Geek Speak Live Track and CTP sessions - all in one place

7:38 PM Add Comment
Geek Speak Live Track and CTP sessions - all in one place -

It's that time of year re: SYNERGY and GEEK SPEAK LIVE!

  • Geek Speak Tonight! on Wednesday, May 13, 17:30 to 19:30, in the OCCC | West Concourse, Level IV, Valencia B / C. Enjoy complete with snacks and drinks, while Citrix Technology Professionals (CTP), CTOs and other industry thought leaders involved happy hour in a lively discussion about the compelling technical topics. As always audience participation is strongly encouraged. (We offer beer. J)
  • Geek Live Talk! Track: This series of open, unfiltered sessions covering a variety of technical subjects, is also maintained with regular Synergy breakout session tracks, to give participants a chance to participate in detailed technical discussions. These sessions are particularly fun because they are unfiltered and usually lead to great opportunities for audience participation. We need to hear from you to know if we provide the right technical content, so make sure to complete your session feedback form after each session to participate.

There are a few things this year to know:

  1. Geek Speak Tonight moved to Wednesday night. Do not miss it! The format has been revised and covers a wide range of topics such as: the Internet of Things, Octoblu, Citrix User Group Community (CUGC) opportunities to share expertise Geek and more
  2. -Plan to attend SYN515: Geek Out game Show with Brian Madden - visited if you have visited one of BriForum events, you probably have this very popular game show. It's a geek version of Jeopardy!
  3. There are 14 Geek this year speak live sessions. (. Details, handles Twitter and links are in the table below)
  4. Sessions led by CTPs (Citrix Technology Professionals) are shown below; italicized.
  5. There is a "Meet the Geeks" page just for us! A collection of large Synergy geekery trapped on one side! J

[1945020[ Jarian Gibson
Tuesday, May 12 2:00 to 2:45 SYN502: I got 99 problems, and folder redirection is every one of them Helge Klein, Aaron Parker, Shawn Bass
15:00 to 15:45 SYN503: Make the most of NetScaler Gateway Thorsten Rood, Anton van Pelt
16:00 to 16:45 SYN504: Share File enterprise integration and field spikes Jarian Gibson, Anton van Pelt
16.00 to 04:45 SYN417: storefront PowerShell documentation deep dive Sam Jacobs
17:00 to 17:45 SYN505: The Anatomy of a high-performance, GPU-based virtual desktop Dane Young, Thomas Poppelgaard
Wednesday, May 13 11:00 to 11:45 SYN-115: Healthcare: past, present and future Connie Barrera
11:00 to 11:45 a.m. SYN506: How v2 with GPU virtualization. 0 Thomas Poppelgaard, Remko Weijnen, Magnar Johnsen [1945017erfolgreichzusein]
1:30 SYN507: The Citrix 7X experience Thomas Koetzing
14:30 to 15:15 SYN508: they all manage Citrix Lifecycle management Andrew Wood, Jim Moyle
16:30 to 17:15 SYN510: What fits Citrix XenMobile best needs? SaaS or on the grounds of Andrew Morgan, Conor Scolard
17:30 to 19:30 SYN501: Geek! Talk tonight Joe Shonk, Steve Greenberg
Thursday, May 14 8.30 am - 9 : 15am SYN511: notes from the field: XenMobile deep diving and demo Thorsten Rood
09:30 to 10:15 SYN512: Tips from the range Anton van Pelt
10: 10 to implement XenMobile: 30 pm - 11.15 aM SYN513: Working with XenDesktop and HP Moonshot: field experience Carl Webster, Neil spellings
11:30 to 12:15 SYN514: with provisioning Services Automation Turn XenApp and XenDesktop in Capacity on demand Paul Stansel, Shane O'Neill
14:30 to 03:15 SYN228: An increasing number of XenApp and XenDesktop monitoring services
15:30 to 04:15 SYN314: lessons on the way learned to 50,000 users Paul Stansel
15:30 to 16:15 SYN315: request for [EinzelbildverwaltungXenApp Douglas A. Brown
04:30 stratification - 5: 15h SYN515: Geek Out game Show with Brian Madden Chris Rogers, Brian Madden

Overhauls of your virtual desktop environment by tapping into the possibilities of Software-Defined Storage

6:37 PM Add Comment
Overhauls of your virtual desktop environment by tapping into the possibilities of Software-Defined Storage -

Regardless of your role in the workspace virtualization efforts your organization can most probably appreciate the challenges the following scenario.

A newly formed virtualization team has run the floor, to meet, to create a virtual desktop environment and newly re-architect. Over the next 12 to 18 months, through rapid organic growth and a series of strategic acquisitions, your business will almost triple the user base of 3,000 employees to 8,000 plus. The rapid growth is off a huge burden on the performance and stability of a clearly suboptimal virtual desktop environment in its infancy.

Plagued by the latency and performance of this environment, the desktop virtualization effort is in user acceptance, adoption, and most suffer critically in "user experience."

The unprecedented growth for your business is also your enterprise storage to capacity as the desktop virtualization for more than 70% of this use will bring Account. Critical decisions must be made regarding the need to provide a significant amount of SAN storage with projects outside the VDI to move forward to buy, and to provide space for a revamped disaster recovery site available. tend By DR strategy towards a true active-active data center design, the necessary capacity will be considerable. Along with the challenges above, you will also need a solution virtual workspace that. The scalability and flexibility offered for future growth

This challenging scenario was a reality for Nation Star Mortgage, just outside of Dallas, Texas.

Nationstar a leading servicer of mortgages in the United States with a presence in the market originations as well. At Citrix Synergy 2015 I is that I have the opportunity to share a bit of our history and some of the technologies and strategies we are discussing have used to meet these challenges.

When one of the engineers in our virtualization and new technologies group at Nation Star, I'll share how we used the Atlantis ILIO software defined storage solution to complement our Citrix XenApp environment:

  • Successfully implement a stateless and diskless virtual desktop solution.
  • from a legacy migrate to the next generation XenApp architecture.
  • Dramatic improvement in performance and stability
  • They eliminate the need for additional large storage costs
  • reallocate 70% of the higher level storage XenApp back into the organization
  • offload 100% of VDI related IOPS of SAN storage into the RAM
  • consistently improve from above 2 minutes logon times 15-20 seconds to
  • implementing a virtualization solution that can be scaled in a modular and consistent manner

We are also some of the gotchas and setbacks on our trip, including some of the following points:

  • challenges with some of the write-cache really bring options in PVS 7.X
  • What does a diskless XenApp published desktop with it?
  • Go to optimize fine line between performance and the maintenance of stability
  • Special Considerations with a simple in memory XenApp Atlantis ILIO model

you are currently facing challenges in any of the above aspects of desktop virtualization? I hope that our breakout session SYN112: How Nation Star Mortgage $ 1,300,000 on desktop virtualization, by their approach have saved for storage and disaster recovery, you can in your Citrix and workstation virtualization journey can in Citrix and Computer virtualization help support travel.

Josiah Foster is a Senior Citrix / Virtualization Engineer with the "Emerging Technologies" group at Nation Star Mortgage. You can with him on Twitter

Citrix invited the author of this blog post link at Citrix Synergy to present 2015 and in a related competition participate. The author has received an entry in the competition this blog for tabling

for all things Citrix Synergy Stay connected -. Follow @Citrix on Twitter and join the conversation with #CitrixSynergy

Resurrecting Duckling: A model for securing IoT devices

5:36 PM Add Comment
Resurrecting Duckling: A model for securing IoT devices -

Introduction

This post is a continuation of a series of articles, written by the Citrix Labs R & D associates about IoT.

have defined the workplace in the previous posts, defines the role of the Internet of Things in the Citrix software, identifies many security challenges unique to the IoT, analyzed the information security "CIA" triad fundamentals and described a simple IoT frame with a device layer gateway layer and service layer.

In this article, we examine two specific security models that can be used to build security directly into IoT devices. The memorably called "Resurrecting Duckling" and the classic Biba security models provide a useful lens through which we can start the form of safe IoT is taking shape to be seen.

Examples of the current state of the IoT device security, consider the HP Research study of 10 popular (but unnamed) IoT devices ranging from door locks to hubs that control multiple devices , found that 0% of the collected personal data devices, 80% strong passwords was not necessary and 70% sent unencrypted data. Similarly, a researcher on Kaspersky Lab chopped his own IoT enabled home and over 14 vulnerabilities found in 20 minutes, some as serious as an administrative root password, the "1" and readable configuration files was user data.

The obvious conclusion was reached in these reports that for the Internet of Things equipment safety are fully realized, sets the device security in the equipment of its foundation must build. Security can not be an afterthought, which is added later. It is unacceptable to forego security, just because it is an "entertainment" device that will be outdated, and out of production in 12 months, because we all know that the equipment will be in use for years in the to join hands of the consumer, even if the manufacturer has evolved.

the rest of this post reviews models potential security IoT devices for the protection and Citrix describes own Octoblu IoT platform implementation of the models.

