Tag Archives: Citrix

Accelerate migrations to the CVAD Service

A question I’m often asked in the field is how do I get to the Citrix Virtual Apps and Desktops (CVAD) Service at pace or more importantly on my own terms?

The answer can be simple and complex at the same time the previously consultant in me says now says “well it depends”. The challenge with the tag line of “well it depends” often can lead to assumptions like migrating from an on-premises CVAD environment to the CVAD Service is a long and lengthy process that’s cumbersome, however today it couldn’t be further from the truth.

I have worked with many a customer that rotated to the CVAD Service in less than a month to keep either business operations continuing at a time when a crisis hit or a number of impending mergers where occurring and they needed an agile and flexible IT delivery strategy which Citrix Cloud platform is well placed to facilitate and orchestrate bringing together many different workload types in any cloud type – private, public, hybrid and most importantly hybrid multi-cloud environments.

How did these customers achieve this feat? Before I get there remember there is a lot more that needs to be consider with a traditional CVAD deployment (install, upgrade etc), requiring multiple teams to be engaged simultaneously as one (a huge feat in itself which rarely works well as a well oiled machine) from IT to InfoSec, Network and Security teams e.t.c, when you pivot to the Citrix Cloud platform you’re moving to a combination of SaaS (Gateway Service) and PaaS (CVAD Service) and equally removing a fair amount of unnecessary technical and culture debit + resistance. The lost time and productivity due to culture resistance to changing operating models and moving to the CVAD Service cannot be measured but is by far the biggest barrier in my personal field perspective. 

So how can you narrow the economic’s of time of getting to the CVAD Service? Citrix built and released an incredibly powerful tool called the “Automated Configuration Tool” or ACT for short, which allows for the exfiltration of your CVAD operational business logic which can be exported then evaluated and imported into your CVAD Service tenant in the Citrix Cloud by your chosen region e.g https://eu.cloud.com/. Light Bulb moment!

I previously wrote this article in http://axendatacentre.com/blog/2020/11/07/citrix-virtual-apps-desktops-or-cvad-service-migration-strategies/ – “Citrix Virtual Apps & Desktops or CVAD Service Migration Strategies” and the above and below expands upon this brief article from 2020, due to personal circumstances I stepped away largely from many communities and activities.

There are three migration strategy’s to moving to the CVAD Service from an on-premises CVAD environment:

Start A-Fresh
A complete re-evaluation of policies – employee experience vs. security, provisioning strategy. This strategy is wise if you’re well unfamiliar with new enhancements in a multi-dimensional way and been honest with that yourself your CVAD on-premises environment has not been well looked after e.g feed and watered. 

Evaluate & Pivot
Migrate only key business operational IT logic requirements e.g. policies – employee experience vs. security and rebuild Machine Catalogs based upon you’re net new provisioning strategy e.g. MCS from PVS to support hybrid multi-cloud portable workloads. This strategy implies that you keep your on-premises CVAD environment feed and watered often and updated at minimum once every 12 months.

Automate & Migrate
Ingest the entire business operational IT logic from Machine Catalogs, Delivery Groups, Policies and Zones into the CVAD Service from your on-premises e.g. CVAD 1912 Long Term Service Release (LTSR) environment or preferred Current Release (CR) provided that this environment has been well looked after proactively. You will still require a brief evaluate phase during the migration as part of good leading practise and hygiene. 

To get started with how-to use and get the ACT tool checkout this useful Citrix TechZone PoC guide/article – https://docs.citrix.com/en-us/tech-zone/learn/poc-guides/citrix-automated-configuration.html.

Finally the simplest and most powerful strategy is to not move any business operational IT logic at all to the CVAD Service initially but you leverage the power of “Affordance” or the appearance of providing the employee with the Citrix Workspace experience vs. StoreFront but technically nothing has changed, all that you are doing is changing the access the lens/portal to be Citrix Workspace. This strategy is fundamentally critical in enabling IT to pivot to the CVAD Service on there own terms as once the employee culture or shock has worn off with this new looking interface IT can in the background begin to use things like the ACT to migrate to the CVAD Service on there own terms and then equally shift there existing ICA proxy configurations to a turn-key SaaS operating model by unlocking the Gateway Service in the Citrix Cloud for the CVAD Service and many others Citrix Cloud Services e.g Secure Workspace Access, the Gateway Service in the Citrix Cloud platform is the default how-to access CVAD workloads, but if you still prefer an on-premises Citrix (ADC) Gateway V/A it’s a case of toggling off the Gateway Service. Customers choose to keep there Citrix ADC V/A for many different reasons and still highly relevant use cases and business or security and governance requirements.

To learn more about the “Site Aggregation” check out – https://docs.citrix.com/en-us/citrix-workspace/add-on-premises-site.html to get stated and to begin your pivot to CVAD Service on your own terms.

The views expressed here are my own and do not necessarily reflect the views of Citrix.

The power of Affordance + Citriẋ for the Future of Work

What is “Affordance”? It’s Design Thinking terminology summarised as follows – you can look at a product or service and visualise in your mind how it works a great example is of this is the play ▶️ and stop 🛑 buttons you can use these to interact with a product or service to start or stop the action, interactivity or stream.

