The Netscaler Cloud Gateway was released by Citrix with the purpose of delivery applications to the enterprise in a more efficient and better managed process. The delivery includes not just the existing apps but also SaaS apps like SalesForce and others that support the SAML authentication tokens. For most of the VMware followers out there this sounds strikingly like MyOneLogin or what was just released as the Horizon App Manager. There are some key differences however between the products. Starting on the physical side, the Cloud Gateway is an on-premise device or virtual appliance, while Horizon is designed to be a cloud based services that does not put any equipment in the enterprise datacenters. Gloud Gateway will be available according to Citrix as a service from Citrix Solutions Providers as well but that does not seem to be the focus at this point. That is not where the differences stop, the Netscaler allows for quality of services management and license management for these applications across the enterprise. The Cloud Gateway also integrates directly with all the different versions of Citrix Receiver.
Not surprisingly there are alot of similarities and the release will most likely force VMware to continue with the application push and hopefully integrate ThinApp into Horizon sooner rather than later, since the Cloud Gateway can already present XenApp published apps.
Citrix was the first of the big players to release a Type 1 hypervisor for desktops with the first release of XenClient, but it’s limited hardware compatibility list and the high cost for the equipment it did support was a major limiting factor in it’s success. MokaFive claims to have a type 1 hypervisor but without the backing of one of the big players it is having limited success, the same goes for NXtop. VMware had promised a type one for years and has since gone back to claim that the Type 2 Workstation is the future, with options like offline mode for View being a good enough solution.
This week Citrix dropped the gauntlet on the competition with the release of XenClient2 and XenClient XT. Xen Client 2 supposedly will support 45 million systems and with the integration with Syncronizer you can truly present a enterprise and a personal computer completely isolated from each other on the bare metal of a laptop. You also get enhance video card support with the support of AMD chipsets. While the release of XenClient2 gives us more access the XenClientXT release is the one that could have some of the most impact, especially for those of us inside the Beltway. The ability to have secure access to multiple enclaves with a single device from a company that is already presenting virtual desktops within these same enclaves could result in closing a hole in the O-zone layer just by not having 5 computers under the desk of every federal employee that works with classified data.
Is the type 1 hypervisor ready for production? That is probably still to be seen, and we need some healthy competition to help us see it grow but this is definitely a significant step towards a new paradigm in endpoint computing.
The key parameters that are to be considered when building a multi-tenant environment are Isolation, performance sla, user customization, ease of administration, and financial cost. Citrix is providing ways to build this with multiple different models. The first is session isolation. This would involve fully shared hardware with just a user session separate. The next is server isolation,with each tenant having their own virtual servers. The next is a full network isolation. This is dedicated hardware and systems. The cost increases with each model. Within the next few months (June 30th they say) Citrix will be releasing a full fledged white paper on how to configure each of these setups.
While the full isolation would be the preferred option in most cases, it will also involve the most hardware for this cloud. Some of the components then require you to duplicate solutions, this includes a separate XenApp farm for each tenant. By building multiple farms you also lose some of the new functionality in XenApp 6 that will allow for worker groups to auto populate apps depending on OU. Parts that don’t need to be multiple would include the Access gateway and Netscaler. A Netscaler will create a virtual server that provides client less access into the tenants network. With the netscaler you could have separation with virtual VPX gateways, or for a large environment you could have unto 20,000 concurrent connections with the MPX appliance.
For monitoring the cloud environment you can use Edgesight to monitor end to end details of the environment. This is definitely an advantage since you are often unable to monitor multiple systems through a single pane of glass. Edgesight now provides for some new reports for SLA compliance and Usage reports, specifically built around solution providers.
The goal with the latest releases is to combine the multiple management tools, AD, SQL, and XenApp just to name a few. The release of the Cortex Cloud Control Panel will allow you to manage multiple consoles in one pane as well as delegate access out to either staff or even to tenants to manage their own environment.
Today Citrix released the Service Provider Automation Pack (See Jon Spallone’s details here) in conjunction with Microsoft. it includes a powershell script to automate the provisioning of desktops from Service Providers for the small to medium businesses. On the surface this looks like a great new concept, the ability to give end users in a small to medium workspace the option of purchasing desktops without needing to spend countless capital expenditures. However it appears this is rally the latest rendition of Terminal Services just done better.
