On the 2nd of April it was time for the first DuCUG event in 2025. Also this time the event was hosted by the Duikenburg. They surprised us with the complete rebuilding of the main room, which was even nicer than it was before. My experience of this event can be found in this blog.
The event was logically started with the opening by Niek Boeving, followed by the first session by Shawn Bass - CTO of the Cloud Software Group (Citrix). He started off by explaining about the acquisition of Citrix and what happened afterwards. Next topics were the subscriptions (Citrix Universal Hybrid Multi Cloud/Citrix Platform License) and the components of the Citrix Platform. Shawn touched also the renewal of the Microsoft partnership, but they also work with other cloud providers like AWS (Citrix DaaS for Amazon Workspace Core) as other integrations like Nutanix. Shawn continued with the automation possibilities of the Citrix products. Next topic was the acquisition and/or big changes (acquisition uberAgent, migrate to XenServer, Citrix VDA for macOS, enhanced entitlements for W365, acquired deviceTRUST, acquisition Strong Networks, acquisition Unicon, Google Chrome Enterprise). Next topic was providing more insights of those, like uberAgent, deviceTRUST, Unicon, Strong Networks and Chrome Enterprise Premium. Shawn mentioned they are working on more acquisitions to enhance the product even further.
Next up on stage were Peter Nap and Christ Twiest of ControlUp with the first sponsor session. Peter started with several (upcoming) enhancements: ChromeOS support, ControlUp for compliance, real-time SaaS application performance and adaptation, Citrix Connection Failure troubleshooting and VDI Root Cause analysis. Chris continued with the ControlUp Innovation Guild, a new team that is supporting specific questions. He discussed the three cases they are working on (ControlUp Disk Monitor: monitor which files are changed on the local disk also with non-persistent VDIs, Unused Resources: Usage of Citrix Delivery Group and Big Screen Dashboard: Grafana dashboard creation for ControlUp recipe book).
After the traditional Bossche Bollen break, we continued with Ingmar Verheij wit the session How I’m automating my home, office, and life. He started that we are part of the group anonymous automaters. He was telling how he came into the (home) automation and what he automated in which way. He showed the tools he is using (home assistant, mqtt, node-red, cloudfare, zigbee, unify meross, shelly, and HomeWizard). Ingmar ended with five tips (start small, start with the basics equipment, select the correct devices, remember that it can break, think about the WAF/FAF).
Next session was CoreLogic Framework for NetScaler by Jan Tytgat. Jan started with the history of the project and why he started the project. Jan explained the challenges of using NetScaler’s (many applications, many tenants, many engineers, multiple ways to configure, specialist knowledge, change management), followed by the goals (standardization, simplification, documentation, security, logging, compatibility). Next Jan dived into more details on several topics like L3 access zones, Access Control Lists, TCP/UDP Routing, L7 HTTP Routing. After discussing the installation and configuration of the framework, Jan showed the product in a live demo.
The last session before lunch was the sponsor session of eG Innovations. Erik van Veenendaal was representing eG. After a general talk about eG he showed two new enhancements: integration with genAI (ChatGPT/Gemini) and Tracking Rate of Changes. Erik continued with several improvements like Endpoint monitoring, monitoring of MS Intune, syntenic Citrix Monitoring, Citrix Cloud Session Topology, Remote Control and Connectivity to Application back-ends monitoring.
After the lunch Patrick v/d Born and Stefan Dingemans were on stage with the session Securing Your Session Hosts: Easy to implement security tips for Citrix. They discussed several topics like security (cached credentials, user write rights, network communication, outbound internet firewall, PowerShell settings, OS identical local admin passwords, no applications whitelisting, outdated applications, IE11 and no virus scanner. Next topic was the risks (cyber war, internet facing, lateral movement, ransomware delivery protocol). Windows Privilege Escalation Awesome Script is a good script to find weaknesses. Stefan continued with adjusting the image template and using an image release strategy. Next topic was the use of benchmarks, Patrick recommends CIS Benchmarks (but also the MS Security Baseline, DoD Cyber Security Threads are other options). Some tools were mentioned like HardeningKitty and Tenable (compare baselines with current settings). Patrick continued with Application Whitelisting the easy way using Aaronlocker. Next topic was Local Admin Password Protection should be arranged with LAPS. Next tip was Block traffic between session hosts (east-west traffic). Stefan continued with keeping applications updated, for example with WinGet, Evergreen, Chocolaty and/or NeverRed. The last topic was about Pentest your environment.
Gerjon Kunst was next with the session Ai use cases, the good, the bad and the ugly. Gerjon started with explaining the Hype Cycle for AI from Gartner, followed by what MNS/OpenAI/Meta/etc want to see us do with AI. Gerjon continued with discussing five use cases (chatbot to query SAP, too many FAQ daily calls, automated calls quality control, convert conversations to signable document and query HR document in SharePoint) including what went well, what didn’t go well and lesson learned.
Before the afternoon break Ivanti by Steven Beuing provided the last sponsor session. He started about the rant on Ivanti about the vulnerabilities and end of life management, although he also mentioned that they can do a better job on that. This led to the topic there is life after IWC and the transition to Modern Workspace Management. He provided more details on topics like User Workspace Manger on-premises, user workspace for hybrid, Ivanti Neurons for User Workspace Management and Ivanti Neurons.
After the break Koen Warson was on stage presenting NetScaler beyond Gateway. Koen started explaining the gateway functionality and where you can split the AAA from HDX and Koen load balancing in dependent functions with advanced monitor. Then Koen showed what NetScaler can do more than gateway which is a lot. After some more details about policies and network traffic, Koen discussed several use cases like client certificate content validation before AAA, BOT management and IP whitelisting using subnets.
The last session was again Shawn Bass with the session Citrix Looking forward. As Shawn was showing some things that were not officially announced, he asked us not to mention anything publicity. So logically no details on this session in this blog.
With this session the official part of the day was done, after a quick closure by Niek. The day continued with drinks and the famous dinner where good talks continued as we are used at the DuCUG. In autumn the second DuCUG event will be held.