XenApp 7.5Technical Overview

Stephan Pfister – Citrix Certified Instructor

stephan.Pfister@umb.ch

WORKPLACE

RedesignWORKFORCE

MobilityWORKFLOW

Optimization

MOBILE

Workstyles

Mobile Workstyles are powered by...

Mobile WorkspacesSecurely unite apps, data & services

on any device over any network or cloud

Citrix is the leader in

Mobile Workspaces

Collaboration

& Sharing

Access &

Data Security

App & Desktop

Virtualization

Enterprise Mobility

Management

App Networking &

Cloud Orchestration

Citrix – The Broadest Mobility Portfolio

Secure Mail

& Web Apps

Mobile App

Security

Mobile Data

Control

Secure Mobile

Network Access

Mobile Device

Management

Virtual Windows

Apps & Desktops

Web & Social

Collaboration

Integrating across the stack for the best mobile experience

Seamless Mobile

Experience

Application and desktop virtualization,

re-imagined for mobility and cloud

Reduce cost

and complexity

of app and

desktop

management

Simplify

support and

enable choice

of BYO

devices

Centralized

security to

protect

sensitive

information

Increase

employee

productivity

with anywhere

access

People-

centric

& use case

driven

XenApp 7.5 – New Features

• Eliminate CAPEX for seasonal needs

• Leverage global clouds for proximity to users

• Same management consoles and skillsets

• Easier than competitors to deploy and manage

• Publish dozens of apps in less than a minute

• Built-in performance monitoring

• Up to 8% more users per server compared to previous versions

• Multi-touch experience

• High-performance over mobile networks

• Application compatibility

• Application remediation

• P2V App Migration

Hybrid cloud provisioning

Simpledeployment & management

Platinum Mobility

Promotions

AppDNAComplete App

Migration Toolkit

HDX MobileOptimization technologies

Free

XenMobile MDM

or

20% off XenMobile Enterprise

XenApp 7 Product LinePackaged and priced for broad adoption for all users

PlatinumEdition

EnterpriseEdition

AdvancedEdition

High-performance hosted shared app and desktop virtualization solution with HDX™

technology

Enterprise-class desktop virtualization

with FlexCast™ delivery technology

Comprehensive desktop virtualization

solution with advanced networking,

management and security

Architecture

Let’s look at IMA for a moment

Farm

Zone

Primary ZDCBackup ZDC

MetaFrame Member Servers

Data StoreZone

Primary ZDC Backup ZDC

MetaFrame Member Servers

Let’s think about IMAFarm

Zone

Primary ZDCBackup ZDC

MetaFrame Member Servers

Data StoreZone

Primary ZDC Backup ZDC

MetaFrame Member Servers

Wasted

resources

What happens when

ZDC bottlenecks?

Zone mesh impact

=

Zones(Zones-1)

Potential issues if elected as

ZDC

Upgrade/Migration

challenges

Do I need to

re-architect to

add more

users?

DeliveryServices Console

XenApp 6.5 Farm(IMA)

XenDesktop 5.6 FP1 Site(FMA)

Citrix Studio

Web Interface

Receiver

DB DB

IMA

IMA CBP

XenAppController

Server OSWorkers

Desktop OSWorkers

Delivery Controller

Power &Capacity

Mgmt

Provisioning ServicesPVS

WMI

PVS ConsolePCM

Console

Today: Separation of Owners & RolesDifferent Desktops & Apps Architectures

EdgeSightConsole

VDA

CitrixStudio

Storefront / Receiver for Web

Receiver

DB

Server OSWorkers

Desktop OSWorkers

Delivery Controller

MCS

Provisioning Services

FlexCast: Unified Service Delivery TeamFlexCast Management Architecture

VDA VDA

CitrixDirector

Provisioning Console

Delivery Controller

Resources

SQL Database

Delivery Controller

Resources

SQL DatabaseActive

Active

Add new

controller to grow

SQL is site

size limitApps and

Desktops

App and Desktop Delivery

FlexCast Management Architecture

Conceptual Architecture

Hardware Layer

Control Layer

Access LayerUser Layer Resource Layer

NetScaler Gateway

StoreFront

Delivery

Controller

XenClient

Remote PC

Access

Pooled Desktop

Catalog

Hosted Apps Catalog

Personal Desktop

Catalog

Shared Desktop

Catalog

Director

Studio

SQL

Database

SSL

Delivery Group

Delivery Group

Delivery Group

Delivery Group

Resource Hosts

Physical, Virtual, Cloud

Cloud VMs

VMsServers PCs

Access & Control Hosts

Physical, Virtual

VMsServersActive Directory

License Server

FlexCast

Challenges for business

Rewriting apps to support

mobile OS which is costly

and time consuming

No mobile apps

Designers & Engineers

stuck to workstations

Can’t access/share designs

remotely in real time

Employees/Contractors

bringing own devices

regardless of BYOD policy

Organization exposed to risks

from security, compliance

gaps and IT complexity

Mobile Apps

Designers & Engineers

BYOD

Critical data replicated

between headquarters and

branch office

Network connection between

headquarters and branch

office gets congested

Remote & Branch

Workers

Challenges for IT

Operating system upgrades,

updates & patches on

individual distributed PCs

Can’t redirect funds towards

more innovative IT initiatives

Maintain large set of desktop

images to deal with complex

mix of laptop hardware

Problems supporting users

offline or on intermittent

connections

Maintain expensive office real

estate

No flexibility to keep up with

increasing business needs

PC Refresh Corporate Laptops

Call Centers

Access and modify files locally

on external devices that don’t

adhere to corporate standards

No data securityContractor & Partner

Access

Sometimes you need

apps, sometimes you

need a desktop

Decision Point – What type of resource?

Management Cost

+

Infrastructure Cost

END USER FLEXIBILITY

Hosted Shared

Pooled VDI

Personal VDI

Dedicated VDI

Managed PCUn-managed

PC

Hosted App

Line of Business App

© 2012 Citrix | #CitrixSynergy

XenApp 7.5 Resources

27

• Physical or Virtual

• Platformsᵒ As VM Hosted Apps

• Windows XP / Windows Vista (pre-XD7 VDA)

• Windows 7 SP1

• Windows 8 & Windows 8.1

ᵒ Windows Server 2008 R2

ᵒ Windows Server 2012 &

Windows Server 2012 R2

FlexCastHosted Apps

Hosted Shared Desktops

Windows Server Hosted Desktops & AppsExtreme efficiency and scalability

4x–6x density compared to VDI I Ideal for fixed-task use cases I Familiar Windows 7 look and feel

Server-hosted session virtualizationFor client-server applications

• Requires network connectivity

• Better protection for sensitive data

• Business applications become platform

independent

• Lowest Total Cost of Ownership

• Great for apps with strict requirements

Mobilize Windows apps for ultimate

security, availability and performance

Session Virtualization

Desktop Virtualization Session Virtualization

Resource Layer

User Layer

Hardware Layer

Access Layer

Delivering a Desktop vs. an App is not the same

Mobile Traditional

Apps make more sense

Mobile Traditional

Hardware Layer

Control Layer

Access LayerUser Layer

NetScaler Gateway

StoreFront

Delivery

Controller

SQL

Database

SSL

Delivery Group

Resource Hosts

Physical, Virtual, Cloud

Cloud VMs

VMsServers

Active Directory

Resource Layer

Hosted Apps Catalog

License Server

Server hosted application delivery1. User clicks app icon and

Citrix Receiver contacts Delivery Controller

2. Least loaded server selected and resource allocated for user

3. User interacts with resource. Screen updates, mouse clicks and keystrokes sent between user and server.

Receiver

• HTML5 Receiverᵒ Receiver for Chromebook

ᵒ Start your experience on any device with easier management

• Windows and Linux Receiverᵒ Tier 1 receivers for demanding use cases, for HDX Premium experience

ᵒ Mainly your workplace device – thin client or a PC

• Mac, Android, iOS, Windows Phoneᵒ Device specific native Receivers for powerful HDX experience while being Mobile

• Any other deviceᵒ HTML5 Receiver provides the experience you need

Any app, any place, on any device

Client-less ReceiverHTML5 Web-based Receiver – Powered by Citrix StoreFront

• Simple, seamless access from any

browser

• Virtual apps and desktops rendered

with HTML5

• Perfect for locked-down laptops and

contractors who cannot install native

Receivers

What’s new with Receiver for Windows 4.0/4.1

• Smart Card auth

• IPV6

• Local App Access

• H264 Decode (XenApp 7)

• HDX Insight

• Lync 2013

• Jabber

• SCCM 2012

• Windows 8.1/IE 11 – 4.1

CitrixReceiver.exe

Citrix Receiver for Windows 8 and RTReceiver for Windows 8

and RT

• Multiple published apps

• Multiple Web and SaaS apps

• Work anywhere on any Windows 8

computer or tablet

• Account configuration using your

email address, a server URL, or a

provisioning file

• Automatic display of the keyboard

when needed

• Pan and Zoom

• Mobility Pack

• Win 8.1 support

• International text

Receiver for Mac 11.8 / 11.8.2

• IPv6

• H264 Decoding

• HDX Insight

• Windows short cuts

• Mavericks support

Receiver for Windows 8 Phone

• French, German,

International Spanish,

Italian, and European

Portuguese

• Asian language input

• Expanded Mobile SDK

support

• Netscaler Gateway 10.1

• Web and SaaS apps

• Log collection

• Assistance for gestures

Receiver for Linux 13.0 • ARMHF support

• Platform optimization SDK for x86 and ARM

• XenApp 7 - 2D and 3D graphicsᵒ H.264 deep compression hardware decoding

• Performance optimizations on x86 and ARMᵒ Graphics/Audio multithreading

ᵒ Receiver/server flow control

• Improved VoIP and video confᵒ UDP/RTP audio

ᵒ H.264 encoding for webcams

• Graphics subsystem SDK

• Multimedia client-side content fetching

• IPV6 support

• Storefront support

• Netscaler Gateway support (ICA Proxy mode)

• Self service UI and SDK

Feature parity between

Linux x86 and ARM

HDX Verified Premium

HDX SoC Initiative

Receiver for Blackberry 10

• Apps and desktops

• StoreFront 2.0 and

Web Interface

• OS required is

10.2.0.1745.

Why not VDI

Mobile Traditional

HDXHigh-Def eXperience

HDXIt’s about the user experience

High Definition Experience

HDX MediaStreamVideo and audio playback

HDX BroadcastICA and RDP protocol support for access from any device, anywhere

HDX MobileTouch navigation for Windows apps; local device features

HDX Plug-n-PlayAccess to local resources and peripherals, including USB devices and printers

HDX RichGraphics2D/3D graphics incl. Adaptive Display, HDX 3D Pro and Microsoft RemoteFX

HDX WAN OptimizationPerformance and bandwidth optimizations for branch offices with Citrix CloudBridge

HDX Adaptive Orchestration Best user experience based on server, network connection and user device

HDX RealTimeVoice and video for real-time collaboration

HDXMultimedia Streaming

Flash WindowsMedia

Silverlight QuickTime

HDX MediaStream

HTML 5 Video

etc.

Citrix Receiver support for HDX MediaStream

HDX MediaStream and Adaptive Orchestration

1. Generic approach: Server-side rendering (Adaptive Display)

Video frames & audio

Native media streams

2. Optimization: Client-side rendering (multimedia redirection)

HDX MediaStream: Complementary approaches

Generic: Server-rendered

• Any media player

• Any format

• Any device

• Any network

• Adaptive Display

ᵒ Dynamically adjusts frame rate and image quality for optimal experience

• HD stereo audio

• DirectX video acceleration (H.264)

ᵒ With server-side multimedia acceleration

Optimized: Client-rendered

• Adobe Flash and Windows media (WMV, MPEG4, DivX, AVI, XVID, MSV1, etc.)

