by Christiaan Brinkhoff, CTP
At the Citrix Synergy user conference last week, held at the Orange County Convention Center in Orlando, Kirill Tatarinov started off the new Vision keynote with a great shout-out to the Citrix Technology Professional (CTP’s) / Citrix User Group Community (MyCUGC)!
Before all the new announcements started, a personal video message from F1 driver Max Verstappen and a live stream with Team leader Christian Horner from sponsor Red Bull in Monaco was shown on the big screen, where Kirill asked how Citrix technologies help Red Bull to keep pushing F1 cars to the limit. Being a consultant from the Netherlands, this was quite amazing to see!
The biggest announcement at the Keynote was the release of the new Citrix Workspace, the new unified logon portal, that can interact with all the other Citrix software programs and/or custom apps, by providing SSO. This new feature and all the other announced features will be covered later in this article.
In the afternoon, the Technology keynote featured PJ Hough, VP of Citrix products as leading speaker. At the beginning of the second keynote, the one and only Brad Anderson joined the stage! He started by highlighting all the accomplishments of the last year, regarding increased partnerships. Brad also gave a demo of the EMS mobility integrations for XenMobile and for the SSL VPN Client configurations. He showed how the Citrix Secure Mail app has the Intune SDK built in, which makes it possible to set conditional rules. For example–you can copy and paste between a corporate document in Word and a message in Citrix Secure Mail, but not into a personal email. The other demo that Brad showed how to set up filtering per app with the NetScaler VPN client, so you are only able to connect your VPN client when the settings are correctly applied. Pretty cool…
Curious? All the keynote videos, and the other (tech) sessions are now all free available on demand and can be found at the following link: http://live.citrixsynergy.com/2017/presentations.php
Citrix Innovation Award 2017 (for customers)
Citrix CMO Tim Minahan introduced the finalists for the Citrix Innovation Award at the Technology keynote, from that moment on, visitors of Synergy could vote on three innovative companies.
The winner of the award was… SCL Health
SCL Health is a faith-based, nonprofit healthcare organization dedicated to improving the health of people and communities. Their $2.5 billion health network aspires to provide comprehensive, coordinated care through 13 hospitals in three states – Colorado, Kansas and Montana. SCL selected Citrix Workspace Suite to improve their user experience, enhance security and give physicians more time to spend with their patients.
Kirill called up some numbers – 50% of worldwide companies will use the public cloud in some form over the next 12 months, for example Office 365 or Azure/AWS. 67% will work via the cloud by 2020, which could be every vendor around the block. So, Citrix will focus their platform more on a multi-cloud approach. While the controls are all cloud-based, customers who use it for apps, desktops, and data can place their workloads on any public or hybrid cloud, or on any on-premises virtualized environment, as well.
Citrix’s own Cloud platform, the Citrix Cloud, had some great releases already over the last year. At Synergy, the following new platform releases were announced (I’ll cover the new features later in this article):
- Citrix Secure Browsing
- Citrix Workspace
- Citrix Analytics
But to inform you of all the earlier releases on the platform, I just made a small list:
- XenApp Essentials and XenDesktop Essentials, which are native to Microsoft Azure, but managed from Citrix Cloud
- New XenMobile options for device management and app management
- New NetScaler Gateway Service, allowing customers to provide simplified remote access to XenApp and XenDesktop, from anywhere in the world, speeding and simplifying implementation
- New integration with Azure Active Directory for administrative federated authentication
- A unique License Usage Insights service, specifically designed for our Citrix Service Provider (CSP) partners who host their own Citrix-based services and workspaces
- Smart Tools – Smart Check feature
Not familiar with the Citrix Cloud yet? I encourage you to take a look at it by requesting a trial or use the free services, like some of the Citrix Smart Tools features!
Note: I recommend the following article, from Marius Sandbu: So you are considering Citrix Cloud? What do you need to think about
Microsoft and Citrix: What’s So Far Been Released?
Since Citrix and Microsoft increased their partnership, there have already been some great new innovative new technologies released, see them all listed here:
- NetScaler Conditional Access integration for Microsoft Intune
- Microsoft Azure OMS management integration packs for Delivery Group and Logon Duration monitoring
- XenMobile secure mail support for Azure SDK for Intune EMS integration. You can copy and paste between a corporate document in Word and a message in Citrix Secure Mail, but not into a personal email.