Another example is volume controls on car radio its usually round nob and to turn the volume up you turn the round nob clock wise and the reverse to lower the volume.

Now that you have a simple understanding of what I mean by affordance let’s get started.

We live in an age of a complex technology spectrum, that is suppose to remove friction and barriers for employees but its actually in many instances making it worse, to achieve more while in some cases through people cultures at companies its driving productivity trends in the wrong direction inclusive of negative affect’s on employee (human) well-being. A recent “The Economist” article puts the remote workforce working up to a 30% more during the pandemic yet there are productivity inefficiencies, the link to the article is available at – https://www.economist.com/business/2021/06/10/remote-workers-work-longer-not-more-efficiently.

How does Citrix aim solve some of that complexity in the technology spectrum? It embraces the power of Affordance enabling employees (humans) to work on there own terms to achieve more in meaningful ways through flexible work-styles. Today many talk about a hybrid workforce, its staple founding principle upon which Citrix was  built upon and its in its DNA with over 30 years of tenure enabling the hybrid operating model between the physical workplaces, at home or somewhere in between with different marketing lines my favourite – Work is not a place.

I know invite you to watch the following 3 minute demonstration where I’ll take a vanilla windows endpoint and I’ll enable Signal Sign-On (SSO) to a Software-as-a-Service (SaaS) web apps in my example i’ll SSO to Salesforce in several ways to demonstrate the Affordance of Citrix enabling employees (humans) to work on there own terms on any endpoint.

Demonstration of the Employee Affordance powered by Citrix

In the video you see a Windows endpoint that doesn’t having access to Salesforce that’s because it’s a SaaS web app and you typically access those types of apps using your web browser not via the Start Menu on a Windows endpoint or the Dock on Mac OS X.

Once the employee completes a sign-in to Citrix Workspace much like the Netflix app on your smart TV it provides you with recommendations; access to stream either  movies, TV series of documentaries and in Citrix Workspace app it allows access to stream different web, SaaS and micro apps with SSO enabled so its seamless.

The difference between the Netflix and Citrix Workspace apps is that the Citrix Workspace app (CWa) supports different affordance in how a employee (human) may want to work vs. how IT and security teams determine the “How” employee (human) consume these apps – local, sandboxed, traffic reflection or a combination inclusive of security depth in by enforcing session watermarking, restrictions on cut, copy, paste and printing e.t.c 

I know invite you to study the below hand drawn diagram, to make the experience hopefully more personal. The diagram depicts the entire demonstration above and how the flow of traffic and data is controlled and how contextual security access can be applied to different web, SaaS and micro apps using cloud native turn-key Citrix Cloud Platform services.

Time line of the Demo

Time 0 min 0 seconds
The Citrix apps has already been installed onto the employee (human) endpoint, this could be achieved by using Citrix’s own Endpoint management service vs. another or alternatively by some other legacy/traditional means e.g Domain joined endpoint using a full device VPN.

Time 0 min 13 seconds
On-board employee (human) + endpoint with Citrix Workspace for modern secure data, web & SaaS app delivery with SSO.

Time 0 min 29 seconds
Once Citrix Workspace app (CWa) is signed and is beginning to retreive and layer in the right and relevant SaaS, Web, (Virtual Apps & Virtual Desktops – optional) with Windows Start Menu or Mac OS X Dock integration by entitlement by job role vs. Business function. You will notice that while CWa is initializing there is NO Salesforce in the Windows start menu.

Time 0 min 55 seconds

Citrix Workspace app (CWa) enables a effortless Single Sign-On (SSO) experience using a magic token to SSO the Citrix Files app to gain access to the employees (humans) Cloud “My Docs” managed by Citrix or allows access to OneDrive for Business, Google Drive, Box, Dropbox e.t.c – Note the employee will need to sign-in only once to any of these Enterprise File Sync and Share (EFSS) platforms to then allow CWa to SSO the employee (human) to any of these EFSS platform which IT can control and allow access to.

Time 1 min 26 seconds

CWa has layered in all the employees (humans) web and SaaS apps into the Windows Start Menu, which the human can now search for and launch with just in time security and SSO after the click on the icon.

There are two version in this demo Salesforce and Salesforce Secure this is to show the different types of contextual security that can be enforced or ON vs. OFF at app vs. network latitudes.

Citrix Workspace affordance enabling frictionless access including SSO to SaaS e.g. Salesforce via Windows Start Menu integration launching the preferred native local endpoint with the browser traffic protected by Citrix Secure Internet Access (SIA) Service and the SSO to Salesforce is handed by the Citrix Gateway Service configured by IT for SSO e.g SAML.

When accessing Salesforce even though IT has turn OFF all app security enforcement policies at the OS and presentation layer e.g what the human sees and interacts with e.g Start Menu and Chrome Browser so its a native experience, the Citrix SIA Service is capturing and redirecting all the network traffic prior to traversing the endpoints network interfaces and forcing the traffic to a centralised Citrix SIA service tenant in the Citrix Cloud Platform that allows for IT and Security teams to enforce just in time cloud network security policy adds/moves/changes in near to real-time all without impacting and employee affordance by avoiding pushing down any type of update/patch/upgrade software package.

