cns-207 implementing citrix netscaler 10.5 for app and ... · netscaler-owned ip addresses network...

Spectrum Networks Solutions Pvt.Ltd MBC Centre, 143/A Ghodbunder Road, Opp. Cine Wonder Mall, Kapur Bawdi, Thane, India 400607

Tel: +91 22 61934800 | Email: [email protected] | www.spectrumapac.com Branches In India – Mumbai | Delhi | Bengaluru

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions Course Overview The objective of Implementing Citrix NetScaler 10.5 for App and Desktop Solutions is to provide the foundational concepts and skills necessary to implement, configure, secure, and monitor a Citrix NetScaler system with NetScaler Gateway in a desktop virtualization environment such as one containing Citrix XenDesktop 7.x or Citrix XenApp, while providing secure application and data access to users. This course is designed specifically for learners who have limited or no previous NetScaler experience. In order to successfully complete this course, learners will have access to hands-on exercises within a virtual lab environment. An optional module on NetScaler SDX appliances is included with reinforcement simulation exercises. This course is based on the Citrix NetScaler 10.5 product, but the skills and fundamental concepts learned are common to earlier product versions. Who should enroll in this course? This course is recommended for learners who are:

o New to the NetScaler platform o Interested in integrating NetScaler Gateway with Citrix XenDesktop or Citrix XenApp

Preparatory Recommendations Before taking this course, Citrix recommends that learners have the following:

o Familiarity with application delivery and cloud networking. o Experience with Citrix desktop virtualization technologies, such as XenDesktop and

XenApp. o Familiarity with Microsoft Windows Server 2008 R2. o Familiarity with Microsoft Windows Server 2012. o Experience with Microsoft SQL Server or enterprise database servers. o Experience with Active Directory and Group Policy. o Basic understanding of Microsoft Remote Desktop Services. o Basic understanding of Windows Server networking concepts, such as DNS, IIS®, and load

balancing.



o Exposure to basic system administration concepts, including logging, software upgrade procedures, and high availability operations.

o Familiarity with server monitoring tools. o Basic understanding of VPN concepts, including SSL encryption and certificates.

Skills and Key Topics Upon successful completion of this course, learners are able to:

o Identify the capabilities and functionality of the NetScaler. o Explain basic NetScaler network architecture. o Obtain, install, and manage NetScaler licenses. o Identify the capabilities and functionality of NetScaler Gateway. o Explain how SSL is used to secure the NetScaler. o Configure authentication for users on the NetScaler Gateway. o Implement authorization to determine to which resources users have access. o Configure the NetScaler for high availability. o Integrate NetScaler Gateway with Storefront or Web Interface to provide remote access

for Web, SaaS and mobile apps. o Implement load balancing and GSLB on the NetScaler system. o Customize the NetScaler system for traffic flow and content-specific requirements. o Configure endpoint analysis to determine the level of access for specific devices. o Enable access to applications and data for user connections. o Demonstrate monitoring and reporting through native NetScaler logging tools. o Configure NetScaler Insight Center to monitor a desktop virtualization environment o Employ recommended tools and techniques to troubleshoot common NetScaler network

and connectivity issues. o Identify the unique capabilities and functionality of the NetScaler SDX platform. o Identify the networking characteristics of the NetScaler SDX platform. o Explain the process of provisioning and administration of NetScaler VPX instances on a

NetScaler SDX appliance. Instructional Method Instructor-led course, Self-paced online Course Length 5 days



Lab Activities ILT and vILT offer lab access only during the duration of the course. Module Outline

o Getting Started o Basic Networking o High Availability o Basic Load Balancing o Securing NetScaler o AppExpert Classic Policy Engine o Authentication and Authorization o Access Policies o End-User Access and Experience o Integrating NetScaler Gateway with XenApp and XenDesktop o AppExpert Default Policy Engine o Global Server Load Balancing o Monitoring and Management o Troubleshooting o NetScaler SDX Addendum