• Client-side or server-side fetching

ᵒ Client-side fetching reduces bandwidth consumption and supports Multicast

• Adaptive Display for server-decoded client-rendered formats

• HD stereo audio

• DirectX video acceleration (H.264)

ᵒ Using client-side multimedia acceleration

• Audio-video redirection for media players based on

DirectShow, DirectX Media Objects (DMO) or

Windows Media Foundation

• New: Windows Media Redirection for iOS, with

hardware decoding for reduced battery drain

• New: Hardware decoding on Linux

• A step towards reducing thin client CPU requirements

• New: Client-side content fetching

• Cuts bandwidth consumption in half

• Supports HTTP, MMS*, RTSP* [*Windows & Linux devices]

• Supports multicast video delivery

Windows Media Redirection in XenApp 7

• Objective: Offload server CPU by rendering Flash content on the user device for majority of web sites (80-90%)

• Significant server scalability benefit and excellent user experience

• Optimized for LAN and WAN

• Windows and Linux devices

• IE10 support added in XD7.0

• New in XD7.1: Flash Redirection from Windows 8/8.1 or Windows Server 2012 [R2]

Optimized: Flash Redirection

• Supported via server-side rendering and Adaptive Display, with excellent video quality via H.264 compression

HMTL5 video in XenApp 7

HDXReal-time Communications

Softphones and Unified Communications apps

Multi-Stream ICA for generic HDX RealTimeTrue network QoS

CitrixReceiver

for Windows

XenApp

WS08 R2,

12, 12R2*

HTTP

Server

Router

ICA Real Time

HTTP HTTP

ICA Interactive

ICA Background

ICA Bulk

ICA Real Time

ICA Interactive

ICA Background

ICA Bulk

ICA UDP/RTP Audio * ICA UDP Audio *

* UDP/RTP Audio now also available for Windows Server RDS workloads in XenApp 7

Lync audio-video delivery options

• HDX Optimization Pack for Lync 2010ᵒ Client-side media processing for Windows, Linux, Mac

ᵒ XenDesktop, XenApp, VDI-in-a-Box

ᵒ New in v1.4: Support for (1) Meet Now join via IP voice-video; (2) Logitech C920

• Support for Lync 2013 VDI Plug-inᵒ Microsoft adopted our recommended architecture (client-side media engine)

ᵒ XA7.5 and CR4.x include the interfaces required by the Lync VDI Plug-in

ᵒ But, no Lync 2013 optimization is currently available for non-Windows devices

• Generic HDX RealTimeᵒ For devices not yet optimized (no local media engine)

ᵒ For Office 365 hosted Lync (not currently supported by either optimization)

ᵒ Limitation: Server scalability due to CPU impact of video processing

Optimization Pack for Microsoft Lync 2010

• Feature of XenDesktop/XenApp

Enterprise & Platinum editions and

VDI-in-a-Box

• Integrates with existing Lync backend

infrastructure

• Includes Lync proprietary codecs

licensed from Microsoft

Solution features

• Audio-Video Communications Supportᵒ Up to 720p30 transmit and receive resolutions

ᵒ Selectable 4:3 and 16:9 aspect ratios for transmitted video

ᵒ Lync RT Video, H.264, H.263, H.263+, and H.263++ video codecs

ᵒ Lync RT Audio, G.711, G.722, G.722.1, G.722.1c audio codecs

ᵒ SIP RFC 3261, RFC 3264, RFC 5168 and Microsoft SIP extensions

ᵒ Secure call signaling via TLS

ᵒ Audio-video encryption (AES)

• Call Control Featuresᵒ Ad-hoc multi-party calling

ᵒ Mid-call features

ᵒ Full-screen mode and Picture-in-Picture (PIP)

ᵒ Works with native Lync as well as standards-based

UC clients registered with Lync

Lync Client Delivery

• Lync 2010

• HDX RealTime Optimization Pack for

Lync™ 2010ᵒ Windows, Linux x86, Mac

ᵒ Planned: Linux ARM via HDX SoC

• Generic HDX RealTimeᵒ Windows, Linux x86, Mac, ThinOS*

(* from Dell-Wyse)

ᵒ Linux ARM via HDX SoC

(in Linux Receiver 13.0)

• Lync 2013

• New in Citrix Receiver 4.0:

Support for Lync™ VDI Plug-in

• Generic HDX RealTime

• (Planned**) HDX RealTime

Optimization Pack for Lync™ 2013

Generic HDX RealTime and Microsoft® Lync™No feature gaps / UI changes, but reduced server scalability

Instant Messaging

Presence info

Desktop sharing (screen sharing)

Voice chat

USB telephone support

Video chat

ᵒ Real-time video viewing and webcam support

Limitations of Microsoft Lync VDI Plug-inhttp://technet.microsoft.com/en-us/library/jj204982.aspx

• Windows endpoints only

• No support for:ᵒ Multi-view video (“gallery view”)

ᵒ Using the Lync VDI Plug-in along with a Lync phone

ᵒ Recording

ᵒ Joining meetings anonymously

ᵒ Customized ringtones / music-on-hold

• Delivery of Lync from RDS (XenApp) not officially supported but works

• Delivery of Lync client as a seamless/published app does not work

• No support for Office 365 hosted Lync

• No fallback to server-side audio-video if client has no VDI Plug-in

• “Limited” support for Agent Anonymization and Call Delegation

HDXGraphics

Desktop Virtualization for High-end Graphics UsersHDX 3D Pro client options

Segmenting the user population

Tier 1: Professional users(e.g. design engineers, radiologists)

• Top rendering performance (dedicated GPU)

• Deep compression on WAN links

• 3D mouse

Tier 2: Power users(users who need to view/edit large 3D models)

