Citrix Consulting have created this great whitepaper that describes how you create High Availability for TFTP with Citrix Provisioning Services and Netscaler

Overview

Citrix Provisioning Services is a software streaming technology that allows servers and desktops to be provisioned and re-provisioned in real time from a single shared-disk image
1. The service is commonly integrated with Citrix virtualization solutions to optimize Operating System delivery and management. Often these solutions are critical to the operation of organizations and require high availability. Providing high availability for Provisioning Services requires designing each component of the service without a single point of failure across the network. The „bootstrap file‟, named ardbp32.bin, is a key component that must be delivered to Provisioning Services target devices in order for them to communicate with Provisioning Services over the network.

The bootstrap file is typically delivered via Trivial File Transfer Protocol (TFTP) services hosted on Provisioning Servers. This document focuses specifically on comparing high availability options fordelivery of the bootstrap file to target devices via TFTP. The advantages and disadvantages of each option are outlined as well as the steps to implement the load balancing options with NetScaler. The document scope does not include details of the implementation or operation of other aspects of Provisioning Services.

Read the full whitepaper Implementation Guide for High Availability for TFTP here

This document applies to:

• NetScaler 9.0
• NetScaler 9.1
• NetScaler 9.2
• NetScaler 9.3
• XenApp 6.0 for Windows Server 2008 R2
• XenApp 6.5 for Windows Server 2008 R2
• XenDesktop 4 x32
• XenDesktop 5 x32
• XenDesktop 5.5 x32

Citrix have released CloudGateway Enterprise for web.

About CloudGateway Enterprise

CloudGateway Enterprise is designed to offer a single point of control for enterprise delivery of Windows, Web and SaaS applications, with a seamless end-user experience across the various Receiver variants. CloudGateway Enterprise comprises of three key components:

1. StoreFront services- The Windows component allowing the various Citrix Receivers to connect to the enterprise store, and deliver Windows, Web and SaaS applications to users, with a follow-me subscription and launch experience.
2. AppController- A linux based virtual machine available for both XenServer and vmware based hosts, providing the central administrative point for configuration of all enterprise Web and SaaS applications, to be delivered to end users, with a single sign-on federation and consolidated provisioning capabilities
3. Gateway services – Delivered through the Access Gateway component, either standalone, or as a feature of the NetScaler MPX, VPX and SDX platforms.

Note that CloudGateway Enterprise provides the license entitlement for the Access Gateway universal licenses, but the actual AG physical or virtual appliances actually needed to deploy this functionality, will need to be procured independently

In addition to the above components CloudGateway Enterprise will also consist of regular AppConnector update packs, which will include new connectors for applications, that will keep increasing the number of applications supported for both federation and user account provisioning support within the AppController.

Source

Download Citrix CloudGateway Enterprise here

Enhancing XenDesktop Availability with NetScaler Implementation Guide

Providing high-availability to a XenDesktop environment provides the level of assurance organizations need when moving towards a desktop virtualization solution. Because the desktop operating environment is no longer on the endpoint, but is instead within the data center, a failure of one component has the potential to impact hundreds or thousands of users. This is a risk with any desktop virtualization solution. Because of this fact, XenDesktop is built around fault tolerant components that can be further enhanced with Citrix NetScaler to provide disaster recovery and
business continuity.

This Implementation Guide shows how to provide high-availability, disaster recovery and business continuity to a XenDesktop environment.

The document is divided into the following sections:

• Local Availability: Configure the XenDesktop components in a highly-available configuration
• Global Availability: Configure the XenDesktop architecture to provide the best delivery for users, regardless of location
• Disaster Recovery/Business Continuity: Provide XenDesktop users with a fallback solution in the event of a major outage.