The Resurrecting Duckling security model

The Resurrecting Duckling security model name, the first one from Frank Stajano 02 implored, comes from the following metaphor. A duckling out of his egg thresholds when his mother see the first moving object of his looks that makes a noise; irrespective of his looks. This phenomenon is called imprinting. After printing, the duckling will follow his mother's instructions and no one else until his death. The metaphor is used to describe how could implement IoT devices safe, temporary connections via ad hoc networks.

When applied to the IoT, the "egg" is the factory sealed box which encloses the device. If it is removed, and is turned on, the device is its owner as the first unit recognizes it to send a secret key. This key may be a password, a UUID, a cryptographic key, or even a biometric signature. Once the key is received, the unit "claimed" and not a newborn longer and will remain loyal to its owner, until death. "Death" of devices is an important concept in this model, because this is how a device can change hands. Death is the only way to return the unit back to the prenatal state, so it can be printed by a new master.

Devices death can be made to occur in certain scenarios, when a medical instrument is dropped into the disinfection container, for example. Another scenario is a simple timeout so that the unit of "age", dies for rental equipment might. are yet other devices will only die if so by their owner instructed (for example, if the device is lost, stolen or sold), so that only the current authorized user can transfer the control of the device.

Below find a simple state diagram the Resurrecting Duckling security model and summarizes its four main principles.

Following Multiple Masters

mother / duckling relationship works well illustrated to secure personal devices with only one owner, but in the real world of the Internet the things we expect many people with the same equipment as well as many devices to interact with each other. The printed duckling is faithful to his mother for her entire life, but it should also be happy to talk to others. There is even the direction of the other follow, as long as the mother duck says that it's okay to do so

To accommodate this, the model is extended, so that there are two different ways, will be master , is the long-term mother / duckling relationship that lasts for the life of the ducklings. The second is a master / slave or peer-to-peer relationship, which in nature, lasting only temporarily is complete as a short transaction as long as necessary. The first type of relationship requires the secret key embossing, while the second is not the case.

Imagine the duckling as IoT device with a number of properties that can be read, and actions they can perform. The security model demands that the IoT device policy rules is to have for each of the component functions the credentials of a person (or other device) has to provide the device to access the specific properties and methods. These rules can grant or deny privileges to one of the possible device functions. A request in this model is that when a person / device presents the embossing button on the device, it can upload new policy rules in it. Against the background of this policy for the safety of the equipment are critical, they will most likely be created by the device manufacturer.

The various strategies for the device at different integrity levels, both public and private, or can could be chosen, even as granular as per user. This creates the need for a multi-layer health model, ie the model Biba security, as illustrated below. This security model can be summarized by its three main characteristics, provide:

  • The simple integrity property - The data can be read from a higher integrity level
  • The Star integrity property - data can be written to a lower integrity level
  • The Invocation property - The user may not require service (call) from a higher integrity level

In this example, someone the public interface has no credentials to read data from the device. However, the public interface can not write data to a higher level of security, yet they can call a function in a higher security level. Someone the private interface can write using data and call methods of a lower layer of security, but these higher layer of security data from the lower layers of security to read unfamiliar.

is to manage cloud service (mother duck) makes it possible to carry out the special effect of the upload of a new policy to a duckling. Apart from the fact that a person or thing that can present the required credentials for launching any action by permits duck policy. This enables peer-to-peer interaction between things without being the mother duck.

threat model for Ducklings Resurrecting

The secret key given to the device when printed is obvious that the high target value in this model. To protect the key during the on-boarding process, it needs to be delivered through a channel that maintains the confidentiality and integrity. Moreover, a degree of protection against forgery is also necessary, difficult and expensive "murder" it suitably to make (maliciously printable restore), the device without any damage. In this sense, it is necessary, the secret key as difficult to recover from the device to make it so that it can not be used for impersonation. Finally, the secret key for each device should be unique, so if a single device is compromised, only the data that is on the device at risk, and not the entire network.

A perfect example of the need for tamper-proof physical security is described in this article, where a security researcher an attached bulb chops access the Wi-Fi connection to gain credentials. While counterfeiting security is required in order to reduce this risk in the device layer, it does capabilities for security as well as the higher layers is needed. For example, need to do in a safe way for the gateway or cloud service outputs in charge of the secret key. It's a good idea to take a security situation which it assumes already hacked. Against this background, these layers should also use real-time analytics to identify anomalous behavior of potentially unauthorized devices.

Octoblu Implements Resurrecting Duckling imprinting

Add Citrix Octoblu platform imprinting process is implemented by a UUID, and tokens to IoT device assigning the Microblu OS is running. If you connect with the Octoblu cloud service, devices are authenticated with their UUID and tokens. If a device does not have an owner, it is state in an unclaimed (printable). The device and its properties are searchable by authenticated resources on the same network. The device can then be used (see claim API). Once a device (printed) is claimed, it will not be visible to the public, unless the owner of the device.

Octoblu also gives you the option of registered devices to further secure access to configure permission by white-lists and black-lists. It can be used for each of the permissions to be stored in the device properties, a white list or a black list. The lists contain the UUIDs of devices that access or banned by the communication be granted to the secure device. Although this approach does not implement all the features of the security model Biba, it has a device or a person requiring a secure token to provide before they can access a particular function of the device.

Conclusion

A IoT system that "secure-by-design" relies on devices that have security features in the manufacturer from the very beginning. With security models such Resurrecting Duckling and Biba as a guide, we can (although not completely) to derive the following set of requirements for securing IoT devices:

  • device identity and enrollment - Use to create secret key at enrollment or onboarding identity and a degree of trust between a specific device and the rest of the IoT system. A device that cryptography is used trustworthy than one that is not
  • Imprinting -. After device'sidentity the IoT management system should enter the claimed or imprinted condition restricting use of the device to a single administration. For example, suppose a homeowner enrolls a connected door lock in its IoT management service, the barrier should be after in. After this is done, the claim switch the lock refused enrollment in another IoT management service until the first IoT-service resets. If not claimed, what someone stop with malicious intent to find a way to your castle gain claim and entry into your house
  • Tamper evident / resistant - It must be easy to tell if one thing was physically impaired, and even if physically impaired, it must be impractical to extract valuable information
  • isolation -. if a single device is compromised in a network of things, only the data on this unit should be in danger, and not the entire network. This usually means on the device for encryption to prevent symmetric group key
  • multi-layer integrity -. multiple master and peer-to-peer interactions support, the device several layers of security such as public interfaces must be open for all and private interfaces where authentication is required before the unit with the user or other device interact. The data to prevent carefully controlled between the different security levels of contamination
  • software updates is exchanged -. This requirement is not explicitly written into the security models discussed in this paper, but we all know that errors found in the software and exploited by those with malicious intent. Thus IoT devices (like the chopped bulb above example) to secure, there must be a framework to promote, distribute, and install software updates to close security gaps after they found. This is essentially a function of the higher layers of the IoT system, but devices must be upgradable in the field.

to meet, even after all of the requirements listed here, the device security can be easily compromised if the gateway or cloud service layers are not as well protected.

Come back soon, because we'll cover next time security models for the gateway and cloud service layers of IoT frame.

More flexibility in the application of radius Rewrite

4:35 PM Add Comment
More flexibility in the application of radius Rewrite -

examples: Prefix bind a user name and remove domain prefix
radius Rewrite is a new feature in 10.5e To build. THUS Have yourself depict

many interesting Scenarien Two Simple application examples .:
1.The One two-factor login Have die Use names on the Radius server prefix
2 .Domäne "cut out" for entering the user name in syntax "domain username"
in my 1.Beipiel is a prefix "PL" insert.

The rewite policy / action

Add Rewrite action Radius_Request_Prefix
RADIUS.REQ.USER_NAME "RADIUS.NEW_AVP (1, " PL "+ RADIUS.REQ.USER_NAME) "

 replace  Add rewrite policy Radius_Request_Prefix RADIUS.IS_CLIENT Radius_Request_Prefix  
rewrite
  bind global Radius_Request_Prefix 100  

in 2.Example going to die domain "cut out" for entry of user names in the syntax domain username. This is possible with the following action:

Add

Rewrite action Radius_NoDomain RADIUS.REQ.USER_NAME
RADIUS.NEW_AVP (1 RADIUS.REQ.USER_NAME.AFTER_STR replace ( "\"))

In order to rewrite the request to the radius Sever, on must the radius request an email loadbalancer

radius Server hat die IP: 192.168.178.10

  Add service SRV_Radius  192.168.178.10  RADIUS 1812  

The LB VServer hat die 192 168 178 210

  Add lb vserver VS_Radius RADIUS 192 168 178 210 1812 -persistenceType NONE -cltTimeout 0  
  bind lb vserver VS_Radius SRV_Radius  

And radius action die is THUS:

 Add  authentication radius action Radius2AD -serverIP  192 168 178 210  -serverPort 1812   -radNASid CNS  

to note still did man /tmp/aaad.debug die circumscribes not looks, because only AFTER the VServer the radius request rewritten iS!

in DEM current build 10.5e (NS10.5: 54.008.e.nc) is building a vServers possible not binding. In eDocs is therefore described only global binding

Announcing the Desktop Player for Windows and Mac Tech Previews!