- XenDesktop Essentials / Windows 10 support
- XenApp Essentials (replacement of Azure’s RemoteApp)
- Better Skype for Business HDX optimizations
- Citrix Receiver for Windows 10 S / UWP support
- Day one support/adoption for several Microsoft products, for example Windows 2016 XenApp and Windows 10 XenDesktop VDA and server installation
- Secure Boot and Virtual Trusted Platform Module (vTPM) support
- Secure Browser through Azure (just got announced, not released yet)
XenApp and XenDesktop in Azure
As a Workspace and Cloud evangelist, I loved all the announcements around the new Essentials service in Microsoft Azure. Credit goes to Prasanna Padmanabhan and his team for an awesome job, to make this all possible in such a short time!
- New TCO calculator for Citrix XenApp and XenDesktop (Essentials) in Azure calculations available, including all kinds of extras, like user density integration on Azure machine sizing -> https://costcalculator.azurewebsites.net/costCalculator
- XenApp 7.14 trial PoC now available in Azure, a fast way to get a first look and feel of Citrix in Azure!
- Azure ADDS is now supported, can save up annual costs of separate Active Directory machine. Azure ADDS is only available in the ASM portal, so this requires an vNet peering to ARM.
- Support for Azure N-Series Virtual Machines
On the roadmap:
- Support for provisioning (lower storage annual costs)
- Machine Catalog creation performance improvements are on their way, as part of the managed disk support (save up to 50-60% of creation and catalog update time).
- Support for Managed disks
- Support for Azure Disk encryption
- Support for Linux OS VDA’s in Azure / Linux VDA template service
- Support for AzureGov
Citrix Workspace Service – Workspace For One and All!
One of the most innovative releases at Synergy was the new Citrix Workspace Service – a new cloud-based offering that provides users with a single place (SSO) to access all their Citrix services, to increase productivity by simplifying user experience. In the words of the CEO, Kirill: “Today, we’re announcing Citrix Workspace Service. Citrix Workspace Service is available from Citrix cloud, and enables people to consistently connect to every app — cloud app, on-prem app — all the data all the files all the content all the workflow.”
It looks like an identity management/SSO portal, end-user-facing. All types of apps, files, self-service will be able to access through one portal. It’s also will be called the StoreFront++. It will redifine the way you work! This new service will replace the existing StoreFront service that is part of Citrix Cloud, and support not only the Citrix Cloud hosted services but on-premises XenApp and XenDesktop deployments, as well as the Azure-based XenApp and XenDesktop Essentials offerings.
- SSO into apps, for example SaaS apps, web apps, mobile apps or Windows apps
- Acces your data directly, for example through ShareFile from the portal
Note: Citrix Workspace Service will be available later this year, somewhere around Q3, 2017.
XenApp and XenDesktop 7.14
The promised Q2 Current Release holds the following new features and/or improvements:
New Site features and improvements:
- Local host Cache improvements: Zone support is added – in a VDI deployment, the number of VDAs that can be handled effectively during an outage has increased:
- In a single-zone VDI deployment, up to 10,000 VDAs can be handled during an outage.
- In a multi-zone VDI deployment, up to 10,000 VDAs in each zone can be handled during an outage, to a maximum of 40,000 VDAs in the site.
- Citrix Director improvements; Disk I/O monitoring, GPU Monitoring and better report functionalities for exporting are now all integrated and usable through the Director Web portal.
- Nutanix now officially supports XenServer 7.1.
- Citrix Smart Tools agent is now integrated in the 7.14 Desktop Delivery Controller installation, at the end of a clean site installation or upgrade there is now a possibility to connect directly to the Citrix Cloud service. The Smart Tools integration replaces the former Call Home functionality. Smart Tools enables you to automate deployment tasks, health checks, and power management.
- Multi-type licensing: Introduction of a new License Type flexibility, you are now able to combine User/Device and Concurrent user licenses
- Session Recording improvements; introduction of Load balancing for Session Recording and Session Recording integrated into the XenApp and XenDesktop full product installer. With this feature, you can install Session Recording by using the unified XenApp/XenDesktop installer.
- Scout 3.0; This new version is installed automatically when you install or upgrade a Delivery Controller or a VDA and perform and collects, traces and schedules automatically Insight information of your Citrix environment that can be uploaded to Citrix for analysing.
- Update to the auto-created client printers setting. The Printer driver mapping and compatibility setting is configured to exclude Microsoft OneNote and XPS Document Writer from the auto-created client printers list.
