admin Web UI do not provide a SubnetIP Addr (SNIP) just select Do It Later and proceed with the initial setup as per normal.
2. Now that you have setup your NetScaler you need to license it so remain logged into and open a new tab in your browser of choice and Google “Citrix Eval Store” or save this link – http://store.citrix.com/store/citrix/en_US/cat/ThemeID.33753000/categoryID.63401700
3. Select under Networking -> NetScaler ADC
4. Next select the following model “VPX” select variation e.g “Platinum 1000” select duration e.g “90 Days”.
5. Complete the onscreen process note that you will require a .Citrix.com account or you need to create an account.
6. Once you receive an e-mail with your key/code head over to at https://www.citrix.com/account/toolbox/manage-licenses/allocate.html or goto and select find and allocate your licenses or look for the licensing button (link) and select it.
7. If your key/code it not visible select “Don’t see your product?” in text in/around the top right-hand side. A pop-up appears now enter in the code provided on e-mail from the Citrix Eval Store e.g “CTX34-XXXXX-XXXXX-XXXXX-XXXXX” and continue.
8. You will need to enter in the Host Id of your NetScaler it can be found once logged in using the NS Admin Web UI “NetScaler -> System -> System Information” then look under the heading “Hardware Information” and you find “Host Id” copy and paste it into the required field and then download the license file.
9. In the NS Admin Web UI click the cog icon top right then select licensing and upload the license and select to reboot the NS to apply the license.
10. Log back in and enable the features that you require e.g right click on the “NetScaler Gateway” and select “enable” e.t.c

Setup Type Choice 8443 Default without an Azure L/B for XenApp using the XenApp/XenDesktop Wizard
Now that you have setup NetScaler within your Azure subscription in your chosen region you’re ready to begin setting up NetScaler to front virtual apps & desktops (Server OS 2012 R2 or 2016) powered by XenApp 7.11+.

Sample Text Based Diagram

User Azure NetScaler StoreFront XenApp
https://FQDN:8443/ Accepts requests from Azure to NSIP on https://8443 (Single IP Mode) Accepts requests on the Gateway & Call-back FQDN on https://FQDN:8443 Accepts & launches user’s virtual app(s) & desktop(s) as requested

1. Login to your NetScaler VPX click “Settings -> Licensing” now check that License type is Platinum and Model ID 1000
2. Select the XenApp/XenDesktop wizard and review the prerequisites carefully prior to continuing BUT in summary you’ll need an SSL Cert, LDAP service account + details, XenApp 7.11+ environment with StoreFront.
3. Enter in the static IP addr assigned by Azure or OTHER METHOD of your NetScaler VPX YES that’s right!
4. IMPORTANT STEP: Change the default port of 443 to 8443 on the Gateway IP addr
5. Set Up the rest of the XAD wizard as normal
6. IMPORTANT STEP: Setup StoreFront to allow remote access however the configured default gateway and Call-back FQDN addresses MUST include 8443 e.g https://go.x1co.eu:8443 instead of just https://go.x1co.eu
7. Setup external DNS entries e.g go.x1co.eu to point to your NetScalers static IP addr found in the Azure ARM Web UI and once you have verified it is functioning correctly using a shell (IPCONFIG /FLUSH after settin-up the DNS entries waiting 10-15 min depednant upon your ISP) the open up an internet browser and type in e.g https://go.x1co.eu:8443 and dont forget the :8443 at the end of the FQDN.
8. Attempt to login either using sAMAccountName e.g username or userPrincipalname e.g username@x1co.eu and then you should be able to successfully login and launch your virtual apps & desktop as per the below image.