Read the full whitepaper here

Enhancing XenApp Availability with NetScaler Reference Architecture

As organizations simplify desktop management activities through the use of desktop virtualization, creating a highly available architecture becomes ever more important. Historically, users were minimally impacted by desktop outages. In many situations, an outage typically impacted a single user, as one desktop device belonged to a single user. In a virtualized desktop operating model, there is the potential for an outage to impact hundreds or thousands of users if the environment is not designed appropriately.

This white paper focuses on the fault tolerant and high-availability options integrated with Citrix XenApp 6.5 as they align with three different focus areas:

• Layer 1 – Application Availability: Users should always be able to work with an available hosted shared desktop or application.
• Layer 2 – High Availability: Failures within a site should not impact desktop or application availability.
• Layer 3 – Business Continuity/Disaster Recovery: The loss of an entire site should not prevent users from accessing their desktops or applications.

By focusing on three distinct layers, an organization can feel confident in the operational availability of the architecture, even in the event of a catastrophic failure.

Read the full white paper here

Citrix EdgeSight for NetScaler 2.1 is now available as a final product and not a beta anymore.

Citrix EdgeSight for NetScaler builds application visibility into the application delivery infrastructure, providing end-user performance monitoring for Web applications and enabling IT managers to proactively manage performance and availability based upon actual user experience.

EdgeSight for NetScaler transparently monitors Web application performance, both as transaction requests and responses traverse the Web application elivery infrastructure, and as the responses execute on the end users’ Web browsers. By directly monitoring both the Web application delivery infrastructure and the Web pages themselves, EdgeSight for NetScaler provides IT managers with unique and granular visibility to the key components of application performance.

Feature highlights for this release are:

• Simplified Installation – Automated setup wizard, post installation setup wizard
• NetScaler Configuration - Simplified EdgeSight wizard, ability to enable/disable on CS/LB vserver
• Cool Dashboard - Application View, Client View, Improved Geo Location based details
• Application Definition - Endpoint becomes Application
• Application Dashboard - Global Vs Regional View, Response Time Calculation ,Browser Performance, Server Processing Time
• Administrative Changes - Application View, Grouping within Application , Application Pages

Download Edgesight for NetScaler 2.1 Beta here

Enhancements  in NetScaler 9.3 Build 51.5

Application Firewall

The new Signature Editor allows users to customize signature rules and add their own signature rules to a signatures object, to meet the specific security
needs of their protected web sites and web services. Signature patterns, which define how a particular type of attack is detected, can be based on literal
strings, PCRE-format regular expressions, or the built-in SQL injection or cross-site scripting patterns. You can assign them to the default signature
categories, or create your own categories for ease of management.  For more information on how to create and modify local signature rules, see the
online help.

Configuration Utility

In the configuration utility, in the ‘View Connections’ dialog box of the ‘Diagnostics’ page, the ‘Client-server’ check box has been renamed to
‘Client-Server Link Mapping’. When you select this check box, the dialo box displays all the linked client server mappings.

Load Balancing Virtual Server Entity Template

Now, when you export a load balancing entity template, a deployment file is created along with the entity template file. Both files are created in XML
format. The template file contains configuration-specific information and the deployment file contains deployment-specific information.
When you import the template file, you can either specify the deployment file or you can manually enter the deployment information. If you specify the
deployment file, the NetScaler appliance uses the deployment information in the deployment file.

NetScaler MPX 9700/10500/12500/15500 10G FIPS Appliances

SSL transactions per second (TPS) performance on the NetScaler MPX 9700/10500/12500/15500 10G FIPS appliances has significantly improved for
1024-bit and 2048-bit keys.

NetScaler MPX 11500/13500/14500/16500/18500 and SDX 11500/13500/14500/16500/18500 appliances (nCore only)

You can now convert a Citrix NetScaler MPX 11500/13500/14500/16500/18500 appliance to a Citrix NetScaler SDX appliance.

For more information on this migration, see http://support.citrix.com/article/ctx129423.

For more information about configuring a Citrix NetScaler MPX 11500/13500/14500/16500/18500 appliance, see http://support.citrix.com/article/ctx129788.