- Audio volume persistence. In XenApp, any previous playback volume settings are not lost when you reconnect to a session.
- Tablet mode in Windows 10 using Windows Continuum; Tablet mode supports touch screen devices like phones, tablets, and laptops and optimizes the look and behavior of the apps. When you start a VDA on a touch screen device, the Start screen, and all apps you start, automatically display in tablet mode.
Instead of all kinds of new functionalities and features, StoreFront 3.11 only includes numerous of bug fixes. All of them are listed below:
- If the Citrix SCOM Management Pack Agent service is installed on the StoreFront server, StoreFront cannot upgrade.
- On upgrade, StoreFront forgets the default IIS website setting. This issue applies to upgrades from versions 3.5, 3.6, 3.7, or 3.8.
- StoreFront does not upgrade with a large (over 2 GB) subscription database.
- Cannot log on to Citrix Receiver for Web site using domain pass-through in a shared authorization service environment. If you have multiple stores sharing an authorization service and then create a new, dedicated authentication service for one of the stores, it is not possible to log on to the Citrix Receiver for Web site while using domain pass-through.
- Attempts to launch a session might fail with the following error message: “The ICA file contains an invalid unsigned parameter.”
- The icon color for Citrix Receiver for Windows does not change after modifying the StoreFront theme.
- After installing StoreFront 3.0.1000 or 3.0.2000, the management console fails to start and the following error message appears: “The Management console is unavailable because of a root certificate missing, go to verisign and download the certificate – Verisign class primary CA – G5.”
- When you select a configured Site during the setup of XenDesktop, a default store might be created in StoreFront that uses the default Authentication Service. If you remove this store, users of Citrix Receiver for Windows cannot add any other stores and the following error message might appear: “A protocol error occurred while communicating with the Authentication Service.”
- Upgrading StoreFront to version 3.0.2000 from version 2.5 fails with Error 1603.
- Users are unable to see apps and desktops after logging on when one XML broker does not work correctly, even when there are many working XML brokers. The following error message appears: “There are no apps or desktops available to you at this time.”
- If you configure Self-Service Password Reset (SSPR) for a specific store from the StoreFront console, the configuration applies to all stores, not just to the specific store you selected.
- Attempts to propagate changes to a server group by selecting “Propagate Changes” on the StoreFront console might fail and the following error message appears: “Propagation failed on one or more servers.”
Citrix Workspace environment manager (Norskale)
During Citrix Synergy, a new version of the Workspace environment manager (WEM) has been released. The tool is free to use for XenApp and XenDesktop Enterprise and Platinum (valid) licenses!
All the new features are:
- Citrix Profile Management support for all versions up to v5.6.
- File Association actions cannot be processed by the Agent Host on Windows 8, 8.1, Server 2012, Server 2012 R2, and Server 2016 due to registry access issues.
- The Agent Host waits about 5 minutes before starting if Workspace Environment Management is installed on Windows version 8, 8.1, 10, Server 2012, Server 2012 R2, or Server 2016 (all branches and builds) and a language pack is installed.
Note: When you are installing WEM, you will notice that most of the installation files are still named Norskale. As you may know, Citrix accuired the company Norskale last year. The only reason the name is still active is time. Changing the name means a lot of testing, and that would delay the release. What I’ve also heard is that the WEM console will be integrated at a later time with the Citrix consoles, such as Director and Studio.
Please check out WEM, it’s a great UEM tool, that can provide great performance with only a few optimizations! Expect a blog post shortly, where I will cover the installation and configuration of WEM 4.2 soon!
Citrix Secure Web Browser
One of the product announcements this week at Synergy was the Secure Browser Essentials, which will be available later this year, and will be hosted in the Citrix Cloud and requested through the Azure cloud marketplace.
The new Secure browser is designed to isolate and secure corporate desktops and apps through the Internet, for example XenApp and XenDesktop images. The Secure browser will be an important piece of the also newly-announced Citrix Workspace Portal.
Note: Pricing starts at $180 per year (with a three-year subscription for a minimum of 50 subscribed users).
Citrix Workspace IoT
The Internet of Things is the combination of Smart devices and the interaction of devices, things, users, applications, workflows, data, and location all working together with, for example, company core applications and other devices, that can be possible through the Internet or locally. All with the intention to optimize work processes in a smart way. Your mobile device is your identity, and with Workspace IoT it is possible to integrate this in your Workspace environment, for example – it is possible to log onto your Citrix session automatically, when you are within two meters of your end user client. This was one of the demos shown at the Technology keynote.