Time 1 min 48 seconds

Citrix Workspace app inclusive of the web browser portal version allows employees to use the Citrix Universal Search to search for web, SaaS apps and content from within the portal if this is how they choose to work and then access the same Salesforce SaaS app with the same SSO and network security enforced when using the CWa.

Time 1 min 57 seconds

In this example searching and starting the Salesforce Secure SaaS app and in this example IT has turned ON all the app security enforcement policies at the OS and presentation layers to add further depth and breathe avoiding any IP, Pii exfiltration and more.

When app security polices for web, SaaS apps are configured, then depending upon how the employee (human) intends to access his/her web, SaaS apps e.g Salesforce Secure it will make a decision based upon the individual employees (humans) preffered Affordance access method how to securely deliver Salesforce Secure e.g at 2 min 29 seconds you’ll see that its open, SSOed, running in a local sandboxed browser that is session watermarked with cut/copy/paste and printing denied or disabled between the sandbox and endpoint.

Time 2 min 44 seconds

What if the employee (human) decides actually I am going to bypass all of Citrix’s security policies and governance? We’ll guess what that just in time at a network level protected by Citrix SIA Service will intercept and enforce app security policies, in the example I open a new tab navigate to Salesforce type in my tenant and attempt to sign-in outside of Citrix Workspace app and bypass all that security, the Citrix SIA Service intercepts the request between endpoint (source) and destination (https://<tenant>.my.salesforce.com  and recognises that method requires a remote browser isolation session to avoid and de-risk IP, Pii exfiltration and lateral movements. IT can choose to enforce or allow cut/copy/paste and printing from these remote browser isolation services that are intercepted by the Citrix SIA Service.

DT Architecture Diagram

What services where used to achieve this experience? 
Secure Internet Access – https://www.citrix.com/products/citrix-secure-internet-access/
Secure Private Access (formerly Access Control and Secure Workspace Access) –https://www.citrix.com/products/citrix-secure-private-access/
Secure Browsing Service – https://www.citrix.com/products/citrix-secure-browser/
Citrix Analytics for Security – https://www.citrix.com/products/citrix-analytics-security/

All of these services are turn-key S/PaaS in nature powered by the Citrix Cloud Platform – https://citrix.cloud.com/ and have good IT Affordance meaning they aren’t difficult to setup, configure and manage, you’re talking  about handful or minutes or a few hours to get a Minimal Viable Product or Prototype (MVP) into your employees (humans) hands to test and provide you with insights and feedback to refine your MVP.

The views expressed here are my own and do not necessarily reflect the views of Citrix.

Citrix Virtual Apps & Desktops 7 2012 Unlocking Potential with What’s New

The following article blends describes feature capabilities and changes to the Citrix Virtual Apps & Desktops (CVAD) 2012 Current Release (CR) either used on-premises or via the CVAD Service in Citrix Cloud platform – http://citrix.cloud.com/. The current documentation is officially accessible under the current release node within Citrix eDocs at What’s New* accessible at –
https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/whats-new.html.

Suggested Upgrade Guidance to CVAD 7 2012
Citrix have published the following micro site “Citrix Upgrade Guide” – https://docs.citrix.com/en-us/upgrade, it is worth mentioning when using this web tool to understand the source vs. target release strategies, you’ll need to factor in the name change from e.g XenApp to Citrix Virtual Apps when using the tool.

It is advisable prior to embarking on any potential upgrades as a good leading and practical practise, perform due diligence review of connected endpoint ecosystem, thus ensuring and avoiding any potential blockers. Every Citrix Administrator (Admin) should bookmark the following online PDF document entitled – “Citrix Workspace app Feature Matrix” https://www.citrix.com/content/dam/citrix/en_us/documents/data-sheet/citrix-workspace-app-feature-matrix.pdf.

Alternatively if you are finding it a challenge to successful prepare a plan to upgrade your CVAD environment from its current release cycle to the current 2012 release, then perhaps you should be evaluating a shift towards consuming your on-premises Access and Control Layers as a Service operating model from Citrix Cloud CVAD Service. There is a detailed online document available at – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops-service/migrate.html and if you require a reminder of who manages what then before sure to read the following technical security overview for the CVAD Service available at – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops-service/secure.html#security-overview which covers off the high level architecture, credential handling and the follow of data and isolation.