3:34 PM Add Comment
Announcing the Desktop Player for Windows and Mac Tech Previews! -

After Citrix Desktop Player for Mac released last year, one of the most important skills customer was asked the support for Windows devices that would allow users desktop player on MacBooks and Windows laptops and PCs running.

reinforced this customer feedback, our vision for client virtualization and as a result we have accelerated the development to extend the functionality of Desktop Player for Mac to Windows devices.

at Citrix Summit 2015, we have announced and showed a forthcoming preview of this solution with the desktop player for Windows Tech Preview. Today we are pleased to announce the availability of the desktop Player for Windows Tech Preview can!

The Tech Preview adds Windows platform support for desktop players by allowing users to access a local virtual desktop on your Windows laptop or PC, regardless of wireless network conditions - or even if no network connection is available. In addition, the Tech Preview replaced existing user data, applications and settings with a simple install without interruption. Users can switch virtual desktops with ongoing synchronization of data and profile for a seamless experience on any device and between local (desktop player) and hosted (XenDesktop).

At the same time, the Tech Preview IT enables centralized management and secure these local virtual desktops over the Synchronizer management server that functions as image management, patching and updating, the role-based policy management and security controls , The Synchronizer can also IT governance and providing a single golden image to Mac and Windows endpoints running Desktop Player.

In addition to the Desktop Player for Windows Tech Preview, we are also pleased to announce the availability of the desktop Player for Mac announce Public Tech Preview. This Tech Preview strengthens the security features of Citrix Desktop Player for Mac 1.2 with features like fully VHD encryption, clipboard and file-sharing policies and VHD copy.

They both Desktop Player for Windows and Mac Tech Previews found on the download page. Please note that the software on Citrix for customers only, who are currently on Subscription Advantage or Software Maintenance. Moreover, these Tech Previews are not intended for production use. See below for more details of the functions in these two Tech Previews:

Key Features in Desktop Player Tech Previews

  • Desktop Player for Windows Tech Preview
    • New Windows platform support in desktop Player : Allows users to be productive while on-the-go access through their local virtual desktop on their Windows laptop or PC, regardless of the network connectivity
    • . Centralized Management . Centrally deploy and local virtual desktops, the output on the company and BYO Windows laptops and PCs with provisioning control, patching and updating, and policy management capabilities
    • Powerful security features:. as remote Wipe, expiration date, and time-based lockout policies
    • protect Seamless switching between FlexCast models business data with security features: access hosted applications and desktops using Citrix receiver and switch between hosted and local virtual desktops with the synchronization of user profiles and data
    • Simple, flexible user experience . users can download the latest Windows technology with support for Windows 7 and 8.1 run (as a guest or host OS). Users can also use an external display via multi-monitor support
    • Simple, uninterrupted install :. Preserve existing user applications, data and settings with a simple, wizard-driven installation program that automatically pushes a virtual Windows desktop down
  • Desktop Player for Mac Tech Preview
    • Synchronizer clipboard sharing security policy .: to help Controls clipboard sharing between the host operating system and guest VM data leakage of valuable corporate data prevent
    • Synchronizer File Sharing security policy .: Controls local memory access by accessing managing folders from the guest to host VM. can configure new UI improvements Users that host folders are visible on the guest VM
    • VHD encryption .: Full VHD encryption for the guest helps prevent VM data leaks. This is centrally enforced a policy Synchronizer
    • VHD copy .: Prevents the ability of the VHD to copy and manipulate due to encryption. Forced centrally Synchronizer encryption policy.

To learn more about Citrix Desktop Player for Mac, download learn and evaluate it for free in your area or visit the desktop Player product page.

Discuss with online connect with the Citrix Desktop Player Team!

  • Specify the desktop Player product page
  • Try desktop player with a free 0-day trial
  • Follow us on Twitter
  • Like us on Facebook
  • Visit the desktop Player Technical Forum

XenMobile timeouts: How Before we get too far into it function

2:33 PM Add Comment
XenMobile timeouts: How Before we get too far into it function -

, you may be wondering how these products unlike some will be of the other products that are out there on XenMobile timeouts.

fair question and I'm glad you asked!

products like this that explain how the different NetScaler / MDX timeouts work and this one have been by my colleague Albert, as the inactivity timer works for a while. This item also starts them in condition to

In my (admittedly biased) opinion, they did a great job just that. explain what each timeout is doing and where it is configured. If you do not have these items not yet read, now is the time. To answer the question we started with, I will try not to explain how these timeouts work. You already know that because you already rated this article, right?

Instead, we want to focus on why we would configure one way or another to get the balance between usability and security that we have to

DISCLAIMER :. The values ​​we understand to be Examples and starting points to discuss. Every environment is unique and has different security requirements. before production deployment, you may need to adjust these values ​​to based on environment-specific applications and security requirements, and (of course), the all configuration changes should test in a non-production environment.

Now to the good stuff. an example of the desired user experience Let us discuss the timeouts for a second and look forget. After all, there are these timeouts only tune user experience with security in mind (to force or security lockdowns with user experience in mind - depending on who you ask :))

Example: "I want my users levers have WorxMail. as seamless email experience as possible. My security man said that if they use their company not apps for 15 minutes, we want them to be prompted for a type of credentials, so let's do that. I want to to enable offline access to the material that makes sense, but not forever, only for the "right" amount of time. I do not really care what happens to my user authentication example, if they want to access the WorxStore. you do not go there too often the day. Oh, and WorxWeb, which is great for us. When a user opens, I definitely want that for them to be easy. Last thing. If we updates to guidelines and applications push, I do not want to be more than one business day prior to that propagates to our end users manageable to keep things. "

Believe it or not, only that brief" conversation "we have most of what we need to launch decisions. From this information, we would probably something like the following at the end of the landing (

app passcode

: and no, no dart throwing was involved) On

online session required: Off

inactivity timer: 15 minutes

Max offline period: 8 hours

background services ticket expiration (WorxMail):> 8 hours

NetScaler session timeout:> 480 minutes (8 hours)

NetScaler coercion timeout:. N / a

So, how do we get these values ​​

they let us break it first, the "customer" is asked for a WorxMail experience is as seamless as possible. to do this, we want our "background services ticket delivery 'value is greater than (or at least equal) our' max offline time." the reason that if the maximum offline time expires, the user a perform forced 'online authentication' against the NetScaler Gateway. This renewed both its STA (background tasks) ticket and the NetScaler session cookie. As long as the user has a valid STA ticket, they should be getting email. PS if you are not familiar with WorxMail and STA, this is a must-read.

that still does not answer how we to 8 hours of landing 'max offline time' as we get it?

Well, it admitted that three parts. We wanted to allow for offline access' just the right amount of time. "That about as subjective as data comes, but not if it on what a mobile user could do. I fly a lot. That's when offline time for me is crucial. If I at the level I want to be able read his e-mails I've already downloaded, you will see cached browser pages, notes, etc., even if my flight does not have WiFi. But most domestic flights 8 hours is not long, and I promised, we do not have throw darts with these numbers come to. we ended up to 8 hours, because "if we push we do not want to be a working day more than app and policy updates it" before this change meets the end user. about 8 hours is a fairly typical day and online registration (forced when the maximum offline time is up) what WorxHome solves is to check with the back to see if there are MDX policy updates and / or application updates.

Now for NetScaler session timeout. For those of us who are fans of wizards (myself included), we will concentrate on the _OS and _WB session policies / creates profiles. We actually know this about covered. We want this value is greater than or equal to the maximum offline time, because as long as I have a valid NetScaler session, my WorxWeb (or any other app MVPN use) experience should be relatively seamless. I asked for a to inactivity based credential, but when I'm through, I'm going away. We do not want to make the session timeout unnecessarily large, because it can have the memory usage affect the NetScaler page.

At this point, all that remains of the imagination is the forced timeout. In a high security environment, in which we want to actively end NetScaler session at a specified interval, this setting is very useful. In your average use on the other side there is a setting that is often forgotten when adjustments and complexity that is often not necessary.

Last, but not least, the "App password" setting is really what determines whether MDX timeout settings as inactivity timer apply to the specific application in question.

something like the above is where our "balanced" Customers usually land. We would be at least at the stadium. But what about the ends of the spectrum? We have some customers who are extremely security conscious and others that 100% driven by the user experience. Here are two examples of how this policy might look like. The decision points would be no different than the ones we

driven security before the vote, the input data changes only

.:

app passcode: On

online session required : from

inactivity timer: 10 minutes

Max offline period: 1 hour

background services ticket expiration (WorxMail):> 1 hour

NetScaler session timeout:> 60 minutes (1 hour)

NetScaler forced timeout: 60 minutes (1 hour)

workflow driven:

app passcode: from

online session Required: Off

inactivity timer: N / A

Max offline period: 168 hours

background services ticket expiration (WorxMail): > 168 hours (7 days)

NetScaler session timeout:> 10,080 minutes (7 days)

NetScaler forced timeout: N / A

In summary, it's really no right or wrong answer when it comes to how those settings are adjusted. We want to be sure that the maximum offline time period is shorter than the background services timeout and the NetScaler Gateway session timeout. We also want to be sure we timeouts user experience mapping requirements, administrative requirements and safety requirements. From there, you should bring a few tests and feedback iterations in order, where you want to be a predictable and consistent user experience.

