Month: February 2013

Citrix have released a new product called Citrix Mobile Solution which are the components of Zenprise now called XenMobile combined with Citrix CloudGateway (AppController, app prep tool+access gateway). Citrix have done a great job combining the two technologies into 1 product. I saw how the new XenMobile MDM & @WorkMail app for iOS worked at a Citrix Disti Bootcamp that was held 25-25th February  at Citrix Systems in Stockholm, and it looks really awesome and fast too, so its a ready product but i doesn’t communicate with the local contact phone list, and let you abstract the informations from the local phone book to the @WorkMail, which some mights wants this functionality. Lets digg in.

Mobile Solutions

Citrix Mobile Solutions is an enterprise mobility management solution that provides mobile device, app and data freedom for employees by giving users access to all their mobile, web and Windows apps and data from a unified app store. Mobile Solutions includes the following components:

  • CloudGateway that includes AppController, the App Preparation Tool, and Access Gateway.
  • XenMobile MDM contains Device Manager, Secure Mobile Gateway, and the Multi-Tenant Console.

The Citrix Mobile Solutions Bundle, is comprised of XenMobile MDM and CloudGateway. Employees have quick, single-click access to all their mobile, web, SaaS and Windows apps from a unified app store, including secure productivity apps that seamlessly integrate to offer a great user experience.

The Mobile Solutions Bundle provides identity-based provisioning and control for all apps, data and devices, policy-based controls, such as restriction of application access to authorized users, automatic account de-provisioning for terminated employees and selective wipe of device, apps or data stored on lost devices. With the Mobile Solutions Bundle, IT can give users device choice while giving IT the ability to prevent data leakage and protect the internal network from mobile threats.

mobile solutions architecture

Mobile Solutions Bundle is composed of the components below

  1. AppController – A Linux based virtual machine available for both XenServer and VMware® based hosts, providing the central administrative point for configuration of all native mobile apps, Web/ SaaS apps, and ShareFile data.
  2. Gateway services – Delivered through the Citrix Access Gateway, either standalone, or as a feature of the NetScaler MPX, VPX and SDX platforms.
  3. App Preparation Tool – MDX technology provides encapsulated iOS and Android applications with security, encryption, and control.
  4. @Work Applications – @WorkMail and @WorkWeb applications for secure Exchange mail and secure Web.
  5. Mobile Device Management – Allows IT to manage mobile devices, set mobile policies and compliance rules, gain visibility to the mobile network, provide control over mobile apps and data, and shield the corporate network from mobile threats

xenmobile device manager

AppController 2.6, whats new

  • Certificate support. When you log on to AppController for the first time in the web-based management console to configure the initial settings, you can add or create certificates on the Active Directory settings page. This option appears only when configuring settings in the management console the first time you log on. When you log on subsequently to the management console, you can configure certificates by using theCertificates link on the Settings tab.
  • Microsoft Hyper-V support. You can install the AppController 2.6 virtual machine on Windows Server 2012 with Hyper-V enabled or on Microsoft Hyper-V Server 2012.
  • Migration support to AppController 2.6. You can upgrade to AppController 2.6 from AppController 2.0 or from AppController 2.5.
  • Secure connections to Active Directory. When you log on to AppController for the first time in the management console to configure the initial settings, you can configure secure connections to Active Directory on the Active Directory settings page. When you log on subsequently to the management console, you can change Active Directory settings by using the Active Directory link on the Settings tab.
  • ShareFile updates. In previous AppController versions, when you configured ShareFile, the domain was automatically appended to the domain name. In this release, the domain does not automatically append to the ShareFile domain name. You must enter the entire ShareFile domain name.
  • Support for mobile links. You can configure mobile links to retrieve the name and description of apps automatically from the Apple App Store. For apps available through the Google Play Store, you enter the name, description and URL of the app. When you configure mobile links, links appear in Receiver with the Play Store or App Store name.
  •  Web proxy user name format. When you configure the web proxy, you can use either the SAMAccount format or the User Principal Name (UPN) as the user name.


