Receiver for BlackBerry 2.1

Written by Thomas Poppelgaard. Posted in Receiver

Citrix have released a new Receiver for BlackBerry 2.1

What’s New

  • Support for ICA encryption (SecureICA) to secure communications between user devices and XenApp and XenDesktop.
  • Support for Web Interface 5.4, enabling users with mobile devices to launch applications through a Program Neighborhood Services site.
  • Users can now enter alphanumeric RSA tokens to connect to Citrix Access Gateway.
  • User experience enhancements:
    • Streamlined Citrix DemoCloud setup provides immediate access. The user name is the only input needed.
    • For BlackBerry 6.0 devices: Touch the screen or use the trackpad/trackball to change the mode.
    • A self-service network status message keeps users informed about poor network conditions.
    • Support for Windows shortcut keys: Use the Send Windows generic function keys button on the Receiver toolbar for operations such as Copy, Cut, Paste, and Save .
    • Improved error handling and notification to users about expired RSA tokens and more descriptive error messages for connectivity issues.
    • Usability improvements such as improved zoom performance and more accurate cursor movements.

 

Citrix Receiver is downloadable from BlackBerry App World for supported BlackBerry devices.  Automatic updates will occur when new versions are available.

For administrators, the download package can be downloaded and deployed to employee devices via the BlackBerry Enterprise Server.

Download Receiver for BlackBerry 2.1 here

Continue Reading No Comments

Citrix Receiver 3.0 for Windows Technical Preview

Written by Thomas Poppelgaard. Posted in HDX, Receiver, XenApp, XenClient, XenDesktop

Citrix is have released a technical preview of the next version of Citrix Reciever 3.0 for Windows.

Citrix Synergy is helding these days and on Wednesday all the great new technologies from Citrix will be announced.

Receiver 3.0 will dramatic improve the user experience, look out for features like Session Pre LaunchMulti-stream ICA, Multiple audio device redirection and New Single Sign-On Plug-in

What’s New

  • Citrix Receiver for Windows.The Citrix Receiver replaces the Citrix Online Plug-in for Windows. The Online Plug-in 13.0 is embedded in Receiver.
  • Unified user experience. Gives end users a common user interface whether using only Citrix Receiver or with any other Citrix Plug-ins.
  • Improved user experience. Improved application launching and reconnection.
  • Internet Explorer 9 support.
  • Simplified listing of devices in the Desktop Viewer. To simplify the display of USB devices, by default any that use the Generic USB virtual channel (for example, webcams and memory sticks) are not displayed on the Devices tab of the Desktop Viewer Preferences dialog box. Users can view the complete list of devices using a checkbox on the tab.
  • Enhanced Desktop Viewer user interface. The Preferences dialog box in the Desktop Viewer has been redesigned, and the USB button on the toolbar is now called Devices.
  • Windows 7 support. The Citrix Desktop Lock (formerly called the Desktop Appliance Lock) now supports Windows 7.
  • RemoteFX support. As an alternative to the Desktop Viewer UI, you can form connections to XenDesktop VDAs using Microsoft RemoteFX. For instructions on this, see CTX129509.
  • Session pre-launch. Reduced application launch time at high-traffic periods. Configure this feature on the server and client sides.
  • Multi-stream ICA. Improved QoS support by allowing Branch Repeater and third party routers to apply QoS policies across multiple ICA connections.
  • Multiple audio device redirection. Enables remoting of multiple audio devices present on the user device.
  • New Single Sign-On Plug-in. Simplified password management.
  • Aero support. Receiver now supports the display of Windows Aero theme on virtual desktops. A new .msi file is included that works with the Virtual Desktop Agent (part of XenDesktop) to provide the support.
  • User documentation. Topics that describe how users interact with their virtual desktops and control the Desktop Viewer have been moved from eDocs to the Receiver for Windows online help, which also includes the Connection Center help. This is available at http://support.citrix.com/help/receiver/en/receiverHelpWin.htm.
Continue Reading No Comments

Inconsistent Virtual Disk Locking in Distributed High Availability with Provisioning Services 5.6

Written by Thomas Poppelgaard. Posted in Provisioning

Symptoms

When using Provisioning Services 5.6 and a distributed High Availability (HA) model for the virtual disk stores, the environment level view of virtual disk locks can become out of synchronization with the actual current status of the devices connected to specific virtual disks. In certain circumstances, this can lead to virtual disk corruption.

Note: This behavior relates to the virtual disk locking mechanism. HA failover ability is not affected by this behavior.

Scenario 1:

A target machine boots normally, however, a virtual disk lock is only created on the Provisioning Services server serving the virtual disk and not on the second Provisioning Services server.

Result:

The properties of the virtual disk can now be edited on the second Provisioning Services server because it is not aware of the lock on the first server. This could potentially lead to virtual disk corruption.

Scenario 2:

A target machine boots from one Provisioning Services server but a HA failover event occurs which causes the target to failover to the second Provisioning Services server. In this case, the only lock shown in the Provisioning Services console is the lock on the second Provisioning Services server, which is currently serving the virtual disk.

Result:

The properties of the virtual disk can be edited on the first Provisioning Services server, because it is not aware that the second Provisioning Services server is now streaming the virtual disk.

Scenario 3:

Following on from Scenario 2, if the target device fails over from the second Provisioning Services server back to the first, the lock is removed from the second server but never recreated on the first Provisioning Services server.

Result:

Neither server now shows a lock on the virtual disk. This means either server can be used to modify the virtual disk, leading to data corruption of the virtual disk itself.

