aggregate, provision and manage your applications with cloudgateway express curtis kegler readiness...
TRANSCRIPT
Aggregate, provision and manage your applications with CloudGateway Express
Curtis KeglerReadiness Specialist
May 7, 2012
Andrew InnesSr Architect, Receivers & CloudGateway
2#CitrixSummit
• Introduction to CloudGateway
• Technical Deep Dive
• System Requirements and Compatibility
• Citrix Receiver 3.2 Standard vs. Enterprise
• Receiver for Web vs. Store
• High Availability
• CloudGateway Integration with AGEE 10.0
• CloudGateway and Mobile Devices Integration
Agenda
Introduction to CloudGateway
3
#CitrixSummit
Windows
Web, SaaS, Mobile
Data
Citrix CloudGateway
PCsMacs
TabletsSmartphones
Thin Clients
Citrix Receiver
Aggregate & Control
Access & Self-Service
#CitrixSummit
CitrixCloudGateway
Express
Windows apps & desktops
CitrixCloudGateway
Enterprise
Windows apps & desktops,Web & SaaS apps
#CitrixSummit
• Enables self-service upgrade to Receiver○ Supports both browser and native experience
• ‘Follow-Me’ Windows apps & desktops○ Supports XenApp & XenDesktop
• Easy installs in minutes○ Runs simultaneously with legacy Web Interface
• No new hardware required○ Runs as a service on Windows Server
• Easy upgrade to CloudGateway Enterprise
Citrix
CloudGatewayExpress
#CitrixSummit
Citrix
CloudGateway
Express
FREE!
for all XenApp & XenDesktop customers
Technical Deep Dive
#CitrixSummit
Gateway services
XenAppXenDesktop
Web & SaaS
Mobile
Sto
refr
ont
™se
rvic
es
Citrix CloudGateway
pcmac
smartphonetablet
thin clientData
#CitrixSummit
Storefront services
Storefront services
Native Receivers
Browser desktopsappsSaaSdatamobile
#CitrixSummit
Native Receivers
Browser
Authentication
Receiverfor
Web
Store
Launch
desktopsappsSaaSdatamobile
Storefront services
#CitrixSummit
New auth system
Auth Service
Give me a token for Store
Core User Directory
“Do Something” Store Services
Some otherService
“who you are”“where you are”
“what device”…
Trust
Denied (talk to Auth)
Denied (…)
Give me a token for AuthHow do you want to login?
Login using ‘Generic Forms’Fill in this form
Username=… Password=….Here is a Token for Auth
Give me a token for StoreHere is a Token for Store
“Do Something”
“Do Something”
#CitrixSummit
AG
New auth system – with Access Gateway
Auth Service
Give me a token for Store
Core User Directory
Present auth tokenStore
Services
EPA & Auth
SSO Detect call is via AG and offer AG SSO as an auth
method.Here is a Token for Store
Detect call is via AG and include as extra information
in call context.
#CitrixSummit
One Store for All Receivers
Storefront Services
Site 1
Site 2
Access Gateway
HA Pair or scale-out
cluster
Scale-out cluster with web LB
#CitrixSummit
Provisioning files
Store = https://itdevstores.citrite.net/Showcase Gateway = ftlagx.citrix.com, “US-East” Gateway = sjcagx.citrix.com, “US-West” Gateway = lonagx.citrix.com, “EMEA” Default = ftlagx.citrix.com
Beacons Internal = http://mycitrite.net External = http://www.citrix.com External = http://www.google.com
ftlagx.citrix.com
lonagx.citrix.com
sjcagx.citrix.com
itdevstores.citrite.net
#CitrixSummit
itdevstores.citrite.net
Roaming
lonagx.citrix.com
sjcagx.citrix.comftlagx.citrix.com
#CitrixSummit
Mac and Windows
Storefront Services Tier
Storefront Services architectureXenApp Farms
InternalWeb Apps
Browser
Thin Clients
XML ServiceAdaptor
?
WebReceiver
Future CitrixAdaptors
MobileDevices
SaaS Apps
List All Apps
Launch App
“Value Adds”
List My Apps
Subscribe
Stor
eSe
rvic
esAu
then
ticati
onSe
rvic
e
Update Service(Merchandising Server)
3rd PartyAdaptors
3rd Party Web
Password
OTP
Kerberos
...
?
3rd Party Apps
Smartcard
AppController
Acce
ss G
atew
ayXenDesktop Farms
System Requirements and Compatibility
#CitrixSummit
System requirements
• Supported only on Windows 2008 R2 SP1
• Internet Information Services (IIS) 7.5
• SQL Express 2008 R2 or SQL 2008 R2
• .NET Framework 3.5 SP1
• No more Microsoft J# 2.0!
#CitrixSummit
Supported XenApp versions
Product Name Operating System
XenApp 6.x Windows 2008 R2
XenApp 5.0 with FP2/FP3Windows 2008 (32-bit / 64-bit)
Windows 2003 (32-bit / 64-bit)
XenApp 5.0 with FP1 Windows 2003 (32-bit / 64-bit)
XenApp 5.0 Windows 2008 (32-bit / 64-bit)
Windows 2003 (32-bit / 64-bit)
XenApp 4.0 with FP1/FP2 Unix Operating Systems
#CitrixSummit
Supported XenDesktop versions
Product Name Operating System
XenDesktop 5.6 Windows 2008 Standard/Enterprise (32-bit / 64-bit) with SP2Windows 2008 R2 Standard/Enterprise (64-bit) only
XenDesktop 5.5 Windows 2008 Standard/Enterprise (32-bit / 64-bit) with SP2Windows 2008 R2 Standard/Enterprise (64-bit) only
XenDesktop 5.0 Windows 2008 Standard/Enterprise (32-bit / 64-bit) with SP2Windows 2008 R2 Standard/Enterprise (64-bit) only
XenDesktop 4.0 Windows 2003 Standard/Enterprise with SP2Windows 2003 R2 with SP2
22#CitrixSummit
Supported XenDesktop versions
• Windows 2008 Standard/Enterprise
(32-bit / 64-bit) with SP2
• Windows 2008 R2
Standard/Enterprise (64-bit) only
XenDesktop 5.x• Windows 2003 Standard/Enterprise
with SP2
• Windows 2003 R2 with SP2
XenDesktop 4.x
23#CitrixSummit
Receiver for web recommendationsClient Operating System Browser ConnectionCitrix Receiver Windows 3.2
Windows 7 64-bit with SP1Windows 7 32-bit with SP1
IE 9 (32-bit mode)IE 8 (32-bit mode)Mozilla Firefox 10Mozilla Firefox 9Google Chrome 17Google Chrome 16
Local network and Access Gateway
Windows Vista 64-bit with SP2Windows Vista 32-bit with SP2Windows XP Professional x64 with SP2Windows XP Professional with SP3
IE 8 (32-bit mode)
RfMac 11.5 Mac OS X 10.7 Lion Safari 5.1Mozilla Firefox 10
Local network and Access Gateway
Mac OS X 10.6 Snow Leopard Safari 5.0
RfLinux 12.1 Red Hat Enterprise Linux 6 DesktopUbuntu 11.1 32-bit
Mozilla Firefox 10Mozilla Firefox 9
Local network only
RfChromebook 1.0
Google Chrome OS 17 Google Chrome OS 17 Local network and Access Gateway
#CitrixSummit
Ports usedComponent PortsStoreFront services – (Authentication)
Kerberos (88) / LDAP (389) / Kpasswd (464)
StoreFront services – (XML Communication) HTTP (80) / HTTPS (443)
ICA 1494
CGP – Session Reliability 2598
Receiver for Windows HTTP (80) / HTTPS (443)
Receiver for Web HTTP (80) / HTTPS (443)
Citrix Receiver 3.2 Standard vs. Enterprise
#CitrixSummit
Standard vs. Enterprise
• Web plug-in
• Authentication Manager
• Single Sign-on
• Self-service
• Generic USB (XenDesktop)
Citrix Receiver Standard – plug-ins
• Desktop Viewer (XenDesktop)
• HDX Media Stream for Flash
• Aero desktop experience
#CitrixSummit
Standard vs. Enterprise
• Web plug-in
• PNA plug-in
• Single sign-on/pass-through
authentication
• Generic USB (XenDesktop
Citrix Receiver Enterprise – plug-ins
• Desktop Viewer (XenDesktop)
• HDX Media Stream for Flash
• Aero desktop experience
#CitrixSummit
Standard vs. Enterprise
StoreFront Services Feature
Citrix Receiver 3.2 Standard
Citrix Receiver 3.2 Enterprise
Store support
Receiver for Web support
Legacy PNAgent support
Pass-thru authentication to Store
Provisioning Files support
AG clientless-VPN support1
Receiver for Web vs. Store
#CitrixSummit
Receiver for web vs. storeReceiver for web
• Receiver for Web = Web-browser site
• Does not contain farm(s) information
• Beacons are not applicable