For more information about configuring a Citrix NetScaler SDX 11500/13500/14500/16500/18500 appliance, see http://support.citrix.com/article/ctx129787.

NetScaler Cloud Bridge

Now the NetScaler Platinum Edition license includes support for the Cloud Bridge feature.

NetScaler License

A new license has been introduced that includes support for the following
features:
• Cloud Bridge
• All features available in the Standard Edition license except Access Gateway.
• GSLB

NetScaler SDX Appliance

The following table shows the maximum throughput available on the Citrix NetScaler SDX 11500/13500/14500/16500/18500 appliances.
Platform                        Maximum throughput (in Mbps)
SDX 11500                           8000
SDX 13500                          12000
SDX 14500                          16000
SDX 16500                          20000
SDX 18500                          30000

SSL

The following new counters and SNMP OIDs measure the utilization of the Cavium
chip in SSL processing:
* Per device queue size
** BCM card:
bcm_cur_q_size: bcm(<card-id>)
**Old FIPS card
fips_cur_q_size: fips(<card-id>)
** NGFIPS card
fipsN2_cur_q_size: fipsN2(<card-id>)
** Cavium accel card
cvm_cur_q_size: cavium(<card-d>)
* Global q size
** counter: ssl_cur_q_size
** SNMP name: sslCurQSize

System (nCore, nCore VPX)

Support for the uniq tool, which is used to print the unique lines in a sorted file, has been included. The uniq tool is available in the shell interface.

VPX

Now you can set the cache memory size of a NetScaler VPX instance up to 8 GB.

To set the cache memory size of a VPX instance
1. Set the memory to the VPX instance. The minimum memory required for this instance for the basic functionality is 2 GB. To use large cache feature, you
have to increase the memory, for example, 14G [8G for Cache + 6G for PE and BSD]

2. On the VPX instance, add and apply the VPX-3000 license by either using the NS CLI or the configuration utility. This license allows you to set large cache
size (8 GB.)

3. Set the cache memory to the VPX instance by either using the NS CLI or the configuration utility.

4. Add a virtual disk to the VPX instance and set the size equal to 2.25 * VPX instance memory. For example, 32G [2.25*14].

5. Reboot the VPX instance.

Download NetScaler Release 9.3 Build 51.5 here

Summary

NetScaler 9.3.e is an enhancement branch of the 9.3 release. Like NetScaler 9.3, NetScaler 9.3.e meets this challenge by delivering a service delivery architecture that enables consolidation of adjacent services, like desktop delivery, data optimization, application visibility, network bridging and identity management.

Key New Features:

• Database load balancing for Oracle MySQL and Microsoft SQL
• AppFlowTM – open, IPFIX standards-based application flow visibility
• New dynamic XenDesktop/XenApp health monitors
• Load balancing for Branch Repeater
• Application Firewall signatures
• OpenCloud Bridge

Citrix NetScaler® OpenCloud Bridge™ feature is a tool used to build a cloud-extended data center leveraging a layer-2 network bridge that connects a premise datacenter to a cloud.  In this release, OpenCloud Bridge relies on Generic Routing Encapsulation (GRE) protocol and IPSec support.  The GRE protocol provides a mechanism for encapsulating packets from a wide variety of network protocols to be forwarded over another protocol.  In the OpenCloud Bridge scenarios, WAN optimization can be combined with GRE to optimize the WAN traffic to the cloud.

In addition, here are the new features that have been included with these 9.3.e builds.

