NetScaler 10.1 (a)head in the clouds

So the long awaited NetScaler 10.1 release has finally been announced by Citrix on the eve of Synergy today with the new features focusing on network traffic visibility, mobility and cloud elasticity. Here’s an overview of the key messaging.

First up, the analytic tool NetScaler Insight Center (Insight 2.0) has been a regular topic of conversation over the last few weeks. Runs as a stand alone appliance to collect AppFlow service performance data from multiple NetScaler ADCs. Insight Center then provides granular view of actual service performance along with specific enhancements around the analysis of XenDesktop with HDX Insight which also feeds network performance data back in to XenDesktop Director for simplified service management. Have a look at Web Insight for a deep dive in to web service delivery. Read the full review.

Corporate, BYOD or delivering service to customers and communities, mobility is hot and Citrix are all over it. Mobile networks are challenging at the best of times so NetScaler gets a stack of upgrades including the maturing Google SPDY protocol and MultiPath TCP to reduce the effects of high latency and limited bandwidth to keep users engaged and happy. Nice XenMobile connector to play with too.

NetScaler SDX TriScale clustering is going to become very relevant as more organisations get to grips with network flexibility and the ever-present rise of SDN. New for 10.1, individual ADC instances can be clustered on a single SDX appliance or the cluster split over multiple SDXs which further increases the flexibility to scale clusters up and down as demand dictates.  As we now see 3rd party workloads running as instances on SDX hardware, this modular growth should look attractive to many use cases but the polishing up of the AutoScale feature in conjunction with Citrix CloudPlatform is really going to push the scaling message beyond the reach of third party vendors who’s ADC solutions look heavily anchored in rigid complexity. In short CloudPlatform and NetScaler have the ability to self provision minimal server capacity and then spin up new resource when required. When the user counts drop, AutoScale de-provisions the servers to reduce idle resource. Have a look at the e(lastic)commerce post for a typical use case.

The release notes, as usual, are very very long. Citrix class this as a minor release but there’s some serious stuff in the small print. Two factor SAML, Kerberos to tidy up the loose ends with AAA and DataStream which also now supports DataBase Profiles and transparent logging. New traffic domains to create multiple isolated environments (over lapping IP ranges from a single appliance), telco grade IPv6 transitioning enhancements DNS64/NAT64, offloading of DNSSEC operations, App Firewall gets cloud sourced attack signature updates and also now supports signatures generated by the Whitehat and IBM AppScan vulnerability scanners, TFTP load balancing, dynamic load balancing of CloudBridge (Repeater) appliances, UI gets a makeover etc, etc…

It’ll be great to see the cloudDNA team help our customers roll these new technologies in to production environments and no doubt learning a few tricks along the way. That’s the best thing about my job, there’s always something new to talk about. Al

© Al Taylor

21st May 2013

Download NetScaler 10.1

Release notes

Great blog post by Matthijs from CTX – lots of detail


Tags: , , ,

About netscalertaylor

Co-founder at cloudDNA - a team of like minded Citrix NetScaler specilists

6 responses to “NetScaler 10.1 (a)head in the clouds”

  1. Steve Otis says :

    How to do TFTP load balancing?? Nothing yet on the web.. also nothing in the eDOC ??

    • netscalertaylor says :

      Hi Steve – thanks for the comment

      The below is taken from page 27 of the Release Notes (link at the bottom of the post)…

      Cheers, Al

      TFTP Support

      Issue ID 0250958: The NetScaler appliance now supports communication between a client and a Trivial File Transfer Protocol (TFTP) server.

      TFTP is a simple form of file transfer protocol and is based on the UDP protocol. TFTP does not provide any security features and is generally used for automated transfer of configuration and boot files between devices in a private network. TFTP support on the NetScaler appliance is compliant with RFC 1350. A server listens on port 69 for any TFTP request.

      The following features are supported:

      1. Load balancing of TFTP servers—The NetScaler appliance can now load balance TFTP servers.

      2. INAT processing compliant to TFTP—When a request packet, with port 69 as the destination, received by the NetScaler appliance matches an INAT rule with TFTP option enabled, the appliance processes the request and the corresponding response as compliant with the TFTP protocol.

      3. RNAT processing compliant to TFTP—When a request packet generated by a server is destined to a TFTP server, and the packet matches an RNAT rule on the NetScaler appliance, the appliance’s processing of the request and the corresponding response from the TFTP server is compliant with the TFTP protocol.

  2. Matteo Galvani says :

    Is possible to use netscaler as a web interface for the internal clients too? Because I have 2 5550 in HA and why I have to install the web interfaces on additional servers. So I have tried but I have problems with the passtrought authentication. I have the config xml on netscaler with this configuration but is still not functioning:


    Thank you very much,


    • netscalertaylor says :

      Hi Matteo

      The simple answer is yes, this is supported…

      Create an HTTP(S) vServer as an access point and use it to direct users to the WebInterface on the appliance. The users will then authenticate on the WebInterface login page.

      Take a look at page 167 for a step by step guide CTX NetScaler Admin Guide

      If you need any further help (and a faster response!) please feel free to mail me –

      Thanks for visiting the blog


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: