Month: October 2010

Citrix have released XenApp Printing Optimization Pack. When i read through the new features, then it reminds me of “Project Laser”, thats going to be released to XenDesktop 5 in Q4 2010. My view on this feature is this is first phase of releasing “Project Laser” and when XenDesktop 5 is released its a part of the Download, its already on XenDesktop Components for (XenDesktop 4.0 Feature Pack 2). so its semi OUT*  Project Laser ;o)

Derek Thorslund writes about Project Laser:
HDX Plug-n-Play now automatically discovers printers when they are plugged in or wirelessly connected to the network, creating printer connections in real time. And printers created by roaming XenDesktop VDI users are immediately reflected in upstream XenApp sessions.

This is one of the new features in XenApp Printing Optimization Pack:
(evidence that its Project Laser,  oh yes!)

Adds dynamic printer discovery to automatically reenumerate and update XenApp session printers after roaming to a different location so that relaunching of XenApp sessions is no longer necessary.

Well enough of my opinions about this product.

Features of XenApp Printing Optimization Pack

XenApp Printing Optimization Pack improves printing speed, reduces bandwidth required for printing, and improves the user experience when printing to redirected client printers.

XenApp Printing Optimization Pack:

  •  Adds settings to the Universal Printing Citrix policy setting that control enhanced Metafile Format (EMF) processing mode and image and font caching, limits and defaults for print quality and image compression, and users’ ability to modify these settings
  •  Adds options to the Session printers Citrix policy setting that control default printer settings for session printer
  •  Adds options to the Printing driver mapping and compatibility Citrix policy setting that control default printer settings for mapped client printer drivers
  •  Adds dynamic printer discovery to automatically reenumerate and update XenApp session printers after roaming to a different location so that relaunching of XenApp sessions is no longer necessary.

System Requirements


  •  XenApp 6 for Windows Server 2008 R2

User devices

  •  Citrix online plug-in 12.1 for Windows
  •  Windows 7 (Home Premium, Professional, Enterprise, and Ultimate editions), 32-bit and 64-bit editions
  •  Windows Vista (Home Premium, Business, Enterprise, and Ultimate editions), 32-bit and 64-bit editions
  •  Windows XP Professional, 32-bit and 64-bit editions 

download here (requires mycitrix credentials)

This is pretty cool, i have been told about this feature some while ago, but today 28-10-2010, Citrix have released the integraded Webinterface on Netscaler, and its available today.

The solution requires the use of NetScaler MPX or VPX models with nCore.

The  Web Interface feature is available starting with version 9.2 47.9007e and higher.

Download and Install

Web Interface requires two components be installed on the NetScaler to start it: (1) A Java Runtime Environment (JRE), and (2) The Web Interface core. Both pieces are available as individual downloads on this page. You must download and install both components to make Web Interface work.

To begin, download the following software files. For faster installation, copy these tar files to a local workstation or to the /var directory of the NetScaler appliance.

  1. Download the Java Diablo Latte JRE install file for FreeBSD 6.x (amd64) platform after accepting the license agreement terms for it. Get it free at:here.
  2. Download the Web Interface on NetScaler package (nswi-1.1.tgz) below. This is a set up file for installing Web Interface on NetScaler.
  3. Download the 9.2 Release Build 47.9007e below.

Next, upgrade the NetScaler MPX or VPX to the build below. Instructions on upgrading the NetScaler are located in Upgrading to a Later Build within Release 9.2.e section of the Citrix NetScaler Migration Guide – Release 9.2.e.

Web Interface on NetScaler requires installation of the Web Interface package (nswi-1.1.tgz) and the JRE version for FreeBSD 6.x (amd64) platforms. These files install all the Web Interface components and JRE on the NetScaler hard drive, and configure automatic startup of the Tomcat Web server with Web Interface at NetScaler startup time.

Once the NetScaler upgrade to Build 47.9007e is completed, you are ready to install Web Interface on NetScaler.  At the NetScaler command prompt, type:
ns> install wi package -wi URL -jre URL

Example when files are remote from the NetScaler:
install wi package -wi “sftp://username:password@” -jre “sftp://username:password@”


install wi package -wi “” -jre “”

Example when files are local on the NetScaler:

install wi package -wi “file:///var/tmp/nswi-1.1.tgz” –jre “file:///var/tmp/diablo-latte-freebsd6-amd64-1.6.0_07-b02.tar.bz2”

From the NetScaler GUI, expand the System > Web Interface tab > Install Web Interface and browse to the location of the Web Interface on NetScaler package and the location of the JRE install file. For a demo on using the GUI to set up Web Interface on NetScaler, visit Citrix TV.

For detailed instructions on adding web interface site(s) and binding sites to the XenApp farm(s), reference the NetScaler Administration Guide 9.2.e in the section Web Interface. Examples are provided using the NetScaler command line and the configuration utility (GUI).

Download Web Interface on NetScaler 9.2.e nCore + components here

HOWTO install and configure Web Interface on Netscaler 9.2.e nCore

Whats new

  • ICA File Signing. Helps protect users from unauthorized application or desktop launches by digitally signing .ICA files. You can configure the online plug-in security policy and digital-signing requirements using Group Policy Objects or the Citrix Merchandising Server with the online plug-in. The online plug-in verifies that a trusted source generated the application launch and based on administrative policy, protects against application launches from untrusted servers.
  • Enhanced printing performance. Improves user printing performance and speed when printing to redirected client printers. Install the XenApp Printing Optimization Pack on the server running XenApp 6 for Windows Server 2008 R2 and configure the server-side policy settings for:
    • Dynamic Client Printer Mapping. Redirected printers are discovered dynamically and created automatically.
    • Optimized EMF Universal Print Driver. Reduction in bandwidth consumption for the most demanding printing applications.
    • Enhanced XPS Universal Print Driver. Improved printing performance on Window 7 clients.
  • New decoder for HDX 3D Pro Graphics. A new deep compression codec is included in the online plug-in to receive 3D professional graphics over low bandwidths. For details about HDX 3D Pro Graphics, see

Download Citrix Online Plug-in 12.1 here

I am proud to inform you all that Citrix have released Citrix Access Gateway 5.0 VPX.

The CAG 5 VPX is a major breakthrough, thats going to change how we use Secure solutions from Citrix. The VPX means that is a virtual appliance, that you can implement on either XenServer or VmWare. You can also upgrade your existing 2010 appliance to Citrix Access Gateway 5.0. Access Controller is a new functionality that replace the old “Advanced Access Control” So all you people using Access Gateway, Secure Gateway. Jump on the wagon and virtualize your Access Gateway. For best redundancy i recommend that you look at Netscaler.

Access Gateway 5.0 includes the following new features:

  • Access Gateway Management Console. The Management Console replaces the Administration Tool and Administration Portal in earlier versions of the appliance. The Management Console, a Web-based application, makes it easy to install certificates, configure access control, and monitor activity from any Flash-enabled Web browser. For more information, see Introducing the Access Gateway Management Console.
  • Authentication profiles. Authentication profiles replace authentication realms. You can configure LDAP, RADIUS, and RSA profiles on the appliance. You can configure double source authentication using logon points. You can also use Active Directory authentication on Access Controller. For more information about configuring authentication on Access Gateway or Access Controller, see either Configuring Authentication and Authorization or Configuring Authentication and Authorization on Access Controller.
  • Network resources. A network resources identifies those areas in the secure network that users are allowed to access. You can allow or deny access to a network resource in SmartGroups. For more information, see Network Resources Overview.
  • Logon points. Each Access Gateway appliance can host multiple logon points to support different features or different user communities. You can configure Basic and SmartAccess logon points. Basic logon points allow users to connect with Citrix online plug-ins or Desktop Receiver only, providing access to published applications or desktops. Users do not need a Universal license to log on using a basic logon point. SmartAccess logon points allow users to connect with the Access Gateway Plug-in and have greater access to network resources. For more information, see Logon Points Overview.
  • SmartGroups. SmartGroups in Access Gateway contain a collection of settings that group users according to their identity, location, authentication and authorization type, and the results of endpoint analysis (as defined in device profiles). First, you define the criteria users must match to become a member of a SmartGroup, and then you define the network resources, actions, and other settings for the SmartGroup. For more information, see SmartGroups Overview.
  • Device profiles. You can configure endpoint analysis scans using device profiles. If you enable a device profile within a logon point, the endpoint analysis scan determines if users receive the logon page and subsequently log on. If you enable a device profile in a SmartGroup, the device profile you select determines the user access permissions for that SmartGroup. For more information, see Device Profiles Overview.
  • Snapshots. You can take a snapshot of the appliance configuration at a given point of time. You can export snapshots to your computer and you can revert to an earlier snapshot. Using the Snapshots tab in the Management Console, you can upgrade to new Access Gateway software versions. For more information, see Snapshots Overview
  • Appliance failover.You can configure two Access Gateway appliances for appliance failover. The appliances operate in active/passive mode, in which the primary appliance services all user connections, and the secondary appliance monitors the primary appliance and synchronizes session information. If the primary appliance fails, the secondary appliance takes over. For more information, see Deploying Additional Access Gateway Appliances for Load Balancing and Appliance Failover.
New features in Citrix Access Controller include:
  • Clustering. In Access Gateway 5.0, when multiple servers are running Access Controller, the servers are referred to as a cluster. When you have a cluster, you can share sessions across multiple Access Gateway appliances.
  • Native Active Directory authentication. Access Controller supports native Active Directory with Windows authentication.
  • Advanced endpoint analysis options.
  • Advanced authentication options.
  • Centralized control of multiple Access Gateway appliances.
  • Centralized access logging.
  • Delivery Services Console. The Access Controller administration tool is more closely aligned with XenApp and XenDesktop.

Platform License Required
Each appliance running Access Gateway 5.0 requires a platform license in order to function. Without the platform license installed, the gateway will not allow logins after a 48-hour grace period. Platform licenses are delivered electronically when an appliance is ordered. If you have an existing Access Gateway Model 2010 appliance covered by Warranty, you can obtain your Access Gateway Platform License using the Upgrade My Products toolbox on MyCitrix.

User Licenses Optional
The required Access Gateway platform license enables unlimited logins through Basic logon points. Each concurrent login to a SmartAccess logon point requires an Access Gateway user license. Access Gateway Standard Edition or Access Gateway Universal licenses may be used for this purpose.

Subscription Advantage Eligibility Date
To use your existing Access Gateway licenses with this version, the Subscription Advantage on those licenses must be valid on or after September 1, 2010.

Supported Platforms

Access Gateway 5.0 is supported only on the following appliance platforms:

  • Access Gateway Model 2010
  • Access Gateway VPX

Discontinued Features and Functionality

The following table below lists the features that are deprecated or removed in Access Gateway 5.0.

Feature Access Gateway Access Controller Comment
Double-hop demilitarized zone (DMZ) x    
Dynamic routing with the Routing Information Protocol (RIP) x    
Windows NT LAN Manager (NTLM) as an authentication method x    
Locally defined users on Access Gateway x    
Administration Tool x   This feature is replaced by the Access Gateway Management Console.
Administration Portal x   This feature is replaced by the Access Gateway Management Console.
HTML Preview   x This feature was part of Access Gateway Advanced Edition and is removed from Access Controller.
LiveEdit   x This feature was part of Access Gateway Advanced Edition and is removed from Access Controller.
Licensing   x All licensing is handled on the appliance or by Citrix License Server. You do not have to install licenses on Access Controller.
Web e-mail   x This feature is replaced by Outlook Web Access or Outlook Web App.

Download Citrix Access Gateway 5.0 VPX

Citrix Access Gateway 5.0 VPX Documentation

Citrix Access Gateway 5.0 Plug-in for Windows

Citrix Access Gateway Demo

How To: Overview of new EPA Client in Access Gateway 5.0

How To: Overview of Authentication Profiles in Access Gateway 5.0

Citrix Consulting have released 2 new whitepapers:
Windows 7 Optimization Guide for Desktop Virtualization and
XenDesktop Planning Guide: Application Integration for Virtual Desktops

Overview Windows 7 Optimization Guide for Desktop Virtualization 

As organizations start to migrate to Windows 7, it is expected many will leverage desktop virtualization to simplify and streamline the migration and ongoing maintenance process. Delivering a Windows 7 system as a virtual desktop requires proper planning and configuration to provide the users with an optimized and functional desktop environment. The Windows 7 optimizations identified within this document are intended to provide a more responsive desktop for the users.

These configurations typically add value by enhancing the user experience and increasing system performance. For example, some of the changes optimize the user experience by enabling faster logons, reducing unnecessary prompts, and quicker screen updates. Others optimize performance and increase scalability by reducing unnecessary processor, memory, disk and network usage.

However, certain modifications allow for greater scalability but at the cost of the user experience. As many organizations will demand a user experience similar to the traditional desktop, care must be taken when applying optimization settings. Many of these settings are identified within the remainder of the document.

Overview XenDesktop Planning Guide: Application Integration for Virtual Desktops

Regardless of the type of desktop a user receives, there is still the question of application integration. The application integration design decision plays an important role in the overall architecture of the solution in the following areas:  

  • Scalability: The location and delivery method of the application will have a direct impact on the scalability of the virtual desktop.
  • Operations: Each option impacts how the environment is managed and maintained from an application update perspective.

A critical thing to keep in mind is that the most optimal way to deliver one application might not be selected because it does not align with the overall solution. The final decision must be based on the business processes and the technical capabilities.