Presentation is loading. Please wait.

Presentation is loading. Please wait.

Technical Presentation

Similar presentations


Presentation on theme: "Technical Presentation"— Presentation transcript:

1 Technical Presentation
Branch Repeater 5.6, 5.7 & VPX Technical presentation updated for Branch Repeater Release 5.5 Branch Repeater with Windows Server 2.0 Technical Presentation

2 High Definition Experience Needs Optimization and Orchestration Across the Entire Delivery System
Client 2 Network 1 Server 3 HDX Citrix Branch Repeater™ and Repeater™ are branch optimization solutions that accelerate application delivery to globally distributed users while dramatically reducing bandwidth costs and simplifying branch infrastructure. Branch Repeater solutions reduce IT costs and increase user productivity by simplifying branch start-up and management, improving network utilization, and providing high definition experience to users. The Branch Repeater product family addresses the full range of remote user scenarios and delivers unparalleled acceleration and optimization benefits – especially for Citrix XenApp. Receivers Repeaters Gateways Controllers Citrix Confidential - Do Not Distribute Citrix Confidential - Do Not Distribute

3 Our Arrow ECS Labs Setup
Router WAN emulator 1Mbps Client Server WANem Citrix Branch Repeater™ and Repeater™ are branch optimization solutions that accelerate application delivery to globally distributed users while dramatically reducing bandwidth costs and simplifying branch infrastructure. Branch Repeater solutions reduce IT costs and increase user productivity by simplifying branch start-up and management, improving network utilization, and providing high definition experience to users. The Branch Repeater product family addresses the full range of remote user scenarios and delivers unparalleled acceleration and optimization benefits – especially for Citrix XenApp. Receivers on Wifi Network /24 Repeater VPX Repeater VPX XenDesktop XenApp CIFS HTTP MAPI /20 XenServer Citrix Confidential - Do Not Distribute Citrix Confidential - Do Not Distribute

4 Citrix Branch Repeater | The Big Picture
Citrix Repeater Plug-in for Citrix Receiver Mobile Users Tele-workers Data Center Branch Offices Branch Repeater Applications: XenApp XenDesktop File Servers Exchange SharePoint ERP/CRM Repeater Citrix Branch Repeater helps organizations to accomplish these primary IT objectives: Application acceleration: Improve productivity of remote employees IT consolidation and WAN optimization: Minimize branch IT costs Empower the Mobile Workforce: High definition experience for out-of-office branch employees Simplified data protection: Ease compliance and business continuity Redundant Datacenter or Disaster Recovery Site Repeater 4

5 Acceleration for any user, anywhere
Repeater appliances Repeater Plug-in Branch Repeater with Windows Server and Branch Repeater are two different products that have the same hardware form factor. Branch Repeater with Windows Server appliance combines the power of Windows branch services and acceleration features set of Repeater. Branch Repeater appliance has the same great features and user interface as Repeater. Branch Repeater with Windows Server, and Branch Repeater

6 What’s new in Branch Repeater 5.x & VPX

7 Exchange (MAPI) Acceleration
Features Protocol acceleration (similar to CIFS) Compression & de-duplication of attachments Cross-application and multi-user optimization Supports Exchange Server 2003 and 2007 Supports MS Outlook 2003 and 2007 Available on all appliances and Repeater Plug-in Benefits Up to 50 times faster sending/receiving s Reduces bandwidth consumption Outlook Exchange MAPI: Messaging Application Programming Interface MAPI is a messaging architecture and a Component Object Model based API for Microsoft Windows. MAPI allows client programs to become messaging-enabled or aware by calling MAPI subsystem routines that interface with certain messaging servers. MAPI is usually used with MAPI/RPC, the proprietary protocol that Microsoft Outlook uses to communicate with Microsoft Exchange. Note – By default Exchange 2007 encrypts MAPI traffic. Branch Repeater MAPI acceleration does not support encrypted MAPI.

8 Branch Repeater running Windows Server 2008
Features Natively integrated Windows Server 2008 Standard Edition OS File, print, DHCP, DNS, WINS, DFS Read-only Domain Controller (RODC) MMC, WMI, SCOM manageability Benefits Simplify IT by consolidating servers in the branch Leverage existing Windows management tools and expertise WAN Optimization By adding native support for Windows Server 2008 on the Branch Repeater, the IT manager continues to benefit from the improved security and management functionality of the new Windows platform while optimizing all the WAN data to and from the branch

9 Read-Only Domain Controller (RODC)
Features Read-only AD DS database Unidirectional replication Credential caching Administrator role separation Read-only Domain Name System (DNS) Benefits Securely deploy a local DC in any branch location Faster authentication and logon times for branch users Centralized IT management and control Physical security is a challenge in branch consolidation. Malicious users can break the security perimeter if they get physical access to the domain controller at the branch. RODC solves that dilemma by providing separation in administrator roles and a read-only domain controller for physically less secure sites. This not only improves response times for local users, it allows IT to centrally control the database at the branch. This feature is now available as part of the Citrix Branch Repeater with Windows Server 2008.

10 Command Center Enhancements
Features Now supports all Branch Repeater appliances (Linux and Windows) Benefits Easy and cost-effective management of large number of remote sites Windows based Branch Repeaters can now be managed by both the Citrix Command Center as well as Microsoft System Center. Enhanced Command Center functionality allows configuration archiving, configuration cascading, performance monitoring and alarm generation for multiple Repeaters and Branch Repeaters from a single, unified user interface

11 Citrix Branch Repeater Key Features
HDX Broadcast & HDX IntelliCache Repeater Plug-in for Citrix Receiver Plug-n-Play for Any Network Integrated Windows Services Flexible & Centralized Management This sets the agenda for the rest of the presentation. We discuss the key features of the CBR solution, starting with the HDX technologies and going through the soft-WOC client, the versatile networking features, integrated Windows services and central management. The last 2 sections are about the hardware and the FlexLM licensing.

12 HDX Broadcast & HDX IntelliCache
HDX Broadcast is an umbrella term to describe the WAN optimization technologies in the Repeaters HDX IntelliCache refers to the ICA specific enhancements that allow Repeaters to optimize both online and offline applications delivered using XenApp HDX Broadcast & HDX IntelliCache 12

13 HDX IntelliCache and HDX Broadcast
Branch Staging of Offline Apps Adaptive TCP Flow Control Adaptive Compression Adaptive Protocol Acceleration Prioritization & QoS Branch Caching of Online Apps HDX Broadcast is an umbrella term to describe the WAN optimization technologies in the Repeaters HDX IntelliCache refers to the ICA specific enhancements that allow Repeaters to optimize both online and offline applications delivered using XenApp WAN Repeater Branch Repeater

14 Branch Repeater Technology – HDX Broadcast
Presentation Title Goes Here Insert Version Number Here Branch Repeater Technology – HDX Broadcast Adaptive Protocol Acceleration (Improve inefficient protocols) Adaptive Compression (Reduce application turns and data) CBR detects the application being used and provides additional optimization, beyond that given by TCP flow control and the compression engine. Adaptive TCP Flow Control (Overcome loss/latency penalties) Prioritization and QoS (Prioritize critical traffic) © 2003 Citrix Systems, Inc.—All rights reserved. 14

15 Adaptive Protocol Acceleration
Intelligently accelerates common application protocols Mitigates latency by reducing round trips (chatty protocols) CIFS (File Sharing) MAPI (Exchange) Makes compression engine application-aware Separates headers from payload ICA, CIFS, MAPI, HTTP, FTP, NFS Example: CIFS CBR detects the application being used and provides additional optimization, beyond that given by TCP flow control and the compression engine.