Download Citrix Mobile Solutions bundle here (Require MyCitrix) 
The new version of the AppController 2.6 & App preparation tool for iOS and Android are located in above link + XenMobile components.

edocs of Citrix Mobile Solutions

Architecture of the Citrix Mobile solutions bundle

Citrix have released a new product Citrix XenMobile MDM, which is the collaboration of the acquirement of company Zenprise, which is the leading company on MDM solutions (Mobile Device Management). This is the missing piece for Citrix and brings the management of Mobile devices together with Citrix portfolio.


What is Citrix XenMobile MDM

XenMobile MDM is a robust mobile device management solution that delivers role-based management, configuration, and security for both corporate and employee-owned devices. Upon user device enrollment, IT can provision policies and apps to devices automatically, blacklist or whitelist apps, detect and protect against jailbroken or rooted devices, and wipe or selectively wipe a device that is lost, stolen, or out of compliance. Users can use any device they choose, while IT can ensure compliance of corporate assets and secure corporate content on the device. With XenMobile MDM, you can do the following:

  • Configure device settings, email and applications, policies, and device and application restrictions.
  • Provision devices simply and rapidly by enabling user self-service enrollment and by distributing configuration, policy, and application packages in an automated, role-based manner over-the-air.
  • Secure devices, applications, the network, and data by setting authentication and access policies, blacklisting and whitelisting applications, enabling application tunnels, and enforcing security policies at the gateway.
  • Support users by remotely locating, locking, and wiping devices in the event of loss or theft, as well as remotely troubleshooting device and service issues.
  • Monitor devices, infrastructure, service, and telecom expenses.
  • Decommission devices by identifying inactive devices and wiping or selectively wiping devices upon employee departure.

XenMobile MDM contains the following products:

  •  XenMobile Device Manager allows you to manage mobile devices, set mobile policies and compliance rules, gain visibility to the mobile network, provide control over mobile apps and data, and shield your network from mobile threats. With a “one-click” dashboard, simple administrative console, and real-time integration with Microsoft Active Directory and other enterprise infrastructure like PKI and Security Information and Event Management (SIEM) systems, Device Manager simplifies the management of mobile devices.
  •  The Secure Mobile Gateway provides access control for email and calendar services. You can configure Secure Mobile Gateway to allow or block access to connection requests from devices based on device status, app blacklists or whitelists and a host of other compliance conditions. The status of requests blocked by Secure Mobile Gateway can be immediately viewed on the Device Manager dashboard so that you can take appropriate action.
  •  XenMobile Multi-Tenant Console is a web console that enables service providers and organizations to administer several physical servers running Device Manager from a single site.
  • XenMobile Remote Support application provides several tools to assist in the inspection, troubleshooting, and modification of remotely controlled handheld devices.
  • XenMobile ZSM Lite is a component that enables access to query Blackberry and ActiveSync environments and provides the device and user information to Device Manager through the XenMobile Mobile Service Provider.

XenMobile MDM edition licensing

XenMobile MDM Edition offers customers per-user or per-device licensing models with on-premises and cloud deployment options. Per-user licensing is based on the total number of users that access the software, regardless of the number of devices they are using. Per-device licensing is based on the total number of devices that access the software. Both licensing models are available with a perpetual license or an annual license.

User Licensing

Best when people use more than one device.

  • One license per user
  • Unlimited devices

Device Licensing

Best when people use only one device.

  • Unlimited users
  • One license per device

Lets look at whats new in the components.

Device Manager 8.0.1 for Citrix XenMobile

xenmobile device manager

XenMobile Device Manager contains the following new features:

  •  Citrix Mobile Enroll for iOS. Allows you to enroll your iOS devices and users into Device Manager. (This is a separate app designed for iOS users and is installed on their mobile devices.)
  • Citrix Mobile Connect. Provides access to your organization’s SharePoint server, allowing you to save documents and files locally, such as secure email attachments, intranet sites, and SharePoint documents, as well as the ability to publish local documents to your SharePoint server. You can configure a wide range of SharePoint access policies for company documents.
  • Certificate Management. Enables Device Manager to renew or revoke certificates that are issued by XenMobile.
  • SAML Authentication Support for iOS and Android. You can configure Device Manager (and cloud deployment of XenMobile) to connect with your SAML service and identity providers to enable authentication capabilities that are not dependent on Active Directory.
  • XenMobile NAC REST API (Cisco ISE Enablement). The XenMobile implementation of Cisco ISE capabilities provides a robust set of REST APIs that enable you to control access to your network by unapproved mobile devices. The REST API queries user devices to execute actions on devices, such as wipe and lock, as well as send notification to devices.
  • Network Access Control. If you have a Network Access Control (NAC) appliance set up in your network (such as a Cisco ISE), you can enable filters to set devices as compliant or not compliant for network access control based on rules or properties. If a XenMobile managed device does not meet the specified criteria and is marked as Not Compliant, the device will be blocked on your network by the NAC appliance.
  • Secure Local Docs on Device from SharePoint. The XenMobile DLP solution now supports download and markup SharePoint documents and files on your device in the Documents folder. You can check files out for local view, and then check them back in at a later time.
  • SharePoint DLP Personal Folder Support. Allows access of a user’s personal folder (based on user name) on their SharePoint server. If you allow SharePoint allows personal folders, then you can provide can access to those folders on the user device.

  • App Tunnels for SharePoint Connections. You can create secure App Tunnels and deploy the tunnels to your SharePoint connections. App Tunnels allow you to create a secure connection to a network resource on a per-app basis. App tunnels define proxy parameters between the user component of mobile apps and the app server component.
  • Secure Email Attachments.. Secure email attachments enable you to securely view encrypted email attachments securely through SharePoint DLP and email attachment document control policies. This new feature allows you to set policies for restricting access of email attachments for viewing only within designated XenMobile secure apps, so you can prevent printing and copying or pasting email attachments, and provides the ability to remove or wipe email attachments. With email attachment policies you can:
    • Control access and reading of selected file types (.doc, .PDF, .txt, audio, or video to name a few) as encrypted email attachments by using the XenMobile Secure App Container. When you open an attachment that is secured by Device Manager, the attachment is encrypted and secure. If you try to open or view the attachment in any other application or web site on any other device, it is decrypted and rendered unreadable, which protects your sensitive data.
    • Restrict or allow the file from being saved locally or opened and read in any other local apps.
    • Allow specific file types from being encrypted to allow for viewing, saving, forwarding, and uploading files that do not pose a security risk.
    • Restrict attachment viewing so the user cannot copy and paste, print, or email attachments.
    • Prevent attached documents from being viewed if the user emails the file to other users or uploads the attachment to a file sharing web site such as Box or Dropbox. Files removed from the XenMobile secure app container become encrypted and unreadable by other users.
    • Enable remote selective wipe of email attachment data on a device in the event a user leaves the company or the device is lost or stolen.
    • Customize the email subject heading and message to indicate secure nature of attachments.
    • Deploy secure email attachment document control policies easily as a standard XenMobile SharePoint DLP policy package.
  • Role Base Access Controls for Software Inventory and Location Services. Role-based access controls allow you to manage your software inventory for devices and the device location services.These permissions allow the main features to function, but allow you to block (de-selected) or allow (selected) users viewing the information. For example, you can block a user from viewing software inventory, but you can block the device by using Secure Mobile Gateway if the users installs a blocked app on the device. You can also block users from viewing location service data but the device can still be geo-fenced or geolocated. Device Manager can also generate reports based on this information.

New Features for Android in Device Manager

  • Samsung Certificate Integration. This feature enables you to deploy email, virtual private network (VPN), and Wi-Fi policies to Samsung devices by using two-factor authentication (user name/password + certificate). You can notify and renew certificates automatically without disruption, as well as revoke the certificates and policies of a decommissioned or lost device.The following new features are provided for your Samsung devices managed by Device Manager:
    • Encryption
    • Remote Support
    • VPN for Samsung Android (including certificates)
    • Certificates for Touchdown, Wi-Fi
  • Enhanced Android Device Enrollment. You can enroll Android devices by using MDM server discovery, email or SMS notifications and multiple modes for user authentication (password and PIN-based). Your Android device users can enroll by receiving a message, clicking a URL, and then launching the agent installation process to become enrolled. You can choose from several enrollment modes, each of which provides varying degrees multi-factor credentialed security.
  •  Agent Notification on Android. Device Manager supports sending push notifications to your Android devices.
  •  HTC MDM Integration. This release provides support for the following policies on Android HTC devices:
  •  Exchange ActiveSync. Allows you to remotely configure email by using HTC Home APIs.

