On the 22nd of March 2023 it was already time for our first DuCUG event in 2023. Again at the Duikenburg in Echteld. In this blog item my experiences and summarizations of the presentations provide on this day are written down.
After the opening Stefan Pieters was the first session of the day with the session Unleashing the Power of Collaboration with Sharefile. Stefan started with a brief history of the Sharefile product, followed by the portfolio evolution and opportunity. Stefan showed in a life demo some of the ideas Sharefile is working on, he kindly asked not to share this (so no further mention in this blog about it). After the demo Stefan had a good Q&A session.
After Stefan we had our first sponsor session How end-to-end monitoring increases efficiency and job satisfaction for both the IT Pro and end user by Erik van Veenendaal of eG. He started with explaining where eG can support the ITOps by monitoring over 200 technologies. Erik continued with new enhancements like supporting new version of supported technologies, new supported technologies, Citrix Monitoring enhancements (big list), Azure AD enhancements based on Monitor Service Health/User Compliance, FSLogix enhancements, Igel endpoints performance insights, Zoom support and physical desktop monitoring. The session ended with end-to-end monitoring of all components of all teams to identify where the issue actually is coming from.
After the traditional Bossche Bollen Break Niek Boevink and Kees Baggerman were on stage with their session Public Cloud a means and not an end. The session started with an interesting story about the history and way of working of Starbucks to introduce their topic. They continued with the terminology (private cloud, public cloud, multi-cloud, hybrid cloud, hybrid multi cloud) and reasons to use cloud (where they mentioned some examples with not total valid reasons for cloud like work from anywhere, data driven personalization, cloud is a must have). Next topic was three types of customers (on-prem, modern on-prem, cloud first). Out of research of Accenture came that cloud is a critical enabler for rapid growth (speed up digital transformation, mitigate risks, corporate sustainability). Out of other researches cloud gaps were defined (cloud waste, core skills expected to change, costly vendor lock-in). This leaded to from Niek and Kees ideal state the hybrid multi-cloud. Niek continued that the focus should be on user experience and not on the infrastructure behind it. Also freedom of choice how to use the services is key according to Niek. Summarized: consistent user experience, best application performance and on-prem/cloud availability.
Next session was Single-Session vs. Multi-session TCO comparison provided by Sasa Petrovic. He started with explaining the start of his research and the characteristics (1000 users, scalability is based on the rule of 5 and 10, used cloud VMs, scoring system). Sasa continued with the discussing the results. Starting with the Total Cost of Ownership (interesting results, insights what discounts can do on the results and details on VM costs), followed by Operation Costs (application packaging) and Licensing Costs. Sasa continued with a good summarization based on the topics: when use single-session (up to 4000 users, hardware/hypervisor costs are low) and the assumption that on-prem single-session is twice as expensive as multi-session is wrong.
After the lunch Dave Brett continued with the session 10 quick wins for red team testing. Dave kicked off what a red team actually is. Certificates and Password was the first topic Dave deep-dived into it (secure all infrastructure with certificates, use Citrix NetScaler for Frond and Back-end security, remove and block access to insecure ports, gain central control of certificates expiration, secure VDAs if possible [/w Lets Encrypt], change default passwords), followed by patching (not easy but essential to do, don't forget the applications, ideal world vs real world) and PowerShell/Command Prompt (entry point for red teams, some tips to secure them). Dave continued with lateral movement (foothold in the environment, move into the landscape; over-arching "admin" groups, good OU structure will help with security policy), followed by Hide What’s Not Needed (Right click is your enemy, Mask Base Image /w FSLogix App Masking, App vs User Group, mandate rule set, audit policy) and visibility (use SNMP/Syslos, Review logs regularly, manage retention period, use a good monitoring platform, alerting on running processes, have a rigid breach process in place), Clipboard (default by enabled, change it to block by default/allow when needed), Blacklisting (better than nothing, Free tools, Citrix tools, if budget allows use white listing), extra drives and PAW (Privileged Access Workstations, don't install admin tools on servers, admin desktops, firewall block admin ports, session recording) were the last topics Dave touched on-it.
Next on stage was Martijn Hoogesteger in the Netherlands known from the television program Hunted. Next to that he is working for SRM a company in the cybersecurity space. The session is about digital footsteps. Martijn explains which things can be done within finding person on the run. He discussed some methods in more detail like and when they are allowed to use. Important is the weightscale privacy versus espial). He also mentioned some tools and devices they are using for their activities. He continued how digital information can be used. Also old devices are really useful as they are not updated or less protected to get information to use on the current devices. Old hacks are really much used to "guess" passwords. Really interesting to hear how they are working both in real-life as in the television program.
After the last break Andreas van Wingerden of Liquidware was the next presenter. He started explaining how Liquidware sees the "modern workspace". According to Andreas MS Intune is not enough to manage the user environment with context, followed by discussing Modern Application Management (via FLexApp). Andreas mentioned the latest enhancements in FlexApp, followed by the flexibility of the product which is platform independent (including multi-tenancy). Andreas ended with the independency of FlexApp so it can be used on any platform.
Next session was Cloud Cost Optimization with Citrix Analytics by Christian Swendemann. Christian kicked off which tool/feature of Citrix is being built for and where it differs with Analytics. Via four cases Christian explains the value of Citrix Analytics. In first case they found at a customer logon time of 3 minutes with Citrix Analytics, including showing that the mitigations helped (it was at the end lack of CPU/Memory resources). The second case was about a road to cloud. They needed to find out which Azure Profiles they needed to use and used Analytics to determine the correct profiles. Third use case was Cost Efficiency by creating custom reports on machine failures, VDIs running in maintenance mode and similar questions via alerts. Last use case was about Reduce Service Desk Calls. By using Session Recording and Citrix Analytics they can give users more capabilities, reducing support to their users. After those four use cases Christian demoed the capabilities of Citrix Analytics.
Last session was virtually where Sridhar Mullapudi General Manager of the Citrix Business Unit was talking about Citrix Strategy. He started with the Citrix commitment (costumer focused innovation, best in class customer experience, investment in your journey and eco-system integration), followed by Hybrid is the future in more ways than one (work, management, identity, workspaces, device experiences, networking). Next topic was the Citrix Universal Subscription, giving deployment flexibility according to Sridhar. Het touched that Studio is going hybrid (web studio available for on-prem deployments) and the Citrix Workspace App Personalization Service (modernized and streamlined UI). Next topic where the HDX enhancements, where HDX is converting into Hybrid Digital Experience. Sridhar continued with Citrix SPA (Secure Private Access) and Citrix Enterprise Browser. The end of the session there was time for a Q&A with lots of good questions from the audience.
The DuCUG wouldn’t be the DuCUG as there is also time reserved for getting in touch again. After the sessions we had some drinks, followed by the famous diner provided by the Duikenburg. Personally I look back what was one of the best DuCUG events of the last couple of years.