Uudet tuulet – Uusi Citrix SCKY Kevätkokous Mikael Lindholm Systems Engineer.

Uudet tuulet – Uusi Citrix

SCKY KevätkokousMikael LindholmSystems Engineer

2© 2007 Citrix Systems, Inc.—All rights reserved, Citrix Company Confidential

Agenda

• Application Delivery according to Citrix

• Microsoft Windows Server 2008 Terminal Server

• Application Streaming – a solution for everything?

• Dynamic desktops – centralize everything!

Citrix Application Delivery Vision


We See Five Key Global Business Forces

Increasing risk of being displaced from the work environmentDisruption

Datacenters, industries and companies are aggregating at record pace

Consolidation

Work is shifting to optimal locations

Globalization

The new workforce and consumer that wants total controlEcho

Generation

Government agencies are holding business more “information accountable”

Regulation


• CONSOLIDATION

• CONTINUITY

• SECURITY

• COMPLIANCE

• MOBILITY

• GLOBALIZATION

• OFFSHORING

• E-COMMERCE

APPSUSERS


What does this mean to IT?

Increases in distance leads to

• Increased complexity

• User experience degradation

• Less control• No Managed devices• Data Security concerns

Microsoft Windows Server 2008 Terminal Services- Goodbye to Citrix?


Terminal Services in Windows Server “Longhorn”• Design Goals

• Improve basic out-of-box solution• Provide improved platform for customers and partners• Tighter integration with client OS to provide seamless

experience• Leverage and integrate with Microsoft management technology

• Solution Features• TS Remote Programs (demo)• TS Gateway (demo)• TS Web Access (demo) • Single Sign-on for managed clients• Improved experience, security and manageability


Advantages of Anywhere Application AccessAdvantages of Anywhere Application Access

Mobile WorkerMobile WorkerIn AirportIn Airport

Branch OfficeBranch Office

Home OfficeHome Office

Central LocationCentral Location


TS Web Access Deployment Best Practices

• TS Web Access default is good for single server deployments

• Use Active Directory mode for multi-server deployments when customers are experienced in AD based software deployment

• When customer has no AD MSI experience use custom ASP scripting solutions or 3rd party solutions


Terminal Services GatewayRemote Access to internal applications resources

DMZDMZ

HTTPS / 443

InternetInternet Corp LANCorp LAN

Terminal Server

HotelEx

tern

al F

irew

all

Inte

rnal

Fire

wal

l

Home

Business Partner/Client Site

Other RDPHosts

TerminalServer

Internet

Terminal Services Gateway Server

Tunnels RDP Tunnels RDP over over

RPC/HTTPSRPC/HTTPS

Passes Passes RDP/SSL RDP/SSL

traffic to TStraffic to TS

Strips off Strips off RPC/HTTPSRPC/HTTPS

Network Policy Server

Active Directory DC


What else is new in LH TS?


Citrix and Microsoft• Citrix is a 2 time Gold Certified ISV Partner ( 2003 &

2005)

• Winner of Office Systems Desktop Deployment Technology of the Year (2006)

• Citrix Presentation Server• Value-Add to TS & Microsoft• Extends TS functionality• Citrix MoM pack available• WISP

• “Project Evergreen”

• Signed 5 year Joint Technology Agreement in 2004

• “Constellation Technologies” will add new value in the Windows Server “Longhorn” timeframe


Connectivity

Access Policies Integration with Citrix Access

Gateway (Advanced Access Control option)

System Monitoring and Reporting Advanced Print Management

Enhanced Management Experience

Extended Shadowing Support Application Availability Control

Automatic Client Updates Unified Licensing

Simplified Application Installation Integration with Network

Management Consoles More….

Citrix Presentation Server 4.0Value-Add to Windows Server 2003

Scalability

End-User Experience

ManageabilityApplication Support

Application Isolation Environment

Virtual IP Address Support Support for local TWAIN

devices Support for ActiveSync\

more……

Security

SpeedScreenTM 3 Application Publishing

Content Publishing Content Redirection

Seamless Windows Desktop Integration SmoothRoamingTM

Simplified Printing Built-in Group Conferencing Pass-through authentication

Integration with Citrix Password Manager (single

sign-on) More……

Enterprise Load Balancing CPU Utilization Management Virtual Memory Optimization

Multiple Farm Support Supported and tested on 1000+

server farms More……

Two-Factor Authentication Support

Enhanced SmartCard Support Secure Gateway Access Policies

Integration with Citrix Access Gateway (SSL VPN)

More…..