- The Citrix Workspace IoT Hub is a software-enabled End-User Computing device that can replace a PC or Thin Client with new functions, plus intelligence and connectivity required for Workspace IoT. This ultimate EUC (End User Computing) allows any organization to modernize their workplace and gain the benefits of leveraging IoT for Digital Transformation.
Citrix made a good move with the acquisition of Octoblu, the IoT applications to automate workspace processes and connect them to devices. With this software you can create specific workflows, which creates interaction between the device and the software. I expect more new cool IoT stuff in the future!
Curious? Please take a look at this full article, that was written in 2016, but covers most of the information.
Citrix HDX Ready Pi (ViewSonic)
Last year, at Synergy 2016, Citrix announced the HDX Pi. Now, one year later, the small and cheap end-user device will get an upgrade in the next few months, which includes Dual Monitor. And, last but not least, the HDX Realtime Optimization pack is integrated for Skype for Business and performance offloading!
Citrix System Optimizer for OS Optimization
Citrix finally built up an out of the box OS optimizer tool – that will be free available as part of the Citrix support tools – just like the existing VMware OS customization tool. The tool is XML based and is created by Martin Zugec.
The tool covers:
- Optimize Windows Services
- Remove built-in applications
- Remove scheduled tasks
- Save configurations as templates (for re-using)
Note: The tools will be available soon, no official release date announced.
Citrix Ready HCI Workspace program
The new Citrix Ready HCI Workspace Appliance Program includes the four largest HCI vendors that have official (Citrix Ready) support for XenServer.
All the involved vendors:
- Cisco (HyperFlex)
- Atlantis (USX)
The program results in:
- Citrix and HCI partner orchestration technologies work together to automatically deploy Citrix XenApp and XenDesktop on the appliances and connect them to Citrix Cloud.
- Simple to manage – HCI partner consoles enable management of the appliances themselves while XenDesktop controllers run in Citrix Cloud.
- No additional VMware licenses required, can save up a lot of money (also known as the vTax).
Check-out the official Citrix blog article, that covers most of the information: https://www.citrix.com/blogs/2017/05/24/citrix-ready-hci-workspace-appliance-program-momentum/
Citrix Analytics Service
At the first Keynote at Synergy, Kirill announced Analytics, a new, holistic offering of security-and behavior analyses, that expands the potential of the proven Citrix NetScaler Management and Analytics System (MAS) with new behavioral detection, insights and proactively resolves risks.
This new offering uses machine learning. The new security solution analyses data sets in the product portfolio of Citrix XenApp/XenDesktop – XenMobile, Share File, and NetScaler, and uses algorithms for machine learning and technology for the detection of irregularities in the conduct of applications, in order to enable IT organisations to quickly find and solve performance issues in the application infrastructure.
The new service will be available soon, and will be hosted from the Citrix Cloud.
App Layering v4.2
Citrix also released a new version of their App Layering v4.2 (former Unidesk) software at Synergy. The software is free to use for all customers that have a valid XenApp and XenDesktop platinum license!
- Layer creation on XenServer and Nutanix AHV can both take advantage of OS and Layering caching on the target platform to speed the packaging process.
- In XenServer and vSphere environments, you can now import an OS directly from a VM without having to disconnect or copy the original disk.
- When publishing images for MCS or View Composer, additional automated steps have been added to reduce the admin’s number of manual tasks after the image is created.
- Upgrades for the Enterprise Layer Manager will automatically download when available (not install, just download) and notify the administrator that an upgrade is ready and waiting to be applied.
Note: Did you also know that you can test and try App Layering for 60 days from the Citrix Cloud? Check out this Citrix Cloud link to activate.
Earlier before Synergy, Citrix already released a new version of Citrix NetScaler, to include all the most important new features in this article, I attached them so make it clear for you.
- PCoIP support (Profile support for VMware View/Horizon)
- Microsoft Intune integration for EMS.Next
- rfWebUI mobile web view support
- Enhanced GSLB setup wizard
- ULFD renamed to LogStream
- EPA Actions can now be used in Authentication policies
- SDX supports up to 16 cores per instance now
- PAC file support
- Built-in HSTS: Enforce HTTPS security for all client communication, gets A+ grade certificates from SSL labs out of the box.
