Aggregate, provision and manage your applications with CloudGateway Express Curtis Kegler Readiness Specialist May 7, 2012 Andrew Innes Sr Architect, Receivers & CloudGateway
#CitrixSummit Introduction to CloudGateway Technical Deep Dive System Requirements and Compatibility Citrix Receiver 3.2 Standard vs. Enterprise Receiver for Web vs. Store High Availability CloudGateway Integration with AGEE 10.0 CloudGateway and Mobile Devices Integration Agenda 2
Introduction to CloudGateway 3
#CitrixSummit Windows Web, SaaS, Mobile Data Citrix CloudGateway Citrix Receiver Aggregate & Control Access & Self-Service
#CitrixSummit Citrix CloudGateway Express Windows apps & desktops Citrix CloudGateway Enterprise Windows apps & desktops, Web & SaaS apps
#CitrixSummit Enables self-service upgrade to Receiver ○ Supports both browser and native experience ‘Follow-Me’ Windows apps & desktops ○ Supports XenApp & XenDesktop Easy installs in minutes ○ Runs simultaneously with legacy Web Interface No new hardware required ○ Runs as a service on Windows Server Easy upgrade to CloudGateway Enterprise Citrix CloudGateway Express
#CitrixSummit Citrix CloudGateway Express FREE! for all XenApp & XenDesktop customers
Technical Deep Dive
#CitrixSummit Gateway services XenApp XenDesktop Web & SaaS Mobile Storefront™ services Citrix Cloud Gateway Unified app store – one place for every app Follow-Me app & data experience SSO – one login for the enterprise One URL for every device– Receiver self-service pc mac smartphone tablet thin client Data
#CitrixSummit Storefront services Native Receivers Browser desktops apps SaaS data mobile
#CitrixSummit Native Receivers Browser Authentication Receiver for Web Receiver for Web Store Launch desktops apps SaaS data mobile Storefront services
#CitrixSummit New auth system Auth Service Give me a token for Store Core User Directory “Do Something” Store Services Some other Service Some other Service “who you are” “where you are” “what device” … Trust Denied (talk to Auth) Denied (…) Give me a token for Auth How do you want to login? Login using ‘Generic Forms’ Fill in this form Username=… Password=…. Here is a Token for Auth Give me a token for Store Here is a Token for Store “Do Something”
#CitrixSummit AG New auth system – with Access Gateway Auth Service Give me a token for Store Core User Directory Present auth token Store Services EPA & Auth SSO Detect call is via AG and offer AG SSO as an auth method. Here is a Token for Store Detect call is via AG and include as extra information in call context.
#CitrixSummit One Store for All Receivers Storefront Services Site 1 Site 2 Access Gateway HA Pair or scale-out cluster Scale-out cluster with web LB
#CitrixSummit Provisioning files Store = Gateway = ftlagx.citrix.com, “US-East” Gateway = sjcagx.citrix.com, “US-West” Gateway = lonagx.citrix.com, “EMEA” Default = ftlagx.citrix.com Beacons Internal = External = External = ftlagx.citrix.com lonagx.citrix.com sjcagx.citrix.com itdevstores.citrite.net
#CitrixSummit itdevstores.citrite.net Roaming lonagx.citrix.com sjcagx.citrix.com ftlagx.citrix.com
#CitrixSummit Mac and Windows Storefront Services Tier Storefront Services architecture XenApp Farms Internal Web Apps Internal Web Apps Browser Thin Clients XML Service Adaptor XML Service Adaptor ? ? Web Receiver Web Receiver Future Citrix Adaptors Future Citrix Adaptors Mobile Devices Mobile Devices SaaS Apps List All Apps Launch App “Value Adds” List My Apps Subscribe Store Services Store Services Authentication Service Authentication Service Update Service (Merchandising Server) Update Service (Merchandising Server) 3rd Party Adaptors 3rd Party Adaptors 3 rd Party Web Password OTP Kerberos... ? ? 3 rd Party Apps Smartcard App Controller App Controller Access Gateway XenDesktop Farms
System Requirements and Compatibility
#CitrixSummit System requirements Supported only on Windows 2008 R2 SP1 Internet Information Services (IIS) 7.5 SQL Express 2008 R2 or SQL 2008 R2.NET Framework 3.5 SP1 No more Microsoft J# 2.0!