If you. Questions or would like to share that have worked, feel free to drop me a note below timeout settings Happy mobilization

Ryan McClure
architect. | Citrix Consulting

know what executives and IT managers need to use enterprise file sync and sharing

1:32 PM Add Comment
know what executives and IT managers need to use enterprise file sync and sharing -

Two major trends driving the adoption of enterprise file sync and sharing -Solutions. First, the enterprise mobility. From 2013, 61 percent of information workers work outside the office [1], and the number of teleworkers by almost two-thirds increase over the next five years. Second, the proliferation of personal devices and / or BYOD programs in companies. These two trends have driven many employees use consumer cloud sharing services to do their job. This is problematic because corporate IT has no visibility or control over these accounts. For security, compliance and policy requirements to meet, companies are looking for enterprise-class options for this critical ability to take over. The question most business owners and managers information technology battle is how to determine what key features they should look for their complex requirements in an enterprise file sync and sharing service and one meets service and keep their critical business data safe.

Let's start with the basics!

1). What is Enterprise File Sync and sharing? Enterprise File Sync and sharing (EFSS) refers on a number of on-site and / or cloud-based features that enable individuals, synchronize, store and share documents, photos, videos and files multiple devices (PCs, Macs, smartphones and tablets). File sharing can be within the organization, with partners, customers and other 3 rd parties. File Sync and sharing is an abbreviation of files between multiple users and devices to share, and to preserve the synchronization of shared files file integrity.

There are consumer-style, enterprise-class file sync and sharing services. Most consumer-style services are free, offer file synchronization, sharing and access with limited file sizes. Most do not have asked the ability to access offer on-premise data, lack of security and management features that IT managers.

companies roll out enterprise-class file sync and sharing services, because everyone needs to share, synchronize, store and secure data on any device, anywhere. designed and developed for companies an enterprise-class service deployment for users ensuring IT control and data security while employees with a consumer-like experience they will love. If IT does not occur in and provide an authorized enterprise-class

File Sync and sharing service, choose employees to use their own file-sharing services, consumer-style offer functions and company information leakage risk. and privacy breaches

In fact, unmonitored entry of file-sharing applications has risen at amazing rates; according to the Enterprise Strategy Group report, a large majority (70 percent) of organizations know or their employees suggest that use personal online file-sharing accounts, without formal approval IT [2]. Organizations need enterprise-class file sync and sharing services provide to secure their corporate data assets.

2). What challenges IT managers face today ... and how can a company file sync and sharing service to help them meet these challenges?

  • BYOD, Workshifting, a growing global workforce and 3rd party networks driving demand for instant access to (synchronized) data offline productivity and seamless cooperation from everywhere . Functional departments and teams in the choice of consumer services style investing to meet their mobility needs, enterprise data fragmentation caused by various online services, coupled with inconsistent security policies and user experience. Regarding an enterprise-wide IT authorized, enterprise-class file sync and sharing service the opportunity will offer to share, synchronize, store and secure data on any device, anywhere.
  • End users turn to unsafe consumer-style tools , because they are easy to use and do not require VPN. Many IT teams resort to extreme measures, either by the use of these services to block unsecure and affect user productivity, or allowing their use and to compromise security. In addition, consumer-style Services file sync and share typically lack the ability to support the employees on-the-go and do not enhance mobile productivity. Enterprise File Sync and Share services provide important functions such as in mobile content editor built, the ability to integrate with a complete Enterprise Mobility Management (EMM) solution and the ability to connect to any Enterprise Content Management (ECM) system.
  • IT is not retained in a position to control how sensitive data is accessed, stored and shared - IT teams today want to ensure control and visibility data. an enterprise file sync and sharing service deployment allows it to acquire IT control again. It will know again how the data is accessed, stored, and shared both within and outside the organization. In addition, there is also the IT teams are helping stringent security compliance requirements to enable them to protect your IT investment, infrastructure and workflows, existing, all while a rich user experience provides to ensure a good introduction.

3). What organizational benefits of an enterprise file sync and sharing solution offer

  • The ability to mobilize all enterprise data - An organization can mobilize corporate data wherever they stored, or outside the building or in existing data platforms such as network shares and SharePoint or an ECM system. always with a "- - would allow additional functions to retrieve data organizations in personal cloud services like Dropbox, Google Drive, etc.
  • improves collaboration, data sharing and productivity on "read-write access to data on all devices synchronized
  • It enables the secure management and control of -., how the data is accessed, stored and exchanged. Meets enterprise data security and compliance standards through a secure service, the flexibility to store data or outside the building offers, or both
  • happier users -. empower users instant access to data in sync across all your devices (desktop PCs and Macs and mobile devices).

4). ? What key features should in any enterprise-class file sync and sharing solution

  • built for mobile users An enterprise file sharing and sync services be included - give users true enterprise-class data services in all corporate and personal mobile devices, while it needs to give the entire control. Users can access and synchronize securely share files with people from any device, both inside and outside the organization for easy collaboration and increase productivity. Offline access keeps productivity even when on-the-go
  • Flexible options for storing data associated with the work, what you already have -. You should be able to decide where your data is stored - on premises, to meet in the cloud or a combination of both your needs for data ownership, compliance, performance and cost. The service should also work with, what you have today. There is no need, all your company data to migrate to the cloud
  • existing Mobilize network shares, SharePoint or other ECM system -. provide instant mobile access to data on existing network file drives and SharePoint - which are not generally accessible outside the corporate network or on mobile devices. The service should develop any IT or partner organization connectors at each enterprise content management (ECM) system so that the data types expand user access on the go and manage this can
  • Secure Enterprise File Management. - Advanced security features such as remote wipe, device lock, password protection, white / black listings and data expiration policies, you can determine exactly how confidential data is stored, retrieved and shared. Track and log activity in real time and create to meet compliance requirements, customized reports. The ability to hold data encryption key property if Microsoft Azure with
  • integration of mobile applications, desktops, data and services in your mobile office -. data is an important part of the mobile workstation. Without access to the data, you can not get your work. A file-sharing service that is optimized and integrated with other major mobile workstation technology for virtual desktop environments also critical. For example, allows Citrix Share File for seamless transitions from physical to virtual desktops and future OS migrations and enables IT future-proof their investment.

5). If Enterprise File Sync and sharing services closely with Enterprise Mobility Management (EMM)?

Yes integrate, they should-with love a uniform user experience people. Most businesses file sync and sharing services (EFSS) do not integrate seamlessly with EMM solutions. This EFSS products usually require the purchase of additional tools and services and integration development. Citrix has a differentiated capability end user computing challenges of integrated solutions to address covering mobile desktops, applications and data. Citrix Share File was wrapped one of the first EFSS tools in an EMM solution.

Citrix XenMobile Enterprise Edition Share File Enterprise contains allow to synchronize, share, open and edit data in corporate applications on any device they use, while IT maintains security and control humans.

you see what they have to say leading analysts over Citrix.

business leaders and IT managers are not familiar with Citrix Share File invited to request a totally free trial.

[1] Source: Forrester Research, Inc. Business Technographics application and Collaboration Staff Survey, Q4 2013

[2] ESG Research Brief, Online File Sharing and Collaboration: Security challenges and requirements August 2012

Citrix and Cisco UCS: Drive app and desktop virtualization performance to new heights

12:31 PM Add Comment
Citrix and Cisco UCS: Drive app and desktop virtualization performance to new heights -

Today Cisco announced several innovations to its Unified Computing System ( UCS) product line and lifted its vision to important industry trends that dovetail well with the Citrix vision for the mobile workspace. Among these were mobility and cloud-scale; two important components that are part of the Citrix nuclear DNA and help drive our daily thinking and the overall strategy. Throughout our long partnership, Citrix and Cisco have aligned with our vision to their workplace to provide people with access wherever they are, on any device.

We also have a high priority focus on providing infrastructure for our partners and customers platforms create that are future-proof, while we help them deal with the fast growing pace of change in their IT environments , Whether change from the exploding number of terminals comes, continue to cooperate rapid pace of underlying operating system updates or app and desktop migrations and upgrades, Cisco and Citrix to provide a common platform, the management, security and control allows for IT, while the user to free to use the devices that give them the most productive wherever work takes them.

Citrix and Cisco have worked together for more than ten years to optimize application and desktop virtualization environments, helping companies to become more efficient, safety and productivity through our joint reference architectures (RAs) and Cisco Validated Designs (CVDs). Our cooperation increased with the introduction of the Cisco Unified Computing System (UCS) in 09, as our engineers knowledge bundled customers with clear guidelines to provide each XenApp and XenDesktop deployment provided the optimal user experience and performance needs.