Image 1


Setup Type 443 for XenApp using an Azure Load-Balancer & the NetScaler XenApp/XenDesktop Wizard

Sample Text Based Diagram

User Azure Azure Load-Balancer NetScaler StoreFront XenApp
https://FQDN/ https received request and forwarded to NetScaler on https://FQDN:8443

Accepts requests from Azure L/B on https://FQDN fwd to NSIP on https://8443 (Single IP Mode) Accepts requests on the Gateway from HTTPS://FQDN but the Call-back FQDN is on https://FQDN:8443 Accepts & launches user’s virtual app(s) & desktop(s) as requested
https://FQDN ↔ AzureL/B ↔ NetScaler:8443 NetScaler https://FQDN:8443 ↔https://FQDN StoreFront StoreFront Call-back https://FQDN:8443
StoreFront configured NetScaler Gateway https://FQDN

1. If you are choosing this option as your preferred lets hope then complete steps 1-5 and also step 7 to save you time!
2. IMPORTANT STEP: Setup StoreFront to allow remote access however the configured default gateway MUST BE e.g https://go.x1co.eu NOTICE NO :8433 YES not :8443 here. Now on the call-back FQDN addresses YOU MUST include 8443 e.g https://go.x1co.eu:8443 instead of just https://go.x1co.eu otherwise fronting NS with an Azure L/B to acheive HTTPS://FQDN for the XAD Gateway (ICA Proxy) will NOT WORK!!!!
3. Now switch to the Azure ARM Web UI. You should probably read the following useful resources – https://azure.microsoft.com/en-gb/documentation/articles/load-balancer-overview/ and for PowerShell creation check out – https://azure.microsoft.com/en-gb/documentation/articles/load-balancer-get-started-internet-arm-ps/ for any Citrix consultants out there.
4. Azure Load-balancer and click on the “+” at the top and provide a “Name” and for the type choose “Pubic” and select your Azure “Subscription” “Existing Resource Group” and its location (Same as NetScaler deployed instance) then click “Create”
5. Now it will list the available public IP addr just select the “+”
6. Enter in a name and choose your assignment choice “Dynamic” vs. “Static” and click OK.
7. Azure will then provision your Azure L/B (Wait….Maybe coffee or tea break?)
8. Once created select your Azure L/B
9. Select “Backend Pools” enter in a name then choose your availability set and then your VM’s or VM e.g NetScaler. Azure will then provision your Azure L/B with a backend pool (Wait….)
10. Select “Frontend IP Pool” click “+” enter in a name then choose your IP addr e.g NetScaler VM and then enter in a name (all names should differ makes identification easier so a good naming convention helps 🙂 now) and choose your assignment choice “Dynamic” vs. “Static” and click OK (Updating….)
11. IMPORTANT STEP: Select “Inbound NAT Rules” select the resource from your Frontend IP Pool list from the previous point (10). Select the service “HTTPS” and port to be 443 then select the target “NetScaler VM” and then vErY iMpOrtAnt select under “Port Mapping -> Custom” and in the “Target Port enter in 8443” and click save. (Wait…)
12: Now navigate to https://FQDN and attempt to login either using either sAMAccountName e.g username or userPrincipalname e.g username@x1co.eu and thereafter you should be able to successfully launch your virtual apps & desktop published by XenApp 7.11+. The below image represents the end goal when fronting an Azure NetScaler in Single IP Mode with an Azure Load-Balancer as per the below image.

NetScaler VPX in Azure Deployment Guide
http://docs.citrix.com/content/dam/docs/en-us/workspace-cloud/downloads/NetScaler-VPX-in-AZURE-Deployment-Guide.pdf

Advanced Setup & Configuration
The following how-to’s are from a 2016 Citrix Technology Advocates (CTA) – https://www.citrix.com/blogs/2016/05/23/expanding-recognition-for-community-contributors-citrix-technology-advocates/ Dave Bretty – http://bretty.me.uk/ which covers off how-to setup and configure FAS, NetScaler SAML/ADFS Proxy, Azure MFA and much more, so follow the links in order listed below.

1. http://bretty.me.uk/putting-it-all-together-citrix-xendesktop-adfs-azure-mfa-netscaler-unified-gateway-and-citrix-fas-part-1/
2. http://bretty.me.uk/putting-it-all-together-citrix-xendesktop-adfs-azure-mfa-netscaler-unified-gateway-and-citrix-fas-part-2/
3. http://bretty.me.uk/putting-it-all-together-citrix-xendesktop-adfs-azure-mfa-netscaler-unified-gateway-and-citrix-fas-part-3/
4. http://bretty.me.uk/putting-it-all-together-citrix-xendesktop-adfs-azure-mfa-netscaler-unified-gateway-and-citrix-fas-part-4/
5. http://bretty.me.uk/putting-it-all-together-citrix-xendesktop-adfs-azure-mfa-netscaler-unified-gateway-and-citrix-fas-part-5/
6. http://bretty.me.uk/putting-it-all-together-citrix-xendesktop-adfs-azure-mfa-netscaler-unified-gateway-and-citrix-fas-part-6/

What’s New and Understanding Citrix XenApp & XenDesktop 7.11 (Seven 11)

The following content is a brief and unofficial prerequisites guide to setup, configure and test delivering virtual apps and desktops powered by XenApp & XenDesktop 7.11 (Seven 11) prior to deploying in a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessarily conform to industry descriptions or best practises.