Windows 8 Tablet Support

Device Manager supports the following features for the Windows 8 Tablet:

  • Device enrollment
  • Registry configuration
  • Device lock
  • Selective device wipe

Windows 8 Phone Support

Device Manager support the following features for the Windows 8 phone:

  • Device enrollment
  • Hardware inventory
  • PIN-code configuration
  • Policy-based device configuration for:
    • Storage Card: Require Device Encryption and Storage Card Disable/Enable
    •  Password Policy Configuration
    •  Exchange ActiveSync: Configure Exchange ActiveSync server, synchronization settings (email, calendar, contact, frequency), logging.
    •  Custom XML configuration abilities
  • Remote Wipe

Secure Mobile Gateway 8.0.1 for XenMobile MDM

Secure Mobile Gateway 8.0.1 provides the following capabilities:

  • Filter-based rules to allow or block access. A particular client request is evaluated against the organization’s rules. The end result is a binary state of allowed, in which the client is permitted to contact the CAS server, or blocked, in which the client request is dropped and access to the CAS is not permitted. Paired with settings in the Device Manager console, administrators can prevent Exchange ActiveSync email access to device users based on compliance criteria, such as when a black listed app is installed on the device, if the device is jailbroken, and so on).
  • A two-tiered filter model. The first tier parses the incoming HTTP requests based on path-specific information, and the second tier filters based on user and/or device specific information. Both tiers are configurable.
  • Filter rules stored in configuration files. Specific filter rules pertaining to the user accounts and devices in your organization are stored in the gateway’s XML configuration files.
  • Encryption of email attachments for clients that use the ActiveSync protocol. Attachment encryption is selective based on the properties of the device and file types of attachments.

Multi-Tenant Console 8.0.1 for XenMobile MDM

XenMobile Multi-Tenant Console is a web console that enables service providers and organizations to administer several physical servers running XenMobile Device Manager from a single site. Each server can run multiple instances (also called tenants) of Device Manager. The servers are then logically independent from each other.

Remote Support 8.0.1 for XenMobile MDM

Remote Support is a software program installed on a Windows-based computer that allows support personnel to take remote control of the Windows Mobile devices. With Remote Support, you can:

  • Display a list of all connected devices within one or more Device Manager servers.
  • Display system information including device model, operating system level, International Mobile Station Equipment Identity (IMEI) and seria number, memory and battery status, and connectivity.
  • Run the device task manager where you can display and end active processes and restart the mobile device.
  • Run the remote file transfer that includes bidirectional file transfer between mobile devices and a central file server.
  • Download and install software programs as a batch to one or more mobile devices.
  • Configure remote registry key settings on the device.
  • Optimize response time over low bandwidth cellular networks by using real-time device screen remote control.
  • Display device skin with support of most of the mobile device brands and models and a skin editor to add new device models with mapping of physical keys.
  • Enable device screen capture, record and replay with the ability to capture a sequence of interactions on the device that creates a video AVI file.
  • Conduct live meetings by using a shared whiteboard, VoIP-based voice communications and chat between mobile users and support personnel.

ZSM Lite 6.1.8 for XenMobile MDM

ZSM Lite is a component that enables access to query Blackberry and ActiveSync environments and provides the device and user information to Device Manager via the XenMobile Mobile Service Provider (ZMSP). ZMSP offers Web Services for Device Manager to query BES users, AS devices and control operations like wipe and lock.


Overview of the Citrix XenMobile MDM

Read the documentation of the XenMobile MDM on the edocs here

XenMobile MDM edition licensing

Download Citrix Mobile MDM here (Require MyCitrix ID)

Hi all

I have a very cool announcement.

NVIDIA have invited me to come at their yearly GPU conference the NVIDIA GTC (GPU technology conference) that will be held in March 18-23 2013, San Jose California.