Overview of What’s New and Changes to CVAD 7 2012 Current Release (CR)

IT Administration
1.While this is NOT new please be minded that hosting connections to public clouds e.g CloudPlatform, AWS EC2, Azure and of course GCP are not supported with CVAD current releases (CR) – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/upgrade-migrate/upgrade.html#remove-pvd-appdisks-and-unsupported-hosts, if you require this capability you’ll need to adopt a Citrix Virtual Apps & Desktops (CVAD) Service operating model from the Citrix Cloud or standardise on the last Long Term Service Release (LTSR) which is 1912 – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/1912-ltsr.
2.Citrix Workspace Environment Management (WEM) 2012 agent is now bundled into the Virtual Delivery Agent (VDA) installer for the GUI – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/install-configure/install-vdas.html#step-7-wem-agent and for automation purposes – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/install-configure/install-command.html#command-line-options-for-installing-a-vda which allowing you to configure WEM ACL f/w; agent port/cache location/data sync port; connectors vs. WEM server. The agent now includes new cache utility options (-RefreshSettins or -S; Reinitalize or -I); An optimised startup workflow which been resolved including a new Citrix Cloud connector behavioural awareness strategy; WEM agent is retiring associated legacy agent cache sync service inline with the End of Life (EoL) Microsoft Sync Framework 2.1 see – https://docs.citrix.com/en-us/workspace-environment-management/current-release/whats-new.html for move details and remediation readiness.
3.Support for transparent and non-transparent proxies for “Rendezvous” check out – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops-service/hdx/rendezvous-protocol.html#proxy-configuration, to validate the configuration launch “cut session.exe. -v” in console and evaluate the output referencing – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops-service/hdx/rendezvous-protocol.html#rendezvous-validation. If you are using a data/network redirection agent to fwd your network traffic to cloud like ZScaler Private Access (ZPA) be mindful of the current leading recommendations – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops-service/hdx/rendezvous-protocol.html#additional-considerations. If you are not familiar with what and why “Rendezvous” then learn and understand how it works which includes a detailed connection flow diagram – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops-service/hdx/rendezvous-protocol.html#how-rendezvous-works.
4. The 2012 Linux VDA supports Machine Creation Services (MCS) on Google Cloud Platform (GCP) which you can learn to setup and configure at – https://docs.citrix.com/en-us/linux-virtual-delivery-agent/current-release/installation-overview/use-mcs-to-create-linux-vms.html#use-mcs-to-create-linux-vms-on-gcp; continuing efforts to remote physical standard vs. high-end workstations sat in the Workplace the Wake on Local Area Network (LAN) capability is now available for Linux endpoints; finally support for new Linux distro releases Ubuntu 20.04 and RHEL 7.9 and 8.3; you can learn more about what else is new at – https://docs.citrix.com/en-us/linux-virtual-delivery-agent/current-release/whats-new.html.
5.Citrix Provisioning Service (PVS) 2012 includes a wealth of fixed issues – https://docs.citrix.com/en-us/provisioning/current-release/fixed-issues.html.

Employee Experience
1.Drag and Drop to copy files between your local endpoint and the delivered Citrix virtual app and or desktop. To learn more check out the “CTXDND” under “Multi-Stream virtual channel assignment setting” at – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/policies/reference/ica-policy-settings/multistream-connections-policy-settings.html#multi-stream-virtual-channel-assignment-settings, also be mindful or the current known limitations in the What’s New for Citrix Virtual Apps and Desktops (CVAD) 2012*.
2.Web Camera redirection issues resolved for Microsoft Surface Pro 4 endpoints*.
3.Support for the Windows Image Acquisition (WIA) API framework allows and enable scanning/imaging Citrix virtual apps feature and function access on scanning endpoints themselves.* You can learn more at – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/devices/twain-devices.html.
4.The Linux Virtual Delivery Agent (VDA) 2012 release introduced a macro amount of meaningful experience features like automatically MTU discovery to avoid performance degradation and session connection failures of CVAD ICA/HDX sessions; support for the “Rendezvous protocol” allowing Linux ICA/HDX to bypass the Citrix Cloud Connector when using the Citrix Gateway Service with CVAD Services.
5.Drag and then drop files between a Citrix ICA/HDX session and the employees local endpoint*, this feature requires Windows CWa 2002 for Windows.

Security
1.Familiarise yourself withy the Deprecation announcements – https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/whats-new/removed-features.html.
2.*While the drag and drop files features in CVAD 2012 offers a brilliant and frictionless employee experience, you should consider the security risks, prior to implementation for example do all employee’s require this feature? Evaluate who actually would benefit from the capability and do they have a managed endpoint which IT controls? I would also ask yourself to assess the risk by the employees role and function within the organisation e.g key revenue generating employees?
2.CTXS licensing server build 33000 now includes updated versions of Apache 2.4.46 and OpenSSL 1.1.1g and new conf options for usage telemetry, which cover off Personally Identifiable Information (Pii) options and associated descriptions, learn more at – https://docs.citrix.com/en-us/licensing/current-release/citrix-licensing-manager/settings.html#configure-usage-telemetry.
3. Federated Authentication Service (FAS) 2012 fixes a disconnect-on-lock feature ref [AUTH-787] if you are experiencing this issue you can find more detail at – https://docs.citrix.com/en-us/federated-authentication-service/whats-new/fixed-issues.html.
4. Session Recording (SR) 2012 adds a wealth of good new features and continues to keep employees working from home compliant in regulated industries or it can be used for internal training. Some of the new features incl support for blocking of sensitive information – https://docs.citrix.com/en-us/session-recording/current-release/log-events.html#sensitive-information-blocking;

The views expressed here are my own and do not necessarily reflect the views of Citrix.