16 CIFS CIFS: Common Internet File System
Presentation Title Goes Here Insert Version Number Here CIFS CIFS: Common Internet File System Most common file sharing protocol Microsoft Office, Linux Open Office, etc. Windows XP/Vista, Windows Server 2003/2008, Mac OS X NetApp Filers, EMC File System Access Drag/Drop, Read/Write, Copy, Directory Browsing CIFS was designed for use on LAN environments and delivers simplicity of implementation rather than efficient use of the bandwidth © 2003 Citrix Systems, Inc.—All rights reserved. 16

17 Example: CIFS – without Branch Repeater
I want to open a file 250ms 1000 ms Which file? \\dog\bone\blue Who are you? John Whomever Chattiness exponentially increases the workflow time over long distance/ high loss conditions, where the turn around time is high. CIFS (aka Server Message Blocks or SMB) design involves multiple request-responses between the client and server before the user receives any feedback. On a LAN, this exchange completes quickly enough for user to accept the delay. On a WAN, depending on the latency and packet loss, each request-response can add up to a significant amount of time. The end-user experiences a frustrating delay in completing even simple actions like, say, opening a remote directory for file list browsing. Password? “Whatever” OK, It’s open! 17

18 Example: CIFS – with Branch Repeater
Open \\dog\bone\blue for John Whomever, password “Whatever” I want to open a file \\dog\bone\blue “Whatever” John Whomever Which file? Who are you? Password? 1 ms 252 ms I want to open a file \\dog\bone\blue “Whatever” John Whomever Which file? Who are you? Password? OK, It’s open! 125 ms Branch Repeater detects a CIFS session and responds locally (over the LAN) to the multiple request-responses by the CIFS client. No changes are required in the behavior of the client, it continues to believe the responses are coming back from the remote server. Based on the packets being received, the Repeaters can “read ahead” or “write ahead” the requests or responses on behalf of the actual client or server. The remote end Repeater works in a similar fashion to communicate with the CIFS device (server) at that end. In other words, the Repeaters complete the CIFS transaction on behalf of the real devices. The advantage of this approach is that most of the communication is completed on the LAN (where latency is almost nil) and very few packets have to cross over the WAN. The end-user experiences a much quicker response to activities like opening a remote directory for file browsing or opening a document on the remote server. 1 ms OK, It’s open! 125 ms 18

19 Branch Repeater CIFS Performance
Presentation Title Goes Here Insert Version Number Here Branch Repeater CIFS Performance The above performance results depict the typical percent improvements seen for specific tasks. Note that the task of opening a large file gets the most benefit because the CIFS optimization engine is heuristic in nature. If there is more data to be read/written, the system will ramp up its optimization for that particular transfer to deliver the response time improvements seen above. © 2003 Citrix Systems, Inc.—All rights reserved. 19

20 CIFS Acceleration Requirements
Presentation Title Goes Here Insert Version Number Here CIFS Acceleration Requirements Windows 2003/2008 Server : • Set “Microsoft network client: Digitally sign communications (always)” to “Disabled” • Set “Microsoft network server: Digitally sign communications (always)” to “Disabled” Windows 2000 Server : • Set “Digitally sign server communication (always)” to “Disabled” • Set “Digitally sign client communication (always)” to “Disabled” For Windows 2008 Server Disable SMB See : CIFS was designed for use on LAN environments and delivers simplicity of implementation rather than efficient use of the bandwidth © 2003 Citrix Systems, Inc.—All rights reserved. 20

21 Why accelerate MAPI? Faster sending/receiving of email attachments
Lessen MAPI-related bandwidth requirements Increase mail system responsiveness for branch office users Help enable Exchange server consolidation Drastically reduce idle time in sending/receiving s Iterations of same or similar messages by Optimization when different users, different applications access similar files MAPI is the protocol most commonly used by mail applications such as Microsoft Exchange. Generally the server is kept in a central location (datacenter) and the branches (clients) connect to retrieve their mails over a WAN link. Like CIFS, MAPI is a chatty protocol that introduces high latency and bandwidth consumption to a typical mail exchange. Branch Repeater technologies can cut down the chattiness and use compression and de-duplication techniques to accelerate MAPI performance for branch users.

22 What is MAPI Acceleration?
MAPI Acceleration is: The pipelining of MAPI-based traffic between Microsoft Outlook and Exchange. Acceleration of the uploading and downloading of attachments made to messages. The compression of message attachments. (animation) MAPI acceleration is similar to CIFS in the sense that it reduces chattiness and bundles multiple requests into fewer transactions over the WAN. The CBR talks to the Exchange server to turn off the native compression and offload that functionality to the CBR.

23 What is MAPI Acceleration?
MAPI Acceleration is: The pipelining of MAPI-based traffic between Microsoft Outlook and Exchange. Acceleration of the uploading and downloading of attachments made to messages. The compression of message attachments. MAPI acceleration is similar to CIFS in the sense that it reduces chattiness and bundles multiple requests into fewer transactions over the WAN. The CBR talks to the Exchange server to turn off the native compression and offload that functionality to the CBR.

24 How does MAPI Acceleration work?
The Outlook client initiates a MAPI connection to Exchange on TCP port 135. User authentication and mailbox enumeration occurs. Branch Repeater detects the Outlook to Exchange handshake. If an accelerated connection is allowed the native Exchange compression is decompressed on the server-side Repeater. No acceleration = native compression only The Repeater/Branch Repeater pair then apply compression to subsequent MAPI traffic. (animation contains several instructions) A sequence to describe what happens when MAPI acceleration is enabled on the Repeaters

25 How does MAPI Acceleration work?
A compression bit is flipped in the packet prior to reaching the client, notifying Outlook not to decompress the native Exchange compression. Outlook then creates multiple connections the to Exchange server and message requests are exchanged simultaneously among the connections The downloading and uploading of message attachments (messages larger than 32k) is then accelerated. Appropriate compression is applied to obtain a higher compression ratio. Packet header : Memory-based history Packet payload: Disk -based history (animation contains several instructions) A sequence to describe what happens when MAPI acceleration is enabled on the Repeaters

26 How does MAPI Acceleration work?
The acceleration of MAPI is accomplished using several methods Pipelining of ROP requests containing data Queuing up of upload bytes acknowledged by the client. Pipelining of ROP responses containing data Pre-fetching of bytes of download data to be sent to the client. Aggregation of DCERPC fragments MAPI/RPC requests combined into single multithreaded messages The pair of Repeaters or Branch Repeaters is aware of all traffic on every accelerated connection. Over time the compression histories on both devices is built up with the most frequently passed traffic. With subsequent requests, the compression history is checked for matches based on packet payload.