• GPU sharing

Tier 3: Knowledge workers• Software rasterizer or highly shared GPU

1

2

3

Windows 7 Aero & Windows 8 desktops/appsDirectX is replacing GDI/GDI+ as the new standard for Windows graphics

DirectX Rendering TechnologyRDS

WorkloadsVDI

WorkloadsVDI-in-a-

Box

Serv

er

“Software GPU” XA7.5(req. WS12)

XD7.0 ViaB 5.3

Hardware GPU acceleration XA6.0, XA7.0 XD7.0 (reg key)

[XD4: HDX 3D Pro]

ViaB 5.3(reg key)

Clie

nt

Desktop Composition RedirectionNot

applicableXD5.5 ViaB 5.0

VDI versus RDS (hosted shared) XenDesktop workloads

Tier 1: HDX 3D Pro on VDI Tier 2: HDX 3D Pro on RDS

• GPU acceleration of Direct3D, OpenGL, CUDA*, OpenCL*

• H.264-based Deep Compression

• Full desktop or seamless apps

• DirectX/OpenGL GPU sharing via XenServer/NVIDIA GRID™ vGPU

• 3D mouse support

TOP PERFORMANCE

• GPU acceleration of Direct3D, OpenGL, CUDA**, OpenCL**

• H.264-based Deep Compression

• Full desktop or seamless apps

• DirectX/OpenGL GPU sharing

• Lower cost Microsoft licensing

• Apps must be RDS compatible

MOST COST-EFFECTIVE* Not available with GRID vGPU ** Experimental pending field validation

What’s new with HDX 3D Pro in XA7?

• Self-tuning codec technologyᵒ Adaptive Display automatically detects transient and/or video images

ᵒ Image quality dynamically adapts to network bandwidth (no slider bar required)

ᵒ Fine Drawing codec eliminated; improved H.264 codec performs much better

• HDX 3D Pro feature is now available for Windows Server RDS workloadsᵒ What does this mean?

• We’ve renamed “XenApp HDX 3D” in XenApp 7 to reflect that it is now essentially equivalent to

HDX 3D Pro on VDI

ᵒ What are the improvements on RDS?• Adaptive H.264-based Deep Compression

• GPU acceleration and sharing extended beyond DirectX to include OpenGL, plus experimental

support for CUDA and OpenCL

• Much faster frame rate at higher resolutions compared to XA6.5 GPU Sharing

What’s new with HDX 3D Pro? (cont’d)

• Auto screen resolution detectionᵒ No longer necessary to disconnect /reconnect when changing resolution

• 5 versions of Receiver now include decoding of Deep Compression ᵒ Windows, Linux, iOS, Mac, Android

• HDX Monitor now reports on HDX 3D Proᵒ Details on fps, codec, performance

ᵒ Replaces previous HDX 3D Pro Health Check Tool

• Quad monitor supportᵒ Not a hard limit but we tested with up to 4 monitors with good performance

RDS-compatible professional graphics appsSome examples from autodeskandcitrix.com, Citrix Ready site, etc.

• Lots of Autodesk apps, including: ᵒ AutoCAD

ᵒ Inventor

ᵒ Revit

ᵒ Navisworks

• Bentley MicroStation

• Dassault CATIA

• ESRI ArcGIS

• Intergraph SmartPlant 3D

• Adobe PhotoShop (Creative Suite)

• Siemens Solid Edge

Hardware platform

GPU Passthrough with RDS workloads

GP

U

XenServer/vSphere

XenApp WindowsServer VMs

GP

U

GP

U

GP

U

XenAppVM

XenAppVM

XenAppVM

Session 1

XenAppVM

Session 2

Session 3

Session 4

Session 5

SessionN-1

SessionN. . .

GPU sharing for RDS workloads

• Usually one VM per GPU (and one GPU per VM) ᵒ On bare metal with OpenGL apps, multiple GPUs can serve one VM, but in general we

recommend one GPU per VM using a hypervisor that supports GPU passthrough

• Each VM is a multi-user Windows Server RDS workload

• XenServer GPU Passthrough now supports up to 12 GPUs per serverᵒ But typical high-end configuration is 3x NVIDIA GRID™ K2 for a total of 6 GPUs

• Direct access to graphics driver and hardware, unlike software-based vGPU

• User density depends on the apps, GPU processing power, video RAM, etc.ᵒ No fixed limit; one customer reports 32 users on a Q6000 with Dassault 3D Via player

• Remember that one user could impact performance of other usersᵒ Recommend capping the number of users per VM

OpenGL Software Accelerator

• New software rasterizer for OpenGL apps

• An alternative to the OpenGL 1.1 software rasterizer included with Windowsᵒ Generally provides much faster rendering performance

ᵒ Leverages SSE4.1 and AVX

ᵒ Supports OpenGL 2.1

• Installs in the program folder of the OpenGL app

• App compatibility expected to be high but must be verified; Citrix cannot

guarantee compatibility with all OpenGL apps

• Targets apps and use cases where GPU hardware acceleration is not needed

or cannot be cost-justified but where the Microsoft OpenGL software rasterizer

is inadequate

DirectX software rasterization

• Less demanding DirectX apps and WPF apps don’t require GPU hardware

• DirectX 9 software rasterizer built into XenApp 7.1 WDDM driverᵒ Previously used in Optimization Pack for Google Earth

• For DirectX 10 & 11, Microsoft provides the WARP software rasterizerᵒ DX10 & 11 apps can use WARP directly

ᵒ Windows 8 and Windows Server 2012 include a software GPU that uses WARP

HDXPlug n Play

• Thumb drives

• Advanced multi-monitor configs

• Printers

• Dictation devices

• Specialized keyboards

• USB Devices

HDX Plug-n-Play

• Traditionally, Client drives are mapped to server drive letters in ICA sessions using Client drive mapping (CDM)

• Can be confusing for users

• New UNC implementation allows users to recognize their client drives a lot easier:

• Example: “C on ClientName” where ClientName is users local machine name

USB Thumb Drive Usability

• Frees up server drive letters on XenApp server or VDA and allows them to be used for other purposes

• Enabled by default

• Not controlled via Policy

• To revert to legacy CDM:

• HKLM\SOFTWARE\Citrix\UNCLinks\ UNCEnabled=0 [REG_DWORD]• Not documented or recommended

USB Thumb Drive Usability

• Previous versions used USB redirection for scanners

• TWAIN redirection has now been ported over from XenApp

• Commands are now seamlesslyredirected from the VDA to theclient machine

• Note that non-TWAIN standards such as Windows Image Acquisition(WIA) will not work with this technology

Scanner support

TWAIN policies

StoreFront

Consistent access inside or

outside the firewall

Seamless workspace across

any device

Access to Windows Apps, data,

Web and SaaS

Auto-configuration of the default

app store

Citrix StoreFront

One Store for All Receivers

Site 3

Site 2

HA Pair or scale-out

cluster

NetScaler

Gateway

Storefront

Services

Site 1

Scale-out cluster with web LB

Mac and Windows

Storefront Services Tier

Storefront Services ArchitectureXenApp Farms (6.5 and

earlier)

InternalWeb Apps

Browser

Thin Clients

XML ServiceAdaptor

?

Receiver for Web

Future CitrixAdaptors

MobileDevices

SaaS Apps

List All Apps

Launch App

“Value Adds”

List My Apps

Subscribe

Sto

reSe

rvic

esA

uth

enti

cati

on

Serv

ice

Update Service(Merchandising Server)

3rd PartyAdaptors

3rd Party Portal

Password

Kerberos

Extension

...?

3rd Party Apps

Smartcard

AppController

Net

scal

er

Gat

eway

XenApp Sites (7.x & later)

Other Services

Storefront

Storefront without the Database requirement

Storefront

Extensible Storage

Engine~2.7 KB/subscription

Storefront

Storefront

Point to

Point

Scheduled

Sync

LON NY

Authentication Service

• Claims-based authentication

• Token Issuingᵒ Authenticates users

ᵒ Establish their identities

ᵒ Marshals the information about the users into security tokens

• Token Validationᵒ Validate authentication tokens for services/applications that consume them but are not

configured as full relying parties

• Use Domain Service to authenticate users with Active Directory

• Use Credentials Wallet to store encrypted passwords

Location aware connectivity

Gateway Connect Direct Connect No Connect

Local App

Access

New! Seamless Local App AccessSeamless integration of local Windows apps

Great for apps that need or

benefit from local resources

App running

locally, or from

Receiver…

…Integrated

into virtual

desktop

Ideal for

HDFacesTM

Local App Access use cases

• Bring-Your-Own-Apps (e.g. iTunes)

• Video conferencing (e.g. GoToMeeting HDFaces)

• RDS-hosted apps in a VDI virtual desktop

ᵒ Eliminate double-hop latency while keeps apps separate

• Challenging edge cases such as:

ᵒ Watching/burning a physical DVD

ᵒ Watching TV using a tuner card

ᵒ Specialty USB devices on the WAN

ᵒ FireWire devices

ᵒ Viewing content that can’t leave the country (regulatory compliance)

ᵒ Client-server apps requiring very low latency to a regional backend

App running

within virtual

desktop

App running on

endpoint (outside

of virtual desktop)

Profile

Management

What’s New in 5.x - Capabilities

99

• New Policiesᵒ Define excluded AD groups

ᵒ Profile Not Available Policy (deny or temp profile logon)

ᵒ Process all users by default on desktop Oses

ᵒ Folder Redirection options as alternative for using AD GPOs

• Read only profiles (aka mandatory) – use the template profile as a mandatory

• Auto Config – detect environment and configure automatically

• Delete Cached profiles immediately … policy to configure a delayed delete

• Default processing of local admins on Desktop OSes

What’s New in 5.x - Integration

100

• Citrix Policy Engine integrationᵒ Additional choice for configuration: AD GPO, Citrix Policy or INI

• Integrated install with VDA (Desktop and Server OS)ᵒ UPM component installed by default with the VDA installer

ᵒ PoSH SDK on DDC

• Director Integrationᵒ Metrics reporting via Director provided by WMI/UPM

ᵒ Now within Director is the ability to reset Microsoft Roaming and Citrix Profiles

ᵒ Non destructive – renames existing profile, creates new and copies some data back

ᵒ Data kept: Documents, Favorites, Cookies, Desktop, Pictures, Music, Video

• While UPM has v5, the PoSH module for UPM is v7

What’s New in 5.x - Architecture

101

• No longer leverages NTFS change journal – UPM uses the filter driver nowᵒ MFT file no longer used (the cache file for NTFS activity)

• Should in most cases improve logon times … ᵒ Particularly first logon with provisioned desktops where cache file had to be created

Using and Administering

Admin ExperienceUser Experience

Policies

HDX - It's all about the user experience

Primarily Controlled Through Policies

Exploring Citrix Policies

Policy Templates

Settings in the Registry

HKLM\SOFTWARE\Policies\Citrix

Configuration Options and Precedence

109

Pm Configuration

AD GPO

ADM – For Windows 2003

AD & Above

ADMX – For Windows 2008

and above

Desktop Studio Policy Node

End Point

Local Policy

Pm INI File

Printing

• So many moving parts…• Applications

• Printer drivers

• Printing device features and limitations

• Networking and printer device connectivity

• Policies and settings

• Permissions

• Still a top call generator for Citrix Technical Support• Hard enough to do Windows printing well (mostly static environment)

• Dynamic elements of desktop virtualization make it that much harder

Why is printing such a pain?