#CitrixSummit Supported XenApp versions Product NameOperating System XenApp 6.xWindows 2008 R2 XenApp 5.0 with FP2/FP3 Windows 2008 (32-bit / 64-bit) Windows 2003 (32-bit / 64-bit) XenApp 5.0 with FP1Windows 2003 (32-bit / 64-bit) XenApp 5.0 Windows 2008 (32-bit / 64-bit) Windows 2003 (32-bit / 64-bit) XenApp 4.0 with FP1/FP2Unix Operating Systems
#CitrixSummit Supported XenDesktop versions Product NameOperating System XenDesktop 5.6 Windows 2008 Standard/Enterprise (32-bit / 64-bit) with SP2 Windows 2008 R2 Standard/Enterprise (64-bit) only XenDesktop 5.5 Windows 2008 Standard/Enterprise (32-bit / 64-bit) with SP2 Windows 2008 R2 Standard/Enterprise (64-bit) only XenDesktop 5.0 Windows 2008 Standard/Enterprise (32-bit / 64-bit) with SP2 Windows 2008 R2 Standard/Enterprise (64-bit) only XenDesktop 4.0 Windows 2003 Standard/Enterprise with SP2 Windows 2003 R2 with SP2
#CitrixSummit Supported XenDesktop versions Windows 2008 Standard/Enterprise (32-bit / 64-bit) with SP2 Windows 2008 R2 Standard/Enterprise (64-bit) only XenDesktop 5.x 22 Windows 2003 Standard/Enterprise with SP2 Windows 2003 R2 with SP2 XenDesktop 4.x
#CitrixSummit Receiver for web recommendations 23 ClientOperating SystemBrowserConnection Citrix Receiver Windows 3.2 Windows 7 64-bit with SP1 Windows 7 32-bit with SP1 IE 9 (32-bit mode) IE 8 (32-bit mode) Mozilla Firefox 10 Mozilla Firefox 9 Google Chrome 17 Google Chrome 16 Local network and Access Gateway Windows Vista 64-bit with SP2 Windows Vista 32-bit with SP2 Windows XP Professional x64 with SP2 Windows XP Professional with SP3 IE 8 (32-bit mode) RfMac 11.5 Mac OS X 10.7 Lion Safari 5.1 Mozilla Firefox 10 Local network and Access Gateway Mac OS X 10.6 Snow LeopardSafari 5.0 RfLinux 12.1Red Hat Enterprise Linux 6 Desktop Ubuntu bit Mozilla Firefox 10 Mozilla Firefox 9 Local network only RfChromebook 1.0 Google Chrome OS 17 Local network and Access Gateway
#CitrixSummit Ports used ComponentPorts StoreFront services – (Authentication) Kerberos (88) / LDAP (389) / Kpasswd (464) StoreFront services – (XML Communication) HTTP (80) / HTTPS (443) ICA1494 CGP – Session Reliability2598 Receiver for WindowsHTTP (80) / HTTPS (443) Receiver for WebHTTP (80) / HTTPS (443)
Citrix Receiver 3.2 Standard vs. Enterprise
#CitrixSummit Standard vs. Enterprise Web plug-in Authentication Manager Single Sign-on Self-service Generic USB (XenDesktop) Citrix Receiver Standard – plug-ins Desktop Viewer (XenDesktop) HDX Media Stream for Flash Aero desktop experience
#CitrixSummit Standard vs. Enterprise Web plug-in PNA plug-in Single sign-on/pass-through authentication Generic USB (XenDesktop Citrix Receiver Enterprise – plug-ins Desktop Viewer (XenDesktop) HDX Media Stream for Flash Aero desktop experience
#CitrixSummit Standard vs. Enterprise StoreFront Services Feature Citrix Receiver 3.2 Standard Citrix Receiver 3.2 Enterprise Store support Receiver for Web support Legacy PNAgent support Pass-thru authentication to Store Provisioning Files support AG clientless-VPN support 1
Receiver for Web vs. Store
#CitrixSummit Receiver for web vs. store Receiver for web Receiver for Web = Web-browser site Does not contain farm(s) information Beacons are not applicable
#CitrixSummit Receiver for web vs. store Receiver for web
#CitrixSummit Receiver for web vs. store Store Store = XenApp Services site Contains farm(s) information Beacons are applicable Remote access with Citrix Receiver 3.2 (Standard)
#CitrixSummit Receiver for web vs. store Store
Lab 1 Prepare the SQL Database for StoreFront Installation
#CitrixSummit Lab Environment Login Launch your browser and type Your session code is : “session code”
High Availability
#CitrixSummit Access Gateway StoreFront XA or XD Farm XA or XD Farm Access Gateway XA or XD Farm XA or XD Farm XA or XD Farm XA or XD Farm Database Server Database Server Load Balancer (NS) Load Balancer (NS) StoreFront Active/ Passive Pair Multiple Active (Stateless ) Cluster Database Server Database Server Non critical. If DB fails, UX degrades on Web Receiver, but access from all Receivers is possible HIGH AVAILABILITY
#CitrixSummit High Availability deployment Great for Enterprise-level deployments Provides high availability / failover to Stores Needs a load balancer – e.g. NetScaler Subscription database is remote No master / slave setup
#CitrixSummit Multiple server group deployment – checklist Minimum of 2 server setup Prepare remote database by using scripts Hardware/Software load balancer configured Install/Configure StoreFront Services on primary server
#CitrixSummit Multiple server group deployment – checklist Install StoreFront Services on secondary server Join secondary server to the Server Group
#CitrixSummit Multiple server group deployment – primary Deploy a single server Deploy a multiple server group Join existing server group
#CitrixSummit Multiple server group deployment – primary Enter the hostname (FQDN) of the load balancer Enter the Database server IP, hostname or FQDN Enter the Database name
#CitrixSummit Multiple server group deployment – primary 1 Authentication Service
