Implementing Citrix Provisioning Services (PVS) is very common nowaday when it’s about deploying Shared Desktops (XenApp) or Pooled, Private or Personal Desktops (XenDesktop). If there are still some debate around about using TFTP+PXE vs using BDM (Boot Device Manager) I still observe a large number of deployment made using TFTP+PXE rather than BDM. Both of these two solution have Pro and Cons (Check Wilco’s website here) and this is an architectural choice you need to plan ahead the project.
Protocols and Ports used for Configuring the High Availability Setup
The following ports are used to exchange high availability related information between the NetScaler appliances in the high availability setup:
The UDP port 3003 is used to exchange the heartbeat packets for communicating the UP or DOWN status of the appliance. The TCP port 3008 is used for secure high availability configuration synchronization. The TCP port 3009 is used for secure command propagation and Metric Exchange Protocol (MEP).
Many companies restrict web site access to valid users only, and control the level of access permitted to each user. The AAA feature allows a site administrator to manage access controls with the NetScaler appliance instead of managing these controls separately for each application. Doing authentication on the appliance also permits sharing this information across all web sites within the same domain that are protected by the appliance.
The AAA feature supports authentication, authorization, and auditing for all application traffic.
In today’s complex Web sites, you may want to present different content to different users. For example, you may want to allow users from the IP range of a customer or partner to have access to a special Web portal. You may want to present content relevant to a specific geographical area to users from that area. You may want to present content in different languages to the speakers of those languages.
AAA provides security for a distributed internet environment by allowing any client with the proper credentials to connect securely to protected application servers from anywhere on the Internet. This feature incorporates the three security features of authentication, authorization, and auditing. Authentication enables the NetScaler ADC to verify the client’s credentials, either locally or with a third-party authentication server, and allow only approved users to access protected servers. Authorization enables the ADC to verify which content on a protected server it should allow each user to access.
Citrix Microsoft Management Console (MMC) based administrative consoles (Access Management Console, Delivery Services Console) take an extended time to launch. Once running, the consoles operate normally.
If you face the following issue at the time of opening XenApp 5 or XenApp 6 Citrix Delivery Services Console/Access Management Console, go through the following steps to resolve this.
.net authentiode signature check Cause Citrix MMC based administrative consoles feature components that are written using the Microsoft .
Citrix released the first part of the Project Avalon with the codename Excalibur at Citrix Synergy 2013 in [Los Angeles](http://maps.google.com/maps?ll=34.05,-118.25&spn=0.1,0.1&q=34.05,-118.25 (Los%20Angeles)&t=h “Los Angeles”). Project Avalon was announced as the Giant step into Cloud Transformation, so what is it really? Citrix invested heavily in their existing product infrastructure with the question: “What could XenDesktop & XenApp look like if we re-imagined them for the cloud era?”. If Citrix started over, how would they design virtual apps & desktops for the mobile cloud era?
The following features are not currently in or are no longer supported by XenDesktop 7 and related releases.
Features not in XenDesktop 7 Secure ICA encryption below 128-bit — In previous releases, Secure ICA could encrypt client connections for basic, 40-bit, 56-bit, and 128-bit encryption. With this release, Secure ICA encryption is available only for 128-bit encryption. Direct SSL connections — In previous releases, administrators could configure SSL Relay support connections to Web Interface and between an SSL-enabled plug-in and each server.
Citrix NetScaler refers to their Application Delivery Controller, or ADC, line of products, while the NetScaler Gateway, formerly know as the Citrix Access Gateway, or CAG, is primarily used for secure remote access. You basically buy a ‘normal’ NetScaler but with limited functionality due to the NetScaler Gateway License you upload. NetScaler ADC’s are capable of doing much more than ‘just’ remote access, they can be used for load balancing and HA, content switching, application (SSL) offloading, application firewalling, cloud connectivity, hybrid cloud solutions and (a lot) more.
Below process is in normal option, when you login to netscaler, click configuration tab, expand traffic management, expand load balancing, then virtual servers:
step 1 create a vip(ex, name, citrix.company.com, ip, 172.16.1.1), with http protocol(port 80), which means it accepts http requests(when users hit the netscaler link, http://netscaler.company.com, this vip receives it) and add a redirect url in it as https://netscaler.company.com. Dont add any services or service groups or any servers.