27 Exchange (MAPI) Acceleration
Requirements Microsoft Outlook/Exchange Server 2003 and 2007. Outlook must use normal Exchange mode (no HTTP or HTTPS proxy), without encryption To disable encryption manually on a single Outlook 2007 client, go to the menu shown uncheck the box, “Encrypt data between Microsoft Office Outlook and Microsoft Exchange’. To disable encryption for multiple users via group policies, follow the instructions at . Change the Properties for “Enable RPC Encryption” to “Disabled” under “User Configuration: Administrative Templates: Microsoft Office Outlook 2007: Tools: Advanced Settings: Exchange. MAPI: Messaging Application Programming Interface MAPI is a messaging architecture and a Component Object Model based API for Microsoft Windows. MAPI allows client programs to become messaging-enabled or aware by calling MAPI subsystem routines that interface with certain messaging servers. MAPI is usually used with MAPI/RPC, the proprietary protocol that Microsoft Outlook uses to communicate with Microsoft Exchange. Note – By default Exchange 2007 encrypts MAPI traffic. Branch Repeater MAPI acceleration does not support encrypted MAPI.

28 Branch Repeater Technology – HDX Broadcast
Presentation Title Goes Here Insert Version Number Here Branch Repeater Technology – HDX Broadcast Adaptive Protocol Acceleration (Improve inefficient protocols) Adaptive Compression (Reduce application turns and data) Adaptive TCP Flow Control (Overcome loss/latency penalties) Prioritization and QoS (Prioritize critical traffic) © 2003 Citrix Systems, Inc.—All rights reserved. 28

29 Adaptive Compression First pass compression Byte Caching
Presentation Title Goes Here Insert Version Number Here Adaptive Compression Sensing real-time network and traffic conditions History Length Cache DRAM Disk Access Time First pass compression In L2 cache and memory Various algorithms (ZLIB, LZS) Byte Caching In memory or on disk De-Duplication Across workflows Across applications Across users The compression engine applies different algorithms intelligently to ensure the fastest and most optimum compression for the content. The administrator can also configure the system to enable or disable, say, memory based compression for a particular content-type, or to ignore some content altogether, as needed. © 2003 Citrix Systems, Inc.—All rights reserved. 29

30 Adaptive Compression First Pass Compression History

31 A Small Token Replaces Thousands of Bytes
Adaptive Compression Second Pass A Small Token Replaces Thousands of Bytes . Compression History Compression History

32 Branch Repeater Technology – HDX Broadcast
Presentation Title Goes Here Insert Version Number Here Branch Repeater Technology – HDX Broadcast Adaptive Protocol Acceleration (Improve inefficient protocols) Adaptive Compression (Reduce application turns and data) Adaptive TCP Flow Control (Overcome loss/latency penalties) Prioritization and QoS (Prioritize critical traffic) © 2003 Citrix Systems, Inc.—All rights reserved. 32

33 Adaptive TCP Flow Control
Sensing and responding to latency and packet loss With Branch Repeater Average Utilization Throughput Time Without Branch Repeater Throughput Adaptive TCP flow control is the most basic WAN optimization technique that addresses the pessimistic approach in the TCP protocol design. Since TCP is not aware of the bandwidth ‘condition’, it is designed to pump less data on the line to begin with and increase gradually if all packets reach without errors. In case of a dropped packet, the protocol is designed to fall back to half the sending rate and ramp up again. This design helps avoid congestion and retransmissions on poor, low-bandwidth WAN connections. Branch Repeater takes an optimistic design approach and attempts to fill the pipe (sending rate almost equals the link speed). In case of a dropped packet, it does not let the sending rate fall back exponentially and attempts to maintain the average utilization. The intelligent optimizer responds to latency and packet loss by adapting to the line conditions. On modern high-speed, reliable WAN connections this approach: Overcomes high packet loss and network latency Ability to “fill the pipe” up to 500Mbs+ around the world Works for all TCP traffic Link Speed Average Utilization Time Slow Start Slow Ramp

34 Branch Repeater Technology – HDX Broadcast
Presentation Title Goes Here Insert Version Number Here Branch Repeater Technology – HDX Broadcast Adaptive Protocol Acceleration (Improve inefficient protocols) Adaptive Compression (Reduce application turns and data) Adaptive TCP Flow Control (Overcome loss/latency penalties) Prioritization and QoS (Prioritize critical traffic) © 2003 Citrix Systems, Inc.—All rights reserved. 34

35 Traffic Prioritization and QoS
Adaptively allocates bandwidth across different applications and ICA virtual channel types Without Branch Repeater 60% 20% Bulk Transfers Recreational ICA (Interactive) With Branch Repeater Bulk Transfers 1.5 Mbps Recreational ICA (Interactive)

36 Quality of Service (QoS) prioritizes applications
5 traffic classes (or QoS queues) Each queue assigned a min % of the link bandwidth If queue bandwidth is unused, other traffic can use it QoS is Citrix ICA aware Dynamic mapping based on ICA priority bits Queue specific reporting The QoS is supported on the Repeater and Branch Repeater appliances. Repeater/Branch Repeater has a unique approach to quality of service (QoS). Traditional QoS is based on the idea that, if you slow enough traffic down, the remaining traffic will probably move with adequate speed. This is the “apply the brakes” school of network performance. This approach lends itself to elaborate bandwidth-throttling controls and a high level of overall complexity. Repeater doesn’t have any brakes; it represents the “accelerator” school of network performance. By implementing lossless flow control and fair queuing, traffic flows quickly and smoothly of its own accord. Under these circumstances, throttling becomes a secondary technique and a simpler implementation is called for. The Repeater/Branch Repeater uses a rate-based sender for accelerated connections. This means that accelerated data is sent at a constant rate when possible. This rate is selected by bandwidth limits on the two Repeater units involved in the connection. By setting the bandwidth limit slightly lower than the link speed, congestion and packet loss are eliminated, giving ideal link performance.Only accelerated connections are rate-limited. Non-accelerated traffic is passed through immediately. Goal = Fill the pipe

37 Quality of Service

38 Quality of Service Scheduling
Class A – 50% Flow (Partner unit) Class B – 25% Flow (Partner unit) Adapter (NIC) Class C – 25% Class D – 0% Flow (Partner unit) Class E – 0%

39 QoS and ICA Priority Tags
Default Priority bits and ICA virtual channels: ICA packet with data from multiple channels gets the priority bit associated with the highest level Virtual Channel ICA Priority bits can be changed via the registry of the Presentation Servers. Priority Sample Virtual Channels High (0) Video, Mouse and Keyboard Screen Updates Medium (1) Program Neighborhood, clipboard, audio mapping, license management Low (2) Client COM Port Mapping, Client Drive Mapping Background (3) Auto Client Update, Client Printer Mapping and OEM Channels For more information, point the audience to

40 Branch Repeater Technology – HDX IntelliCache
Presentation Title Goes Here Insert Version Number Here Branch Repeater Technology – HDX IntelliCache Branch Staging of Offline Apps Pre-positions streamed applications locally for rapid delivery to branch users Branch Caching of Online Apps Local caching and de-duplication across multiple XenApp user sessions © 2003 Citrix Systems, Inc.—All rights reserved. 40

41 Accelerating XenApp Offline Apps
Stages and accelerates Offline apps to branches Deliver LAN-like performance Branch remains productive even during WAN outages Reduce management complexities of services in the branch Transparent, instant-on service to the user

42 Branch Staging Pre-positioning of Offline applications locally in the branch XenApp Application Profiler File Share (Application Hub) Branch Users WAN Branch Repeater with Windows Server

43 When do .CAB stream over the WAN?
User accesses an app for the first time Get updated or patched applications After users download the app, it is saved to the local PC cache Download use cases exhibiting poor performance for the client The “first thing in the morning” phenomenon Everyone logs in and tries to access the same at same time. The emergency patch Users accesses the latest version of an app The brand new end user system Downloads app for the first time New branch office Everyone is accessing the apps for the first time The problem is large CABs over a limited small WAN over a distance. There must be a way to move the user closer to the application.