#CitrixSummit
Receiver for web vs. storeReceiver for web
#CitrixSummit
Receiver for web vs. storeStore
• Store = XenApp Services site
• Contains farm(s) information
• Beacons are applicable
• Remote access with Citrix Receiver 3.2 (Standard)
#CitrixSummit
Receiver for web vs. storeStore
Lab 1 Prepare the SQL Database for StoreFront Installation
#CitrixSummit
Lab Environment Login
Launch your browser and type http://
training.citrixsynergy.net
Your session code is:
“session code”
High Availability
#CitrixSummit
AccessGateway
StoreFront
XA or XDFarm
AccessGateway
XA or XDFarm
XA or XDFarm
DatabaseServer
LoadBalancer
(NS)StoreFront
Active/ PassivePair
MultipleActive(Stateless)
ClusterDatabaseServer
Non critical.If DB fails, UX
degrades on Web Receiver, but access from all Receivers is
possible
HIG
H A
VA
ILA
BIL
ITY
#CitrixSummit
High Availability deployment
• Great for Enterprise-level deployments
• Provides high availability / failover to Stores
• Needs a load balancer – e.g. NetScaler
• Subscription database is remote
• No master / slave setup
#CitrixSummit
Multiple server group deployment – checklist
• Minimum of 2 server setup
• Prepare remote database by using scripts
• Hardware/Software load balancer configured
• Install/Configure StoreFront Services on primary server
#CitrixSummit
Multiple server group deployment – checklist
• Install StoreFront Services on secondary server
• Join secondary server to the Server Group
#CitrixSummit
Multiple server group deployment – primary
Deploy a single server
Deploy a multiple server group
Join existing server group
#CitrixSummit
Multiple server group deployment – primary
• Enter the hostname (FQDN) of the
load balancer
• Enter the Database server IP,
hostname or FQDN
• Enter the Database name
#CitrixSummit
Multiple server group deployment – primary
1 Authentication Service
#CitrixSummit
Multiple server group deployment – primary
• Select the authentication method
desired
• User name and password
• Domain pass-through
• Pass-through from Citrix Access
Gateway
#CitrixSummit
Multiple server group deployment – primary
2 Stores
#CitrixSummit
Multiple server group deployment – primary
• Specify Store name
• Default name is “Store”
#CitrixSummit
Multiple server group deployment – primary
• Define Server (Content Connector)
• Define Transport type
• Port
#CitrixSummit
Multiple server group deployment – primary
3 Receiver for Web
#CitrixSummit
Multiple server group deployment – primary
#CitrixSummit
Multiple server group deployment – secondary
Single server deployment
Multi-server deployment
Join an existing server group
#CitrixSummit
Multiple server group deployment – secondary
• From Secondary Server…
#CitrixSummit
Multiple server group deployment – secondary
• From Primary Server…
Citrix Confidential - Do Not Distribute
#CitrixSummit
Multiple server group deployment – secondary
• From Secondary Server…
#CitrixSummit
Multiple server group deployment – secondary
• From Primary Server…
#CitrixSummit
Multiple server group deployment – secondary
• From Primary Server…
#CitrixSummit
Multiple server group deployment – secondary
• From Primary Server…
#CitrixSummit
Multiple server group deployment – secondary
• From Primary Server…
#CitrixSummit
Multiple server group deployment – secondary
• Once “Propagate Changes” is complete:
• Verify Authentication Service URL
• Verify Stores
• Verify Receiver for Web
• (Optional) – Verify Gateways
Lab 2 Installation and Configuration Multi-Server Deployment
CloudGateway Integration with AGEE 10
#CitrixSummit
High Availability Deployment