This in itself is what makes the solution even more interesting. The Microsoft licensing model for virtual desktops has in the past revolved around the VDA license. The license was essentially a tax on users that wanted the Windows 7 experience without a physical desktop. A yearly cost that Microsoft added to the cost of VDI that can make the return on investment stretch into the 6 and 7 year timeframe. with the SPAP, you are using a version of Windows Server 2008 that is built to look like Win7. This would mean that a Service Provider can now use SPLA licensing and finally offer a desktop as a service with full compliance. The VDA license was never available as part of the SPLA. VMware offers View in a way that you could present desktops, and they offer vCloud Director to automate virtual machine management task, but they do not offer something to present anything other than a Windows 7 desktop in an automated method.
Releasing the SPAP with Citrix harkens back to the days of the release of Metaframe and the early relationship between Microsoft and Citrix. At the same time we get to see the argument between Citrix/Microsoft and VMware to continue to grow.
The advent of social media and the increased use of user bulletin boards, companies have come to realize that there is a significant value to be gained from having users and partners as product evangelists. Microsoft has been doing this for years with the MVP program and a few years ago VMware joined suit with the vExpert program. Citrix has also seen the benefits of these evangelist. Arriving in San Fransisco today for the Citrix Partner Summit, it is immediately evident that the Citrix community not only supports the designation of Citrix Technology Professional (CTP) but wants to see it succeed. The group gather on a semi regular basis and Citrix provides support for the program through incentives that include invitations to exclusive events, access to the product teams, and access to early release software. These are just a few of the incentives provided to a group that Citrix has entrusted not only with their name but provided backing. The largest drawback I can see with the program is the extremely limited size of the group. While a small group makes it easier to provide benefits to, it also limits the reach of the group. This past year the VMware team has said that there were over 1000 applicants for the vExpert program, clearly a number that has to be trimmed down to be able to provide the credentials as an exclusive and beneficial group. Neither group has stated how many times someone can become a CTP or vExpert, and having the same members year in and year out could result in an “old boys club” rather than the true group of passionate supporters and technologists. Overall the program looks to be very beneficial for Citrix and the CTPs.The CTP group is also speaking throughout Citrix Synergy and Summit. I look forward to hearing how this group can represent the Citrix products line.
Citrix has been steadily moving away from the reputation of being the “terminal server guys.” For the past year, 20% of Citrix business was networking including Netscaler, Branch Repeater, and Access Gateway. This is a great transition as the desktop OS moves towards the hybrid cloud and application centric computing.
There is an interesting pitch, that Citrix provides the only end to end solution, providing web access and branch office access to the virtual desktop. This is a bit of a stretch although the ability to offload a web interface from a Windows machine onto the NetScaler and move load balanced web access to an appliance seems to provide a much more secure and potentially robust solution than the VMware Security Server. Adding a load balancer to the View Solution could add cost if you don’t use some of the available open source load balancers. There is an added cost however with the NetScaler as well and the Netscaler is built to replace the free Secure Gateway solution that is built into XenDesktop. You do however get unlimited connection and the added access from the Citrix Receiver plug-in and the Branch Repeater plug-in. The one area that VMware can not provide is the Branch Repeater and Acceleration features. If a customer purchases XenDesktop Platinum Edition, they are able to get the Branch Repeater VPX for free a virtual appliance version of the Branch Repeater.
Branch Repeater gives the user visibility into 500+ applications, and you can auto configure it without changing Xendesktop. You can also prioritize by user groups or apps. That acceleration is a feature that sounds great and because it can be deployed as a virtual machine you could demo a proof of concept or acceleration without impacting your existing networking.
Probably the most intriguing product in the networking portfolio is the Citrix Receiver connection into SAAS apps leveraging the Open Cloud Access. This is very similar to VMware’s newly releasedHorizon App Manager. It utilizes SAML just like Horizon App Manager does to pass through authentication utilizing the token approach. This cNetombination with the Open Cloud Access is that next step into the application centric computing space of tomorrow. Another great transition from the terminal server space into the future.
I have been working in IT for almost 15 years and throughout the time, Microsoft has helped me grow a career but over the last few years we have seen possibly the most significant transition since the advent of the personal computer. What should not be surprising is that Apple has been the catalyst for change. Many people in Generation X and Y and every other name you would like to give those born after 1970, first learned how to use a computer in school, working on early Apple and Macintosh systems. This led this same kids to expect the ability to so word processing without a typewriter, followed by sending messages to each other without paying for a stamp, and now the earliest advocates of computers along with the youngest generations entering the workforce have demanded another change. No longer will these users accept whatever computer and system is thrown in front of them.
