Wilco van Bragt - LinkeIn Wilco van Bragt - Twitter rssa 

Citrix Synergy 2017 Day 3

Already last day of Citrix Synergy 2017. Day three started with a keynote by Gen. Colin Powell, followed by a lot of breakout sessions. In the blog my day 3 experiences of Citrix Synergy.

The last day of Citrix Synergy 2017 started with a keynote by Gen. Colin Powell. Again this kind of keynotes are difficult to blog about. Unfortunate this one is not recorded. The story was really interesting with some nice backgrounds of his IT background and how it was being used in the organizations he worked for. I really like his style of storytelling and his engagement to help getting to the future.  He really like the way he “brought” the takeaways: visions is key, children are the future, don’t learn “hate”, don’t forget the horses (they do the work), have trust in the people in your organization, optimism is key, be how you are (everyone is important, nobody should be above somebody else),

The first break out session I attended was It’s the end of work as we know it by James Burklin, Thomas Berger and Christian Reilly. Christian started the session with showing the video of Citrix via Alexa. Christian started off the session talking about digital disruption: workplace evolution, markets are different, digital transformation will be there. Thomas took over with enabling technologies for digital transformation (micro apps, context is king, James did a demo of smart spaces with slack as an example, followed by demo of virtual doctor (as an example of bots).  Thomas showed the possibilities of VR/AR by some videos created by Thomas Poppelgaar and continued with the statement that Slack is the new OS, which James showed in a demo. Thomas continued with examples automation and artificial intelligence. James took over showing the Octoblu flow for his previous demo to make clear you do not need to be a full programmer. Thomas continued how Citrix can be used within these topics.

Next session was by Barry Schiffer and Remko Weijnen with the presentation Optimize and scale your XenApp and XenDesktop platform the CTP way. Remko started off with the hardware part of the session. CPU was the first part of this topic. Considerations are more cores means higher density, but higher clock speed improves performance, 4 vCPU for HDX 3D Pro. Physical PC has a higher clock speed then virtual. But there is more: vCPU: CPU, NUMA, Cluster on Die, (L3) Cache, Hyperthreading. Remko discussed the great article Rule of 5 and 10 of Nick Rintalan. The recommendations of Remko/Barry are: never overcommit RAM, hyperthreading is not a real core so count 25/50%, no CPU overcommit on XenApp, typically 25 users per XenApp VM, overcommit 5 – 7,5 for XenDesktop. Always set Power Management to High Performance, prevent all P-states, C-states beyond C1 and disable Turbo boost (reduces clock speed on the other cores). Never forget to validate with real users (after load testing tools). Next topic was vGPU which were discussed by Barry. Matching the user experience to a physical machine we need to have the same component like a GPU. Next topic was optimization of the OS, the optimization tools from VMware and Citrix (upcoming) were mentioned. Remko continued with Workspace Environment Manager, Remko likes Process optimization and improve login times. Barry continued with Citrix Telemetry gained by Martin Zugec of Citrix form the Insight Services. Really interesting insights, check the slides for all details because there were some unexpected outcomes. Best practices around this data were: double check cache settings, use cache in memory with overflow to disk, double check retries, no best practice for TCP offloading, Barry continued with the display protocols summarizing the improvement on this topic, followed by some more details about adaptive display v2 (selective use of H.264) and the defaults for the display protocol per version (which are pretty different per version). Barry is sharing some best practices: Offloading decoding H.264 increases the value of Thin Clients, configure defaults and verify results. Last topic was about browsers, Remke shared some statistics, leasing to the impact of Web Advertising showing with some testing results by Remko and VDIlikeaPro.