Web Interface for Remote Access

Universal Device Access DOS and Windows

Windows CE / PocketPC Macintosh

Java IBM OS/2 Warp

EPOC / Symbian OS UNIX platforms

Support for Unix Applications Support for Direct Dial-Up Extended Network Support

More…


Summary• Centralized application access using TS is about more than just

remote access

• New Longhorn TS features enable new native TS scenarios

• TS Remote Programs and TS Gateway provide a complete solution for low complexity scenarios

• Expect 3rd party value to still be required for many scenarios in Windows Server “Longhorn” and beyond

• Consolidation using x64 on Windows Server 2003 gives significant current benefit

• Terminal Services is a Rich Client Technology

• Terminal Services can reduce application deployment and management overhead

• TS isn’t just about WAN links


Citrix Presentation Server on the Microsoft Platform – Today

Application Support

Servicing End User Needs

Ser

vici

ng I

T N

eeds

Terminal ServicesFuture

Citrix Presentation

Server

Management

Enhanced Usability

Security

Citrix and Microsoft agree that Windows Terminal Services provides base-level functionality for lower-complexity environments

ScalabilityTerminal ServicesLonghorn

Citrix and Microsoft agree that Windows Terminal Services provides base-level functionality for lower-complexity environments

& Longhorn

Application Streaming- Goodbye to Citrix?


Application Streaming

• Streaming means sending data as needed / played instead of sending all at once and starting to use the data

• Application Streaming is the technology used to deliver applications to machines on a per need basis into an isolated environment• Almost all real world implementations always streams the whole

application before starting

• Streaming is a “Hot Topic” and in some cases sold as a complete solution for all Application Delivery Scenarios


Application Delivery Challenges

• Application compatibility• With operating systems, patches• With other applications• With other versions of same application• With application dependencies• Regression testing

• Data Security

• Connectivity• Secure channel• Bandwidth, latency, packet loss• Need for offline use

• Hardware limitations

• Non-managed devices


Streaming to Server—Deployment

Play

Publish

Profile

Presentation Servers:• Web Interface

• PNAgent Service

• App Publishing

• Session Management

• License Management

File Share

ICA

Streaming

• Applications streamed to CPSservers ‘on-demand’

• Applications isolated on the server

Profiler

PresentationServer Admin

Users

ApplicationProfiling

Small single site deployment


Streaming to Desktop–Deployment

• Applications delivered to desktops ‘on-demand’

• Applications isolated on desktops

Play

Users

Publish

Profile

Profiler

PresentationServer Admin

Presentation Servers:• Web Interface

• PNAgent Service

• App Publishing

• Session Management

• License Management

File Share

StreamingApplication

Profiling

Auth and Application Access


Dual-Mode Delivery

• CPSe additionally enables ‘fall-back’:• Applications can be

delivered either streaming to server or desktop

• ‘fall-back’ occurs from CPS to desktop streaming based on policies, eg

• Client availability• IP Address• User OS & patch level• etc…

Streaming to Desktop with‘fall-back’ to Server

Users

CSS & CPS Server

File Share

Streamingto CPS

App Deliveredvia ICA ‘fall-back’

App Deliveredvia Streaming


Publishing Streaming Applications

• Publish using the Access Management Console

• Specify Application Type:

• Streamed to client

• Accessed from server

• Streamed if possible, …


Isolation 2.0 Improvements

4.0 4.5

Isolation Rules X +

Application Compatibility X +

User Density X +

Overhead Reduction X

Registry and COM Isolation X

Application Streaming Profiler X

Wizard Driven Configuration of Application Isolation X

Administrator Control of User Privileges in Isolation X

Virtual Reboot X

Custom Scripting X

Vista OS Support X

64 bit Server OS Support X

Citrix Dynamic Desktop Initiative


Data centre

What is a dynamic desktop?

Remote usage protocol


Why is it needed?

1. Application delivery to for cases where current solutions fail

• Software developers• Companies that are off-shoring• In house use for user’s with “wrong kind of OS” on their machines• “Difficult” applications

2. As a replacement for current desktop management


Motivation: Desktop Lifecycle cost!

•Procure•Image•Ship

•Tech Support•Patches•Updates

•Lock down•Authenticate•Security tools

•Exception based•Uptime

•Migrate data•Migrate apps•Wipe & dispose

Uudet tuulet – Uusi Citrix SCKY Kevätkokous Mikael Lindholm Systems Engineer.

Documents

Transcript of Uudet tuulet – Uusi Citrix SCKY Kevätkokous Mikael Lindholm Systems Engineer.