Topic Outline

o Getting Started Getting Started Introduction to Citrix NetScaler NetScaler Functionality NetScaler Overview Product Features Hardware Platforms Hardware Components nCore Configuration Architecture Deployment Scenarios NetScaler Gateway Overview NetScaler Gateway Platforms Initial NetScaler Access NetScaler Licenses



NetScaler Gateway Licensing To Install the NetScaler Gateway License NetScaler Gateway Pre-Installation Checklist Replacing Securing Gateway Configuring NetScaler Gateway for First-time Use Settings Configuration End-User Access with the FQDN Configuration Testing Name Service Providers Configuration Performing an Upgrade Save the Configuration

o Basic Networking

Basic Networking OSI Networking Model NetScaler Architecture Overview NetScaler-owned IP addresses Network Topology NetScaler Gateway Deployment NetScaler Network Interfaces Virtual Local Area Networks (VLANs) IP Address Routing Mac-based Forwarding Mode Determining the Source IP Address Link Aggregation

o High Availability

High Availability High Availability Functionality High Availability Node Configuration Propagation and Synchronization High Availability Management Upgrading a High Availability Pair High Availability Issues High Availability Pair in Different Subnets Adding a Remote Node To Add a Remote Node for Independent Network Computing Mode

o Basic Load Balancing Basic Load Balancing Load Balancing Basics



Entity Management Server Creation Service Monitoring Services Configuration Overview Virtual Server Creation Binding Services or Service Groups to a Virtual Server Traffic Types Default Monitors Built-In Monitors Monitor Parameters Creating Monitors HTTP Monitoring Extended Application Verification (EAV) Monitoring Extended Content Verification (ECV) Monitoring HTTP-ECV and TCP-ECV Monitoring Process Reverse Condition Monitoring Setting Monitor Thresholds Custom Monitors XenDesktop Delivery Controller Monitoring StoreFront Store Monitoring TFTP Server Monitoring Load Balancing Methods Service Weights Persistence and Persistence Connections Load Balancing Configuration Protection Load Balancing Wizards Disabling Services Graceful Shutdown of Services Removing Services Configuration Verification The Load Balancing Visualizer

o Securing NetScaler

Securing NetScaler SSL SSL Session Process Features and Benefits Offload Performance Digital Certificates SSL Administration



SSL Offload Overview Deployment Scenarios Citrix Recommendations for SSL SSL Renegotiation Attack SSL Troubleshooting SSL Offload Troubleshooting

o AppExpert Classic Policy Engine

AppExpert Classic Policy Engine Policies Overview Policies and Profile Configuration Policies Creation Traffic Policies

o Authentication and Authorization

Authentication and Authorization System and AAA User Groups Local Accounts External Authentication External Authentication for System Users NTLMV2 Authentication Configuration of Command Policies for Delegating Administrators Custom Command Policy Configuration for Delegated Adminstrators Authentication Configuration Authentication Types Supported on NetScaler Default Global Authentication Types Configuration Local Users Configuration Authentication Policies LDAP Authentication Policies RADIUS Authentication Policies Client Certificate Authentication Configuration Smart Card Authentication Configuration To Disable Authentication Authentication, Authorization, and Auditing (AAA) Issues

o Access Policies

Access Policies Endpoint Analysis Endpoint Policies Pre-Authentication Policies



Pre-Authentication Policies and Profiles Security Pre-Authentication Expressions Configuration of End-User

Devices Operating System Policies Configuration Antivirus, Firewall, Internet Security, or Anti-Spam Expressions

Configuration To Configure a Client Service Scan Security Checks Configuration To Configure Process Policies File Scan Policies Configuration To Configure a Session or Pre-Authentication Policy to Check for a File on

the End User Device Registry Policies Configuration To Configure a Registry Policy To Create a Sample Pre-Authentication Scan Custom Expressions Configuration To Bind Pre-Authentication Policies Post-Authentication Policies End-User Logon Options Evaluation Quarantine Groups Endpoint Analysis Troubleshooting

o End User Access and Experience

End User Access and Experience Connection Methods Secure Tunnel Establishment Network Firewalls and Proxies Secure Tunnel Termination NetScaler Gateway Plug-in Support Software Firewalls NetScaler Gateway Plug-In Integration with Citrix Receiver Citrix Receiver Home Page NetScaler Gateway Plug-In Selection for End-Users NetScaler Gateway Plug-In Deployment, Upgrading, and Removal from