StoreFront Services (Primary)
Access Gateway 10.0
StoreFront Services (Secondary)
Internet LANDMZ
AppController/XenApp/
XenDesktop
#CitrixSummit
StoreFront Services / AG IntegrationStoreFront Checklist
• Enable “Pass-through from Citrix Access Gateway”
• “Set server as Access Gateway Enterprise Edition”
• Define SNIP or MIP
• Define ‘callback’ service URL
#CitrixSummit
StoreFront Services / AG IntegrationStoreFront Checklist
• Define Secure Ticket Authority servers
• Configure Beacons – internal / external (Mandatory)
• “Enable Remote Access” to select Gateway(s)
#CitrixSummit
StoreFront Services / AG IntegrationAccess Gateway Enterprise Checklist
• (ICA Proxy) Create session policy for Receiver for Web
• Clientless (CVPN) access supported
• Session policy for Legacy PNAgent support – e.g. Mobile devices
• (Multi-server) Create AGEE LB VIP
• (Optional) Enable VPN to access Web/SaaS apps
#CitrixSummit
AG Integration – Receiver for Web
• (ICA Proxy) create expression
for web browser access only
#CitrixSummit
AG Integration – Receiver for Web (Cont.)
• (ICA Proxy) settings to configure
under session profile
#CitrixSummit
AG Integration – Store
• (ICA Proxy) create expression
Store access using Receiver
#CitrixSummit
AG Integration – Store (Cont.)
• (ICA Proxy) settings to
configure under session
profile
#CitrixSummit
AG Integration – Legacy PNAgent site
• Legacy PNAgent support
• Create expression for Citrix
Receiver access
#CitrixSummit
AG Integration – Legacy PNAgent site (Cont.)
• (ICA Proxy) settings to
configure under session
profile
Lab 3 Configure AGEE for Single Sign On to StoreFront Services
CloudGateway and Mobile Devices Integration
#CitrixSummit
Supported Citrix Receiver (Mobile)
Type Version Supported?
Receiver for Android 3.0.60
Receiver for iOS 5.0.21
Receiver for BlackBerry 2.21
Receiver for Playbook 1.01
Receiver for Windows Mobile 11.5
#CitrixSummit
StoreFront Services / mobile device integration
• Legacy Support enabled by default
○ BlackBerry
○ Playbook
StoreFront checklist (Internal Access)
#CitrixSummit
StoreFront Services / mobile device integrationAG Checklist (External Access)
• Enable “Enable Remote Access” on the Store
• (AGEE) configure session policy with ICA Proxy for
Mobile devices CTX124937
#CitrixSummit
#CitrixSummit
Lab 4 Testing High Availability
#CitrixSummit
References
• Planning Your StoreFront Deployment - http://tinyurl.com/7a7w392
• CloudGateway Express POC Guide - http://tinyurl.com/7ca93o5
• Receiver for Windows (System Requirements) - http://tinyurl.com/7xndvry
• XenDesktop 5.6 with StoreFront Services and Access Gateway -
http://support.citrix.com/article/CTX132787
• Integrating Access Gateway and StoreFront Services - http://tinyurl.com/83rq37s
#CitrixSummit
Tweet about this session with hashtag #SUM618D and #CitrixSummit
#CitrixSummit
We value your feedback!Take a survey of this session now in the mobile app
• Click 'Sessions' button
• Click on today's tab
• Find this session
• Click 'Surveys'
82#CitrixSummit
Before you leave…
• Recommended related breakout sessions: ○ (Attn: Speaker – if applicable – please list session name and number AND date/time and
room name of when/where the related session(s) is happening – DELETE THIS TEXT ONCE YOU FILL IN INFORMATION)
○ If there no related sessions, delete this bullet
• Session surveys are available online at www.citrixsummit.com starting Thursday, May 10○ Provide your feedback and pick up a complimentary gift at the registration desk
• Download presentations starting Monday, May 21, from your My Organizer tool located in your My Account