Dyslexia Thinking + Thoughts on the power of Citrix Workspace + Citrix Modern Networking captured in a Blended Doodle

A Workspace technology that enabled Flexible Working styles 30+ years with a continuous Vision focused on the Current vs. Future of Work Acumen
I decided to put together my second blended doodle together to better explain Citrix Workspace + Citrix Modern Networking, how it works in a visual illustration format to have more meaningful conversations and discussions. I picture can tell a thousand micro stories and the big picture here depicts a simple story which tells you the IT + Business value unlocking your organisations potential using Citrix on Citrix, including the why and why now. A Citrix Workspace supports legacy, traditional and very forward thinking ways of working that prior to the COVID-19 world wide pandemic would take a while to get going however today organisations can leap at pace within there Transformation journeys by unlocking ready to consume Citrix as a Service operating models inclusive BUT also well beyond virtualisation to a world where you can swipe left or right vs. enter in up to 3-5 fields and tap submit/approve to achieve an business and human outcomes within seconds.

The stark truth is that a Citrix Workspace for Citrites is “AWESOME” and the productivity time I get back routinely using our own technologies inspires me more with each day, it allows me to accelerate ‘economics of time I get back’ or take a well deserved break when I need it on my own terms.

View this post on Instagram

L-J’s (My) #Dyslexia thinking + thoughts on the power of #CitrixWorkspace + #Citrix Modern Networking “Best Together” captured in this blended #doodle talking about modernising IT services, multi-dimensional sustainable IT thinking, zero trust architecture, flexible working styles, diversity and inclusion, the modern vs. traditional device spectrum, agile working powered by a smart phone, SIA + SASE + SD-WAN and so much more. #citrixCTA #employeeexperience Blended Doodle is hand drawn with pencil ✏️ + paper, with final editing using Apple iPages on my #iPhone 7📱 The views expressed here are my own and do not necessarily reflect the views of Citrix.

A post shared by Lyndon-Jon Martin 👨🏻‍💻📲 (@lyndon_jon_martin) on

Understanding Citrix Workspace + Citrix Modern Networking “Best Together”
The following links below will help you better understand the different Citrix service offering capabilities, terminology, strategy and business + technical acumen (>).

The views expressed here are my own and do not necessarily reflect the views of Citrix.

Frictionless Working Styles Video Demo Series of How vs. Where I Worked for a Week in Dec 2019

The following is a brief video series depicting how I consume and a Citrix Workspace as a Citrite with my daily activities in the field visiting and supporting Citrix customers.

Day 1

Day 2

Day 3

Day 4

Day 5

The views expressed here are my own and do not necessarily reflect the views of Citrix.

Apple FaceID Authentication for Citrix Workspace app on iOS Devices

I recently moved from iPhone 5S (Ja Ja or Yes Yes) to iPhone XR and thought I’d enable Apple FaceID as my primary authentication method for my corporate owned device vs. PIN/Passcode and … to unlock my device + Citrix Workspace.

I have to say I’m impressed thus far it’s a really super authentication method and defiantly not a gimmick! Example I setup notifications for Citrix Secure Mail with the Show Previews set to “When Unlocked (Default)” this means that when an unknown vs. family individual picks up my iPhone they’ll see a Secure Mail badge with just “Notification” as the message see below.

However when I pick up the iPhone I see something quiet different, as you’ll notice below. I now very quickly get the right vs. relevant context surrounding the email(s) content sent, therefore I am better informed to decide when to respond e.g right now, in a few minutes or later dependant upon the activity/task that I am busy with, within my current Citrix Workplace setting e.g Citrix Paddington office, London tube vs. bus, Train up north to Manchester e.t.c as at Citrix it’s recognised that work is not a place anymore.

Workplace setting? What’s that? 

Think about yourself, you’re probably consuming  1-2 LOB apps at least 2-3 times before arriving in your first workplace setting for the day for a meeting or attending an event? Take note you’ve already signed into WORK at what 06:00-30 if you have children or perhaps later. Did this behaviour exist 5 years ago for you?

Ok back to Apples FaceID.

I wanted to truly test, push the limits and capabilities of Apple FaceID as a primary authentication method for my Citrix Workspace + Workplaces going beyond what we all test it seems e.g different coloured lighting, in the dark, twilight, dusk, low vs. bright light and the list goes on and it all worked perfectly so great job Apple so far!

I wanted more, I wanted a sudden change in my face to truly push FaceID to its limits so as many men do in November I to pulled a Movember – https://uk.movember.com (perfectly timed) so I had a thickish but full beard + moustache which was timely for me testing its limits so I registered my face with both (yes it was passing the scratchy stage) so I then decided to leave it post Movember for 3 days to see if it was learning more about my face to better recognise me and then implement the dramatic change by shaving it all off clean and what do you think happened? Did Apple FaceID recognise me? Yes it did first time, great job again Apple!

So can you be confident in consuming FaceID for Citrix Workspace app or even for unlocking your iOS devices? Yes, if it’s a supported feature on your iOS device and obviously if your corporate IT policy allows for it by not blocking it through policy controls.