Cisco UCS ideal required further accelerate to deliver innovative cloud-scale computing with the introduction of Cisco UCS M-Series Modular Server that promise unmatched operational efficiency for cloud service providers and enterprise customers and offer a modular that architecture to be infrastructure and computing requirements for scaling the infrastructure to be demand. This cloud scale strategy services where we extend the Citrix "anyness" concept to any cloud and use infrastructure Server OEM partners such as Cisco in full compliance with our plans for Citrix Workspace.

We look forward to working closely with Cisco engineers how we test and optimize our XenApp and XenDesktop Virtualization Platforms with NetScaler and Citrix App orchestration tools are combined to develop the designs and reference architectures, the best the and reliable performance on these new systems.

provide for our Citrix Service Provider, we will continue our Citrix Service Provider (CSP) reference architecture to take advantage of the new performance, features and integration capabilities of the new Cisco UCS M-series and C30 rack server build management and management across multiple simplify datacenter. We will pool our resources in order to streamline the process of deploying and on-boarding new users while making sure the system the rich HDX mobile human user experience delivered by Citrix expect.

As the pace of innovation continues to accelerate, we are pleased to be in alignment, and look forward, with Cisco to our customers and partners have the reference architectures and validated designs to ensure on strategic initiatives with Cisco, available to built quickly roll out cloud Scale app and desktop virtualization to the most modern infrastructure. As a partner are aligned with strategy and vision, our customers win.

This will be an amazing journey.

How Setup CloudPortal Services Manager Branding & White Labeling

10:29 PM Add Comment
How Setup CloudPortal Services Manager Branding & White Labeling -

CloudPortal Services Manager allows service providers, resellers and customers their own brand, so that the web portal interface (Control Panel) displays to Create your own logo, colors, fonts and messages

involved when their users log on to the portal, the three most important elements in branding, which are changing the look and feel of the Cloud portal Services Manager interface .:

  1. Sheet
  2. pictures
  3. application and content of the page

create your own brand

A customer will inherit all brands that have been saved (by the merchant / service provider) in the higher hierarchy. The customer can create his own brand

to create a new custom mark, you go to the customer menu> Configuration> Branding> Brand .:

  1. Select "New Brand" [
  2. Enter a brand code (a short reference code which is unique).
  3. Enter a brand name. This can be more descriptive.
  4. Browse and location for the defined CSS file (Stylesheet) Add that are configured on the template.
  5. When a style sheet associated with a brand will use the default stylesheet.
  6. Let the image fields are empty, you must manually copy the image files to the web server. Please ignore the message "image uploaded."
  7. Add the text content that is displayed on the login page (effective only when brand URL is configured). This field can be empty.
  8. Add the text content of the website such instructions for self-service. Information about news, system health and availability, may be added here. This field is also optional
  9. Save the new brand

Once the new brand has been created, it can then be applied to an individual customer: ..

Or a portal URL:

How it works

There is a master sheet in Cloud portal services Manager, which is used for the web portal for all classes comprises. This master stylesheet is built in the main DLL, so not visible.

The web portal first loads the master style sheet, if you defined a custom brand (or inherited) for the customer, the classes in the custom mark defined sheet are those that consist of the master loaded overridden.

below, the stylesheet classes that are generally defined in custom branding.

you can define to change the whole interface look and feel with all the necessary classes of integrated point in Example brand "orange".

all image files of Cloud Portal Services Manager are usually located in the C: inetpub Cortex Management CortexDotNet pic. It is recommended that Citrix Service Provider its own subdirectory for use in the custom brands to create images.

images to be used in the stylesheet has defined have the correct file path. Below an example of the class for the login page CloudPortal Services Manager

.loginbody is {

margin: 0 auto;

padding :. 0;

[1945001Hintergrund]: # fbe6c7 url ( "/ CortexDotNet / photos / Login / 075_WallpaperWavesOrange_h32bit_00x1400.png") in the top left repeat-x;

}

White Labeling

The marks are applied Manager service properties in the hierarchy in a manner similar to Cloud Services Portal. if a trader an own brand has defined the default inherit the customers from this dealer this brand

white Labeling In order to achieve this, so that customers can only see from a dealer that all services are hosted and the reseller offered:

  1. Login CloudPortal Services Manager to create as an administrator resellers a brand, so the brand to the reseller is only available and its customers.
  2. define all the necessary sheet classes with the logo of the reseller photos login page image (you can web server access for this need).
  3. you define the login page content and user home page content as a reseller
  4. as Citrix Service Provider, create a separate URL (host header on the website web portal in IIS on the webserver. or create a new site in the same file structure shows) and DNS resolve.
  5. to assign the reseller brand to the new URL.

Learn about Cloud Portal Services Manager

Citrix partners with Intel in IDF14 Array of Mobile Workspace Solutions distinguished

11:30 AM Add Comment
Citrix partners with Intel in IDF14 Array of Mobile Workspace Solutions distinguished -

This week at Intel Developer Forum 14 # IDF14 in San Francisco, Citrix and Intel will highlight our expanded partnership with a number of new technology demonstrations. Citrix mobile workspaces leadership are on full display with Citrix solutions with Intel technology in enterprise mobility, networking, cloud and data center customers and Chrome.

Citrix was invited by Intel, a cross section through additional technology to present solutions within four Intel Communities and Advanced Technology Zone

cloud and security -. within the Intel SSG Security Pavilion, Citrix is ​​ supply of safe workloads within OpenStack clouds with based on Citrix XenServer . Citrix has for several years in various projects with Intel is working to support Trusted Execution Intel Technology based (TXT), and will be expanded pleased this year showcasing secure virtual machines running OpenStack clouds within Intel's flagship software and security Pavilion are combined in , Booth # 512

Networking - Citrix is ​​now a part of Intel network builder Community. For the first time at IDF Citrix is ​​our Intel Xeon-based portfolio of NetScaler SDX solutions are highlighted in booth # 932nd Citrix is ​​Dynamic service chaining with OpenStack and VNF including NetScaler and Citrix ByteMobile

Enterprise Graphics Virtualization -. connected With Synergy 2014 Intel and HP Citrix to put on stage in the sector open to new Xeon E3 Iris Pro Graphics offers game changing density, efficiency and performance benefits for enterprise customers, since they for delivering rich applications and data to a wide range of users. Stop to see Intel Data Center Pavilion # 116 The latest technology demos with Intel Graphics Virtualization Technology , HP and Citrix

Enterprise Mobility Management -. Citrix continues to optimize partner with Intel mobility management and user experience on all Intel-based devices. Citrix booth # 355 will feature XenMobile on the latest generation of Intel-based Windows and Android convertible, 2: 1 and tablet devices

Chrome and clients - Both in the Advanced Technology Zone , and the main Citrix Booth, Intel and Citrix is ​​the Tech Preview of Citrix Receiver for Chrome present running on the new Intel Core i3 Chromebooks from Acer and Dell. In addition to our expands partnership with Google , Citrix and Intel continue to bring users across the enterprise the best app and desktop virtualization experience on the latest Intel-based Core i3 cooperate Chrome devices.

IDF promises presented our strong technology partnership with Intel and further demonstrate the industry Citrix guide to be an exciting week for mobile workspaces. We invite our partners, enterprise customers and industry supporters in the Bay Area this week # IDF14 the Moscone Center to visit with Citrix experts to speak and display an impressive array of Citrix solutions.

The road to a Mobility Transformed business :. The software-defined workspace

9:28 PM Add Comment
The road to a Mobility Transformed business :. The software-defined workspace -

Marc Andreessen was right software really eats the world

While in the past the office productivity was determined by physical constraints linked with the people to certain areas of production, such as buildings and desktop computers, we have now moved beyond. The software can do to take us through these limitations, we have to do, when and where we need to do it. A car is a conference room a global team matches. An iPad in a cafe is a design studio. An airport lounge is a sales office. Just last week Apple has a wristwatch that a communications center, health sensor, wallet, weather station and who knows what else. No wonder investors to pour so much money into software companies. More than ever, it is software that define us our own reality.

This is especially true in the workplace. Not so long ago, people were working at a particular location, developed a specific machine to do specific things. The image appears already as ancient history, right? Today it must not matter where you are, what device you have, or even if you are stuck on a device or move about more about the source of the day. Wherever you go, you can define your workspace according to your needs. If you need to act like a high-end engineering workstation your tablet, no problem. If you need to collaborate with colleagues on the other side of the world, you can meet with them all face-to-face on the laptop screen. If you edit or respond to a client on a fixed period a document, you can catch the next device even grab one of a borrowed friend and just like that, you are trusted in your own desktop search.