After lunch, I went to the session Overcoming challenges in a double-hop XenApp environment provided by Daniel Wedel. Daniel started of describing the customer characteristics (three types of users, required three types of image and different working “zones) used for this presentation, followed by the specifications of the new environment. With the new design the first landing page where internet was available and could connect to the secured applications zones via Published Applications. Before we went to the double hop challenges Daniel is mentioning some other issues encounters (slow print HP universal, HTML5 client license issues because of the RDS Device CALS, WmiPrvSE hogs CPU, Local Profile when user change password on StoreFront). Next we came to the topic of the Double hop issues (receiver used a long time to enumerate apps, shared users account (session stealing), getbrokerentitlementpolicyrule or anonymous users), tuning who sees what applications (as alternative for the ICA files: launch string, or AlwaysUseStubs), Hiding Apps (callback URL for setting Access Policies).  slow screen updates/distorted colors). When Receiver 4. 2 was released they implemented this and created a script to start the selfservice.exe quicker via a GPO. They also had 3rd party users that connected via a separate NetScaler on separate VLAN and described how they managed to reach the goals. The tool of Owe Kvislers is mentioned for setting exclusions instead of using PowerShell. Last topic Daniel was discussing issues with (old) Wyse Thin Clients both on graphics and session reliability. The session ended with some shoot outs to free utilities created by colleagues of Daniel like the Mover Citrix SQL database will be released soon.

Next session was Fantastic four: The Do’s, don’t and lesson learned of Citrix implementations. Each one of the presenters has a specific superpower, actually a topic they are talking about. Aaron started off with Cloud as his superpower. After a high-level introduction, Aaron shared some don’ts: assume cloud menus cheap, tread cloud like a data center, forget related workloads, forger about users’ data, go it alone. He do’s were: driven by identify /user first, perform due diligence, be driven by metrics, learn PowerShell / automate by default. Ruben continued with Windows 10 as his superpower. He repeated a part of the presentation of yesterday about Windows 10 and Graphical Applications. Ruben’s don’t were: assume Win10 migration is the same as Win7 migration, use the same tools as you have done since WinXP, think Windows as a Service solves all the pain, plan for 4 years upgrade cycles, assume O365 will be successfully by design on VDI/SBC. His Do’s: benefit Win10 awesomeness, Use GPS, Proper Profile Management, understand the language of CB, CBB, LTSB incl. impact. Theresa was next about native and third party tools. Theresa touched where you may need to look for 3rd party tools like monitoring, automation, performance, analytics. Theresa’s Do’s were use native tools whenever possible, know your environment, monitor for performance issues, test/poc 3rd party tools. Don’t: just buy 3rd party tools, to buy 3rd party tools, assume all products are created equal, don’t work from an Island but with the business. Last but not least was Steve about Users. Steve started about know the user. Steve thinks that we need to become an undercover end user agent (make personal connections, make technical observations silently, be be-lingual. I liked the end user agent script that Steve is using to get in touch with the users. Personal I think this part was the best of the whole session as this is where many IT people are struggling with (never tech talk with the user, assemble your notes/thoughts, translate to technical requirements, share knowledge, foster a culture of interaction.

Last session I attended (because I’m flying out this evening already) was Access and authentication options in a Citrix environment by Marius Sandbu. Marius kicked off with the identity sources available (Active Directory, Federation/SSO, Cloud0base identity [Azure Active Directory/Google IAM], B2B/B2C [Azure AD, AD Trust, social media accounts], identity lifecycle management [MS Identity Manager, Okta, Ping]. Next was authentication protocols, like LDAP, WS-Trust/WS-Federation, SAML, OAuth/OpenID, Kerberos/NTLM, Smart cards. Marius continued with the security capabilities (endpoint analyses, nFactor authentication, Conditional Access, Federated Authentication Service, Two factor authentication). Next Marius discussed running Citrix component on-premises or from the Citrix cloud. Marius talked through several scenarios and which combination of the previous discussed topics. He also discussed double hop scenarios including the downsides, the new NS 12 feature Outbound ICA proxy and Optimal Gateway Routing. Unified Gateway was the next topic, followed by NetScaler Gateway as a Service. Next Marius went into more detail about conditional access with Intune. Marius also shown the SSO experience based on MS Azure AD, followed by authentication flow used in the demo.