In the weekend of 3 May till 5 May E2E VC Madrid was organized again. In this blog I have written down my experiences of the event.
The event started on Friday with the opening by Alex. It was for Alex a calm opening. He was not dressed up in a special costume and he said his things on a relaxed way. It was a bit less busy than normal (around 130people) although the group of people attending for the first time was quite large. There was a nice thank you to Helge for his support of the event in all those years, now his company have been acquired by Citrix.
Also traditionally ControlUp was providing the first session again by Eugene Kalayev. Like usually Eugene was explaining the product by actually showing the product. As there were a large group of new people Eugene started with showing the basics of their solution. He continued with explaining that the view of the product is changing to a user centric approach (Digital User Experience), where he showed some features like New Users Sentiment, Unified Communication, Synthetic Monitoring (formerly ScoutBees) and Secure DX. Last topic were some things in the pipeline around web application monitoring (by an acquisition).
Next on stage was Chris Marks with the session There is nothing as constant as change. He started with surround by a choice (On-premises, cloud, multi-cloud, hybrid). According to Chris Hybrid (both working as infrastructure) is probably the new reality. Next Chris showed the portfolio of Parallels like RAS, DaaS, Secure Workspace and Browser Isolation. Chris continued with showing some features in Parallels RAS like the Azure Marketplace deployment of RAS. Next topics touched by Chris were Parallels DaaS including a demo, Parallels Browser Isolation (running in cloud) also with a demo and Sneak Peek on Cloud Console (single console for all products).
Helge Klein was next on stage with the session uberAgent - now a part of Citrix. Helge started with a brief history of Citrix monitoring (Resource Monitor, EdgeSight, Comtrade for Citrix, Citrix Director, Citrix Analytics for Performance and uberAgent). Now the product is called Citrix uberAgent: uberAgent is part of the Citrix Platform License (CPL), both UXM and ESA are included in the license. A few days ago uberAgent 7.2 is released, uberAgent for Linux is coming somewhere (support for thin clients). The rest of the time was available for questions (dashboards, back-end systems, integration within Citrix were some of the questions).
Next session was Markus Zehnle with the title Profile Container Wars - Part Deux. Markus started with quickly showing the environment used for testing (multi-session hosts). He executed the following test: logon performance on new and existing profiles, impact of Local Caching of Profile Containers, FSLogix Cloud Cache and the impact on the Storage Location). He discussed the results: using CPM Local Caching + Streaming is bit slower than straight CPM, FSLogix is quicker than CPM. On I/O level enabling CPM Local Caching + Streaming is way higher (from 900 to 3500 IOPS), similar behavior is shown with FSLogix. Next topic was the new Teams. He referred to the new timeline announced this week (see my news of the week), unfortunate no new timeline for VDI although Markus found something with the gib commits that should be something around October 2024 for the new Teams on VDI. Markus shared some common issues (Teams 2.x wont start after the first session, disable auto update, Outlook Plug-in registry change, Redirections for Team 2.x). The session continued with a feature overview of the CPM v FSLogix (most important is the official support for Team v2 ready, 2402 for Citrix, HF4 for FSLogix 2210).
Latest news from AWS EUC was the next session provided by Paola Maggi and Rey Wang. Paola started with the keyword from AWS EUC: flexibility, choice and customer experience. Paola was discussing the EUC computing services AMW is offering and what AWS is taken care of in the offerings and what the customer is responsible for. Rey continued with the new enhancements (lots of features on the slides) of the EUC services. She continued with the Amazon Workspace Thins Client (FireCube based); working with Workspaces, Workspaces Web and AppStream 2.0, locked down devices, easy to set-up, directly shipped to end-users. Next topics were Citrix DaaS on Amazon WorkSpaces Core (also available for VMware Horizon, Workspot and LeoStream), Workspaces Multi-region resilience (redirect secondary region within 30 minutes, small fixed monthly free, flat rate for actual usage), Optimized audio/video with Zoom/WebEx, WebAuthn support (Yubikey, Windows Hello, FIDO2 compliant authenticators), Cloudwatch Automatic Dashboard for Amazan Workspaces), Amazon AppStream 2.0 multi-session for Windows.
Benny Tritsch was next with the session DEX4DAAS, Measuring and comparing perceived remote desktop user experience in a Cloud PC era. Benny discussed what DEX is and what you can measure, leading to DEX quality criteria from a User Perspective (which are not easy to measure). Benny explained how EUC score is working, followed by some examples of the tests Benny performed. Benny ended the session for who EUC score actually is, mentioning the free community edition and the individual consultancy edition (including the feature set of the different versions) and the new enhancements in the product.