Of course, the software-defined workspace is not magically appear. It comes from the IT, the culmination of a long process of innovation that has first connected LAN systems in client-server and now seen in an increasingly diverse and dynamic mosaic of interconnected systems monolithic mainframe systems branch. In adapting to the requirements of this new environment, it has the software-defined data center embraced, with the virtual shifts the physical in terms of computing, storage, networking and orchestration. With the workstation software-defined, IT curated now aggregates, secures and delivers applications and content anywhere they are needed, without being bound by physical location or hardware.

to complete this shift and the mobile workstation, we each element to be the best it can be. A dynamic access environment requires bulletproof security, even from the human remains to allow true freedom and comfort. People need a great experience, where and how they work, without having to worry about the limits of the device or network they use similar, a high-end Windows application on an Android device via public WLAN runs. You need to be able to access information and share it with others, and cooperation with teammates seamlessly with devices and locations. Each service will be delivered, must be secure, collaborative, contextual, continuously and smoothly moved.

The culmination of a 25-year partnership of success

That's where Citrix comes. the software-defined workspace is the result of our partnership with IT through a journey of transformation. There is no faith, we is more at the heart than the idea that the work does not take place-it's something that people do. Over the past two decades, we have remote access, virtualization, Delivery Networking, cloud infrastructure and mobility management pioneered to allow all people to define their own environment for the productivity of labor, no matter where they are. Along the way we have developed assets that enable us in a unique position to become a reality, the software-defined workspace. As such has been placed for Citrix Share File and the Magic Quadrant for Enterprise Mobility Management Suites ** Citrix for Enterprise File Synchronization and Sharing * in Gartner Leaders Quadrant of the Magic Quadrant. You can before more of my thoughts on our market leadership in my previous blogs.

In the weeks and months to read, you will hear a lot more about the workplace software-defined and how Citrix makes it possible. Picture a complete work, the people followed wherever they go, under whatever form they need it. Then imagine how much better life for your business will be and your employees, if we help you to realize it.

Matthew Morgan, SVP of Product Marketing at Citrix About the author

Matthew Morgan vice president of corporate product marketing for Citrix. In this capacity, Mr. Morgan Global Product Marketing passes for all Citrix solutions. His background includes twenty years in enterprise software, including the world's leading product marketing organizations for HP Software, Mercury Interactive and Blueprint. Feel free, with him on LinkedIn or visit his personal blog.

* Gartner Magic Quadrant for connecting 2014 for Enterprise File synchronization and sharing, Monica Basso, Jeffrey Mann, Charles Smulders, July 2

** Gartner Magic quadrant for Enterprise Mobility management Suites, Terrence Cosgrove, Rob Smith, Chris Silva, Bryan Taylor, John Girard, Monica Basso, June 3, 2014

Gartner does not endorse any vendor, product or services depicted in its research publications, and does not advise technology users to select with the highest ratings or other designation, only the provider. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose .

Tech Preview: XenDesktop Windows Azure Pack Gallery image

8:27 PM Add Comment
Tech Preview: XenDesktop Windows Azure Pack Gallery image -

Citrix Labs recently XenDesktop 7.5 Windows Azure Pack Gallery Photo posted. This blog post takes a closer look at the Windows Azure Pack fits in the company and how the XenDesktop Windows Azure Pack Gallery image allows rapid and automated XenDesktop implementations in a private / hybrid cloud scenario.

XenDesktop cloud in a private / hybrid

CC Photo credit: Daniel Lu

if they were to ask a typical company, whether they embraced some form of public cloud, chances are 100% of respondents would say "yes" (and this survey that the adoption amplified).

Now were, if you have the same number of enterprise customers, if they still ask a heavy investment in their own internal data center, the answer would probably be close to 100% also. The reality of cloud adoption that while it offers companies many advantages around cost, efficiency and flexibility; the typical company is managing more internal data centers for some time. Reasons for this are probably a number of factors, which concerns, security concerns, testing or managing legacy applications that can not possibly contain suitable for public cloud.

gave

This increase to the private and hybrid clouds, to implement something that many companies have already begun to evaluate and implement, or plan, because it aspects of public and private clouds look together to combine.

Knowing this, that examines Citrix Labs team how we could help our customers deploy virtual desktops in a private or hybrid cloud scenario. Recently we published a tech preview of our XenDesktop System Center templates. These templates provide an easy way to simplify and automate XenDesktop implementations in a service-based private cloud. Our next project that we has just been released as a Tech Preview is a XenDesktop Windows Azure Pack gallery image.

XenDesktop Windows Azure Pack Gallery Image Tech Preview

What is a XenDesktop Windows Azure Pack Gallery image? Now let us first start with Windows Azure Pack.

"The Windows Azure Pack for Windows Server provides a solution for companies that act as service providers and service providers interested in winning enterprise workloads. ... (It) provides the power of Windows Azure in your data center, so you have a wide range, self-service, cloud multi-tenancy with Windows Azure consistent experiences and services. ( Microsoft Windows Azure Pack for Windows Server Whitepaper )

Windows Azure Pack is to emulate the Windows Azure experience a data center, so that large companies and service providers to have a consistent experience as they provide and independent resources manage of their location - public cloud, private cloud or hybrid cloud a Windows Azure Pack gallery image is a standard, shareable component of Windows Azure Pack, the virtual machine roles, or server roles as repeatable configuration..

The XenDesktop service self-determination allows customers of a large enterprise or service provider Windows Azure Pack Gallery image provides a consistent installation of XenDesktop roles. Similar in concept to the aforementioned System Center Service templates they should be reusable virtual machine blueprints, which can be used to simplify the deployment and management of virtual machines. The essential difference is that gallery images can be exposed for tenants on the Windows Azure Management Portal Pack, it is easy for a large company or a service provider make gallery images across multiple customers.

[1945009teilen]
Windows Azure Management Portal Pack

If this sounds interesting to you, then our technology preview can be seen. You must be 7.5 Windows Azure Pack and Windows Server 2012 or 2012 R2 and XenDesktop.

To learn more and to gain access to the technology preview, visit this page. For a walk through of how this works, we have prepared this "as" video on Citrix TV.

, so that the XenDesktop Windows Azure Pack give Galeriebild a try and let us know what you think. For more information on the type of project that works Citrix Labs team, take a look at the trends and innovation website at Citrix.com. You can also join the Citrix Labs group at LinkedIn.com.

Citrix User Profile Manager cookies and history support for Internet Explorer 10 and 11

7:26 PM Add Comment
Citrix User Profile Manager cookies and history support for Internet Explorer 10 and 11 -

Citrix User Profile Manager (UPM) ensures that the user's personal settings on the virtual desktop and applications be applied the user, regardless of the position and the endpoint device.

Internet Explorer (IE) is the most common browsers used in corporate and enterprise level. The user can personalize various settings and configurations, which remain in consecutive sessions.

Users can save or adjust various settings and configurations in Internet Explorer. Citrix UPM supports the user settings roaming browser.

Support IE 10 / IE 11 Migration few problems introduced and this blog is intended to promote as UPM (v 5.2) is aimed at them.

Mainly 3 failures were observed.

  1. Cookie migration.
  2. history of migration.
  3. Stale Delete Cookies.

In IE Protected / Enhanced Protected Mode (EPM) Cookies and History information in IE10 and IE11 not UPM received immediately (up to v5.1). Reason for the failure is mainly because quite a few UPM metadata information about registry and file system objects specifically for these versions of IE.

In addition, were Stale cookies are not deleted, even if the policy is enabled. Microsoft makes with the old "Index.dat" file away, which it uses to process stale cookies and delete them.

The above-mentioned problems with the history, and cookies in UPM for IE Protected Mode fixed (from v5.2 to). UPM now receives necessary data Meta successful in terms of cookies and history. Stale cookies are always independent of politics deleted is always set or not (Stale cookie policy for IE 10 / IE 11 is defined internally always true, and they will be processed, but for earlier versions of IE, stale cookie policy remain the same ).

UPM solution

As above, both explains the issues need to be separately addressed the causes for both there are different

  • cookie handling issue: ,
    • in "protected mode" are appropriate ACLs be set for the above registry objects to the user application.
    • for "Stale cookies," Access Time, Modified time and creation time is restored
  • dealing with history issue .:
    • file attribute ( FILE_ATTRIBUTE_SYSTEM ) is set in the above file system object by the first user login.

UPM now receive the timestamp values ​​for the mirrored folders. Therefore, in order to resolve on the stale cookies problem that folder Mirror-list should be added.

The following folders should be added to reflect the folder list.

  • AppData Local Microsoft Windows INetCookies
  • AppData Local Microsoft Windows WebCache
  • AppData Roaming Microsoft Windows Cookies

thus UPM has now solved the problems and user above can now migrate IE and experience the same configuration and settings in all its environments.

Previous versions of IE

Any practices of previous IE versions remain unchanged. be created by cookies by Bruin or older profile uses persistent

State Cookies - -

history - Browsing History of Bruin or older profiles are not persistent

Cookies are not treated; These cookies will remain forever as part of the profile, until unless deleted manually.