Active Directory Client Ports NetScaler Gateway Plug-in Connection Configuration End User Connections Proxy Support Enablement Session Policies Credential Passing



Configuring the Default Home Page for SSL VPN and Clientless VPN Connections

Timeout Settings Split Tunneling Timeout Settings Configuration Client Cleanup Single Sign-on Configuration Client Interception To Configure Name Service Resolution Access Interface Configuration Clientless Access Domain Access Configuration for End Users SharePoint Site Clientless Access Settings Using Web Interface Client Choices Page Configuration Access Scenario Fallback Configuration NetScaler Gateway Advanced Concepts

o Integrating NetScaler Gateway with XenApp and XenDesktop

Integrating NetScaler Gateway with XenApp and XenDesktop NetScaler Gateway Prerequisites Firewall Rules StoreFront Services Deployment Beacons Enabling Access Method Fallback with Policies SSL Certificate Trust Session Policies Session Profile Creation Custom Clientless Access Policies Configuration for StoreFront Services XenApp and XenDesktop Addition to a Single Site XenMobile Platform Overview

o AppExpert Default Policy Engine

Understanding Policies Understanding Packet-Processing Flow Policy Process Evaluation Flow Identifying Default Policy Expressions Actions Configuring Policies and Actions Understanding Bind Points



Understanding Policy Labels Pattern Sets Typecasting Responder, Rewrite, and URL Transformation Responder Policies Responder Actions Respond With Responder HTML Page Imports Rewrite Policies Configure a Rewrite Action Binding Policies

o Global Server Load Balancing

Global Server Load Balancing GSLB Deployment Methods GSLB Concepts GSLB Entities GSLB DNS Methods Metric Exchange Protocol Implementing GSLB Viewing and Configuring GSLB with the Visualizer Configuration Site-to-Site Communication RPC Node Password Encryption of Site Metrics Exchange Source IP Address for an RPC Node GSLB Site Communication Example Customizing the GSLB Configuration Changing the GSLB Method GSLB Persistence Using Dynamic Weights for Services Monitoring GSLB Services Binding Monitors to a GSLB Service Monitoring GSLB Sites Protecting the GSLB Setup Against Failure Responding with an Empty Address Record When in the DOWN State Backup IP Address Configuration for a GSLB Domain Implementing GSLB Failover for Disaster Recovery



o Monitoring and Management Monitoring and Management Monitoring Needs Monitoring Methods AppFlow on the NetScaler System HDX Insight NetScaler Log Management Troubleshooting Resources Troubleshooting Tools Display NetScaler System Information

o Troubleshooting

Labs-only module covering 4 Troubleshooting Scenarios

o Appendix A: NetScaler SDX Addendum Introduction to the NetScaler SDX Appliance Product Benefits Hardware Platforms Deployment Scenarios Licensing Base Architecture IO Virtualization VLAN Filtering Restricting VLANs to Specific Virtual Interfaces NetScaler SDX High Availability Service VM Overview Device Management Instance Management Provisioning a NetScaler VPX Instance on an SDX Appliance NetScaler SDX Service VM Internals Simple Consolidation Data Plane Isolation with Shared Interfaces Simple Consolidation with Delegated Administration Consolidation Across Security Zones SNMP SNMP Trap Destinations Adding an SNMP Manager Community Configuring the NetScaler for SNMPv3 Queries SNMP Views SNMP Users



SNMP Alarms System Health Monitoring Third-Party Virtual Machines Managing the NetScaler SDX Appliance

cns-207 implementing citrix netscaler 10.5 for app and ... · netscaler-owned ip addresses network...

Documents