I place the blame on Apple with the release of the iphone and the App Store. The idea of presenting a single application to a group of users is not something new,in all reality Citrix has been presenting applications to business users since the days of Metaframe and the original Web Interface, but the ability for Apple to change a global mindset is something Citrix has never been able todo. Users now expect that you can access a single application regardless of what device I am using. Google continued to reinforce the attitude with the release of Android. Android is the largest deployed mobile platform in the world, and along with it comes multiple app stores.
The next question is how would applications being presented to a phone or tablet kill an operating system. The answer is rather easy on this one. Users want to bring a Macbook or a ipad or a Android tablet and get all the same applications that you used to only be able to get with Windows. VMware, Citrix, and Microsoft will all present a full windows desktop to a user, but why would I want a full desktop when all I need is an email client and a word processor or an internet browser. The added overhead on a device that I bought because it was optimized seems pointless. The same generations that grew up on Apple II Plus computers and a green screen now have 10x the power in their pocket with smartphones and even more with the ipad and newer tablets. Microsoft has even realized that application based computing is the wave of the future, with the release of Office Live, Microsoft is allowing users to get to their largest consumer product through the web without ever installing a product. When you combine that with the likes o Dropbox and SugarSync you can have all your data and all your applications sitting in a datacenter that you could care less where it is as long as you can access it from your optimized device. A device that is optimized to just run what others create and give you the best connection possible to the internet and the plethora of cloud products.
Windows may not die in the next year or two but with the speed of computing today it is very possible that the life of what has at this point been the most common base for personal computing is very short. Over the next week Citrix will make multiple releases allowing the user to get closer to the application centric computing model during their major conference, you can expect the same style releases from VMware in the end of August at their conference. Microsoft itself has been focusing on the other product lines with added push to use Unified Communications and Collaboration tools along with their own virtualization products. Windows has been around longer than many people imagined and has ridden the wave but it may have been its own biggest enemy by not staying with the times and just becoming a delivery system like iOS.
It has finally come time to close the Windows.
Sent from my iPad 🙂
After at least 2 years of anticipation and waiting we get to see the first release of VMware’s Project Horizon today. We still have to wait to get the application publishing that many of us hoped would be the first part of Horizon to go public but this new single sign on cloud connected enterprise tool can go along way to help enterprises give the flexibility back to the users. Horizon App Manager is delivered as a virtual appliance that sends secure tokens instead of full passwords between the corporate environment and cloud providers like SalesForce and Workday. This gives users the comfort of knowing that a seasoned IT pro had secured the connections and validated that the site they are visiting is in fact the proper place to go and not a hackers imitation. What Horizon also does is provides a app store in a sense that corporate users can request accounts on these third party services directly within the corporate environment. Check out the video below from VMwareTV for more details. I look forward to seeing the next few releases from the Horizon Team.
Google announced that they will be selling the Chromebook for Business for $28 a month per user starting in June. At first you probably wonder how a web based dumbed down notebook could help the likes of VMware, Citrix, and Microsoft sell VDI solutions. The answer is simple. As our data moves into the cloud we have less and less need for the large fast hard drives that have been populating notebooks for the past few years. Add that to always on connectivity of 3g and you have access to your data (for free up to 100 mb a month). The next question is now that I can get to my data how to I use it. You could follow the party line from Google and move everything to Google Docs but that does not work for most enterprises. However published applications from XenApp or single sign-on solutions like Project Horizon from VMware are moving enterprise applications into the cloud and onto the internet. So now you can have a notebook that can boot in less than 8 seconds with full web connectivity and a minimal security threat footprint that also has access to your documents that sit in DropBox or SugarSync, If you add that to the latest release from Ericom of a HTML5 client for VMware View and you can now have enterprise class desktops at your fingertips. There is of course the worry of what happens in someone hacks the ChromeOS that is on these machines do they now have access to all my data anyway? It is still possible that could happen but with a team of engineers and an auto-update feature on the Chromebook you would hope whatever vulnerability that may be found would be patched extremely quickly.
This is great now for your work computer but what if I want to use it at home? The applications that are loaded are already the ones that most uses want to use from their home PC, with full access to chrome, google docs, chat clients, twitter clients and of course angry birds who could want more?
In an effort to make these processes as easy as possible heres the next in my series of flowcharts for supporting VMware. Keep in mind that this is simply for installation. Make sure you follow best practices and do a full application assessment before assuming your DR plan is complete. Attempting to deploy a DR plan for Exchange, SQL or any other multi-tier application without looking at all the interconnectivity will result in an unsuccessful DR failover. With that being said… heres the flowchart.