Aggregate, provision and manage your applications with CloudGateway Express Curtis Kegler Readiness...

Aggregate, provision and manage your applications with CloudGateway Express

Curtis KeglerReadiness Specialist

May 7, 2012

Andrew InnesSr Architect, Receivers & CloudGateway

2#CitrixSummit

• Introduction to CloudGateway

• Technical Deep Dive

• System Requirements and Compatibility

• Citrix Receiver 3.2 Standard vs. Enterprise

• Receiver for Web vs. Store

• High Availability

• CloudGateway Integration with AGEE 10.0

• CloudGateway and Mobile Devices Integration

Agenda

Introduction to CloudGateway

3

#CitrixSummit

Windows

Web, SaaS, Mobile

Data

Citrix CloudGateway

PCsMacs

TabletsSmartphones

Thin Clients

Citrix Receiver

Aggregate & Control

Access & Self-Service

#CitrixSummit

CitrixCloudGateway

Express

Windows apps & desktops

CitrixCloudGateway

Enterprise

Windows apps & desktops,Web & SaaS apps

#CitrixSummit

• Enables self-service upgrade to Receiver○ Supports both browser and native experience

• ‘Follow-Me’ Windows apps & desktops○ Supports XenApp & XenDesktop

• Easy installs in minutes○ Runs simultaneously with legacy Web Interface

• No new hardware required○ Runs as a service on Windows Server

• Easy upgrade to CloudGateway Enterprise

Citrix

CloudGatewayExpress

#CitrixSummit

Citrix

CloudGateway

Express

FREE!

for all XenApp & XenDesktop customers

Technical Deep Dive

#CitrixSummit

Gateway services

XenAppXenDesktop

Web & SaaS

Mobile

Sto

refr

ont

™se

rvic

es

Citrix CloudGateway

pcmac

smartphonetablet

thin clientData

#CitrixSummit

Storefront services

Storefront services

Native Receivers

Browser desktopsappsSaaSdatamobile

#CitrixSummit

Native Receivers

Browser

Authentication

Receiverfor

Web

Store

Launch

desktopsappsSaaSdatamobile

Storefront services

#CitrixSummit

New auth system

Auth Service

Give me a token for Store

Core User Directory

“Do Something” Store Services

Some otherService

“who you are”“where you are”

“what device”…

Trust

Denied (talk to Auth)

Denied (…)

Give me a token for AuthHow do you want to login?

Login using ‘Generic Forms’Fill in this form

Username=… Password=….Here is a Token for Auth

Give me a token for StoreHere is a Token for Store

“Do Something”

“Do Something”

#CitrixSummit

AG

New auth system – with Access Gateway

Auth Service

Give me a token for Store

Core User Directory

Present auth tokenStore

Services

EPA & Auth

SSO Detect call is via AG and offer AG SSO as an auth

method.Here is a Token for Store

Detect call is via AG and include as extra information

in call context.

#CitrixSummit

One Store for All Receivers

Storefront Services

Site 1

Site 2

Access Gateway

HA Pair or scale-out

cluster

Scale-out cluster with web LB

#CitrixSummit

Provisioning files

Store = https://itdevstores.citrite.net/Showcase Gateway = ftlagx.citrix.com, “US-East” Gateway = sjcagx.citrix.com, “US-West” Gateway = lonagx.citrix.com, “EMEA” Default = ftlagx.citrix.com

Beacons Internal = http://mycitrite.net External = http://www.citrix.com External = http://www.google.com

ftlagx.citrix.com

lonagx.citrix.com

sjcagx.citrix.com

itdevstores.citrite.net

#CitrixSummit

itdevstores.citrite.net

Roaming

lonagx.citrix.com

sjcagx.citrix.comftlagx.citrix.com

#CitrixSummit

Mac and Windows

Storefront Services Tier

Storefront Services architectureXenApp Farms

InternalWeb Apps

Browser

Thin Clients

XML ServiceAdaptor

?

WebReceiver

Future CitrixAdaptors

MobileDevices

SaaS Apps

List All Apps

Launch App

“Value Adds”

List My Apps

Subscribe

Stor

eSe

rvic

esAu

then

ticati

onSe

rvic

e

Update Service(Merchandising Server)

3rd PartyAdaptors

3rd Party Web

Password

OTP

Kerberos

...