44 Pre-positioning .CAB files
XenApp Profiler Citrix Branch Repeater Citrix Repeater 1 Client WAN XenApp 5 2 .cab File store Very automatic and transparent to client Can be done anytime QoS administration of both DFS replicated traffic and other traffic to branch Tip: Make sure that the Branch Repeater and the XenApp Server have domain permissions.

45 Client accessing the files via DFS Namespace
and redirection (Authenticate / Download / Redirect) XenApp Profiler Citrix Branch Repeater Citrix Repeater 1 Client WAN XenApp 5 2 .cab File store Designed based on DFS replication Redirects client to closest DFS replication site the local BR No client changes required

46 Client accessing the files via DFS Namespace
and redirection (Authenticate / Download / Redirect) XenApp Profiler Citrix Branch Repeater Citrix Repeater Client WAN XenApp 5 3 .cab File store Designed based on DFS replication Redirects client to closest DFS replication site the local BR No client changes required

47 Branch Repeater responds to client request
XenApp Profiler Citrix Branch Repeater Client Citrix Repeater WAN XenApp .cab File store LAN like performance No need to go over WAN to get the LARGE .cab file Results: Very HAPPY user!

48 Branch Repeater Technology – HDX IntelliCache
Presentation Title Goes Here Insert Version Number Here Branch Repeater Technology – HDX IntelliCache Branch Staging of Offline Apps Pre-positions streamed applications locally for rapid delivery to branch users Branch Caching of Online Apps Local caching and de-duplication across multiple XenApp user sessions © 2003 Citrix Systems, Inc.—All rights reserved. 48

49 Optimized TCP Connections
Branch Caching Local caching and de-duplication across multiple sessions Data Center Branch Office Optimized TCP Connections Branch Repeater Repeater XenApp Farm Infrastructure Servers

50 Multi-user Optimization for XenApp
Delivers best performance for XenApp to branch users 22-39% faster application start up per user 2-6x faster bulk data transfer over ICA + up to 20x less bandwidth consumption Up to 30x reduction for UPD print traffic over the WAN

51 Ideal Use Cases for Branch Caching
Multiple users accessing the same text heavy applications e.g. Microsoft Word or Excel Multiple users frequently accessing forms-based Web applications e.g. Call center environment utilizing SAP Multiple users printing similar files within ICA i.e. Universal Print Driver (UPD) Multiple users performing repetitive file transfers within ICA i.e. Client drive mapping Multiple users streaming the same media file within ICA i.e. HDX MediaStream These are the five recommended use cases that yield the strongest XenApp Optimization benefits. Where does XenApp Optimization work best? All of these use case scenarios apply to XenApp branch users behind the same Branch Repeater or Repeater appliance (which is generally all users at the same branch). If you have any or all of the above user patterns in branch offices they will see much faster XenApp performance with Branch Repeaters and Repeaters in the network.

52 Example: Text Heavy Application
User 1 User 2 Same text between users using Word. Redundant data not sent over WAN.

53 Example: Forms-based Web Application
User 1 User 2 These are the four recommended use cases!!!!! Where does the x-session compression work? For ICA users behind the same Repeater: Multiple users, using the same ICA window size and resolution, accessing the text heavy (for example Word or Excel) application Same user, without changing ICA window size and resolution, paging up and down the same file Printing same files inside ICA session or across users Repetitive file transfer (client drive mapping usage) over ICA e.g. attachments or uploading/download files to server Form and web browser based apps share background objects between users. Redundant data not sent over WAN.

54 Example: Multi-user file and print services on ICA
These are the four recommended use cases!!!!! Where does the x-session compression work? For ICA users behind the same Repeater: Multiple users, using the same ICA window size and resolution, accessing the text heavy (for example Word or Excel) application Same user, without changing ICA window size and resolution, paging up and down the same file Printing same files inside ICA session or across users Repetitive file transfer (client drive mapping usage) over ICA e.g. attachments or uploading/download files to server Cross-session de-duplication benefit for print or transfer of similar files by different users Redundant data not sent over WAN.

55 ICA Acceleration with XenApp alone
compressed and encrypted ICA data WAN XenApp Server XenApp Client This is what the XenApp environment over the WAN looks like today. All XenApp traffic is compressed and encrypted with basic, advanced, or SSL encryption. However, the first GA release of the ICA acceleration will only support basic and advanced encryption. Supports Windows 2003 servers Leave all compression, encryption settings enabled Native ICA from XenApp is optimized and compressed

56 ICA Acceleration with Branch Repeater
compressed and encrypted ICA data WAN XenApp Client Branch Repeater XenApp Server Repeater ICA data still encrypted ICA data still encrypted Upgrade the XenApp Server to HRP03 and acceleration hotfix. Branch Repeater decrypts and encrypts ICA traffic to allow the ICA protocol to be parsed and compressed Supports basic and advanced encryption

57 ICA Acceleration with Branch Repeater
compressed and encrypted ICA data WAN XenApp Client Branch Repeater XenApp Server Repeater Automatic disabling of ICA compression on the XenApp server and client Branch Repeater parses ICA traffic inside the virtual channel Compression works across users and virtual channels to optimize all traffic Optimal performance for print, client drive mapping, and common apps Disabling of the XenApp reducer (offload of compression to the Repeater) Disabling of the print virtual channel reducer Enabling of Repeater driven flow control Improved performance over bandwidth estimator because all user traffic flows through a single traffic point where the BR/WS can optimize egress and ingress traffic across users.

58 Mixed Environment Support
Decrypted and Encrypted by Repeater Branch Office #1 ICA Pass-through by Repeater Branch Repeater HQ/Data Center WAN Repeater Branch Office #2 ICA acceleration works between Repeater/ Branch Repeater appliances with supporting appliance software and XenApp server software. Sites without Repeater/ Branch Repeater appliances or those with older/unsupported software will have the same great XenApp application experience as today. HDX IntelliCache ensures that branch users on direct WAN as well as those behind a Branch Repeater continue to enjoy ICA application performance!

59 Further Reading Whitepaper: Performance assessment of Multiuser XenApp Optimization

60 Citrix Repeater Plug-in for Citrix Receiver
60

61 Citrix Receiver Simple user experience
Single point for notifications Orchestrates installation, updates, and interaction of third party plug-ins with Citrix plug-ins A single Citrix client for Citrix Delivery Center infrastructure For the enterprise PC, home PC, and BYOPC Windows, Macintosh, iPhone, & Smartphones Works inside and outside the firewall (animation) What is the Receiver? A unified, hands-off approach to managing the different plug-ins used by Citrix as part of the Delivery Center infrastructure. For the end user, it means having to deal with only one client– adding/removing the plug-ins as needed. For the IT manager, it enables the self-service model with greater control from the merchandizing server.

62 Citrix Receiver Key Benefits
Improved User Experience Simplified User Interface Reduce Systray Sprawl Consistent User Notifications Simpler Secure Connection from outside work Improved IT Experience Centralized client management Head-end controls default settings Simpler support for BYOC, home, etc

63 Citrix Receiver for Windows
Three Components Citrix Receiver – software installed on end-user desktop that houses plug-ins and communicates with the Merchandising Server for updates Citrix Receiver Merchandising Server – Linux-based XenServer Virtual Machine that stores plug-in updates Citrix Receiver Administrator Console – Web-based console used to administer the Merchandising Server and configure plug-in deliveries The following are the components that make up Citrix Receiver: Citrix Receiver client software: Installed on each end-user desktop with plug-in s already loaded and configured. Can be deployed by users visiting a web page and clicking downloading the Receiver or using an ESD solution such as GPO or SMS. As upgrades to plug-ins become available Citrix Receiver will install those upgrades onto the desktop, keeping all users up to date. Citrix Receiver Merchandising Server: XenServer based Virtual Appliance downloaded from citrix.com • Citrix Receiver Administrator Console: Web-based administration tool that is used to configure plug-in updates on the Merchandising Server. The admin tool is not a separate install but is a web app running on the Merchandising Server itself.

64 Citrix Repeater Plug-in
Available as plug-in for the Citrix Receiver as well as standalone High-definition experience for mobile users and teleworkers ("office like") Overcomes bandwidth and latency uncertainty of 'on-road' connectivity WiFi, broadband, 3G connections Repeater Plug-in does support the XenApp acceleration (multi-user optimization) capabilities available on Branch Repeater appliances.

65 Deployment Scenarios Integrated mode Standalone mode
Merchandising Server is used to deploy Citrix Receiver and plug-ins Schedule the delivery for self-service install by end-user Standalone mode Citrix Repeater plug-in is deployed without the Citrix Receiver or Merchandising Server Citrix Repeater plug-in software is downloaded from Software is customized and deployed using existing software distribution mechanisms The Repeater Plug-in can be installed as part of the Citrix Receiver. It is also available as a stand-alone client if the user does not wish to install the Receiver. While all the functionality remains the same in both cases, the way the software gets distributed is vastly different. In the standalone case, the user must manually download and install the client. As a plug-in, the software gets delivered during the scheduled delivery by the merchandising server. The user simply needs to accept or decline the install.

66 Citrix Receiver Merchandising Server
User plug-in notifications Receiver (This slide may be hidden as it pertains to Receiver more than the Repeater plug-in) The admin uses the web-based Citrix Receiver administrator console to configure “Deliveries” which are consumed by the Citrix Receiver client. Deliveries specify specific plug-in s to be installed for specific users. The admin can track the progress of those deliveries via a set of Reports in the admin web console. As new plug-in installers become available at Citrix.com, the admin gets a notification within the Citrix Receiver admin console. Notifications: The Merchandising Server polls the Notification Service on citrix.com so as new installers become available it is advertised in the admin console. Installers and Metadata: The Admin downloads the updated plug-in s and uploads the installers and metadata file for the plug-in to the Merchandising Server. Reports: The admin can see reports of plug-in s that have been installed and their status. End-Users at home and work: Citrix Receiver client software is installed on user machines on the LAN or outside the network. It communicates with the Merchandising Server for plug-in updates. Installers and MetaData Admin Console

67 Turbocharge Your Access Gateway!
Repeater and Access Gateway plug-ins interoperate to turbocharge secure, remote access Unique, single-vendor secure accelerated access solution Best remote and mobile user experience Simple, secure and fast

68 Turbocharge Access Gateway
Un-optimized traffic Traffic between the client and the secure network is optimized before passing through the VPN tunnel Optimized traffic Repeater Plug-in Secure & Optimized traffic When both the Branch Repeater client and Access Gateway client are installed on a user’s system, traffic between the client and the secure network is optimized by Branch Repeater before traversing the VPN tunnel. After passing through the Access Gateway, optimized traffic flows through a Branch Repeater appliance en route to servers on the secure network. WAN Access Gateway Plug-in Access Gateway Repeater

69 Repeater and Access Gateway Plug-Ins Integration
Application ( , Web Browser) Repeater Plug-in Access Gateway Plug-in User Space Kernel TCP/IP Protocol Stack (Kernel) TCP/IP Protocol Stack (Kernel) It is important to reference the challenges we face when trying to integrate with SSL VPN clients in general: Usually registered higher in the processing order (DNE Framework) Packets are encrypted prior to arriving at the Repeater plug-inn …..As a result we are unable to process the packets, or achieve any optimization. Discussion points: DNE Framework and objectives Differences between the operations the two client would need to perform i.e. standard Repeater processing VS the Secure Access client operation. Conclude this slide with the changes made to the DNE plug-in order, and the fact that the two clients are now able to co-exist. Mention that there are challenges based on what the Secure Access Client will do the now Repeater Optimized packet i.e. strip standard options…the details of which will be discussed in the course of the presentation. Repeater Packet Interceptor Access Gateway Driver Network Driver

70 Access Gateway Configuration
All editions of Access Gateway can be turbocharged Standard Edition Advanced Edition Enterprise Edition Step by step configuration and planning available in CTX Turbocharge Access Gateway Reference Architecture

71 Benefits of Access Gateway integration
Secure and accelerated remote access Compared to secure access without the Repeater Plug-in, a turbocharged Access Gateway: Improves CIFS performance by up to 30X Improves HTTP performance by up to 50X Improves MAPI performance by up to 50X Up to 99% bandwidth saving with native Windows file shares, Exchange , SharePoint document libraries, and other apps Performance data is based on Turbocharge Access Gateway Performance Assessment Whitepaper, created June CTXS document code TBD

72 Turbocharge Access Gateway
Test results showing the performance improvement over different types of bandwidth In terms of time, the user is able to complete the entire sequence in anywhere from 9 minutes (Cable) to 25 minutes (3G) less than it would take using an un-accelerated connection. The Repeater not only makes a turbocharged VPN connection faster and more efficient, the accelerated connection consumes less bandwidth. Looking at the average bandwidth savings across all three WAN connections, we begin with an immediate 50% reduction in bandwidth consumed when ing the “version 1” PowerPoint. As the user moves through the workflow and Repeater recognizes more and more common data objects in the s, the bandwidth savings escalate to 98%. Complete performance test report is available on

73 Plug-n-Play for Any Network
73

74 Plug-and-Play Deployment with Full Transparency
Auto-discovery No tunnels Zero impact to: Firewalls NetFlow QoS NoTunnel Branch Repeater Repeater Unlike pure-play WOC vendors, the Citrix solution is designed for plug-and-play interoperability with the complete end-to-end delivery network infrastructure. The Branch Repeaters and Repeaters gently slide into the network without requiring any changes or creating any proprietary tunnels. This allows existing equipment to continue functioning with full visibility into the rest of the network, even after the Citrix WOC is introduced. Non-Citrix WAN Optimization Proprietary Tunnel ? Branch Office Users 74

75 Multiple Deployment Modes
Optional HA Inline Bypass NIC Virtual Inline PBR WCCPv2 LAN WAN Switch Repeater or Branch Repeater Router Inline mode is the easiest and recommended deployment mode. Where the Inline mode is not feasible, other deployment modes are supported using standard protocols such as Web Cache Control protocol (WCCP) or policy based routing (PBR). In all cases, the deployment is completely transparent to the rest of the network. LAN WAN Switch Router Repeater or Branch Repeater Optional HA 75

76 Multiple Deployment Modes : Proxy Modes
Inline mode is the easiest and recommended deployment mode. Where the Inline mode is not feasible, other deployment modes are supported using standard protocols such as Web Cache Control protocol (WCCP) or policy based routing (PBR). In all cases, the deployment is completely transparent to the rest of the network. 76

77 High Availability – 4-port NICs in Repeater
The 4-port NIC is two logically-individual fail-to-wire pairs 4-port NICs are for the environments that are: dual homed, load balanced, and redundant the multiple WAN links have the same speed Supports HA Pair mode starting with release 5.0 can be deployed inline, WCCP, or policy based routing modes To ensure high availability, the Repeaters can be deployed in HA-pair using load balancers, multiple service providers and/or groups of virtual appliances.

78 High Availability Mode in Branch Repeater
Transparently combines two Branch Repeaters with Windows Server into a primary/secondary pair Uses standard protocol VRRP Supports multiple HA deployment topologies for uninterrupted service to the branch

79 Approaches to Resolve ‘Asymmetric Routing’
Asymmetric Routing: In a multi-homed environment, a packet on a given connection might travel over either link Group Mode allows two or more appliances to be grouped together into a single virtual appliance WCCP mode where WAN routers send traffic from multiple links to the same appliance (or HA pair), via the WCCP protocol. Virtual Inline where routers send traffic from multiple WAN links through the same appliance (or HA pair). LAN-level aggregation where an appliance (or HA pair) is placed closer to the LAN, before the convergence point of the WAN links Group mode over non-redundant links with possible asymmetric routing Multi-homing (i.e. more than one Internet service provider) is a necessity in many enterprises to maintain always-on (high-availability) connectivity to the Internet. Citrix Branch Repeaters are designed to address the asymmetric routing that may be created when the packet is presented with a choice of multiple paths on its inward and outward journey. These approaches are listed in this slide.

80 Why deploy in Group Mode
When multiple WAN links exist. Primary/secondary configurations. Load balanced configurations. Possibility of asymmetric routing issues. Group mode can be used on redundant links without reconfiguring routers. Group mode applies only to the appliances on one side of the WAN link. Appliances in group mode have no affect or reliance on the appliances on the other side of the WAN link. Primary Link Backup Link

81 How does Group Mode work?
Within a Group Mode grouping, there is a connection “owner”. The owner of a connection is set by default according to a hash of IP/port pairs. The owner can optionally be set according to specific IP/port-based rules. Group mode uses a heartbeat mechanism to verify that other members of the group are active. Packets are only forwarded to active group members. Primary Link Backup Link

82 How does Group Mode work?
If traffic arrives first at the “owning” appliance, it is accelerated and forwarded normally. If it arrives first at a non-owning appliance, it is forwarded to its owner, which accelerates it and returns it to the original appliance for forwarding. In addition, it means that an appliance is available for acceleration even if its link is down. When the routing tables change to bypass the failed link, group mode still forwards the packets through the owning appliance before sending them across the remaining link. Owning Appliance

83 Integrated Windows Services
83

84 Citrix Branch Repeater with Windows Server
A comprehensive branch solution, Citrix Branch Repeater: Optimizes application delivery from the Citrix Delivery Center Provides key native Microsoft Windows™ branch infrastructure services Branch Repeater is paired with Citrix Repeater appliances in the data center Administration is performed through an MMC snap-in or other Windows management services The Branch Repeater family can be deployed in the following symmetric configurations: Site 1 Site 2 Branch Repeater Repeater Repeater Repeater Repeater Plug-in Repeater Branch Repeater Branch Repeater

85 Branch Repeater System Architecture
File Print AD DNS . Citrix Hardware Windows Services Citrix Windows OS Citrix XenApp Repeater for Streamed Apps Citrix WAN Optimization Datacenter Repeater Leverages the long and close association between Citrix and Microsoft Branch gets the advantage of native Windows Services running on Citrix platform, with added benefit of optimization Branch Users Apps

86 Branch Repeater Feature Breakdown
WAN Optimization – Citrix Repeater Technology Domain Controller Services – Windows 2003/ 2008 Active Directory – Windows 2003/ 2008 Web Content Caching – ISA Server 2006 File and Print Services – Windows 2003/ 3008 DNS, WINS and DHCP Services – Windows 2003/ 2008 Administration – MMC Snap-in Framework or Citrix Command Center OR Branch in a Box = A single device to deliver the datacenter services to the branch without requiring multiple hardware and software deployments. The close association between Microsoft and Citrix allows the Citrix Branch Repeater to deliver the latest Windows Server from the same platform as the WAN optimization controller. The feature breakdown is discussed in detail on the next few slides

87 Windows File and Print Services
The Branch Repeater appliance also serves as a local print server to speed up print job spooling times It also provides Windows file and printer services The queuing of CIFS messages and the compressing of traffic alleviate the effects of a slow WAN link

88 Domain Controller Services
Remote administration is eased through domain-level, instead of local machine, accounts Read Only Domain Controller (RODC) for improved data security in branch office servers This scenario also provides local authentication and Windows policy enforcement Branch Repeater allows the branch office be self-sufficient in the event of lost WAN connectivity New RODC is unidirectional replication of Active Directory changes (i.e., from the forest to the RODC) an intruder on the RODC can’t manipulate the Active Directory database or DNS data. This is new in CBR with Windows Server 2008

89 Windows Management Tools
Management pack available for System Center Operations Manager (SCOM) Windows Management Instrumentation (WMI) support for integrating with custom management and reporting tools Using solutions such as Microsoft SCOM and WMI, an entire enterprise-wide deployment of Citrix Branch Repeaters can be centrally and seamlessly managed.

90 Advanced Microsoft Services – Web Content Caching
Optional add-on feature The web caching functionality of ISA Server Enterprise is leveraged Page elements, graphics, text and active content are cached locally on the Branch Repeater appliance Protocol object caching HTTP FTP BITS Requires inline deployment ISA Server 2006 is only available for Branch Repeater with Windows Server 2003 because ISA Server supports 32 bit OSes only (Windows Server 2008 is a 64 bit OS) 90

91 Advanced Microsoft Services – Systems Management
Branch Repeater is the single platform to configure, administer and maintain the branch systems using existing Microsoft tools Eliminate dedicated branch servers and optimize WAN latency and bandwidth SMS Secondary Site for geographically spread deployments SCCM Branch Distribution Point for simplified software distribution and faster patching Extend IT consolidation initiatives to the branch

92 Flexible and Centralized Management
92

93 What is Citrix Command Center?
Single administrative interface to all remote appliances Automated discovery and inventory One-click configuration replication System-wide fault management and performance monitoring Citrix Command Center is a powerful yet free Management Suite to manage multiple Citrix devices from a single dashboard. It supports Citrix NetScaler, Application Firewall, Access Gateway (EE) and Branch Repeater family for full network discovery, performance reports, fault management and configuration administration. With an easy, intuitive web interface and SNMP interfaces to popular 3rd party NMS tools, the Command Center makes it possible to centralize the network operations of a Citrix Delivery infrastructure.

94 Free and easy to use; runs on any Windows server
Manages NetScaler, Access Gateway, Repeater and Branch Repeater from Citrix Free and easy to use; runs on any Windows server Citrix Command Center is a powerful yet free Management Suite to manage multiple Citrix devices from a single dashboard. It supports Citrix NetScaler, Application Firewall, Access Gateway (EE) and Branch Repeater family for full network discovery, performance reports, fault management and configuration administration. With an easy, intuitive web interface and SNMP interfaces to popular 3rd party NMS tools, the Command Center makes it possible to centralize the network operations of a Citrix Delivery infrastructure.

