Monitoring the VMware View VDI Hosts using Citrix NetScaler

Yesterday I was at a long time customer of mine which had implemented VMware Horizon View as a their VDI solution. This customer load balances everything through Citrix NetScaler, it’s pretty much company policy to load balance every infrastructure component unless. Good policy I think.

A little information on how VMware (Horizon) View works from an architectural point of view, (see image below). A VMware VDI connection dataflow is completely serial, it cannot switch connection over servers. You will also need to create a Persistency Group on the NetScaler to tie these protocols together so they stay in the same connection data flow. In the below scenario the environment consists of a single Horizon View deployment using two VMware Connection Servers and two VMware VDI Hosts.

VMware-View-LB-Architect
Image from http://vmfocus.com

Not about load balancing. This blog post will not go into detail of how to load balance VMware View (Connections Servers) but how to configure the monitor the VMware VDI Hosts behind the VMware Connection Servers. There are a numerous sites on the topic of load balancing, for instance:
http://vmfocus.com/2014/01/14/load-balancing-horizon-view-design/

Read more of this post

VMware vExpert 2015!

Happy to be awarded (again) with the VMware vExpert title! Smile Congrats to all existing and new VMware vExperts!

 

vExpert-2015-Badge

 

Thanks VMware for the great recognition and great community you are creating and continued support.

From the VMware vExpert website:

The VMware vExpert program is VMware’s global evangelism and advocacy program. The program is designed to put VMware’s marketing resources towards your advocacy efforts. Promotion of your articles, exposure at our global events, co-op advertising, traffic analysis, and early access to beta programs and VMware’s roadmap. VMware will provide you with a unique vExpert id that will allow insights into analytics to help understand customer trends to assist you and keep your advocacy activities on track.

Read more of this post

“Secure Connection Failed” using Firefox to administer NetScaler

When administering different Citrix NetScaler appliances you can run into the below error message.

“Secure Connection Failed” and to be more specific “Error code: sec_error_reused_issuer_and_serial” which basically means that the serial number found within the certificate has already been trusted by you. This makes sense because NetScaler uses a self-signed certificate which is the same across all NetScaler appliances.

image

Read more of this post

Awarded with VMware vExpert 2014

I am very proud to be awarded with the VMware vExpert title of 2014. :-)

Always have been working extensively with VMware products and a huge fan of the VMware product portfolio which once started with VMware ESX 2.5 back in 2006.

 

vexpert-2014-badge

 

The annual VMware vExpert title is given to individuals who have significantly contributed to the community of VMware users over the past year. The title is awarded to individuals (not employers) for their commitment to sharing their knowledge and passion for VMware technology above and beyond their job requirements.

Thanks VMware!

https://communities.vmware.com/vexpert.jspa?src=vmw_so_vex_hlouw_917
https://communities.vmware.com/vexpert.jspa
http://blogs.vmware.com/vmtn/2014/04/vexpert-2014-announcement.html

Block Windows XP using selective Ciphers on Citrix NetScaler

As you probably know Windows XP is no longer being supported by Microsoft. No (security) updates will be made available for Windows XP making it possibly vulnerable for future exploits.

As an organization you will have to decide what you are going to do about these (probably unmanaged) Windows XP workplaces. There will still be a lot of home workers that use Windows XP and see no reason to upgrade since ’’it works fine’’, from an organization perspective these work places could potentially form a threat to the business. Especially when al sorts of direct connections are being made such as SSL/VPN, but let’s not forget the still very popular Citrix client drive mappings.

From a technical stand point of view we can easily block incoming Windows XP connection to our Citrix NetScaler Gateway virtual server or AAA virtual server (or any other SSL publication) using a selective group of Ciphers.

Quoted from Wikipedia: “a cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure”.

Read more of this post

Choose your NetScaler … wisely

I spend a lot of my time breaking down the different models of Citrix NetScaler appliances and different Software Editions within the Citrix NetScaler portfolio.

I decided to set up a blog about this since the path is usually pretty much (lengthy but) the same. This does not mean the answer is always easy because there are a lot of questions that need to be answered.

The first thing I would like to get off my chest is the following: Stop seeing/selling the Citrix NetScaler as a replacement for Secure Gateway. It is so much more than that. I often have discussions with various engineers and consultants telling me that Citrix NetScaler is so expensive for a Remote Access solution because Secure Gateway always used to be free. No offense but a Citrix NetScaler solution belongs to the networking department, not the Citrix XenApp sys admin department. Or maybe limited.

Read more of this post

Creating user customizable announcements for NetScaler Access Gateway

A customer would like to designate a number of people for customizing announcements on the Access Gateway Enterprise page.  This way the organization can announce important changes, planned downtime or other announcements. The advantage of this is that a network engineer does not need to be bothered for displaying all sorts of messages on the Access Gateway by fiddling with the files on the appliances.

image

Read more of this post

Follow

Get every new post delivered to your Inbox.

Join 45 other followers