Printer driver versions

• Version2 drivers

• Introduced with Windows NT 4.0

• Operate in kernel memory

• Won’t install on Windows 2008/Vista or later

• Version3 drivers

• Introduced with Windows 2000

• Operate in user space

• Still need to be careful about which drivers you deploy

• Version4 drivers

• Introduced with Windows 2012/8

• One driver can support multiple devices

• Automatically isolated from one another and the print spooler

Native versus non-native print drivers

•Native/inbox drivers• Are included with the Windows OS

• WHQL certified & stress tested with OS

•Non-native/manufacturer drivers• Are provided by a print device manufacturer

(Windows Update, CD, or download)

• May or may not be WHQL certified

• May not be well tested for Remote Desktop & Terminal server use cases

How do printer drivers get installed?

• Manually installed by administrators

• Native drivers automatically installed from driver.cab in the OS

• Plug-and-Play printers

• HDX or RDP printer auto-creation

• Downloaded from print server (Point-and-Print)

• Connection to shared network printers in any manner

• XenApp will only attempt to install native drivers through printer auto-creation, it will not pull in non-native ones

Where can an ICA/HDX printer come from?

Standard Printer Types Defined on Client

Local Printer

(LPT, USB, TCP,

etc.)

Network Printer

(UNC Path)

Client Printer

in Host Session

Network Printer

in Host Session

Client Printer

in Host Session

OR

Session Printers Policy

Network Printer in Host Session

Client Printer

in Host Session

Citrix UNIVERSAL Printer

• Despite it’s name, Citrix universal printing is not universally available• First-class UPD for client printers is only available with Windows end-points

• Mac & Linux end points use Postscript-based UPD• Fixed device profile No awareness of the underlying client printer capabilities

• Java client employs PCL based UPD with fixed device profile too

• Most thin clients have no Citrix UPD option for their local printers• Exception: embedded Windows device running retail Win32 client

• More comprehensive UPD solutions available• Check out offerings of Citrix Ready vendors like ThinPrint, TriCerat, and UniPrint

Universal printing caveats

The Generic Citrix UNIVERSAL Printer

• A single printer object, based on the Citrix Universal Printer driver, which can be configured to auto-create in user sessions but is not tied to any specific print device

• It will automatically print to the default printer on the client device or the preview option can be selected to preview the document on the client and then select any locally-defined printer

• http://support.citrix.com/article/CTX106812

hen in the Course of human events it becomes necessary for one people to dissolve the political bands which have connected them with another and to that Governments long established should not be changed for light and transient causes; and accordingly all experience hath shewn that mankind are more disposed to suffer, while evils are sufferable than to right themselves by abolishing the forms to which they are accustomed. But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security. — Such has been the patient sufferance of these Colonies; and such is now the necessity which constrains them to alter their former Systems of Government. The history of the present King of Great Britain is a history of repeated injuries and usurpations, all having in direct object the establishment of an absolute Tyranny over these States. To prove this, let Facts be submitted to a candid world.He has refused his Assent to Laws, the most wholesome and necessary for the public good.He has forbidden his Governors to pass Laws of immediate and pressing importance, unless suspended in their operation till his Assent should be obtained; and when so suspended, he has utterly neglected to attend to them.He has refused to pass other Laws for the accommodation of large districts of people, unless those people would relinquish the right of Representation in the Legislature, a right inestimable to them and formidable to tyrants only.— John Hancock

hen in the Course of human events it becomes necessary for one people to dissolve the political bands which have connected them with another and to assume among the powers of the earth, the separate and equal station to which the and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness. Prudence, indeed, will dictate that Governments long established should not be changed for light and transient causes; and accordingly all experience hath shewn that mankind are more disposed to suffer, while evils are sufferable than to right themselves by abolishing the forms to which they are accustomed. But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security. — Such has been the patient sufferance of these Colonies; and such is now the necessity which constrains them to alter their former Systems of Government. The history of the present King of Great Britain is a history of repeated injuries and usurpations, all having in direct object the establishment of an absolute Tyranny over these States. To prove this, let Facts be submitted to a candid world.He has refused his Assent to Laws, the most wholesome and necessary for the public good.He has forbidden his Governors to pass Laws of immediate and pressing importance, unless suspended in their operation till his Assent should be obtained; and when so suspended, he has utterly neglected to attend to them.He has refused to pass other Laws for the accommodation of large districts of people, unless those people would relinquish the right of Representation in the Legislature, a right inestimable to them and formidable to tyrants only.— John Hancock

SSL 001000111010101 SSL 001000111010101 SSL 001000111010101 SSL 0010

hen in the Course of human events it becomes necessary for one people to dissolve the political bands which have connected them with another and to that Governments long established should not be changed for light and transient causes; and accordingly all experience hath shewn that mankind are more disposed to suffer, while evils are sufferable than to right themselves by abolishing the forms to which they are accustomed. But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security. — Such has been the patient sufferance of these Colonies; and such is now the necessity which constrains them to alter their former Systems of Government. The history of the present King of Great Britain is a history of repeated injuries and usurpations, all having in direct object the establishment of an absolute Tyranny over these States. To prove this, let Facts be submitted to a candid world.He has refused his Assent to Laws, the most wholesome and necessary for the public good.He has forbidden his Governors to pass Laws of immediate and pressing importance, unless suspended in their operation till his Assent should be obtained; and when so suspended, he has utterly neglected to attend to them.He has refused to pass other Laws for the accommodation of large districts of people, unless those people would relinquish the right of Representation in the Legislature, a right inestimable to them and formidable to tyrants only.— John Hancock

hen in the Course of human events it becomes necessary for one people to dissolve the political bands which have connected them with another and to assume among the powers of the earth, the separate and equal station to which the and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness. Prudence, indeed, will dictate that Governments long established should not be changed for light and transient causes; and accordingly all experience hath shewn that mankind are more disposed to suffer, while evils are sufferable than to right themselves by abolishing the forms to which they are accustomed. But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security. — Such has been the patient sufferance of these Colonies; and such is now the necessity which constrains them to alter their former Systems of Government. The history of the present King of Great Britain is a history of repeated injuries and usurpations, all having in direct object the establishment of an absolute Tyranny over these States. To prove this, let Facts be submitted to a candid world.He has refused his Assent to Laws, the most wholesome and necessary for the public good.He has forbidden his Governors to pass Laws of immediate and pressing importance, unless suspended in their operation till his Assent should be obtained; and when so suspended, he has utterly neglected to attend to them.He has refused to pass other Laws for the accommodation of large districts of people, unless those people would relinquish the right of Representation in the Legislature, a right inestimable to them and formidable to tyrants only.— John Hancock

Endpoint DeviceVirtual Delivery Agent

• Complete network print server solution providing• Ability to use Citrix universal printing regardless of client capabilities• Efficient, open, and firewall friendly protocols • Optimized print traffic from host print server

• Eliminates the need to install network printer drivers on the VDAs!