Shortened Names
XENAPP – xa
XENDESKTOP – xd
XENAPP/XENDESKTOP – xad
VIRTUAL DELIVERY AGENT – vda
HIGH DEFINITION EXPERIENCE – hdx
INDEPENDENT COMPUTING ARCHITECTURE – ica
EXPERIENCE 1st – x1
VIRTUAL DESKTOP – vd
VIRTUAL APPS – va
THINWIRE COMPATIBLE MODE – tcm also known as ecm or thinwire+
UNIVERSAL WINDOWS PLATFORM – uwp
FEDERAL INFORMATION PROCESSING STANDARD – fips
SELF-SERVICE PASSWORD RESET – sspr
PROVISIONING SERVER – pvs
MACHINE CREATION SERVICES – mcs
AZURE RESOURCE MANAGER – arm

What’s New
1. XAD 7.11 infrastructure support on Windows Server 2016 for the Controller, StoreFront, Studio, Director, Server VDA, Session Recording Server & Agent, Universal Print Server.
2. Self-Service Password Reset 1.0 (SSPR) is now part of the StoreFront 3.7 & XAD 7.11 (Platinum feature) release and can be installed on Windows Server 2008 R2, 2012 R2 and 2016* and allows users to unlock or reset their AD passwords through a series of questions. For a detailed overview please read the CTX blog entitled “StoreFront 3.7 has been released!“- https://www.citrix.com/blogs/2016/09/14/storefront-3-7-has-been-released/

3. SQL Server 2014 Express is still installed by default when installing the XAD Controller which became the default in XAD 7.9 release ref – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-9/whats-new.html#par_anchortitle_ddbe so be aware of the installation behavioural changes for SQL and SQL Server 2016 is now supported ref –http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/system-requirements.html#par_anchortitle_384a and for a full list of the supported databases for XAD please refer to http://support.citrix.com/article/CTX114501 which contains and up to date tablised view of XAD versions vs. SQL versions and which are and are’nt supported! Finally DB sizing can be found by referring to the LTSR release of XAD 7.6 at – http://docs.citrix.com/en-us/categories/solution_content/implementation_guides/database-sizing-guidance-for-xendesktop-7-6.html which has great guidance on database sizing for XAD 7.6+.

4. Publish URL’s, documents and media files from network shares (WAHOO!) is now available on as part of the XAD 7.11 release. It currently only supports publishing of content via PoSH cmdlets and all the examples can be found and a detaied overview of the feature is avaiable at – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/install-configure/publish-content.html*.

Example Publishing a Word Document from Citrix eDoc’s*
New-BrokerApplication -Name ReadMe -PublishedName”ReadMe Document” -ApplicationType PublishedContent -CommandLineExecutable \\MyFolderShare\Documents\ReadMe.doc -DesktopGroup Content

5. Use of System Center Virtual Machine Manager to provision VMs used to create AppDisks. If you are unfamiliar with AppDisks the following YouTube video from the Citrix channel demonstrates how’s setup, create and assign your AppDisks to users virtual desktops. There is also a fantastic AppDisks FAQ avaiable at – http://docs.citrix.com/content/dam/docs/en-us/xenapp-xendesktop/xenapp-xendesktop-7-8/downloads/AppDisk%20FAQ.pdf

6. Installation behavioural changes for CIS programs entitled “Citrix Customer Experience Improvement Program (CEIP)” and “Citrix Call Home“. For more information please refer to and read – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/manage-deployment/cis.html.
7. New HDX enhancements include:

– A new HDX policy setting combining Thinwire Compatible Mode (ECM) and H.264 can be enabled by selecting the following policy Use video codec for compression and select For actively changing regions. If you do not then the default HDX graphics mode is used which is Use video codec for compression Use video codec when preferred. For a more detailed overview please check out – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/policies/reference/ica-policy-settings/graphics-policy-settings.html.
– Up to 5% bandwidth reduction with the new behavioural enhancements for video content with Thinwire and requires XAD 7.11 with either Windows Receiver 4.5 or Linux 13.4.
– Support for USB generic mass storage devices for XenApp
TWAIN 2.0 scanning protocol support with Windows Receiver 4.5+
– New behavioural changes for the optimisation of client USB devices – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/policies/reference/ica-policy-settings/usb-devices-policy-settings.html
– Support for publishing universal apps for Windows 10, Server 2016 using the Microsoft Universal Windows Platform (UWP).
– Support for H.264 hardware encoding with supported nVidia GPU cards (NVENC hardware encoding – https://developer.nvidia.com/nvidia-video-codec-sdk) and also to read the following entitled “Better Together: Citrix XenDesktop 7.11 + NVIDIA GRID” from – https://blogs.nvidia.com/blog/2016/09/14/citrix-xendesktop-nvidia-grid/!
Default VDA policy settings for XAD 7.11 – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/policies/policies-default-settings.html

8. StoreFront 3.7 includes SSRP 1.0 as mentioned above in point 2., UI support for small form factor devices improving the user’s overall experience when you configur the unified Citrix Receiver experience on StoreFront against your Store(s) which can be configured by reffering to – http://docs.citrix.com/en-us/storefront/3-7/manage-citrix-receiver-for-web-site/unified-receiver-experience.html so when connecting to from e.g Safari on an iPhone your end-users experience is way better try for yourself! Finally a great new addition or rather enhancement to Zones in StoreFront 3.7 & XAD 7.11 is that now client location based zone preference passes the zone information to the controller (required configuration – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/manage-deployment/zones.html#par_anchortitle_1db7) which in turn utilises this information to select the more appropriate workstation/server VDA’s that are closest in proximity to the user so when connecting to virtual apps & desktops there receive the best rich HD experience possible.
9. Windows Server 2016 analysis and reporting including Expanded security analysis with AppDNA 7.11 – http://docs.citrix.com/en-us/dna/7-11/whats-new.html.
10. Automate Director notifications with Citrix Octoblu – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/director/alerts-notifications.html#par_anchortitle_1d19. For a detailed overview and look at this integration be sure to read the blog post – http://horacegoesskiing.com/index.php/2016/09/16/using-xenappxendesktop-7-11-alert-policies-with-octoblu/.
11. Support for Windows Server 2016 as a server and a target platform for PVS 7.11 including an enhanced diagnostic model so much more so be sure to review the PVS 7.11 online documentation at – http://docs.citrix.com/en-us/provisioning/7-11.html.
12. Citrix XenApp and XenDesktop 7.6 FIPS 140-2 Sample Deployments (Technically NOT new but very useful for Citrix customers and partners alike) – http://docs.citrix.com/content/dam/docs/en-us/categories/public-sector/downloads/Citrix%20XenApp%207.6%20and%20XenDesktop%207.6%20FIPS%20140-2%20Sample%20Deployments.pdf
13. Provisioning Citrix workloads in Microsoft Azure using ARM is now available. For a detailed how-to read – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/install-configure/install-prepare/azure-rm.html but before deploying your VM’s be sure to read the following whitepaper entitled “The scalability and economics of delivering Citrix XenApp services from Microsoft Azure” available from – https://www.citrix.com/content/dam/citrix/en_us/documents/white-paper/xa711-scalability-azure-rm.pdf. To get started with deploying and using XenApp 7.x in Azure take a look at deploying the XenApp Trial in the Azure Marketplace at – https://azure.microsoft.com/en-gb/marketplace/partners/citrix/citrix-xacitrix-xa-trial/ which will be you a complete XA 7.x enviromnent in Azure along with StoreFront, NetScaler and 2x VM’s to deliver a server virtual desktop and the other for delivery of just virtual apps.
14. Citrix Receiver 7.1 is ready for iOS 10 – https://www.citrix.com/blogs/2016/09/15/citrix-receiver-ready-for-ios-10/.
15. Finally be sure to check out and be aware of the list of known issues with XAD 7.11 release at – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/whats-new/known-issues.html

* Microsoft Windows Server 2016 is currently still in TP and is not officially released as of writing this blog post.