95 Command Center 3.2 Features
Centralized management of Citrix Branch Repeater devices (both Windows and non-Windows) Citrix Branch Repeater with Windows Server can also be centrally managed by Microsoft System Center Operations Manager (SCOM) and other Microsoft management tools Centralized Configuration Management Requires Repeater devices with software v or later Requires Branch Repeater devices with software v4.5.1 or later*

96 Other Enhancements in Command Center 3.2
Microsoft® SQL Server™ support High Availability support Faster and more efficient backup Fault Management and Event Aggregation enhancements Historical Reporting and Performance Graphs enhancements

97 Command Center - Web-based Interface

98 Command Center - Configuration Management
View archived configs and restore to any previous config

99 Command Center - Monitoring and Reporting
Presentation Title Goes Here Insert Version Number Here Command Center - Monitoring and Reporting Multiple levels of performance monitoring appliance-level (e.g. single WAN link) System-wide (Citrix Command Center) End-user (XenApp, XenDesktop) Full network transparency allows use of existing performance monitoring tools (e.g. NetFlow) Extensive alarm and activity information Export data to industry-standard NMS tools © 2003 Citrix Systems, Inc.—All rights reserved.

100 Appliances - Additional Management Utilities
Branch Repeater has a flexible set of management capabilities. In addition to centralized administration from the Command Center, it supports scriptable command line interface. The CLI can be accessed locally or invoked from the Command Center dashboard. It runs a web server for convenient HTTP or HTTPS user-interface for configuration and monitoring using any standard web browser. For integration with 3rd party NMS tools (ex. HP OpenView or MRTG), SNMPv2 protocol is available. Web-based configuration Scriptable CLI SNMPv2 support for NMS integration

101 Hardware Overview

102 Complete Product Line – Citrix Branch Repeater
Integrated Windows Services Branch Repeater with Windows Server 100 / 200 / 300 Repeater 85xx 8520 8540 Repeater 88xx 8820 8820 High Speed Branch Repeater 100 / 200 / 300 Branch Repeater VPX-45 Branch Repeater VPX-45 Branch Repeater and Repeater are available in variety of form-factors and models based on the target application. Appliance models are primarily sized based on a customer’s WAN bandwidth requirements. The next few slides will focus on how to position each of these products. Repeater Plug-in Branch Repeater VPX-2 / 10 Mobile User Branch Office (1-10 Mbps) Regional HQ (10-45 Mbps) Data Center ( Mbps)

103 Branch Repeater Product Line
Price $K Large Branch/Data center R 8820HS 100 R 8820 50 Branch/Regional office 20 R 8540 R 8520 BR 300 VPX-45 10 BR 200 VPX-10 6 BR 100 4 VPX-2 VPX-Express $0 512Kbps 1 Mbps 2 Mbps 10 Mbps 20 Mbps 45 Mbps 155 Mbps 500 Mbps Citrix Confidential - Do Not Distribute Bandwidth

104 Branch Repeater & Branch Repeater VPX-2/10
Small to medium branch offices WAN optimization functionality in a compact and nearly silent form-factor VPX = low-cost, flexible branch installation with existing servers WAN speeds up to 10 Mbps Command Center management Branch Repeater is a great choice for small to medium sized branches with fewer than 50 concurrent users and WAN speeds up to 10 Mbps. This may be the right choice if your IT strategy is to completely centralize Windows servers within your data center (e.g. no Windows servers in branch offices). Branch Repeater combines proven Citrix WAN optimization functionality (including HDX technologies) with a small, quiet form-factor, and is easily managed by your centralized IT team with Citrix Command Center.

105 Branch Repeater with Windows Server
Small to medium branch offices Integrated Windows services Stages XenApp offline apps WAN speeds up to 10 Mbps Command Center and Microsoft manageability Branch Repeater is a great choice for small to medium sized branches with fewer than 50 concurrent users and WAN speeds up to 10 Mbps. This may be the right choice if your IT strategy is to completely centralize Windows servers within your data center (e.g. no Windows servers in branch offices). Branch Repeater combines proven Citrix WAN optimization functionality (including HDX technologies) with a small, quiet form-factor, and is easily managed by your centralized IT team with Citrix Command Center.

106 Repeater Appliances & Branch Repeater VPX-45
Datacenters and large offices Fan out to branches Datacenter replication Repeater Plug-in support WAN speeds up to 500 Mbps VPX = low-cost, flexible installation with existing servers Command Center management Repeater appliances are the appropriate-sized solutions for datacenters and large offices with higher bandwidth requirements. A Repeater appliance is perfect for hub environments that fan out to a large number of branch offices and/or mobile users. Repeater is also well suited for optimizing data replication across a single, high-speed link. It supports WAN speeds all the way up to 500 Mbps and is easily managed with Citrix Command Center.

107 For remote and mobile users
Repeater Plug-in For remote and mobile users Plug-in for Citrix Receiver or run standalone Support broadband, WiFi and 3G connections Works with Access Gateway and other leading VPNs Included with XenApp, XenDesktop & NetScaler Platinum Editions Repeater Plug-in is a software version of Repeater technology that available for PCs running Windows 2000, XP or Vista. It supports any WAN connection such as cable modem or DSL, WiFi hotspots, and wireless 3G cards. Since most enterprises require a VPN connection to access datacenter resources, Repeater Plug-in supports most leading VPN clients including Citrix Access Gateway. Being a symmetric solution, you will need to pair up Repeater Plug-in with a Repeater appliance in the datacenter or behind the VPN gateway in the DMZ in order to optimize the traffic. Finally, you will be happy to know that the Repeater Plug-in is included with the Platinum Editions of XenApp, XenDesktop, and NetScaler. So if you are a Platinum customer all you need to purchase to recognize excellent acceleration and optimization benefits for your remote and mobile users is a single Repeater appliance.

108 Branch Repeater 5.7 Key Features and Benefits
Customer Benefits SSL Acceleration Accelerate encrypted XenDesktop and XenApp traffic and secure web applications by up to 30X without compromising security Disk Encryption Prevent theft of sensitive data and comply with security mandates and regulations 2008 R2 for Branch Repeater with Windows Server Reduce the number of servers in branch offices and enable customers to upgrade to Windows Server 2008 R2 Windows 7 64-bit plug-in Support growing number of remote users with 64-bit devices

109 Branch Repeater 5.7 Platform Compatibility
Repeater appliances: all supported 8xxx models Branch Repeater appliances: 100, 200, 300 Branch Repeater with Windows Server: 100, 200, 300 Note – 5.7 is versioned as 3.0 on Windows appliances Repeater plug-in for Receiver Branch Repeater VPX: N/A* * 5.7 features will be available for Branch Repeater VPX in Q4 with 6.0 release Citrix Confidential - Do Not Distribute

110 Citrix Confidential - Do Not Distribute
SSL Acceleration Citrix Confidential - Do Not Distribute

111 SSL Acceleration – Overview
Accelerate all applications that use SSL, e.g: XenApp and XenDesktop (when using SSL encryption) SharePoint and other ERP/CRM applications (e.g. SAP, Oracle) over HTTPS Exchange – Outlook Web Access over HTTPS* Optional encryption of data at rest and over WAN Available for appliances and plug-ins PC with web browser Secure Web Server (HTTPS) Branch Repeater Today: TCP Flow Control Quality of Service Branch Repeater with SSL Acceleration: HTTP/ICA Protocol Awareness/Optimization Multi-level Compression TCP Flow Control Quality of Service * Note - Encrypted MAPI does not use SSL and is not supported

112 Brings parity with Riverbed and Cisco and adds a differentiator against others competitors
SSL Acceleration Disk Encryption Citrix Y Riverbed Cisco Blue Coat - Juniper Expand Networks

113 New “Crypto” Licenses Due to US export restrictions for encryption technology Available at zero cost ($0) to customers via MyCitrix Unlocks SSL acceleration and disk encryption capabilities Applied to each appliance on top of standard Citrix license Similar process to other WAN optimization vendors .