Next session was a newborn employees reflection including IA by Gavin Connolly, Neil McLoughlin and Bjorn Riiber (from Nerdio). Bjorn kicked off with his experiences with Nerdio as he just started into the organization (keywords: agility, flexibility, speed, reduce risk, security, automation). Gavin continued with explaining the Nerdio Manager product (reduce costs, improve security/resilience, simplify/automate management). Neil took over with a list of enhancements in the product and touched on a couple of them (Emission Savings Calculator for example).
Xoap.IO was next on stage represented by Sinisa Sokolic. It his 15-minute session Sinisa quickly went through the Xoap.IO product including some new enhancements (image management, scripted actions).
James Broughton of 10Zig was next on stage. James was describing their Secure Operating Systems NOS (zero client OS), PeakOS (thin client Linux OS), Repurpose OS (any client, free to use and free to manage, paid license available for firmware updates and technical support). Next topic was 10Zig Manager (windows based, Linux manager later in 2024, included with the OS products, secure connector). They are also providing hardware; James explained which models supports which use cases.
After a good lunch the day continued with the session Saving Money and Being More Secure by Patrick Coble. As it was not announced that the session started, I missed the beginning. I jumped into the back-up topic (need to have them and that you actually test them). He continued with E-mail security (external e-mail message, domain twisting [https://dnstwister.report/], DNS records DMARC, SPAM, MFA), followed by login security policy, cloud security (no direct RDP/SSH on the internet) and endpoint protection. Patrick continued with Hardening Baselines (311 for Windows 11, 266 for Server 2022), Patches (OS, Applications, Rimo 3 can help). Patrick shared experience with Insurance Security Monitoring. Last topic was security testing/audits: vulnerability assessments, security audits, penetration tests.
Sven Jansen was next on stage with the session ever trust - not even a session's description! He started off why trust is important followed by the principles of DeviceTrust. He showed what Citrix is working by default, only initial check, no continuous check. With DeviceTrust a change on the client will directly impact based on the configuration. The keywords of DeviceTRUST are continuous check, no user interaction, super easy to configure, no check on perimeter. Combining Citrix + DeviceTRUST will check all the boxed including the perimeter. Next, he showed the possibilities for O365 with Devicetrust enabled. He ended the session with mentioning the community program.
After DeviceTRUST it was time for me to present my session Citrix Linux VDA Real Life Experiences. In this session I shared my experiences using the Citrix Linux VDA at a customer with a large install base (6000+) on topics like installation, changed functionality, bugs, support, monitoring and more. Hopefully it was valuable and the audience have an idea of the Citrix Linux VDA
The last session of the day was a session by Claudio Rodrigues and Alex himself. Claudio explained why he changed his mind from on-premises to the cloud based on the experiences and expectations at his current employee. The session became a kind of open discussion, open tell your story/opinion where several informative stories and opinions were provided. After this session it was time for the network evening with food and drinks.
Day 2 of E2EVC started at 10:15 with 3 break-out rooms. I attended the session of Thorsten Rood with the session The downsides of modern auth in DaaS: surviving Citrix FAS and SSO expectations. Thorsten started with explaining the legacy StoreFront authentication flow and the legacy gateway authentication flow. Thorsten continued with explaining the Workspace Authentication Flow with ADDS on Citrix Cloud. This way is already been in Citrix since Metaframe 1.8. Next topic was the authentication flow using a SAML provider like EntraID. Remember that the group of EntraID should be mail-enabled to work when used to display resources. He explained the same flow when using the legacy authentication flow used by Gateway and EntraID. Both situations were explained without FAS, which leads to a logon screen on the VDA. Besides it is annoying for the end-user, it also has security risks (without proper configuration you can shut down the VDA, you can logon with a different user account on the VDA then authenticated earlier). Thorsten discussed some possibilities to work around it: The NetScaler is the only Workspace-ready IdP that supports traveling passwords or use the old SSON client configuration. Next was the official way using the FAS authentication flow which was also explained by Thorsten. Thorsten discussed the FAS redundancy configuration (GPO settings should be exactly the same if using multiple GPOs, no sync certificates between FAS servers so users could have two certificates, use maximum two FAS servers), PKI housekeeping (hardcoded 50% validty_timespan, lead to ridiculous amount of certificates, performance test the CA can issue, MMC may become unusable, pre-population certificates), authentication limits (ADDS prepared to support Smartcard login, revocation list available/accurate, NTLM-based back-end resources will be inaccessible), provisioning failure (disjoined forest trusts challenges). Thorsten ended the session with the EntraID limited Technology Preview for AVD which probably also will work for Citrix, where the VDAs should be joined entrajoined or hybridjoined, not usable for web-based access).