• Significant WAN performance improvements over traditional windows networking printing

• Less sensitive to latency than Windows printing using SPOOLSS-RPC protocol

• Leverages the same compression and optimizations as in client-based Universal printing

The Citrix Universal Print Server

First introduced on the XenDesktop 5.x and XenApp 6.x platforms

Universal Print Server architecture

Network Print Service

Spooler

UP Web Service

DriverDriverDrivers

PQ1

Driver

PQ2 VQ1 VQ2

Driver Driver Driver

UPS VirtualPort Monitor

Std TCP/IP Port Monitor

WINSPOOL.DRV

UPS Configuration

RPC

TCP

SOAP over HTTP(S)

CGP/SSL

UP-WS

Print Data(XPS/EMF)

Rendered Print Data

SDKPrint Provider

UPD

App

Spooler

UPClient

UPServer

Machine Creation

Services

New* in XenApp 7.5 MCS

• Cloud Provisioning on ᵒ AWS and Citrix Cloud Platform

• Datacenter Provisioning onᵒ System Center VMM 2012 SP1 / R2 with Hyper-v 2012 /R2

• SMB 3 Storage for linked clones and base images

• Reduce IO with read caching on CSV 3.0

• Use local storage, except PVD

ᵒ vSphere 5.5

• Support for latest Windows OSᵒ The latest desktop OS - Win 8, Win 8.1

ᵒ The latest Server OS – Win Server 2012 and 2012 R2

• MCS Performance Improvementsᵒ Fix block alignment issues - VHDX format for VM/Clone disks

Storage

A

MasterVM

MasterVM

Image

A B B B B

identitydiff disk

Machine Creation Services (MCS)

Hypervisor

A’

A’

Copy

Image Prep

Phase

Machine Creation Services: How it works

VM

Master Disk

VM VM

Diff DiskId Disk

Diff DiskId Disk

Diff DiskId Disk

Storage

One copy of the base image shared by all VMs

Space reclaimed every boot

Persistent Identity uses little space

Differencing disk

Identity Disk

Provisioning

Services

New in Provisioning Server 7.1 & XenApp 7.5

• Data center provisioningᵒ System Center VMM 2012 SP1

ᵒ SMB 3.0 Storage for “client-side” write cache disks

• Stream latest OSᵒ Desktop OS - Windows 8/ 8.1

ᵒ Server OS - Server 2012 / R2

• Improved Setup Wizardᵒ Faster catalog creation (no more cloning of template VM write cache disks)

ᵒ Support BDM configuration don’t have to use PXE

ᵒ Faster networks in Hyper-V Guest VMs*

Advanced Image Management

• One imaging solution for ᵒ Virtual apps and VM hosted apps

ᵒ Physical and virtual instances

ᵒ Any Windows operating system

• Image maintenanceᵒ Develop - Test – Production

ᵒ Automated updates

ᵒ Instantaneous rollback

VIRTUALIZE CENTRALIZE PROVISION

Provisioning Capabilities – PVS

VDI SHVD PhysicalServers

PhysicalPCs

PVS

• Top 3 Hypervisorᵒ XenServer

ᵒ Hyper-V

ᵒ vSphere

• Workloadsᵒ Desktop VM

ᵒ Server VM

ᵒ Physical Server

ᵒ Physical PC

• Low storage I/O impact

• Management time ᵒ 15 min for 1,000 VMs

ᵒ Reboot speed rollbacks

ᵒ Automated image updates

Complete

Kernel

Kernel Services

Computer Boot Process: Traditional

Bios

Bios Services

Hardware

Boot

Loader

Early

Kernel

User

ProcessMBR

• Manageability• Simplify and streamline server provisioning

• Assure build consistency

• Eliminate the need for “hot-standby” servers

• Flexibility• Provide rapid server provisioning

• Simplify and reduce the time required to rollout images

• Stream workloads to physical and virtual machines

• Support high availability

• Support hardware repurposing

• Perform instant restore

Benefits of Citrix PVS

Image Delivery

0 5 10 15 20 25

Windows 7

Windows 8

Windows 2012

IOPS

Peak Average Steady State IOPS(95th Percentile)

Provisioning Services Machine Creation Services

0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%

Windows 7 - MCS

Windows 7 - PVS

Windows 8 - MCS

Windows 8 - PVS

Windows 2012 - MCS

Windows 2012 - PVS

Percent

Read/Write Ratio

Read Write

Boot Device Manager (BDM) instead of PXE

Setup Wizard

Provisioning optimization: VM disks

• Create write-cache disks in place on

destination storage

• Size is now configurable

• Each VM booted once to quick

format

• No more SLOW network copies of ‘n’

formatted write cache disks!