How-to Enable FaceID for Citrix Workspace app on iOS
Authenticate yourself within Citrix Workspace app for iOS e.g – https://itunes.apple.com/gb/app/citrix-workspace/id363501921?mt=8 using your current method e.g TouchID and or user/passwd/token e.t.c and then to enable it Apple FaceID navigate to the settings “Menu” tap your desired configured account or the default which is “Store”, next tap “Edit Account” and finally toggle the “FaceID” option to the ON or ENABLED position/state and then you are ready to begin consuming Apple FaceID as your primary authentication method to Citrix Workspace app on iOS.

Final Thoughts
I was not a fan of Apple FaceID initially when it launched as I wanted to do some homework + research it a bit more and see and hear what other peoples experiences where, but most of all wait for the technology to mature a little.

One thing I do keeping thinking about is that Apple FaceID lets you add up to 2x faces only on the iPhone XR*. I wonder if it needs to support up to 4x for family vs. 1x for business scenarios controlled by MDM/UEM polices?

I will continue my testing over time and circle back in a few months with a new blog post of simply update this and do more background research on Apple FaceID* but until then enjoy it, its worth enabling!

The views expressed here are my own and do not necessarily reflect the views of Citrix or Apple.

Citrix Workspace app is released Hello World

The views expressed here are my own and do not necessarily reflect the views of Citrix.

Introduction
What is Citrix Workspace app? It brings together all your LOB tools which in todays modern world consists of (virtual/micro/installed/mobile) apps, SaaS, desktops & content. I’ve embedded a sample of what this actually looks like below.

Overview
The new Citrix Workspace app way more than purely an upgrade of Citrix Receiver e.g grey to blue icon and a skin change, this NEW Citrix client app release is simply extraordinary, working for Citrix I can be considered bias however once you actually begin to consume the Citrix Workspace app you’ll understand exactly what I mean. Citrix Workspace app is for me all about an experience, and that experience is extraordinarily AWESOME! As I begin consuming my LOB (Line of Business) tools wherever I am + want and in a setting/context that suites me (home, Paddington vs. partner offices, trains, taxi e.t.c) the chosen LOB tool delivered context can change dependant upon criteria (I won’t be covering this today) or how IT (say YES!) has chosen to deliver the LOB tool through Citrix Access Control Service – https://docs.citrix.com/en-us/citrix-cloud/access-control/get-started.html.

I now have all my content available all in the same AWESOME app thank you Citrix Content & Collaboration aka ShareFile. I can upload, download and even favourite particular content e.g “L-J’s H1/2 Citrix Partner Tech Super Deck” which is then available directly from the home view/tab. In the below example I am uploading the LeasePlan Citrix SD-WAN case study – https://www.citrix.co.uk/customers/leaseplan-en.html and the actual video is available at – https://www.youtube.com/watch?v=4Hq-yryxfS0 take a look and remember to listen to the outcomes Citrix SD-WAN provides LeasePlan.

How do I get started today?
Firstly I will do a more detail blog post on getting it all up and running with use cases time dependant of course.

1.Start by navigating to https://docs.citrix.com/en-us/citrix-workspace-app.html and then goto Citrix.com and login with your access details, next navigate to https://www.citrix.com/downloads/workspace-app/ and download Citrix Workspace app for your chosen end-point. If you are running a TP of Citrix Workspace app code base please UNINSTALL it prior to installing the GA production code base as a few community individuals I know had issues upgrading from TP code base. I would like to state for the record I upgraded from PRODUCTION Citrix Receiver to the Citrix Workspace app for Mac 1808 on my Mac without ANY issues see below tweet.

2. Please carefully read the System Requirements for your chosen platform here is the link for Mac – https://docs.citrix.com/en-us/citrix-workspace-app-for-mac/system-requirements.html and Windows https://docs.citrix.com/en-us/citrix-workspace-app-for-windows/system-requirements.html.

3. Review the installation guidance for Mac – https://docs.citrix.com/en-us/citrix-workspace-app-for-mac/install-configure.html and Windows – https://docs.citrix.com/en-us/citrix-workspace-app-for-windows/install.html.

4. Please carefully read the configuration of Workspace app for Mac – https://docs.citrix.com/en-us/citrix-workspace-app-for-mac/configure.html
and Windows – https://docs.citrix.com/en-us/citrix-workspace-app-for-windows/install.html e.t.c. for other platform and if you are looking for multi-monitor support or Mac – https://docs.citrix.com/en-us/citrix-workspace-app-for-mac/improve-user-experience.html#using-multiple-monitors for Windows – https://docs.citrix.com/en-us/citrix-workspace-app-for-windows/improve.html#multi-monitor-support, and securing communications between Workspace app and your StoreFront for Mac – https://docs.citrix.com/en-us/citrix-workspace-app-for-mac/secure-communications.html and Windows – https://docs.citrix.com/en-us/citrix-workspace-app-for-windows/secure-communication.html (Pay attention to deprecated cipher suites node) and finally if your are you a Smart Card user pay attention to the recitations at the bottom of both docs for Mac – https://docs.citrix.com/en-us/citrix-workspace-app-for-mac/requirements-for-smartcard-authentication.html and for Windows – https://docs.citrix.com/en-us/citrix-workspace-app-for-windows/authentication/config-smart-card.html and for WIF 5.4 (yes I know really however some of you still may need it while your upgrading to XAD 7.x platform) https://docs.citrix.com/en-us/citrix-workspace-app-for-windows/secure-communication/config-smart-card–for-web-interface.html.