Cause

Because Provisioning services does not centrally store the virtual disk locks, in a situation when HA functionality is executed in a distributed HA environment, the Provisioning Services servers view of the locks becomes inconsistent.

Workaround

Because the problem only occurs when using a distributed HA model for Provisioning Services virtual disk stores, this issue does not occur if a shared storage solution is used.

More Information

CTX127549 – Provisioning Services 5.6 Best Practices

 

Continue Reading No Comments

Hung Threads on the Provisioning Services Server

Written by Thomas Poppelgaard. Posted in Provisioning

Symptoms

Target devices hang and the Stream.log on the Provisioning Server contains the following entries:

ERROR   CSSProtocolModule::DoTraceEvent Detected one or more hung threads.
ERROR   CSSProtocolModule::LogReport 2 thread(s) last known to be active at .\SSProtocol.cpp:591 have been inactive from 215 to 215 seconds.
ERROR   CSSProtocolModule::DoTraceEvent Terminating StreamProcess.

Cause

This issue occurs either when the database server which hosts the Provisioning Services database goes offline or when the database server is not able to service the Provisioning Services requests in a timely fashion, without actually fully going offline.

Workaround

If the database server goes offline, enable DB Offline support to allow your targets to remain running until the database server can be brought back online.

If the database server is not able to respond in a timely fashion, investigate the loads on your database server and consider using a dedicated instance to service the Provisioning Services infrastructure.

More Information

CTX129173 - How to Enable DB Offline in Provisioning Services

 

Continue Reading No Comments

Secure Deployment Guide for NetScaler MPX and VPX Appliances

Written by Thomas Poppelgaard. Posted in Access Gateway, Netscaler

Citrix have released this great secure deployment guide for NetScaler MPX and VPX appliance.

I have made a summary in bullets so you can get a quick overview what the guide covers. I recommend that you download the guide to read the entire content.

Overview

NetScaler® Security Best Practices for MPX and VPX

Citrix® NetScaler® MPX appliance is an application delivery controller that accelerates Web sites, provides L4-7 traffic management, offers an integrated application firewall, and offloads servers. Citrix® NetScaler® VPX is a virtual appliance that has all the features of NetScaler MPX appliance, runs on standard servers, and provides higher availability for Web applications including Citrix XenDesktop and XenApp. Utilizing both NetScaler MPX and VPX appliances, an organization can deploy the flex-tenancy solution that further optimizes Web application delivery infrastructure by separating high-volume shared network services from processor-intensive, application-specific services. Furthermore, a NetScaler appliance enables the seamless integration with Citrix OpenCloud Access that can extend a datacenter with the power of the Cloud.

To maintain security through the deployment lifecycle, Citrix recommends the following security considerations:

  • PhysicalSecurity
  • ApplianceSecurity
  • NetworkSecurity
  • AdministrationandManagement

Deployment Guidelines

The following are the organizational security considerations and recommendations for the deployment of a NetScaler appliance:

Physical Security

  • Deploy the Appliance in the Secure Server Room
  • Protect the Front Panel and Console Port from Unauthorized Access
  • Protect Power Supply

Appliance Security

  • Secure the Server operating system that Hosts a NetScaler VPX Appliance
  • PerformRemoteSoftwareUpdates
  • FollowSecureLifecycleManagementPractices

Network Security

  • Consider using an X.509 Certificate from a Reputed Certificate Authority for the Internet Facing Web Application
  • Use Transport Layer Security when Accessing an Administrator Interface
  • Use a Non-routable Management IPAddress
  • Configure a High Availability Setup
  • Configure Network Security Domains
  • Use Stateful Firewall Protection

Administration and Management

  • Create an Alternate Super User Account
  • Change Password for the nsroot Super User Account.
  • Follow Best Practices for the Implementation of a NetScaler Appliance
  • Use Access Control
  • Set up Secure Communication Between Peer Appliances
  • Configure Other Accounts Remotely
  • Configure Logging to External NetScaler Log Host
  • Add SNMP Managers
  • Use SNMP v3 Security Features
  • Configure NTP
  • DisableSSLv2Redirect
  • DropinvalidHTTPrequests
  • DisableSSLRenegotiation
  • Whitelist HTTP headers
  • Disable Layer 3 Mode
  • Consider Using Application Firewall in a NetScaler Platinum Edition Appliance

NetScaler-FIPS Recommendations

  • Change FIPS Crypto Card Passwords
  • Store the HSM Password in a Secure Location

Access Gateway Enterprise Edition Security Recommendations

  • Use Default Deny
  • Use SSLv3/TLS Communication Between Servers
  • Use the Intranet applications feature

Application Firewall Security Recommendations

  • Deploy the Appliance in the Two-arm Mode
  • Use Default Deny

Download the - Secure Deployment Guide for NetScaler MPX and VPX Appliances here

Continue Reading No Comments

Blogs i read

Recent Comments

Thomas Poppelgaard

|

Hi i have changed the colors. Is this better ?

I have also optimized the load of the articles (text, photo) compression it should be must faster now.

Let me hear your thoughts, thank you for using my site.
/Poppelgaard

ylzjyu

|

Hi:
Blog background is not comfortable

Like the old style

Edmund Fuerst

|

Really great job. Thank you!!!

Yusuf Assenjee

|

We have a model of the 3690 that does not have this setting in Uefi

infinite boot retry

we cannot get Xen 6 to boot.

Any hint?

ylzjyu

|

Hi,Poppelgaard
Thank you very much.
I like your site.

Feeds from Citrix Blog :