Compared to traditional, distributed approaches for application and desktop deployment and management, virtualization solutions such as XenApp and XenDesktop promise significantly reduced operating costs, greater business agility, better data protection and improved compliance with industry and corporate standards. Fully achieving these gains, however, depend on ensuring the availability, security, performance and scalability of the associated infrastructure. As a result, leading IT organizations have developed the best practice of front-ending their application and desktop virtualization deployments with a dedicated solution that helps across all of these critical areas.
This paper explains why NetScaler is ideally suited to fulfill this role. By combining an extensive set of capabilities for ensuring the accessibility of essential components, enhancing the user experience, and protecting associated data, applications and infrastructure, NetScaler more than just preserves the benefits promised by XenApp, XenDesktop and other application and desktop virtualization solutions. It maximizes them.
Enterprises that invest in full-featured application and desktop virtualization solutions such as XenApp and XenDesktop unlock the potential to:
However, the extent to which your organization can achieve these and other available benefits will depend on how well your implementation addresses the following set of critical requirements.
Instead of users' desktop environments and assocaited applications residing on their local devices, with application and desktop virtualization these resources are hosted in the corporate datacenter and accessed over the network. Although this approach provides a tremendous degree of location and device independence, it relies on both network connectivity and centralized infrastructure. Furthermore, numerous users share the same application and desktop delivery infrastructure, from the front-end connection brokers to the back-end servers. This means that while a failure with a conventional desktop PC (or application) only impacts a single user, a failure within the shared infrastructure of a virtual application and desktop deployment has the potential to impact the entire user population. This is why you need to design your infrastructure to protect not only against the failure of individual components, but also from disasters that could cause site-level outages.
Robust security capabilities are especially important within a virtualized app and desktop environment, for several reasons. To begin with, many of your users are likely to access their apps and desktops remotely, over insecure public networks. Added to this is the need to support a rapidly expanding variety of client devices, each with its own distinct set of security capabilities and vulnerabilities. Complicating matters even further is the growing adoption of BYO practices, where many of these devices are no longer owned or controlled by the enterprise. Finally, with desktop virtualization in particular, it's also important to recognize that what you're giving users access to is an entire desktop, not just a sliver of functionality or data. In addition to their own applications and data, users can get to all of the downstream resources their desktops are entitled to access. The bottom line is that extra measures must be taken to adequately protect your organization's critical assets against the challenges of this new environment.
Your users will insist on performance that's comparable to that of a local desktop PC—and you'll have to win them over with seamless logons, fast response times, quick issue resolution and a consistently enjoyable experience, even when access is occurring via disparate client devices and over a network. Otherwise, if users perceive or experience any shortcomings with the new environment, you will run the risk of their attempting to circumvent it—thereby eroding the investments you have made.
Monitoring and visibility of the network and application traffic is very important when it comes to security and compliance and also for troubleshooting and providing better support SLAs. With users using any device from any location, performance can be an issue when it comes to accessing data over high latency networks such as mobile networks and on devices that do not have high performance hardware. Troubleshooting with tools that do not have knowledge about the underlying protocol can be a nightmare and can lead to finger pointing between server and networking teams leading to long SLAs and increased user frustration.
Most organizations take a practical approach to app and desktop virtualization, starting out small and steadily growing their implementation over time. Also, they may shift from an initial deployment that is strictly on-premises to a hybrid-cloud model. The key point is that you should plan ahead to ensure the solution put in place has the flexibility to accommodate such changes without unduly impacting users or requiring forklift upgrades to the initial infrastructure investment.
A highly effective, best-practice approach to simultaneously address all of the critical requirements discussed above is to front-end your application and desktop virtualization infrastructure with NetScaler. A market-leading application delivery controller (ADC) and a remote access SSL VPN solution, optimized for security, mobility and hybrid-cloud use cases, NetScaler brings together in a single solution everything you'll need to ensure a maximum return on your app and desktop virtualization investments. A powerful set of high-availability, security and performanceoptimization capabilities are applicable and work equally well regardless of which virtual app and desktop products your organization has chosen to deploy. Not surprisingly, organizations using XenApp or XenDesktop will also benefit from a number of advanced features, made possible by the deeper level of integration achieved between NetScaler and those solutions.
NetScaler helps ensure the availability of critical components of your app and desktop virtualization infrastructure with a combination of robust server load balancing (SLB), health monitoring and global server load balancing (GSLB) capabilities.
High availability for dependable access. With NetScaler, you can configure and manage pools of essential resources. If a key component such as a connection broker fails, core load-balancing algorithms within the solution will dynamically route active user sessions to alternate servers within the corresponding resource pool. The result is the ability to automatically address both unanticipated failures and scheduled outages. These features can also help ensure high availability of other elements of a typical desktop virtualization deployment, including:
Health monitoring for proactive failure management. An extensive set of advanced health checks enable NetScaler to proactively avoid routing user sessions to unavailable or poorly performing components of the virtual app and desktop infrastructure. Although they confirm the availability of a network connection and that underlying server hardware is up and running, simple ping-based checks fail to establish the status of higher level services and software. This is why NetScaler includes extended content verification checks to further establish not only the availability but also proper operation of numerous software routines and system-level components that form part of the combined XenDesktop and XenApp solution, including ASP. net and essential logon, pool management, controller and database services.
The same degree of intelligent application-level monitoring can also be achieved for other app and desktop virtualization solutions, simply by taking advantage of NetScaler's fully extensible management framework to configure a similar set of custom health checks.
Monitoring application and network traffic. The ability to observe, diagnose, and subsequently improve the performance of business-critical applications is essential to ensuring a positive user experience and maintaining the highest levels of employee productivity and customer satisfaction.