114 How SSL Acceleration Works
Traffic Interception Compatible with existing application/web servers and certificate/key formats Interoperability with NetScaler (or any other SSL offload device) SSL Traffic Interception

115 How SSL Acceleration Works
Secure Key Store Built-in secure certificate/key store on Repeater With tracking of certificate/key expiry Application/web server private keys NEVER leave data center Secure, enterprise-class Certificate / Key Store

116 How SSL Acceleration Works
Secure Data Transfer Encrypt and secure user data sent between Repeater appliances Optional ability to encrypt ALL (non-SSL) TCP traffic between Repeater appliances Secure Data transfer between Repeater Appliances

117 How SSL Acceleration Works
Secure Disk Storage Ability to turn off disk compression for sensitive user data Ability to secure/encrypt the user’s data stored on disk With ability to erase (scrub) the data Optional ability to secure/encrypt ALL (non-SSL) user data Disk encryption

118 Flexible deployment modes for joining the branch network
Branch Repeater Inline Optional Bypass NIC Virtual Inline WCCPv2 Policy-based Routing WAN LAN Switch Router For deployment flexibility, Citrix Branch Repeater can join the branch network with in-line, policy-based routing or WCCP (Web Cache Communication Protocol) modes. If inline deployment and high availability requirements demand it, Citrix Branch Repeater is available in configurations including a Bypass Network Interface Card (NIC) that provides continuous access to the WAN in the unlikely event of an appliance offline state. Branch Repeater WAN LAN Switch Router 118

119 Branch Repeater VPX Features – 1/2
Hypervisor: Citrix XenServer only* Based on Branch Repeater software v5.5.1 Support for Repeater Plug-in Inline, WCCP and PBR deployment modes Scale VM resources as needed Hypervisor Print Server Branch Services * Additional hypervisor support in future releases

120 Branch Repeater VPX Features – 2/2
Centralized management via Command Center* Support for “Essentials for XenServer” tools XenMotion Live Migration, High Availability and Resource Pool No Group Mode support No Fail-to-Wire (FTW) support Hypervisor Print Server Branch Services * Requires Command Center v4.0 or higher

121 Use Case 1: Accelerate other Virtual Machines
XenServer VM #1 Internal Network Branch Repeater VPX Network 0 VM #2

122 Use Case 2 : Accelerate other Servers
XenServer VM Branch Repeater VPX Server Network 0 Network 1

123 Use Case 3 : Accelerate Desktop Virtualization
XenServer* XenApp Internal Network Branch Repeater VPX XenDesktop Network 0 Merchandising Server * Likely to be a Resource Pool or Cluster

124 Use Case 4 : Multiple Instances for Traffic Separation
XenServer Branch Repeater VPX VLAN 1 VLAN 1 Branch Repeater VPX VLAN 2 VLAN 2 VLAN 3 VLAN 3 Branch Repeater VPX Segregate traffic by VLAN in XenServer

125 Branch Repeater VPX Failover and Bypass Card
Cannot “bridge” or bypass the XenServer host if hosting other VMs XenServer does not recognize any special hardware (FTW card) Use WCCP or PBR Use XenServer HA Configure VPX to start automatically Configure HA on Resource Pool VPX VM #1 VM #2 VPX Server

126 Branch Repeater VPX Requirements
VPX Minimum Requirements XenServer Requirements 1 CPU 1 GB RAM 60 GB Disk 2 Virtual NICs 64 bit x86 server VT enabled CPU (Intel VT or AMD-V) for running Windows VMs* Min. 1 GB RAM, 16 GB disk** Windows PC for XenCenter * Branch Repeater VPX does not require VT enabled CPU ** Not including VM requirements Citrix Confidential - Do Not Distribute

127 Branch Repeater 5.7 Platform Compatibility
Repeater appliances: all supported 8xxx models Branch Repeater appliances: 100, 200, 300 Branch Repeater with Windows Server: 100, 200, 300 Note – 5.7 is versioned as 3.0 on Windows appliances Repeater plug-in for Receiver Branch Repeater VPX: N/A* * 5.7 features will be available for Branch Repeater VPX in Q4 with 6.0 release Citrix Confidential - Do Not Distribute

128 Repeater VPX Repeater as a Virtual Machine available in different flavors : Repeater VPX Express for trial purpose only (512kbps, 10 accelerated connections, 5 repeater plugins) Repeater VPX 2Mbps for WAN links up to 2Mbps Repeater VPX 10Mbps for WAN links up to 10Mbps Repeater VPX 45Mbps for WAN links up to 45Mbps

129 Promotion Overview : Branch Repeater & XenDesktop
The Citrix® Branch Repeater™ Promotion for XenDesktop™ Customers provides 2 free of charge Citrix Branch Repeater VPX-10 virtual appliances to all existing and new Citrix XenDesktop customers with active SA who purchase any of the following physical or virtual appliances: Branch Repeater VPX-45 Repeater 8520 Repeater 8540 Repeater 8820 Repeater 8820 with high-speed option Citrix Confidential - Do Not Distribute

130 Repeater VPX Repeater as a Virtual Machine  Only on XenServer(a version for Vmware ESX or vSphere is expected Q4 2010) All features are supported accept : Group Mode Repeater High-availability mode is not supported. (XenServer HA is supported.) Ethernet bypass card LCD front-panel display Serial console interface Minimal Standard Config Only for Demo/POC

131 Citrix FlexLM Licensing

132 Citrix Licensing Branch Repeater product line now follows the standard Citrix Licensing (a.k.a. V6, Flex LM) infrastructure Repeater 8x00 series Citrix Repeater Plug-in Branch Repeater Branch Repeater with Windows Server Beginning with 5.0 release, the product line has moved to the standard Flex LM license infrastructure

133 Benefits of Citrix Licensing
Simplicity – consistent across all Citrix products Single way to obtain Citrix product licenses (including Platinums) Consistent license installation, management and compliance A single way to upgrade and renew licenses Consistent license consolidation, re-statement and reporting Flexibility – ease of deployment Ability to allocate Repeater Plug-in licenses across multiple Repeater appliances post-purchase Separate Repeater Plug-in purchases from Repeater appliance purchases

134 Obtaining New Licenses
New Repeater and Branch Repeater units will ship from Citrix without a license License entitlements will be available on the “My Citrix” portal (www.mycitrix.com) License files can be generated from the “Activation System/Manage Licenses” tool on My Citrix

135


Download ppt "Technical Presentation"

Similar presentations


Ads by Google