For a completely detailed summary of what is avaiable in XAD 7.11 (Seven 11) check out – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/whats-new.html.

XenApp and XenDesktop 7.x.n (As of this blog post its 7.11) Features
https://www.citrix.com/go/products/xendesktop/feature-matrix.html

Quick upgrade guide to XenApp 7.11 and XenDesktop 7.11 by #Citrix #CTP @ervik
http://www.ervik.as/quick-upgrade-guide-to-xenapp-7-11-and-xendesktop-7-11/

Upgrading My Azure XAD 7.9 environment to XAD 7.11
Coming…

Installing a XAD 7.11 PoC environment on Azure
I have testing installing XAD 7.11 (Seven 11) onto Windows Server 2016 Technical Preview 5 or TP5 on Azure via the Azure Market Place – https://azure.microsoft.com/en-us/marketplace/?term=Windows+Server+2016+TP5. The CLEAN installation that I performed did not have any issues or errors however the when creating the machine catalog for Windows Server 2016 TP5 even installing the Server DVA 7.11 it will revert to recommended VDA release of 7.8 only so you have been warned!

Once Microsoft releases Windows Server 2016 officially I will follow-up with an overview of setting up and configuring XAD 7.11 on Windows Server 2016 hosted on Microsoft Azure.

Scheduled & Coming…

What’s New in XenApp/XenDesktop 7.7

APPLICATION LIMITS – applimits
CONNECTION LEASING – cl
FLEXCAST MANAGEMENT ARCHITECTURE – fma
SKYPE FOR BUSINESS – skype4b
APPLICATION LIMITS – applimits

What’s New At A Glance
1: The re-introduction of Zones within the FMA architecture is a leading key NEW feature known as “Multi-geo Zone”.
2: Application Limits (AppLimits) allows you to limit the number of application instants launched which is also shown in existing views/counts within Director.
3: MCS provisioning support in Microsoft Azure for XenApp workloads.
4: Proactive e-mail notifications, alerts and Integrated Windows Authentication for SSO for Director
5: Installation improvements allowing SysAdmins to choose the SQL databases names and server(s) during the creation Site creation.
6: New API support for provisioning VMs from hypervisor templates
7: HDX Optimization Pack 2.0 for offloading of Lync 2013, Skype for Business 2015 within a virtual ICA/HDX session.
8: API support for managing session roaming.
9: Windows 10 support for VDA’s and Studio.
10: HDX Ready has been overhauled for Citrix’s supported thin clients.

For a complete list of what’s new check out – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-7/what-is-new.html.

Database
You can now choose to deploy your XAD SQL databases for on one or more SQL database server(s) during the creation of your Site including defining the names for each DB instance.

Understanding Zones
Its important to understand a few key things which is that FMA Zones are NOT IMA Zones and the second point to stress is that this is an re-introduction feature of Zones within the Flexcast Management Architecture (FMA) that has powered XAD platform since the 7.x.n release and that this is a v1 or version 1 release. I would very strongly encourage anyone reading this blog post to watch the embedded YouTube by Craig Hinchliffe a PM within Citrix focused on XenApp & XenDesktop.

Some important notes prior to watching the video:

1. The official documentation for Zones is available at – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-7/manage-deployment/zones.html
2. Zone in-geo support for XAD 7.x FMA Site’s over secure WAN’s e.g London, Paris, Munich as there is a latency challenge as described at – https://www.citrix.com/blogs/2016/01/12/deep-dive-xenapp-and-xendesktop-7-7-zones/.
3. There is ALWAYS a Primary Zone and then two types of Satellite Zones. The first Satellite Zone consists of VDA’s and N1+ controllers and second type of Satellite Zone consists of VDA’s and a single only controller.
4. A Satellite Zone consisting of VDA’s ONLY is NOT Supported!
5. Zones can be managed by Studio or PoSH.
6. In the event of a connection failure over the secure WAN connecting a Primary & Satellite Zone Connection Leasing (CL) is the default fallback until access to Primary Zone is restored enabling access to the SQL database(s), Controller(s), StoreFront server(s) in the Primary Zone. The CL functionality is exactly the same as XAD 7.6 so please be sure to https://www.citrix.com/blogs/2014/11/11/xendesktop-7-6-connection-leasing-design-considerations/.
7. SuGgEsTeD create a Secure WAN connection between two or more geographic locations to create your Zone utilising the CloudBridge Connector which is a feature of the NetScaler which allows you to creates secure L2L IPSec VPN tunnels between two separate data centre’s, thus saving you during a PoC implementing additional virtual or physical appliances to create secure L2L IPSec VPN simple re-use your NetScaler if the appliance is correctly licensed so please refer to the NetScaler datasheets at https://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/citrix-netscaler-vpx-data-sheet.pdf, https://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/netscaler-data-sheet.pdf.
8: VDA’s will default to registering to Controller(s) within there own zone! A VDA in the primary zone will only ever attempt to register with controller(s) in the Primary Zone and VDA’s in the Satellite Zone will register there local or (preferred) controller(s) by default. In the event of a controller failure the VDA’s will register the secondary controller in the Satellite Zone if one doesn’t exist the VDA’s will then register with the controller(s) in the Primary Zone.
9: The SuGgEsTeD number of Zones per Site is 10 https://www.citrix.com/blogs/2016/01/12/deep-dive-xenapp-and-xendesktop-7-7-zones/.

For a more detailed overview of Zones please refer to http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-7/manage-deployment/zones.html.

Please submit any comments at – https://www.citrix.com/blogs/2015/12/29/xenapp-xendesktop-7-7-intro-to-zones-within-fma/.

Missing or No Zones Feature Post Upgrade of XAD 7.6 FP3 to 7.7

After upgrading from XA/XD 7.6 FP3 to XA/XD 7.7, the MultiGeo Zones feature does NOT appear in Citrix Studio. To resolve this behavior, in an Elevated rights PoSH Window, navigate to “C:\Program Files\Citrix\XenDesktopPoshSdk\Module\Citrix.XenDesktop.Admin.V1\Citrix.XenDesktop.Admin\StudioRoleConfig” and run the following “Import-AdminRoleConfiguration .\RoleConfigSigned.xml”. Now close both the PoSH window and Studio and re-open Studio and you should notice that the Zone’s feature is now available under App-V Publishing. The following PoSH cmdlet and two other known issues can be found at – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-7/what-is-new/known-issues.html.

AppLimits or Application Limits
Once you have configured your application limits – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-7/install-configure/delivery-groups-manage/applications-manage.html per published XenApp app begin your testing and your notice that your users receive the following error message Cannot start “APP NAME”. If you want to better understand why the user received these error messages open the event viewer on the XenApp worker and search for the following event ID’s 1117 which translates to “The Citrix Broker Service failed to broker a connection for user ‘DOMAIN\USER’ to application ‘APP NAME’. The maximum allowed instances of this application in the site are already running” and 1118 “The Citrix Broker Service failed to broker a connection for user ‘DOMAIN\USER’ to application ‘APP NAME’. The user is already running the maximum number of instances of this application that they are allowed.“.

Managing Session Roaming
http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-7/manage-deployment/sessions.html.

Find Your Citrix HDX Thin Client
The HDX Ready team have classified any/all Citrix thin clients into the following three categories HDX Ready – https://citrixready.citrix.com/category-results.html?category=c1-thin-clients&lang=en_us&filter=c1-thin-clients/g-hdx-level/f-hdx-ready&sortby=product-asc, HDX Premium – https://citrixready.citrix.com/category-results.html?category=c1-thin-clients&lang=en_us&filter=c1-thin-clients/g-hdx-level/f-hdx-premium&sortby=product-asc, HDX 3D Pro – https://citrixready.citrix.com/category-results.html?category=c1-thin-clients&lang=en_us&filter=c1-thin-clients/g-hdx-level/f-hdx-3d-pro&sortby=product-asc.
https://citrixready.citrix.com/info/thin-clients.html.

It’s strongly suggested that you read the following white paper from the HDX Ready team entitled “Find Your Thin Client” which can be viewed online or downloaded at – https://citrixready.citrix.com/content/dam/ready/assets/thin-clients/thin-clients-features.pdf