NetScaler offers HDX Insight as a part of NetScaler Insight Center, that allows end-to-end visibility of the XenApp and XenDesktop traffic. It not only provides real-time data to troubleshoot network and application issues but also provide historical data for planning and enhancements to the network in the future. Being the only solution that can decrypt ICA protocol traffic, this provides NetScaler a strong advantage over any other competitor offering.
NetScaler includes a robust GSLB capability that provides seamless disaster recovery for app and desktop virtualization. If a site becomes unavailable for any reason, NetScaler automatically directs users to an alternate datacenter, helping to ensure continuity of access to their apps and desktops.
IT can also configure intelligent monitors and policies to regularly route users to different sites based on pre-selected priorities, such as proximity, resource utilization levels, or overall performance. As a result, your organization can fully leverage secondary facilities all the time, even during normal operating conditions, while consistently providing users with the best available performance.
Another way NetScaler helps maximize the return on your virtualization investments is by delivering additional protection for all involved data, devices and infrastructure. In particular, the Unified Gateway features of NetScaler not only help customers consolidate security at the network edge, but also deliver simplified, unified remote access to all types of business applications – including virtualized applications and desktops – for any user, in any location using any type of device.
To begin with, NetScaler with Unified Gateway provides numerous powerful capabilities for you to granularly control which users and devices are able to access which specific virtual desktops under different operating conditions.
Related features include:
NetScaler also provides protection for downstream virtual infrastructure components that it front ends through a combination of powerful network and application-layer shielding, extensive protocol validation, and multi-layer DDoS mitigation capabilities. For more information on NetScaler capabilities for protecting virtual apps and desktops, please refer to Securing virtual desktop infrastructure with NetScaler on www.citrix.com/gateway
NetScaler improves the usability of virtual apps and desktops, both by optimizing performance and consistently delivering a delightful user experience.
Performance optimization. Leading virtual app and desktop solutions employ optimized display protocols to help ensure adequate performance over wide area networks (WANs). ICA, the display protocol that both XenDesktop and XenApp use, is unmatched in this regard. Still, one or more of the NetScaler performance enhancement mechanisms can improve performance further, especially if your organization is using app and desktop virtualization solutions other than XenDesktop and XenApp.
Integral TCP optimizations – including advanced buffering and window scaling, intelligent packet retransmit, selected acknowledgement (per IETF RFC 2018) and enhanced congestion control (per IETF RFC 3742) – trim response times while making more efficient use of available bandwidth and back-end compute resources. In addition, innovative rendering technology ensures a smooth, highly responsive browsing and application navigation experience – even for graphics-rich content – when connecting over wireless and other types of networks subject to high latency and packet loss.
Then there's HDX Insight, a native management capability that collects, correlates and displays extensive usage and performance data for XenApp and XenDesktop, both in aggregate form and down to the level of individual user sessions. Armed with this intelligence, you can not only triage ongoing issues in real-time, but also conduct regular capacity planning exercises to proactively avoid future performance problems.
Uniform, streamlined user experience. For XenApp and XenDesktop users, the Citrix Receiver user interface ensures a consistent access experience across disparate devices. Single sign-on (SSO) to back-end resources, company-specific branding and customizations, and a familiar app-store model for accessing, organizing and requesting virtual desktops and other available applications are just a few of the features intended to enhance usability and ensure a pleasing user experience.
Finally, NetScaler also provides the flexibility and capabilities needed to account for the growth and other changes likely to impact your app and desktop virtualization implementation over time.
NetScaler server load balancing functionality does more than enable high availability. It also supports load distribution, which enables you to seamlessly scale up essential virtualization infrastructure components such as connection broker, security and management servers. If your organization needs to add capacity, all you need to do is deploy another instance of the desired component, and NetScaler takes care of the rest, automatically balancing the workload among all available instances.
As for NetScaler itself, unparalleled scalability is enabled by TriScale technology, a powerful triumvirate of Pay-As-You-Grow licensing, the NetScaler SDX multi-tenant platform, and advanced clustering technology for more details, see A revolution in cloud networking: Citrix Tri-Scale Technology.
Although many enterprises plan to take a private cloud computing approach to app and desktop virtualization, others will lean toward public or hybrid cloud configurations where an external service provider delivers all or some of the virtual apps and desktops. NetScaler easily and cost effectively supports all of these scenarios by providing you with a choice of platform: NetScaler MPX hardware appliances, the NetScaler SDX multi-tenant platform, and full-featured NetScaler VPX virtual appliances.
Cloud and branch office networking scenarios are further facilitated by NetScaler CloudBridge, a solution that conveniently combines WAN optimization and virtualization with L2 tunneling and GSLB technologies to ensure secure, high-performance delivery of virtual apps and desktops from both on and off-premises datacenters to wherever your users might reside.
Citrix Command Center is a centralized management console that eliminates the need to administer multiple, distributed NetScaler instances individually. Featuring an intuitive policy framework, it also includes several wizards for simplifying common configuration tasks, such as setting up SLB and GSLB for your app and desktop virtualization environment.
Another related tool, AppExpert Visualizer, helps manage the complexity of such environments by supplying an at-a-glance graphical view illustrating the full end-to-end virtualization infrastructure, including individual NetScaler delivery capabilities and the components they support. With AppExpert Visualizer at your disposal, you can easily monitor relationships, health status and configuration parameters, both for routine administration as well as detailed analysis and troubleshooting.
Extracting the greatest value from your investment in app and desktop virtualization depends on ensuring the availability, security, usability and flexibility of the corresponding infrastructure, desktop environments and data. NetScaler, the industry's leading application delivery controller, is the ideal solution for doing just that. By front-ending your app and desktop virtualization environment with NetScaler, you stand to benefit from:
Find out more about how NetScaler can enable you to realize the full potential of your organization's preferred app and desktop virtualization solutions.