• Ability to flush surge queue without disabling service
• “show cs vserver” output should list policies by priority instead of bind order
• Allow ICMP fragments for ECHO request and response.
• Ability to customize string that would match through a policy.  Customserverid persistence to be string vs an integer.
• Forwarding sessions support
• Ability to use specified source IP for backend communication (Network Profile) support

Enhancements

Content Switching
When you run the ‘show cs vserver’ command, you can now view the content switching policies associated with the virtual server in the order of the
priority of the policies rather than by the chronological order in which they are bound. This enhancement can help you know the order in which the content switching polices are applied and therefore, understand how client requests are routed. The configuration utility also shows the content switching policies in the order of their priority.  For more information, see the “Viewing the Properties of Content Switching Virtual Servers” section in the Content Switching chapter of the Citrix NetScaler Traffic Management Guide, available at http://support.citrix.com/article/CTX128670.

Networking

Now you can enable a NetScaler appliance to forward all the ICMP fragments of an ICMP echo request, destined to a network device, and the ICMP fragments of the corresponding echo response. One of the examples where this enhancement is useful is a scenario including a NetScaler appliance and a Windows 2000 Server. The Windows 2000 server sends out ICMP request of size 2048 for slow link detection. The NetScaler appliance successfully forwards the ICMP fragments of the ICMP request to the destined network device and the ICMP fragments of the ICMP response from the network device to the Windows 2000 server.

Surge Protection
If you want to flush the surge queue of a service, service group, or a load balancing or content switching virtual server, now you do not need to disable
the NetScaler entity. With this enhancement, you can manage the traffic in surge conditions without affecting the existing traffic.
Options are added to the command line interface and configuration utility to flush a surge queue. Flushing a surge queue does not affect the existing
connections. Only the requests present in the surge queue get deleted. For those requests, the client has to make a fresh request.
When you flush the surge queue of a virtual server, the surge queues of all the services and service groups bound to it are flushed. When you flush the surge
queue of a service group, surge queues of all its members are flushed. You can flush the surge queue of one or more members of a service group without
flushing the surge queues of all its members. You can flush the surge queue of a specific service. In the configuration utility, when you select an entity the ‘Flush Surge Queue’ option is available in the action pane. In the command line interface ‘flush ns surgeQ’ option is added with necessary options.
For more information, see the “Flushing the Surge Queue” section in the Load Balancing chapter of the Citrix NetScaler Traffic Management Guide, available at http://support.citrix.com/article/CTX128670.

Download Citrix NetScaler 9.3.e here (require myCitrix)

Summary

This article contains information about how to configure Global Server Load Balancing (GSLB) in Active-Passive mode.

Procedure

To configure GSLB in Active-Passive mode complete the following procedures:

Configuring Site A as Active GLSB Site

Configuring Site B as Backup GLSB Site

Configuring Site A as Active GLSB Site

Complete the following steps, to configure site A as the active GSLB site:

Configuring Site B as Backup GLSB Site

Complete the following steps, to configure site B as the backup GSLB site:

• Run the following command to set up the backup GSLB virtual server:
  set GSLB vserver gvserver-a -backupVServer gvserver-b

This article applies to:

• NetScaler 9.0
• NetScaler 9.1
• NetScaler 9.2
• NetScaler 9.3

This article applies for Access Gateway Enterprise 9.2 and Netscaler 9.0

Symptoms

You might experience issues when installing the Platform License for Unlimited ICA connections. The license is not recognized and you will be unable to install it.

Additionally, the output of the show license command displays 0 ICA users. Following is a sample output of the show license command:

After restarting the appliance, the license.log file in the /var/log directory displays the error message, as shown in the following screen shot:

Background

The following increment entries in the license file were verified as explained in Knowledge Center article CTX125567 – How to Configure an Access Gateway Enterprise Edition Appliance with Unlimited ICA Connections

INCREMENT CAG_ICA_CCU CITRIX 2011.0202 permanent 10000
INCREMENT CAG_BASE_SERVER CITRIX 2011.0202 permanent 1

Cause

The Platform License for Unlimited ICA connections file was allocated and downloaded in a single file along with other licenses available on the Citrix Website.

Resolution

Reallocate and download all the licenses as separate files. The Platform License should not be downloaded into the same file, which contains other licenses.