?

3rd Party Apps

Smartcard

AppController

Acce

ss G

atew

ayXenDesktop Farms

System Requirements and Compatibility

#CitrixSummit

System requirements

• Supported only on Windows 2008 R2 SP1

• Internet Information Services (IIS) 7.5

• SQL Express 2008 R2 or SQL 2008 R2

• .NET Framework 3.5 SP1

• No more Microsoft J# 2.0!

#CitrixSummit

Supported XenApp versions

Product Name Operating System

XenApp 6.x Windows 2008 R2

XenApp 5.0 with FP2/FP3Windows 2008 (32-bit / 64-bit)

Windows 2003 (32-bit / 64-bit)

XenApp 5.0 with FP1 Windows 2003 (32-bit / 64-bit)

XenApp 5.0 Windows 2008 (32-bit / 64-bit)

Windows 2003 (32-bit / 64-bit)

XenApp 4.0 with FP1/FP2 Unix Operating Systems

#CitrixSummit

Supported XenDesktop versions

Product Name Operating System

XenDesktop 5.6 Windows 2008 Standard/Enterprise (32-bit / 64-bit) with SP2Windows 2008 R2 Standard/Enterprise (64-bit) only

XenDesktop 5.5 Windows 2008 Standard/Enterprise (32-bit / 64-bit) with SP2Windows 2008 R2 Standard/Enterprise (64-bit) only

XenDesktop 5.0 Windows 2008 Standard/Enterprise (32-bit / 64-bit) with SP2Windows 2008 R2 Standard/Enterprise (64-bit) only

XenDesktop 4.0 Windows 2003 Standard/Enterprise with SP2Windows 2003 R2 with SP2

22#CitrixSummit

Supported XenDesktop versions

• Windows 2008 Standard/Enterprise

(32-bit / 64-bit) with SP2

• Windows 2008 R2

Standard/Enterprise (64-bit) only

XenDesktop 5.x• Windows 2003 Standard/Enterprise

with SP2

• Windows 2003 R2 with SP2

XenDesktop 4.x

23#CitrixSummit

Receiver for web recommendationsClient Operating System Browser ConnectionCitrix Receiver Windows 3.2

Windows 7 64-bit with SP1Windows 7 32-bit with SP1

IE 9 (32-bit mode)IE 8 (32-bit mode)Mozilla Firefox 10Mozilla Firefox 9Google Chrome 17Google Chrome 16

Local network and Access Gateway

Windows Vista 64-bit with SP2Windows Vista 32-bit with SP2Windows XP Professional x64 with SP2Windows XP Professional with SP3

IE 8 (32-bit mode)

RfMac 11.5 Mac OS X 10.7 Lion Safari 5.1Mozilla Firefox 10

Local network and Access Gateway

Mac OS X 10.6 Snow Leopard Safari 5.0

RfLinux 12.1 Red Hat Enterprise Linux 6 DesktopUbuntu 11.1 32-bit

Mozilla Firefox 10Mozilla Firefox 9

Local network only

RfChromebook 1.0

Google Chrome OS 17 Google Chrome OS 17 Local network and Access Gateway

#CitrixSummit

Ports usedComponent PortsStoreFront services – (Authentication)

Kerberos (88) / LDAP (389) / Kpasswd (464)

StoreFront services – (XML Communication) HTTP (80) / HTTPS (443)

ICA 1494

CGP – Session Reliability 2598

Receiver for Windows HTTP (80) / HTTPS (443)

Receiver for Web HTTP (80) / HTTPS (443)

Citrix Receiver 3.2 Standard vs. Enterprise

#CitrixSummit

Standard vs. Enterprise

• Web plug-in

• Authentication Manager

• Single Sign-on

• Self-service

• Generic USB (XenDesktop)

Citrix Receiver Standard – plug-ins

• Desktop Viewer (XenDesktop)

• HDX Media Stream for Flash

• Aero desktop experience

#CitrixSummit

Standard vs. Enterprise

• Web plug-in

• PNA plug-in

• Single sign-on/pass-through

authentication

• Generic USB (XenDesktop

Citrix Receiver Enterprise – plug-ins

• Desktop Viewer (XenDesktop)