End-User Experience Monitoring: we want to hear from you

6:25 PM Add Comment
End-User Experience Monitoring: we want to hear from you -

We have heard from customers that an end-to-end monitoring solution that is among their top requirements for the successful management! XenApp and XenDesktop environments and is now a variety of options are available, either from Citrix, our partners or third parties. An important element when it comes to diagnose problems when they occur, is the end-user perception of performance and how these factors. In the overall process of troubleshooting, diagnostics, and ongoing monitoring of a Citrix environment

Our Customer Experience team holding a series of studies in the coming months to hear from our customers, to understand their end users, what is important when it comes to monitoring and managing their virtual applications and desktops.

We would like to part of an opportunity to invite to participate in numerous research studies to share your story and provide us with feedback. Studies may activities include for example:

  • One-on-One Interview sessions One-on-one Sessions between you and our Customer Experience team postponed GoToMeeting
  • design round tables . Twice montly meetings feedback on designs in progress. Sessions range from 60 to 0 minutes in length
  • online or in person focus groups .: Feedback from a Citrix led to different topics in a group discussion points. Moderators
  • on-site visits : We come to you! See people our products in their own environment gives us a better understanding of how our products work better for you to make. Our small team is to learn to you firsthand how to work with our products.

In all cases, we offer a fee in return for your time and input. If you are interested in participating in one of our research sessions, then please take a few minutes to fill out a short questionnaire to us the kinds of studies to say you would most interested in, and we will meet with the right opportunities. All responses are confidential and only for the purposes of Citrix study recruitment are -they are not used for marketing, sales or other purposes.

Follow the poll

used to take this link

Free Citrix Seminar for Manufacturing Technology, October 9 in Bedford, MA

5:24 PM Add Comment
Free Citrix Seminar for Manufacturing Technology, October 9 in Bedford, MA -

Secure remote access to 3D data without the visual performance

[1945001imBüroerhaltenjederzeitundüberallZugriffaufProdukt-Design-DateienmitdergleichenLeichtigkeitundvisuellePerformancevonihrenWorkstations] users of 3D data expected. Organizations need a solution that can safely enhance the safe design IP and access to all network and device.

This on-site meeting with experts from Citrix and NVIDIA particularly focused on the needs of manufacturing enterprises, including aerospace and automotive and users who work with CAD and CAE, PLM and PDM software , work should both customers and partners with common customers interested in virtualizing CAD etc. be suitable

Come to learn about us, such as helping provide safe design data together in real time leading Citrix XenDesktop and HDX 3D Pro stunning visual performance of 3D applications and workstations in the data center hosting and next-generation NVIDIA Grid GPUs use:

  • Enter stunning visual performance at low bandwidth and high latency networks
  • deliver mobile device to look at access to 3D applications safely and edit design models without apps for mobile devices design rewriting
  • share control expensive hardware costs through hardware with users in non-overlapping time zones work
  • Reduce the number of nighttime data synchronization of very large amounts of data over the WAN bandwidth to control costs

place / date / time

  • Citrix Bedford, MA (map)
  • date: 9 th October 2014
  • time: 3:00 to 17:00

Register here

[thesetechnologieshastobeascertained alternatives

as those unable to attend NVIDIA GTC 2014 Conference recordings:

  • S4715 - ArcGIS Pro - 3D GIS in virtualized environments
    John Meza, lead performance engineering team, software development, ESRI
  • S4666 - Next technology steps for Applied Materials Global Engineering Collaboration CAD in the cloud
    Oran Davis, Managing Director, Engineering Tools at Applied Materials, Applied Materials
  • S4735 - remote Graphics VDI for the Digital factory at Gulfstream
    Jeff Retey, enterprise PLM Systems, Gulfstream
  • S4581 - customer experience with GPU virtualization and 3D remoting
    Derek Thorslund, Director of Product management, Citrix
  • S4782 - Anatomy of an aerospace VDI project: discovering, planning and implementation of
    a Large Scale VDI 3D GPU project
    Steve Greenberg, Principal Consultant, thin client computing

in addition to our own blogs on:

  • PLM (Product Lifecycle management)
  • Aerospace
  • NVIDIA GRID GPUs
  • CAD

Our HDX 3D Pro blog often results details of similar user events at both meetings and online webinars around the world, and new reference architectures, hardware and technologies, so follow us!

Citrix User Group Norway - October 29-31st 2014 - Carry on Cruising

4:23 PM Add Comment
Citrix User Group Norway - October 29-31st 2014 - Carry on Cruising -
The ship - the Color Line Fantasy

The group Citrix users in Norway is running a two-day voyage its next meeting! Norway is a notoriously expensive country, but it seems ferry cruises are not, so if you have been deterred by the high cost of Oslo hotels in the past which, have check it out! Even if you can not do with the Norwegian events regularly attractive 140+ participants, it will be worth their Twitter account and event day for all the gossip Watch https://twitter.com/CUGNorway (@CUGNorway) and # CUGtech

Norway has a high number of Citrix gurus and Citrix technology professionals and a very active user group meetings and events run specifically for the geography. In addition, her reputation is in the other Citrix community, this event has speakers from other geographies as Citrix veteran Carl Webster (currently involved in both PowerShell and Moonshot) attracts.

With two days, this should be a great event, in -depth event (check the agenda out), with meetings, including:

  • automated provisioning XenApp / XenDesktop 7.5 CTP and training expert, Trond Eirik Håvarstein
  • HP Moonshot: from field experience with Moonshot and XenDesktop / PVS, Carl Webster
  • HDX - Mer enn 3D Pro ( "Over 3D Pro"), Mikael Modin
  • ultimate guide to your Citrix Mobility solution implementation, Anton van Pelt

and a great opportunity to hear from the sponsors, which will also be on board, including:

  • Cortardo
  • Arrow ECS
  • triCerat
  • first

Introducing the Storefront 2.6 Authentication SDK

3:22 PM Add Comment
Introducing the Storefront 2.6 Authentication SDK -

Customized Receiver for Web Logon Page

Citrix is ​​pleased to announce the first version of the storefront Authentication SDK, following the facade web API and the storefront Store Customization SDK, storefront open to create the best solutions for their users as a platform for partners and customers.

This first version focuses on the adaptation of the Citrix Receiver Common Forms protocol, in which credentials are set explicitly by the end user. While there is already possible to perform more minor adjustments, describes the Authentication SDK and shows how an entire authentication call to design a series of forms and to implement.

iOS Worx Home Customized Logon Page Citrix NetScaler Gateway will soon also release version with the Citrix Receiver Common Forms protocol as receiving option, in addition to the current mechanisms. Storefront 2.6 also sees the introduction of a new Citrix protocol called Delegated forms authentication, see here for more information. This allows Citrix NetScaler gateway to securely delegate the form generation and response handling to another component, in particular storefront when the new registration protocol is performed.

At present, can only run the iOS Worx Home client login to the gateway of the recipient Common Forms protocol, but the others will follow. Also not all native clients currently support all aspects of the Citrix Receiver Common Forms protocol, but again Citrix is ​​working to solve this.

The Storefront supports 2.6 Receiver for Web fully customized forms.

[1945005dieVision] is that any adjustment to the Authentication SDK created can be used by :. User internally by NetScaler Access Gateway and both browser-based and native clients significant reach into a single adjustment provides storefront access to external

Customized Receiver for Windows logon page

[1945005denAuthentifizierungsdienstausgebautDarüberhinaus] , the authentication SDK shows how the storefront management console expand to allow use deployment and configuration of the adjustments that console.

Customized StoreFront Administration Console

All recessed storefront authentication methods are created completely the Authentication SDK, the mechanisms identified in the sample, including adding new. Protocol methods for authentication service, and the administrative interfaces in the Administration Center

the Authentication SDK includes the following components:

  • documentation
  • An Authentication SDK Overview document
  • , the receiver Common forms language and form creation documents
  • the API documents Authentication service
  • documents for each of the samples
  • Examples
    • the samples show the structure storefront packages and installers
    • Prefabricated versions of the sample installers, ready in storefront try 2.6 implementations
    • Two Citrix receiver Common forms adjusting samples
    • another sample demonstrates how to add a completely new authentication protocol
  • tools
    • All tools and reference assemblies needed the samples

    the Authentication SDK can be down and downloaded look for a specific area in the Citrix developer website to build shortly. The SDK was developed with input from some Partner Authentication, so look for some exciting announcements from partners in the near future.

    Download the Storefront 2.6 Authentication SDK

    Provisioning Services Failover: Myth Busted

    2:21 PM Add Comment
    Provisioning Services Failover: Myth Busted -

    For a long time, if you ask a lot of experts in the field, how long it takes, a Provisioning Services (PVS) Server Failover would, many have cited an old case study where it took eight minutes about 1500 VMs failover. It was long ago, and much has changed over the years, so we know plays when failover time still wanted to see a part in PVS server sizing. In this post I will share learned lessons from recent tests showing because of high downtime PVS server horizontal scaling is a thing of the past. I will that provided all this, you have an understanding of PVS, if you can not verify the eDocs and read the Virtual Desktop Guide.

