Removing a Layer with NetScaler 9.3 and Web Interface

By Brian Wagner
Posted in Virtualization
On February 20, 2012

Just a few years ago, the diagram below was a common occurrence in the enterprise space:

The solution did provide secure remote access for users using SSL to connect back to the Citrix environment. But it also had several drawbacks:

  • Costly - the typical environment consisted of two load balancers, and at least two CAGs and two Web Interface servers.
  • Lots of hardware and software to maintain

    • Access Gateways or CSG servers (CSG runs on Windows which means Windows Updates, etc)
    • Citrix Web Interface servers (Windows updates)
    • Load Balancers

  • Firewall rules open to more devices
  • Troubleshooting is difficult due to the many layers

NetScaler 9.3 includes the ability to run Web Interface 5.4 directly on the appliance. When integrating a NetScaler into a Citrix XenApp or XenDesktop environment, most customers already leverage the Access Gateway functionality to provide secure remote access. With the addition of Web Interface, the NetScaler is now the entire access infrastructure in a self-contained appliance. Even better, the Web Interface can run on an MPX hardware appliance or a VPX virtual appliance, allowing small and large customers to take advantage of this new functionality. The diagram below shows how the NetScaler can simplify the access infrastructure for Citrix:

The NetScaler allows for fewer layers, easier troubleshooting, and better performance. This translates into fewer points of failure and a better user experience.

In addition, NetScaler adds some key features:

  • Phone and tablet mobile device support for iPad, iPhone, Android, and Windows Mobile
  • Health monitoring for the XenApp servers and XenDesktop XML requests
  • Global Server Load Balancing (data center load balancing and failover)
  • Scalability - the NetScaler MPX line can support 5,000 (MPX 5500) or 10,000 (MPX 7500 and up) concurrent connections

Web Interface for NetScaler is included with all versions of NetScaler (Standard, Enterprise, and Platinum). The only requirement is a multi-processor NetScaler (VPX or MPX). Different devices support a different number of sites and concurrent connections, as shown in the following table:

NetScaler Hardware Platform Maximum Number of Web Interface Sites Maximum Number of Concurrent Sessions
MPX 5500 3 1,000
MPX7500/MPX 9500 25 5,000
MPX 9700/MPX 10500/MPX 12500/MPX 15500 25 15,000
MPX 17000/17500/MPX 19500/MPX 21500 25 25,000

The VPX can support up to 25 sites with 4 GB allocated to the VM, and Citrix may be enhancing the capabilities for the MPX line with future releases.

There are a few disadvantages to the Web Interface on NetScaler. Customization and configuration are done through manual editing of configuration files and altering code. This is not for the novice administrator, and these configurations will likely be stepped on during future upgrades—so make sure to back up anything you do. But, from a feature perspective, I cannot think of a requirement that was available on Web Interface for Windows that is not available on NetScaler.

Contact Gotham to see what else NetScaler can do for your organization.

Brian Wagner

Brian Wagner

Brian has over ten years’ experience in the planning, design, and implementation of technology solutions. He supervises technical specialists at projects, and has spoken at many technical seminars. Brian is an application integration specialist with experience configuring over 1,000 applications to work in multi-user environments, and manages Gotham’s thin client and server consolidation practices.