#CitrixSummit Multiple server group deployment – primary Select the authentication method desired User name and password Domain pass-through Pass-through from Citrix Access Gateway
#CitrixSummit Multiple server group deployment – primary 2 Stores
#CitrixSummit Multiple server group deployment – primary Specify Store name Default name is “Store”
#CitrixSummit Multiple server group deployment – primary Define Server (Content Connector) Define Transport type Port
#CitrixSummit Multiple server group deployment – primary 3 Receiver for Web
#CitrixSummit Multiple server group deployment – primary
#CitrixSummit Multiple server group deployment – secondary Single server deployment Multi-server deployment Join an existing server group
#CitrixSummit Multiple server group deployment – secondary From Secondary Server…
#CitrixSummit Multiple server group deployment – secondary From Primary Server… Citrix Confidential - Do Not Distribute
#CitrixSummit Multiple server group deployment – secondary From Secondary Server…
#CitrixSummit Multiple server group deployment – secondary From Primary Server…
#CitrixSummit Multiple server group deployment – secondary From Primary Server…
#CitrixSummit Multiple server group deployment – secondary From Primary Server…
#CitrixSummit Multiple server group deployment – secondary From Primary Server…
#CitrixSummit Multiple server group deployment – secondary Once “Propagate Changes” is complete: Verify Authentication Service URL Verify Stores Verify Receiver for Web (Optional) – Verify Gateways
Lab 2 Installation and Configuration Multi-Server Deployment
CloudGateway Integration with AGEE 10
#CitrixSummit High Availability Deployment StoreFront Services (Primary) Access Gateway 10.0 StoreFront Services (Secondary) Internet LAN DMZ AppController/ XenApp/ XenDesktop
#CitrixSummit StoreFront Services / AG Integration StoreFront Checklist Enable “Pass-through from Citrix Access Gateway” “Set server as Access Gateway Enterprise Edition” Define SNIP or MIP Define ‘callback’ service URL
#CitrixSummit StoreFront Services / AG Integration StoreFront Checklist Define Secure Ticket Authority servers Configure Beacons – internal / external (Mandatory) “Enable Remote Access” to select Gateway(s)
#CitrixSummit StoreFront Services / AG Integration Access Gateway Enterprise Checklist (ICA Proxy) Create session policy for Receiver for Web Clientless (CVPN) access supported Session policy for Legacy PNAgent support – e.g. Mobile devices (Multi-server) Create AGEE LB VIP (Optional) Enable VPN to access Web/SaaS apps
#CitrixSummit AG Integration – Receiver for Web (ICA Proxy) create expression for web browser access only
#CitrixSummit AG Integration – Receiver for Web (Cont.) (ICA Proxy) settings to configure under session profile
#CitrixSummit AG Integration – Store (ICA Proxy) create expression Store access using Receiver
#CitrixSummit AG Integration – Store (Cont.) (ICA Proxy) settings to configure under session profile
#CitrixSummit AG Integration – Legacy PNAgent site Legacy PNAgent support Create expression for Citrix Receiver access
#CitrixSummit AG Integration – Legacy PNAgent site (Cont.) (ICA Proxy) settings to configure under session profile
Lab 3 Configure AGEE for Single Sign On to StoreFront Services
CloudGateway and Mobile Devices Integration
#CitrixSummit Supported Citrix Receiver (Mobile) TypeVersionSupported? Receiver for Android Receiver for iOS Receiver for BlackBerry2.2 1 Receiver for Playbook1.0 1 Receiver for Windows Mobile11.5
#CitrixSummit StoreFront Services / mobile device integration Legacy Support enabled by default ○ BlackBerry ○ Playbook StoreFront checklist (Internal Access)
#CitrixSummit StoreFront Services / mobile device integration AG Checklist (External Access) Enable “Enable Remote Access” on the Store (AGEE) configure session policy with ICA Proxy for Mobile devices CTX124937CTX124937
#CitrixSummit
Lab 4 Testing High Availability
#CitrixSummit References Planning Your StoreFront Deployment - CloudGateway Express POC Guide - Receiver for Windows (System Requirements) - XenDesktop 5.6 with StoreFront Services and Access Gateway Integrating Access Gateway and StoreFront Services -
#CitrixSummit Tweet about this session with hashtag #SUM618D and #CitrixSummit
#CitrixSummit We value your feedback! Take a survey of this session now in the mobile app Click 'Sessions' button Click on today's tab Find this session Click 'Surveys'
#CitrixSummit Before you leave… 82 Recommended related breakout sessions: ○ (Attn: Speaker – if applicable – please list session name and number AND date/time and room name of when/where the related session(s) is happening – DELETE THIS TEXT ONCE YOU FILL IN INFORMATION) ○ If there no related sessions, delete this bullet Session surveys are available online at starting Thursday, May 10www.citrixsummit.com ○ Provide your feedback and pick up a complimentary gift at the registration desk Download presentations starting Monday, May 21, from your My Organizer tool located in your My Account