    To test failover times, a surrounding area of ​​1000 Windows 8.1 x64 target devices that PVS was performed 7.1 Target software used. In accordance with Citrix best practices that Windows was 8.1 image as per CTX140375 optimized. Environment Details are summarized at the end of the post.

    Test Methodology

    There are three scenarios run failover time to determine. These tests were carried out, first failover time to determine the factor of the number of target devices and then as a factor of the registry changes, as specified in CTX119223. The three scenarios are listed below:

    1. 500 target device failover with the default settings
    2. 1000 target device failover with the default settings
    3. 1000 target device failover with registry changes

    Before I deliver the results, we can see how actually to measure the failover time, or simulate a failover. I needed a consistent manner, the failover time of the measurement, or more importantly, in which time the desktop is unresponsive for a user. To do this, I ran the following test process .:

    1. All target machines were from a single PVS server booted
    2. A second PVS Server was brought online, but was not streaming on all target devices.
    3. all target devices were loaded with a simulated workload LoginVSI 4.0 to reflect the actual use. The "light" workload to test a higher volume of targets was used, although the nature of the workload should not affect the failover time.
    4. After all devices constantly ran the workload, a script was executed any goal ever the time to write to a remote file . This acted as a failover timer.
    5. uses the NIC to the target device has been disabled to stream on the first PVS server. This corresponds to an ungraceful failover caused as a graceful failover by disabling the streaming service on the console
    6. During the failover caused unlike objectives, unresponsive was temporarily stopped, the time to the remote file to write. Once the second PVS server failover, they put the time writing. The length of this strike has been marked as failover time for the target device
      . Note: The streaming service through the PVS console Stop causes a graceful failover and no error scenario to simulate. This is a product function and a good thing if you need to perform maintenance, but not when an unplanned failover J . want
    test [now

    results

    with this method, the type of failover times did we get? The maximum downtime for each scenario is as follows:

    1. 500 target device failover with the default settings = 76 seconds
    2. 1000 target device failover with the default settings = = 35 seconds

    is definitely not more than 8 minutes and were the maximum times recorded 76 seconds

  • 1000 target device failover with registry changes , Many meetings were never responded because of the use of the Windows standby cache used by the PVS Target. If the target does not have to read all of the vDisk when a failover occurs (as in everything is cached locally), is the goal never responded.

    Key Takeaways:

    • There was no change between 500 and 1000 targets in failover time. For this reason, fail-over time should not be the determining factor, the number of PVS servers that is necessary to support an environment. Instead, the number of required PVS servers should based on whether the number of target terminals may in the case to support that a PVS server fails. That is, use of the N + 1 rule for PVS server redundancy. Other design decisions regarding the PVS Virtual Desktop Manual.
    • It is possible to modify the registry to change the failover behavior. Proceed with caution! As the article mentions, to change these settings values ​​are very low in constant failover may have due to a network failure and the result is therefore not initiated recommended . In this test modified I two settings as noted in CTX119223. The first is to change the timeout value for a response for each packet to the PVS server sent. I have this to 1 second, which is very low. The second change that I made was to initiate the number of repetitions before the failover. I changed it when you must to reduce the potential downtime of the default of 10 to 4.
    • , because the standard is too long, I propose that the minimum timeout to 2 seconds help to increase the risk of constant failover and to reduce the number of repetitions to 4 instead of the default of 10.
      the registry keys for this reduction under HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Services changed BNIStack Parameters :
      IosPacketMinTimeoutms = 000000
      IosRetryLimit = 00000004

    environment Overview

    a 8 host cluster with 125 virtual machines on each host with the write cache drives located on an EMC SAN was used which presented hypervisor as the clustered shared volumes (CSV). I also had a XenDesktop furnishings 7.1 application along with LoginVSI 4.0 to shed some light to simulate user workload during my tests are run. The environmental details are summarized below, along with an environment map. (Click on the image to enlarge it). Note that the tests were run with the Cache in Device HDD write cache option, as I these tests a little ran some time ago before 1 IOPS moving train (several recent blog posts see on the new RAM cache with overflow option). However, the write cache option should not affect the failover time.

    server HP ProLiant BL460c Gen8
    CPU 16 cores Intel Xeon @ 2.60 GHz
    memory 192GB
    Storage EMC VNX5500 Storage array
    hypervisor Hyper-V 3 on Server 2012 R2
    PVS Specs 2 Server at 4vCPU and 16GB vRAM

    thank

    I would like to give a big thank you to the team, to assist in the Citrix Solutions Lab for the mobilization of all hardware, made these tests possible and EMC to thank for the VNX array, which was used as the primary storage device. I also want to Carl Fallis, Gregorz Iskra, Martin Zugec and Andy Baker for their various contributions and input on the audit.

    to recognize Thanks for reading,

    Amit Ben-Chanoch
    Worldwide Consulting
    Desktop & Apps Team
    Project Accelerator
    Virtual Desktop Manual

  • New to XenApp 7.6 and XenDesktop 7.6? Let me

    1:20 PM Add Comment
    New to XenApp 7.6 and XenDesktop 7.6? Let me - Your Wingman be

    "The journey of a thousand miles begins with the first step" - Lao-Tzu (6 BC )

    bring Your Own (BYO) and Mobility trends in company with all makes so many new users and organizations to sit up and take notice.

    taken Many of them belong to traditional desktop and IT management. The jargon and concepts of software-defined work are sometimes unfamiliar to them (as that term itself!). What they want is to get a way past the hoax in the least amount of time, and get busy evaluation Services technology to them.

    This is why we have different technical resources for each phase of the learning curve, begin evaluating and go deeper. some familiarity with the key concepts After development, it is easier to usually come to do a deep dive in the areas of interest and back.

    If that's you, read more about many of them know interesting tools

    Learning Curve
    Learning Tools for XenApp and XenDesktop

    level 1 -. Test the water (censorship)

    In Release 7.6 of XenApp and XenDesktop Citrix the bar for innovation has added tons of new features for easier management, higher security and high-definition user experience increases. For new administrators and users is the first step to quickly install the basic set, so can begin the evaluation. For existing customers is the goal, what has changed and what is too new to understand.

    These two objectives are easily met with the free Evaluation Kit, which provides a 0-day, 99-user license with full functionality (click XenApp to try or try XenDesktop). Product Guides bundled with each evaluation copy through the step-by-step screenshots first desktop publishing and a number of applications, only within a few hours. Alternatively, you can also have direct access for XenApp and XenDesktop leader.

    Other useful resources are short technology videos of Citrix TV and free training to gain high-level overview of the different concepts. Project Accelerator is an excellent online tool to create a project space, driven by crowdsourcing best practices. Simply answer a few questions about your current physical environment and detailed in the free report recommendations sizing and architecture. When you are ready to move on to the design stage, this could be the basis for your individual reference architecture

    Stage 2 -. Get comfortable (Design)

    Once the blocks well understood you delve into how they fit together. They begin with the question: What should your users are doing? The XenApp and XenDesktop deployment plan to walk through the 5-layer model to build the answer, neatly various parameters such as hardware sizing Arranging, authentication policies, the type of resources, grouping of users, and many more in a few logical Bucket. The design guides take a step further, normative offer recommendations for common situations, such as virtualize the mobilization of Windows applications to optimize the cost of PC refresh, remote access to corporate PCs, 3D graphics workstations, and so on.

    Other useful resources are reference architectures based on best practices consulting and partner-validated architectures such as HP, IBM, Dell, Microsoft, Amazon and others. Formal training for the administration and management of Citrix environment is in this phase help both as self-study online labs or classroom-led

    Stage 3 -. Deep Dive (Execution)

    In the execution phase, there are plenty of tools and documentation. Some examples are the formal product documentation, white papers on various functions and sub-components, technical blogs (usually the direct line to the engineers who built it!) And Consulting services. The Virtual Desktop Guide is a living document that gathers in one place a lot of knowledge and best practices learned from Citrix Worldwide Consulting. It is one of the most popular means of links to tips and tricks, best practices and sample configurations.

    Other useful resources are support forums where Citrix experts in the community (both within and external) be consistent answers to tricky questions and blogs managed by Citrix Technology Professionals (CTP). The CTP program is an elite group of external consultants with decades of practical experience supporting complex Citrix environments around the globe. Follow them on Twitter to stay up-to-date on all things Citrix. For Citrix User Group (CUG) in your area where you can share them with annual or bi-annual events best practices. Training and certification is always a good idea to prove your chops.

    Citrix is ​​one of the most experienced providers deliver virtual desktops and applications. We allow cloud and mobile work styles were since before they were to these keywords. Whether it was the iPhone or the Chromebook, high-end graphics or far-flung offices, Citrix has announced it with a solution on the first day. This collective wisdom of more than 25 years means that almost every application, whether niche or together, legacy or modern, was captured, fixed and documented. This unique collection of learning now is to create the success.

    to go, then sign in for the free trial. These tools and documents are here to guide you every step of the way!

    If you have questions or comments during the hearing, do not hesitate to email me or send me a tweet.

    Follow @mayunkj