Next session was Proxmox VE by Carles Xavier Munyoz Baldo. Carles stated with his company information and checking in the audience who is using which virtualization stack. Next Carles explained the Promox VE Ceph Cluster: local disk set-up hyperconverged, architecture how they are setting up it at customers with a mesh network including the advantages (reduced costs, high scalability, storage migration, live migration, HA, FT, LB, centralized management). Next topic was the migration from another hypervisor platform to Proxmox, followed by Proxmox Backup Server (included in the product without any additional costs) and the the Disaster Recovery Plan (DRP) feature (three options: Distributed Cluster, Back-up server with frequent replication, Ceph replication). Carlos continued with the subscription models, which are there for support and access to the enterprise repository (you can use it for free without support using the free repository). Via a question also the Software Defined Network was discussed (including firewalling between hosts).
Benny Tritsch with the session Hands-on - How to record and visualize Windows performance counters and screen videos was next. Benny started with explaining the Windows Performance Counters which was a kind of repeat of his session in Rome (so you can you check my blog of E2EVC Rome for the details of this part of the presentation). GPU metrics are not available as a provider, so you need to collect the data via the kernel directly. It is difficult to gather the information in your own consumer. Benny also discussed the normalized CSV files. Next topic was the frames screen recording. Benny discussed the type of frame grabbers available. The grabber will be used within OBS Studio or FFMpeg.org. Last topic was the visualization of the collected data.
Next session was Citrix UPM and attachment of Files by Gaby Grau and Jan Hendrik Meier. After a quick introduction why a file server is required for EUC solutions by Gaby, Jan Hendrik continued with enhancements in the Citrix Profile Manager product. Jan Hendrik went into more detail about Profile Replication (replicate user policy, redundant, high available, both file/container-based CPS, not in-session failover, files first to pending folder --> UPM profile). Gaby continued with the test results of CPM on the Nutanix File Cluster (cache enabled 2% slower). Next topic by Jan Hendrik was how File Deduplication works within CPM (only for files that are mostly static, sharefilelist.meta points to file on the shared file store, sharedfile.upm represents the file in the SharedStore) including a quick demo. Some interesting questions were asked, some answers were not directly available (access rights on the Share Storage, feature interesting on Nutanix Files). Jan Hendrik continued with CPM Container Access Modes (multi-session access, multi-session writeback access and exclusive access - new in 2308), followed by profile container expansion (auto expansion, compaction overview - free space ratio/number of logoff, compaction only happening on the primary location). Gabe shared the test results of compaction performance impact (not a big impact) and local caching enabled/disabled, followed by a summarization.
The next session I attended was XenServer Best Practices for EUC Workloads by the Alex Brett, Ian Firth and Mikael Lindholm. Mikael started off with new release of XenServer 8 (including Windows 11 support). He brought it with the right sarcasm ;-). Ian continued with the biggest customer challenges (capacity/performance management, resource bottle necks/sizing). Alex took over discussing the PVS Accelerator including a demo (99% less network/storage traffic, 5 times faster boot times). Next topic was IntelliCache for MCS characteristics, followed by Storage Optimizations Read Caching (can be combined with PVS Accelerator / MCS I/O). All features did not have significant improvements; however they are now parts of the XenServer install and integrated in the other Citrix Management tools. Ian continued with upgrading/updating bottlenecks (complexity, outages/business impact/fear of breakage), where Alex took over to go into more details (previous hotfixes, dependency on hotfix/rollups. XenServer 8 uses a new model with continuous update stream, updates on 2-week cadence, 6 months update stream to keep supported, two channels - early access/normal, no internet connection is required - offline mode is coming soon). Host Pool Size considerations was the next topic (could not keep up writing down those). The last topic was the future (image migration - PVS teleportation, Terraform support, improved agility of MCS machines, deeper integrated workload understanding, XenServer 9 [Linux 6.x kernel, improved driver management, entirely new Domain 0, host IPv6 support].
Automating application lifecycle, from vendor release to user deployment by Jim Moyle was the last session I attended on Saturday. Jim has created a Community AppAttach repro. Jim uses a step by step approach how the code is working: 1. Pick an application, 2. Pick a Source (Winget, MS Store, EverGreen, Chocolatey), 3. Check the source (evergreen PowerShell, winget not showing the information needed, winget with source and ID start with 9 it a MSIX), 4. Find a MSIX?, 5. Save Metadata and download file, 6. Check hash, 7. No MSIX - 32app (MSIX Packaging Tool, 8. Create VM form Azure Compute Gallery, 9. Make MSIX Name, 10. Convert to MSIX.
After the sessions Alex organized a sight-seeing bus tour again. It was busy in the city, so we stood still a lot and not all things can be reached by bus, however it was nice that the option was offered to get a glance of the city (although I was glad that I used the Thursday in advance to be a tourist and have a better view on city). After the bus tour many people were back in the hotel for some drinks. As I had a flight at 10:00 on Sunday morning I did not have the possibility to attend one of the sessions on that day.
In summarization I enjoyed it again. It was cool to visit Madrid for the first time, to see many people again and interesting sessions. Next E2E VC will be in Montreal (Canada), but for most European people the next will be in the first weekend of November in Barcelona.