5. Sign-up vs. Login to Citrix Cloud today and trial vs. acquire a Citrix Cloud service e.g ShareFile Service or the XAD Service and if you want to aggregate on-premises LOB apps into the new Citrix Workspace experience then setup “Site Aggregation” today. To learn how please read this CTXS blog post and watch the embedded YouTUBE video which provides a how-to overview at – https://www.citrix.com/blogs/2018/08/03/site-aggregation-for-citrix-workspace-is-now-ga/.

Thats all folks for now on the technical overview its brief I know so I will follow-up in future with more detailed overview + how-to e.t.c either here or on the https://www.mycugc.org website in the experts area.

Upgrading to Citrix Workspace from Citrix Receiver for smart devices

In Closing
I work for Citrix, I have been a Citrix + IaaS advocate for well over a decade (now SD-WAN swell) so I am mostly likely bias you’ll think however Citrix Workspace app is truly AWESOME and way more than what you see at a glance, I encourage you all to begin consuming it today to see for yourself just what I am talking about and why I personally say its “AWESOME“.

Citrix Innovation Award Finalists for #CitrixSynergy 2018

Its that time of the year where you Citrix customers, partners can vote for your favourite Citrix Innovation Award Finalist.

This year see’s a great mixture of customers in different markets all leveraging Citrix technologies as the enabler for transformation within there organisations to embrace a new way of working or #ThisIsHowTheFutureWorks powered by Citrix Networking, Workspace and Security & Platform Analytics from https://www.cloud.com/.

I would encourage you to watch all three videos describing there journey before casting your vote as there is some really great innovation happening within these Citrix customers and if you want to get started visit https://www.citrix.com or https://www.cloud.com/ today.

Beazley from the UK – Insurance

Quote “A new mindset to work wherever I am, because I have the tools that Citrix provides and Beazley…” – @dalesteggles

Health Choice Network, US – Healthcare

WAGO, Germany – Engineering

All the very best to this years Finalists.

The views expressed here are my own and do not necessarily reflect the views of Citrix.

What’s New with HDX (3D Pro) Technologies in XenApp & XenDesktop 7.16

The following content is a brief and unofficial prerequisites guide to setup, configure and test accessing secure by design virtual apps and desktops powered by XenApp & XenDesktop 7.15 prior to deploying a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessarily conform to industry descriptions or leading best practises. The views expressed here are my own and do not necessarily reflect the views of Citrix.

Shortened Names
SESSION REABILITY – sr
HIGH DEFINITION EXPERIENCE – hdx
XENAPP/XENDESKTOP – xad
SESSION REABILITY – sr
CURRENT RELEASE – cr
LONG TERM SERVICE RELEASE – ltsr

Introduction what is HDX?
High Definition eXperience (HDX) is a set of technologies that provides a near to HD local like experience of a remoted virtual app, desktop or both to users anywhere in the world on any device even without installing anything on that device all you need is a modern widely used (supported) HTML5 compliant internet browser e.g Chrome, Safari (try it on your iOS devices :-)), Firefox, Internet Explorer you get the picture.

HDX is simple yet so powerful and has three founding principles which are intelligent redirection, adaptive compression, and data de-duplication like wise it has three principles it performs when you connect to there virtual resources which is Inspect the VM (Server vs. Desktop) what does it have e.g vGPU, Inspect the network what its like and can I use UDP for adaptive transport or should I fallback to TCP to remote the display + multimedia and finally it inspects the end-point what is there and can I use it? An example is the HDX Optimisation Pack available to offload audio/video for my Skype for Business sessions or shall I utilise generic HDX fallbacks?

I’m not going in great detail in this introduction so if your new to HDX or even an HDX Xen Master I’d still encourage you read the white paper published by Citrix on HDX Technologies at –
https://www.citrix.com/content/dam/citrix/en_us/documents/white-paper/citrix-hdx-technologies.pdf. Also be sure to check out the HDX resources page on Citrix.com at – https://www.citrix.co.uk/products/xenapp-xendesktop/hdx-technologies.html.

Finally you can find all the latest about XAD 7.16 and not just whats new with HDX in this release at – https://docs.citrix.com/en-us/xenapp-and-xendesktop/current-release/whats-new.html and you’ll notice that it’s not a 7.16 URL but refers to current release or CR.

HDX RealTime
Skype for Business to Teams “We are committed…” read all about it in Dereks blog post on Citrix.com – https://www.citrix.com/blogs/2017/11/08/the-big-news-about-microsoft-teams. The big announcement is that HDX RealTime Optimisation Pack now has an LTSR release version 2.4 which is available and you can learn more product lifecycle information at – https://docs.citrix.com/en-us/hdx-optimization/2-4-ltsr.html. Its also worth noting that this LTSR does NOT support any version of Microsofts Teams only Skype for Business 2015, 2016 you can learn more by reviewing the System Requirements for the client vs. server side at – https://docs.citrix.com/en-us/hdx-optimization/2-4-ltsr/system-requirements.html.

