NetScaler for XenApp/Desktop. So much more than a CAG.
During my time in distribution, we sold hundreds of Citrix Access Gateway (CAG) appliances and for good reason. In the vast majority of projects that I worked on, CAG was chosen as a means of increasing the security of remote access to XenApp/Desktop environments which, when used with CAG Universal licences, allows granular access control based on compliance of the end point with an administrator defined set of policies. Or in plain English, ‘Who can see what from where’.
Having this level of control allows organisations to securely deliver a cloud like service to their users and by that I mean that users are not forced to use a laptop supplied by the organisation, they can access from any suitable device – a home PC, internet cafe, tablet or even smart phone. As these private clouds continue to gain adoption, it made sense that someone would stand back and have a look at ways of simplifying the process of connecting users to them…
Keeping on the theme of XenApp/Desktop, and assuming there’s a requirement to provide a resilient service (more than one data centre), the CAG is only part of the delivery mechanism – as many will know it’s also necessary to deploy the following…
- Web Interface – hosted on a dedicated server – allows user to access the session from a web browser
- Load Balancing – hosted on dedicated server/appliance – distributes workload across the server pool
- Global Load Balancing – hosted on dedicated server/appliance – distributes workload across data centres
…all of which take time to procure, learn, deploy, power, manage, support and maintain.
Here’s where NetScaler comes in…
NetScaler has the CAG Enterprise Edition, Web Interface, Load Balancing & Global Load Balancing functionality in one appliance which makes it less costly and complex to deploy than separate devices that offer one of those functions each. As a bonus, the performance of the estate will benefit from NetScaler’s fine tuning capabilities to give every user the best possible experience at the place where it matters – the end point, wherever and whatever it may be.
It’s important to note at this point that all of the above is available in a virtual appliance, capable of supporting up to 300 users with prices starting from similar money to a MacBook Pro, a pleasant surprise to those who still believe NetScaler is for the big budget .coms.
The best thing about NetScaler is that this is just the start.
As cloud based services become more prevalent and SLAs continue to rise, organisations are looking for ways to regain control of their users. When time and budget allows, add Cloud Gateway * to the NetScaler and give users a single point of access for all of their content regardless of it’s origins. One point of access for all content brings control back to the IT department and makes challenges like Bring Your Own Device remarkably simple to solve. Now we just need to keep an eye on things.
Application Delivery Controllers like NetScaler are in the ideal position in the network to monitor the service performance against SLAs as all inbound and outbound traffic passes through them. The recently introduced NetScaler Insight feature can be deployed to provide administrators a granular look at the actual performance from the server to the end point which should make compliancy management and trouble shooting less time consuming – never a bad thing.
Looking at the above, the clunky, lethargic remote access solutions that we’ve all had to suffer at some point look antiquated. I’ve see the difference that flexible collaboration platforms make to organisations and whether the drivers are based on compliancy or productive employees, it all starts by replacing that CAG with a NetScaler.
© Al Taylor 28th Nov 2013
* UPDATE June 2015 – CloudGateway may be the answer to you problems but have a look at the new NetScaler 11 Unified Gateway, it’s a game changer!
CAG 7000 Enterprise Edition appliances are now end of life and may qualify for a trade in allowance against a NetScaler hardware appliance- mail me firstname.lastname@example.org if you’d like me to check your appliance eligibility.