• HDX Media Stream for Flash

• Aero desktop experience

#CitrixSummit

Standard vs. Enterprise

StoreFront Services Feature

Citrix Receiver 3.2 Standard

Citrix Receiver 3.2 Enterprise

Store support

Receiver for Web support

Legacy PNAgent support

Pass-thru authentication to Store

Provisioning Files support

AG clientless-VPN support1

Receiver for Web vs. Store

#CitrixSummit

Receiver for web vs. storeReceiver for web

• Receiver for Web = Web-browser site

• Does not contain farm(s) information

• Beacons are not applicable

#CitrixSummit

Receiver for web vs. storeReceiver for web

#CitrixSummit

Receiver for web vs. storeStore

• Store = XenApp Services site

• Contains farm(s) information

• Beacons are applicable

• Remote access with Citrix Receiver 3.2 (Standard)

#CitrixSummit

Receiver for web vs. storeStore

Lab 1 Prepare the SQL Database for StoreFront Installation

#CitrixSummit

Lab Environment Login

Launch your browser and type http://

training.citrixsynergy.net

Your session code is:

“session code”

High Availability

#CitrixSummit

AccessGateway

StoreFront

XA or XDFarm

AccessGateway

XA or XDFarm

XA or XDFarm

DatabaseServer

LoadBalancer

(NS)StoreFront

Active/ PassivePair

MultipleActive(Stateless)

ClusterDatabaseServer

Non critical.If DB fails, UX

degrades on Web Receiver, but access from all Receivers is

possible

HIG

H A

VA

ILA

BIL

ITY

#CitrixSummit

High Availability deployment

• Great for Enterprise-level deployments

• Provides high availability / failover to Stores

• Needs a load balancer – e.g. NetScaler

• Subscription database is remote

• No master / slave setup

#CitrixSummit

Multiple server group deployment – checklist

• Minimum of 2 server setup

• Prepare remote database by using scripts

• Hardware/Software load balancer configured

• Install/Configure StoreFront Services on primary server

#CitrixSummit

Multiple server group deployment – checklist

• Install StoreFront Services on secondary server

• Join secondary server to the Server Group

#CitrixSummit

Multiple server group deployment – primary

Deploy a single server

Deploy a multiple server group

Join existing server group

#CitrixSummit

Multiple server group deployment – primary

• Enter the hostname (FQDN) of the

load balancer

• Enter the Database server IP,

hostname or FQDN

• Enter the Database name

#CitrixSummit

Multiple server group deployment – primary

1 Authentication Service

#CitrixSummit

Multiple server group deployment – primary

• Select the authentication method

desired

• User name and password

• Domain pass-through

• Pass-through from Citrix Access

Gateway

#CitrixSummit

Multiple server group deployment – primary

2 Stores

#CitrixSummit

Multiple server group deployment – primary

• Specify Store name

• Default name is “Store”

#CitrixSummit

Multiple server group deployment – primary

• Define Server (Content Connector)

• Define Transport type

• Port

#CitrixSummit

Multiple server group deployment – primary

3 Receiver for Web

#CitrixSummit

Multiple server group deployment – primary

#CitrixSummit

Multiple server group deployment – secondary

Single server deployment

Multi-server deployment

Join an existing server group

#CitrixSummit

Multiple server group deployment – secondary

• From Secondary Server…

#CitrixSummit

Multiple server group deployment – secondary

• From Primary Server…

Citrix Confidential - Do Not Distribute

#CitrixSummit

Multiple server group deployment – secondary

• From Secondary Server…

#CitrixSummit

Multiple server group deployment – secondary

• From Primary Server…

#CitrixSummit

Multiple server group deployment – secondary

• From Primary Server…

#CitrixSummit

Multiple server group deployment – secondary

• From Primary Server…

#CitrixSummit

Multiple server group deployment – secondary

• From Primary Server…

#CitrixSummit

Multiple server group deployment – secondary

• Once “Propagate Changes” is complete:

• Verify Authentication Service URL

• Verify Stores

• Verify Receiver for Web

• (Optional) – Verify Gateways

Lab 2 Installation and Configuration Multi-Server Deployment

CloudGateway Integration with AGEE 10

#CitrixSummit

High Availability Deployment

StoreFront Services (Primary)

Access Gateway 10.0

StoreFront Services (Secondary)

Internet LANDMZ

AppController/XenApp/

XenDesktop

#CitrixSummit

StoreFront Services / AG IntegrationStoreFront Checklist

• Enable “Pass-through from Citrix Access Gateway”

• “Set server as Access Gateway Enterprise Edition”

• Define SNIP or MIP

• Define ‘callback’ service URL

#CitrixSummit

StoreFront Services / AG IntegrationStoreFront Checklist

• Define Secure Ticket Authority servers

• Configure Beacons – internal / external (Mandatory)

• “Enable Remote Access” to select Gateway(s)

#CitrixSummit

StoreFront Services / AG IntegrationAccess Gateway Enterprise Checklist

• (ICA Proxy) Create session policy for Receiver for Web

• Clientless (CVPN) access supported

• Session policy for Legacy PNAgent support – e.g. Mobile devices

• (Multi-server) Create AGEE LB VIP

• (Optional) Enable VPN to access Web/SaaS apps

#CitrixSummit

AG Integration – Receiver for Web

• (ICA Proxy) create expression

for web browser access only

#CitrixSummit

AG Integration – Receiver for Web (Cont.)

• (ICA Proxy) settings to configure

under session profile

#CitrixSummit

AG Integration – Store

• (ICA Proxy) create expression

Store access using Receiver

#CitrixSummit

AG Integration – Store (Cont.)

• (ICA Proxy) settings to

configure under session

profile

#CitrixSummit

AG Integration – Legacy PNAgent site

• Legacy PNAgent support

• Create expression for Citrix

Receiver access

#CitrixSummit

AG Integration – Legacy PNAgent site (Cont.)

• (ICA Proxy) settings to

configure under session

profile

Lab 3 Configure AGEE for Single Sign On to StoreFront Services

CloudGateway and Mobile Devices Integration

#CitrixSummit

Supported Citrix Receiver (Mobile)

Type Version Supported?

Receiver for Android 3.0.60

Receiver for iOS 5.0.21

Receiver for BlackBerry 2.21

Receiver for Playbook 1.01

Receiver for Windows Mobile 11.5

#CitrixSummit

StoreFront Services / mobile device integration

• Legacy Support enabled by default

○ BlackBerry

○ Playbook

StoreFront checklist (Internal Access)

#CitrixSummit

StoreFront Services / mobile device integrationAG Checklist (External Access)

• Enable “Enable Remote Access” on the Store

• (AGEE) configure session policy with ICA Proxy for

Mobile devices CTX124937

#CitrixSummit

#CitrixSummit

Lab 4 Testing High Availability

#CitrixSummit

References

• Planning Your StoreFront Deployment - http://tinyurl.com/7a7w392

• CloudGateway Express POC Guide - http://tinyurl.com/7ca93o5

• Receiver for Windows (System Requirements) - http://tinyurl.com/7xndvry

• XenDesktop 5.6 with StoreFront Services and Access Gateway -

http://support.citrix.com/article/CTX132787

• Integrating Access Gateway and StoreFront Services - http://tinyurl.com/83rq37s

#CitrixSummit

Tweet about this session with hashtag #SUM618D and #CitrixSummit

#CitrixSummit

We value your feedback!Take a survey of this session now in the mobile app

• Click 'Sessions' button

• Click on today's tab

• Find this session

• Click 'Surveys'

82#CitrixSummit

Before you leave…

• Recommended related breakout sessions: ○ (Attn: Speaker – if applicable – please list session name and number AND date/time and

room name of when/where the related session(s) is happening – DELETE THIS TEXT ONCE YOU FILL IN INFORMATION)

○ If there no related sessions, delete this bullet

• Session surveys are available online at www.citrixsummit.com starting Thursday, May 10○ Provide your feedback and pick up a complimentary gift at the registration desk

• Download presentations starting Monday, May 21, from your My Organizer tool located in your My Account