– HDX RealTime Media Engine for the Citrix Ready workspace hub (formerly known as HDX Ready Pi) is only supported for ViewSonic – https://citrixready.citrix.com/viewsonic/viewsonic-sc-t25.html or NComputing – https://citrixready.citrix.com/ncomputing/ncomputing-rx-hdx-thin-client.html Pi’s only. You can also get management of these devices from Stratodesk check out – https://www.stratodesk.com/products/raspberry-pi-thin-client.
– Behavioural changes in the way audio is handled in fallback mode when CPU is busy is to disable Echo Cancellation via the RTME as the generic HDX RealTime will handle this capability until returning to expected behaviour and lower CPU load.
– Enhancements to the microphone to provide better insights into whom is speaking.

The full list of what’s new in this LTSR is available at – https://docs.citrix.com/en-us/hdx-optimization/2-4-ltsr/whats-new.html.

HDX Broadcast
– The release of XAD 7.16 introduces a great new VDA installation behaviour change 🙂 whereby it will automatic set the HDX mode to be standard (Server OS) vs. HDX 3DPro mode (Desktop OS if it meets the requirements for HDX 3DPro e.g the Desktop OS includes a vGPU or GPU) which I believe is setup in the right direction and simplifying overall CTX Admin overhead e.g another syntax option to remember vs. I forget to configure the correct parameter.
– Now by default the new HDX Graphics mode is enabled is adaptive transport or EDT and is set to Preferred. Don’t worry if your a Citrix Admin as you’ve maybe already realised I didn’t enable UDP for this to work! Remember is an adaptive remote display protocol so it will fallback to TCP by default using the default Citrix HDX ports. Its also worth mentioning that when (Preferred) is set then SR is enabled for both UDP vs. TCP connections and client connections (Receiver check supported versions e.g Win min 4.10; Mac 12.8) are attempted in parallel during the initial connection, for SR reconnections and finally auto client reconnects aswell.
– Browser Content Redirection – https://docs.citrix.com/en-us/xenapp-and-xendesktop/current-release/multimedia/browser-content-redirection.html redirects the contents to the local device running an embedded browser within the HDX session which allows for offloading of content, network traffic, graphics from the VDA running in the resource location to the users end-point enhancing the UX significantly.
– Not strictly something new but HTML5 Redirection – https://docs.citrix.com/en-us/xenapp-and-xendesktop/current-release/policies/reference/ica-policy-settings/multimedia-policy-settings.html which is still currently only available for internal usage as you’ll read from the eDocs article but this is 100% something an Citrix Admin & Architects should begin testing today as HTML5 begins in my personal view to supersede Flash based websites as we move forward towards 2020.
– Auto DI Scaling for Multi-Monitor
– H.265 encoding support running on the latest end-points which supported a GPU that supports H.265 decoding and if its not available it will by default fall-back to H.264 decoding. The net result of moving to H.265 from H.264 which is a Platinum only feature results in significant bandwidth savings and much better UX. I have seen the net results with a few of our engineering customers that develop vehicles with teams spread out across the world and the results as awesome!
– Strictly speaking this is not agnostic or exclusive to the HDX technology stack but the Windows Continuum is quiet important for a great user experience and its powered by primarily at a the hypervisor level and its currently only supported on Citrix XenServer. Visit – https://docs.citrix.com/en-us/xenapp-and-xendesktop/current-release/technical-overview/hdx.html for how-to configure it today if your running XenServer.

– High definition webcam streaming for Windows Server with resolutions up to 1920×1080 – https://docs.citrix.com/en-us/xenapp-and-xendesktop/current-release/technical-overview/hdx.html#hd-webcam
– “Session Watermark” with custom text which you learn to setup and configure using the following CTX article – https://support.citrix.com/article/CTX230054 and was originally part of the XenApp Secure Browser and its deployment guide is available at – https://docs.citrix.com/content/dam/docs/en-us/workspace-cloud/downloads/Secure%20Browser%20-%20Deployment%20Guide.pdf.

In Closing
I be covering off some HDX topics in more detail in up and coming blog posts either here or in “Expert Insights” at myCUGC website at – https://www.mycugc.org/. Finally if you want to take part in my challenge for 2018 you can learn more about it at – https://www.mycugc.org/blog/a-2018-challenge-for-the-mycugc-community.

myCUGC announces Citrix Technology Advocates (CTA) class of 2017

The views expressed here are my own and do not necessarily reflect the views of Citrix.

Today Citrix community leader Stephanie Roper – https://twitter.com/Roperjs announced the class of “Community Champions: Citrix Technology Advocates (CTA) for 2017” at – https://www.mycugc.org/blog/community-champions-cta which I have been honoured and humbled to become part of with a few other fellow Citrites whom consistently like our fellow CTA’s and CTP’s for that matter advocate and more often than not eat, sleep and breathe Citrix technologies daily. Finally thank you to, Stephanie Roper for leading the CTA programme, the #myCUGC team https://www.mycugc.org/ and of course the great company that I work for which is of course https://www.citrix.com.