Director &

EdgeSight

Next generation Director

• Single pane of glass

ᵒ Instant “real-time” troubleshooting and

environment health metrics across sites

• Integration of EdgeSight features ᵒ Performance management and network analysis

• Aggregation of logging information

ᵒ Pinpoints root cause of connection and machine

failures

• End user experience monitoring

ᵒ Logon analysis to pinpoint issues or delays

TM

• Driving Evolution

ᵒ EdgeSight evolves into an integrated solution

ᵒ Enhances existing products such as Director

• Providing a holistic view

ᵒ No more product silos

ᵒ Offers comprehensive view into the Citrix stack

to correlate information

Evolution of EdgeSightTM

Performance management

Health and capacity assurance

Historical trending

EdgeSight features

Network analysis

Identify bottlenecks due to the network in your

XenApp environment

Powered by NetScaler HDX Insight

TM

Director – Actionable Troubleshooting

Resolution at first

touch

Reduce operating

costs

Improve customer

satisfaction

Director – Enhanced User Details Page

Director – Real-time assessment

Immediate visibility of

site performance

health

Environment usage

Logon performance

indicating end user

experience

Key infrastructure

alerts

Drill down list view

Know who has been

affected and why

Director – Contextual troubleshooting

Failures reason explained

Correlation with Configuration logging

Director – Logon performance

Know how logon duration is affecting end users

Compare to previous environment baseline

Director – Load Evaluation Trends

Understanding published application server load and affect of logged on users

Historical trending

enables

performance

management over

time

EdgeSight - performance management

Auto-baselining –

comparison of past

performance to

current

TM

EdgeSight - network analysis

ICA deep packet

analysis

Latency and

bandwidth

effects

Application and

desktop usage

TM

EdgeSight Features IntegrationTM

EdgeSight Performance management

historical trending and auto-baselining

EdgeSight Network analysis

leveraging NS HDX Insight

The right solution for the right customer

EdgeSight 5.4 …is migrating to XenApp 6.5…will be sustaining with XenApp 6.5 and XenDesktop 5 until EOL

Ideal for customer who…

…are new to XenApp …are migrating to XenApp 7Director with

EdgeSight

Active Directory

Director 7

• Troubleshooting

• Real-time AssessmentMonitor

Database

XD

Data Store

Delivery Controller

Configuration Log

Service

Monitoring Service

Delegated Admin

Service

Broker Service

Director Web

Service

Browser

DirectorApp

RDS/VDI

VDA

NetScaler

HDX Insight Service

Hypervisor

RDS/VDI

VDA

RDS/VDI

VDA

NS

Databasewith EdgeSight

• Trends

Microsoft App-V

Microsoft App-V Basics

• Isolate Applications and Application Related Data

• Remediate App Behavior

• Multiple App Versions

• Central App Delivery

Sequencing < = > Packaging?

• Alternative form of Packaging

• Much less work, less error prone

• Easy to remediate / customize apps

App Virt Engine

• Install wherever apps will execute

• Isolate App and ARD

• Multi-User and Multi-Tenant

UserAPrefs

UserBPrefs

UserCPrefs

Operating System

App 1

App 3

App 4

App 2

DistributionSequencer “Content” File Server

App-V Server Infrastructure System Center Configuration Manager

Client using HTTP/S or BITSClient using App-V Server Standalone Client

Configuring

App-V

Publishing

App-V 5 Apps

167Source: Citrix

Published Apps

168Source: Citrix

Hosting Platform

Open Architecture

Hosted on XenServer

Hosted on ESX, vSphere

Hosted on Hyper-V

Supported hypervisors*

XenServer 6.26.16.0.2

Hyper-V/SCVMM System Center Virtual Machine Manager 2012 R2 System Center Virtual Machine Manager 2012 SP1 System Center Virtual Machine Manager 2012

VMWare vSphere 5.5vSphere 5.1 Update 1vSphere 5.0 Update 2

(No support is provided for vSphere vCenter Linked Mode operation)

Only XenApp and XenDesktop

enable you to easily harness the

flexibility, elasticity and

economics of the largest, most

popular public clouds

Hybrid Cloud Provisioning

Delivery Controller

(coming soon)

New Infrastructure Choice, Familiar SetupSame administrative workflows, now simplified for cloud

Host Selection now includes

AWS and CloudPlatform

Select your cloud region and

availability zone

Select instance type for

machine catalog

Create Host Configure Host Create Catalog

Market Drivers for Hybrid Cloud Provisioning

Flex

Examples:Seasonal Workers

Citrix migrations testing

Grow

Examples:On-board M&A

Organic usage growth

Transform

Examples:“Don’t Own Stuff”Hardware Refresh

Optimize

CAPEX

Build for

Speed

Think

Differently

XenApp 7.5 Cloud Provisioning

• Available for AWS and

CloudPlatform in 7.5

• Utilizes MCS with direct

cloud API calls

• Working on Azure

• Goal to support “any cloud”

• Future improvements to

better optimize for cloud

infrastructure

Desktop Clouds with XenDesktop/XenAppFlexible cloud deployment options – Private, Public and/or Hybrid Cloud

on-premise off-premise

EnterpriseService

Provider

Public CloudPrivate Cloud

• Leverage OPEX-based

IT service delivery model

• Leverage public clouds

as an additional capacity

site

• Transform, flex or grow

app or virtual desktop

infrastructure

• Unplanned and

temporary capacity

demand: seasonal

workers, on-boarding

M&A events, etc

XenDesktop Cloud Provisioning w/ CloudPlatformThe “One Citrix” Desktop Cloud Solution

• On/Off-premise Private

XenDesktop/XenApp Cloud Solution

Built on the latest releases of Citrix

XenDesktop/XenApp (v7.5) and Citrix

CloudPlatform (v4.2.1.4, v4.3)

XD/XA 7.5 provisions to on-premise Citrix

CloudPlatform clouds and off-premise private clouds

(CCP)

• Seamless: no new consoles or training

• Key Benefits:

On-premise: Lower upfront CAPEX, easier scaling,

efficient management

Off-premise: Elastic, no infrastructure to manage

• Key: XD-specific workload monitoring in CCP,

App orchestration in XD

HybridDesktop-as-a-

Service

XenDesktop/XenApp Cloud Provisioning with CloudPlatform

Desktop/App Virtualization

Cloud Management Platform

7.5

7.5

4.2.1.44.3

Work better. Live better.