NetScaler Secure Web Gateway
In the Technology keynote, Citrix CTO Abhishek Chauhan introduced NetScaler Secure Web Gateway, it must be placed close to your user branches or headquarters and can provide encrypted traffic control, such as for your web applications. This allows us to set policies on top of internal and external traffic to encrypt from end to end when needed. This feature allows us to use the NetScaler as forward proxy.
NetScaler MAS 12.0
Since the NetScaler MAS was released, somewhere around mid-2016, it did not (in my opinion) really get off the ground.
- Introduction of Job Master Config replication, what makes it possible to transport an entire NetScaler configuration to other devices. One of the nicest possibilities is customisation–with the wizard you will be able to create variables to use the master configuration for large amounts of various deployments.
- New Stylebooks are added
- UI upgrade, some menus are changed
- Pooled license possibility, let NetScaler MAS sort as sort of license server to
- Netscaler capacity license model
- SSL Dashboard improvements
- Introduction of the new Pooled capacity licences, what makes it possible to license on bandwidth throughput
- MAS cloud monitoring, for AWS and Azure
Note: Just to mention, when you are not quite familiar yet with MAS and just want to try it out: NetScaler MAS is free to use for 30 vServers. All the orchestration functionalities or backup and upgrade modules, for example, are free to use in your environment. So, what are you waiting for? Just start exploring what MAS can do for you!
A new release of Citrix hypervisor XenServer 7.2 has been released. With this release, Citrix now also starts with the same Current Release and Long Time Service Release (LTSR), so you can bring your long-term maintenance programs up.
- Windows Continuum for Virtual Desktops: XenServer 7.2 includes a technology preview that enables your virtual desktop to seamlessly adjust its interface to Windows 10’s tablet mode (and back)
- Support for AMD MxGPU
- Support for Scheduled VM Snapshots
On the roadmap (tech preview):
- NVIDIA GRID vGPU for XenMotion: makes it possible to migrate your GPU VDI or SBC machines when running
XenServer with BitDefender security
Bitdefender Hypervisor Introspection (HVI) is a revolutionary security layer which protects XenApp and XenDesktop infrastructures against targeted attacks through live memory introspection at the hypervisor level (agent-less).
All the Features:
- Truly agentless, hypervisor-level security
- Implemented as a Security Virtual Appliance, HVI leverages hardware controls to run at a higher level of privilege than malicious activity within virtual machine
- Completely isolated from malicious activity by hardware; cannot be compromised
- Live memory introspection which identifies context from the raw memory of virtual machines
- Unprecedented insight into the techniques which facilitate zero-day and kernel-level attacks
- Unique – XenServer is the only commercial hypervisor which provides this capability, and Bitdefender HVI is the only solution which leverages it
- Bitdefender GravityZone is integrated with XenServer for seamless security policy management
- Provides better-than-physical security by leveraging XenServer Direct Inspect APIs
- Fully compatible with all your other Citrix Ready security layers
- Leverages XenServer memory introspection abilities to provide true agentless security against advanced threats, and with minimum impact on consolidation ratios
See this link for more information click here
Note: Only for XenServer hypervisors
Google Cloud Innovation
One of the releases around Citrix Synergy that probably didn’t catch your attention is the innovation from Citrix and Google. Just in case you missed it, I sort it all out here:
- The new release of Receiver for Chrome 2.4, the latest Operating System of Chrome OS, what for example runs on Chromebooks
- The Receiver also features true multi-monitor support for XenApp or XenDesktop
- Skype for Business on Chrome (Available later in Q2)
- Sharefile – G Suite integration
Citrix Security (Best) Practice – Citrix Consulting Services is here to help!
A secure environment is very (if not the most) important consideration these days. Before you know it, new leaks are found by Internet criminals and cause threats, such as the WannaCry outbreak of last month. Because of that, Citrix created a new service on their Citrix Consulting program, called Citrix Consulting Security Practice.
Citrix will provide security-focused offerings to help our customers better protect their Citrix environments.
Security engagements included:
- Digital Workspace Security Assessment
- Network Protection Strategy
- Network Access Strategy
- Network Monitoring and Insight Strategy
Interested in this service? Please check out this website
Citrix Synergy 2018 – Save the Date!
After the event, next year’s date and location were announced. And, it will take place in… the Anaheim Convention Center at Anaheim, CA, United States on May 8 – 10, 2018.
This place is not totally new, Citrix Summit 2017 was also held there. See you there?
Sources: Citrix.com/blogs and BrianMadden.com