My session is called S3540 – Successfully Delivering 3D Graphics Solutions for Your Business

The audience will discover how 3D applications can be centralized and how NVIDIA with Citrix deliver a remote workplace, from which companies can benefit from. Audience members will learn about building out these cloud infrastructure’s, and the benefits that the customers gained from choosing the solution to match the need. Hear real world examples, you will gain key insights for determining if these types of solutions are right for your company.



Are you going to NVIDIA GTC, and have the need for centralising your 2D/3D applications then come join my session its going to be energetic.

Other reasons why to join.
Hear technology experts like, Brian Madden. Derek Thorsland, Director of Product Management, Citrix. Phil Montgomery, Sr Director of Marketing at VMware. Will Wade, Director GRID Products at NVIDIA.

Check some of the technology experts that comes here

Why Attend, look here

Citrix have released a new version of Citrix ShareFile User Management Tool 1.2

What is Citrix ShareFile User Management Tool

The ShareFile User Management Tool enables IT departments to provision and deprovision employee users and distribution groups in ShareFile based on Active Directory. This allows IT to leverage existing AD workflows for creating and updating users and groups and have them automatically kept in sync with ShareFile.

For Windows 8, Windows 7, Windows Server 2012, Windows Server 2008

New features include in v 1.2:

  • Additional User Create Options:  CanManageUsers and CanSeeMySettings
  • Better Dashboard Experience
  • UI Improvements
  • Ability to Add Corresponding Users Rule when Adding Group Rule.
  • Bug Fixes

User Management Tool documentation can be found in eDocs


Download Citrix ShareFile User Management Tool 1.2 here (Require MyCitrix ID)

Citrix Worldwide Consulting services have released this great Citrix Virtual Desktop Handbook 5.x


If you read industry magazines, you would think desktop virtualization is an impossible technology to deploy. So why do it? The simple answer is that Desktop Virtualization is designed to make your work life more flexible and mobile. A flexible work life can mean different things to different people: any device, any place, and any time. The “any-ness” of the work life means that a user becomes mobile. They can work on any endpoint device, can work from any location, and can work at any time they choose as long as they get their work done. Desktop virtualization provides flexibility without complicating the user’s life or putting corporate data at risk.

Take the following response from a desktop virtualization user:

Experiences from the Field

As a remote employee for [company], I struggled every time I needed to access the company’s intranet, which forced me to VPN into the network. I also kept data on my local device because trying to access it over my broadband connection was too slow. Some coworkers did the same and lost data due to a virus, thankfully I was luckier. 

Depending on my mood (and the weather), changing devices and locations was a challenge as I had to have my applications and data copied to many different endpoints. I know this was unsecure, but I didn’t care because I was more concerned with flexibility. 

Since moving to a virtual desktop, I’m able to use any device. I’m able to work from any location. And best of all, I don’t have to worry about copying my data and applications onto all of my personal devices. I paid for these devices; I don’t want work to clutter up my personal space.

Unfortunately, many organizations struggle or fail to achieve this level of success within their user community. Why does one organization succeeds while another organization struggles? If we compare the factors between success and failure between desktop virtualization and other technology related projects, we see that there is little difference:

  • Lack of justification: Without a solid business reason, desktop virtualization is simply a new way to deliver a desktop. A business justification gives the project team a goal to strive towards.
  • Lack of a methodology: Many people who try and struggle to deploy a desktop virtualization solution do so because they jump right in without understanding or implementing the appropriate prerequisites. A structured methodology provides the path for the project.
  • Lack of confidence: For many who embark on a desktop virtualization project, there is a lack of experience, which creates a lack of confidence in the design. Architects begin to second guess themselves and the project stalls.

Our hope is that this handbook can alleviate the anxiety associated with a desktop virtualization design by showing how to tackle the challenges in a manner that is technically sound, but also feasible and effective for organizations facing deadlines and other organizational challenges. The Citrix Virtual Desktop Handbook examines the project lifecycle for a desktop virtualization project. The Handbook provides the methodology, experience and best practices needed to successfully design

Note: This is Phase 1 for the Citrix Virtual Desktop Handbook focusing on Assess. Phase 2 and beyond  will provide design, deploy and maintain guidance. 

Sounds cool 😉 so go get the whitepaper under Source.


Download Citrix Virtual Desktop Handbook 5.x here