Chris Fleck's Blog
In case you missed it there is a really interesting story circulating on the Net, best told by Jim Louderback the CEO of Revision3 and victim of a DDOS attack over Memorial day weekend ( his Blog & CNET interview ). If you're a fan of Revision3 you already know that they got taken off-line for 3 days, if your not you may want to check out their site. They represent perhaps the best example of new Media and the future of TV, including HD video, channels, live and on-demand, etc, all delivered via the web. In order to achieve high quality video Revision3 utilizes BitTorrent technology legitimately for distributing content to users. The problem came about when a "legitimate" media tracking company identified a Revision3 server as a potential source of " questionable " BitTorrent traffic. Once Revision3 was made aware of this situation ( by a forum poster ) they appropriately locked down the server, what happened next was the strange part...
As reported by Revision3, the media tracking company ( presumably automatically ) launched a DDOS attack on Revision3's site flooding it with as many as 8,000 packets per second taking down the site by exceeding the capacity of limited web servers. Complicating the matter was the long weekend and unreachable staff at the offending company. Once they were finally able to get in contact the company stopped the attack and they both started to unravel what had happened.
The NetScaler system may not be positioned as protection from "good" guys ( vs. typical bad guys ) but this situation exemplifies why it is worth consideration as part of a comprehensive protection plan. That is why web based media companies like Google, MSN, CNET, Digg, and many others rely on NetScaler's to protect their infrastructure. Among other features NetScaler protects sites from SYN flood DDOS attacks by handling all requests and only forwarding legitimate ticketed traffic to the web server, all other SYN flood requests are dropped before ever reaching the company Web Servers.
So for the next review of your security infrastructure, keep in mind who are the "good" or bad guys and are you protected either way.
Running Windows applications on the iPhone may not be a high priority for Steve Jobs, but for many IT users and providers the desire seems to be increasing. The recent SDK and upcoming release of the Apple 3G iPhone has increased the interest in Citrix enabling iPhone access to XenApp hosted Windows applications. We are always encouraging expanded access to XenApp from any suitable device and the iPhone appears to be a very good candidate. The great screen and touch features would provide usable viewing of apps even though they were designed for bigger screens. Plus the improved email and networking capability of the device can now make it a real contender for business use. The iPhone could be even be the " Nirvana Phone " if a new docking station was offered to provide video access to a full sized monitor plus a standard keyboard.
So the question is one of priority and market demand, where does this fit on the list of nice to have vs. must have now, and does the solution need to come from Citrix or could it be partner provided such as the Rove Mobile client for BlackBerry. We encourage your opinions and feedback.
| Do you need a Citrix client for the iPhone ? | Choose |
|---|---|
| I want it for myself |  |
| I need it for my company users ( and myself ) | |
| Cool, but my company is not likely to enable it | |
Many news reports have recently identified the increased threat to web sites and applications from SQL injections, the most recent example being the Nihaorr1 script that resulted in over 600,000 sites being infected even including the Department of Homeland Security and the UN. Although initially identified as a Windows IIS server vulnerability, the root cause of the recent exposure goes beyond IIS and has identified lax web application coding as the culprit. A Register interview with the DHS assistant secretary for Cybersecurity is quoted as saying " our networks are only as strong as the weakest link " which makes sense but also identifies how vulnerable web applications are on the web. If a company is relying on the variability of programmer security knowledge and limited QA testing to protect their web app from yet to be defined threats, it's no wonder that so many sites are exposed and hacked.
Perhaps one of the ways to better protect an organization from the next undefined attack is to look at minimizing the impact of variability. A common best practice in the manufacturing industry is to evaluate every process and implement techniques and tools to reduce variability so as not be overly dependent on a final test or inspection which always has some level of escapes. This is the core of the Six Sigma technique that many world class manufacturers utilize to improve product quality.
As applied to IT protecting Web Applications, a tool that can be implemented to reduce the impact of programmer variability is to utilize a Web App firewall such the positive security model feature of the NetScaler Application Firewall. This feature recognizes best coding practices for HTML and Industry HTTP standards and automatically blocks Web App behavior and variations outside a known-good model. The result is a significant reduction in the risk created by variable programmer skills and expensive but incomplete QA testing. In the specific example of the Nihaorr1 attack, a recent test validated that the NetScaler Firewall was indeed able to block the Nihaorr1 script using the default configurations. Additionally the learning features of the App Firewall can be used for more granular configurations and protection as well.
So before the next threat to your web applications is discovered, it may be worth further investigation as to the human influence of variability in IT operations and consider steps to mitigate the risks.
If you have been following some of the recent blog posts about Nirvana Devices and Nirvana Phones, you can get a better idea of what we are talking about in this video clip. Conceptually the Nirvana Phone takes the Smartphone to the next level by solving the existing limitations of small screens and keyboards. There are now some new devices that are close to making this possible, especially in combination with a Virtualized Desktops and applications like XenDesktop and XenApp.
Stay tuned for more videos and demos of the state of the art in Nirvana Phones , or better yet register for Citrix Synergy and try them for yourself, you may even win one !
Great things happen over a beer at Citrix events. As many of you who attend can attest, you never know what you will learn or who you will meet. For me this year the highlight at Summit was having a beer with Gus Pinto and Rich Crusco. After being summoned by Barry Flanagan to join a conversation about what Citrix can do to better to connect with the community and provide the resources and web presence to leverage the growing opportunities. At Citrix we have been making some fairly recent concerted efforts to better engage with the community including the CTP program, the Citrix Blog, the new CDN site, and a few other activities. However we also recognize there is a long way to go to really utilize and grow the massive skills that exist around the Citrix Community.
It turns out we have been planning some specific projects like the ADI Best Practices site to help educate the industry around App Delivery methods and solutions, but we were also looking for more insight from experts in the community. It did not take much beer to have Gus and Rich exploding with ideas and passion about how Citrix can deliver on the ADI vision. And they are not just talk, many of you already know Gus and Rich as MVP's, a CTP, and huge contributors to the community. In their spare time they have been running the Fameworkx.com site that has helped literally millions of IT Pros and users. Their day job has been very significant as well, designing and implementing ADI solutions for Citrix ( and VMware ) award winning partner Entisys. So imagine if we could tap that energy and experience and make it a full time effort ( day and night... 
) supporting and growing the Citrix community and ecosystem. Well that's just what we are doing , starting next week Gus and Rich will be joining Citrix as full time Citrites and Technology Evangelists. To find out more about Gus and Rich and their plans to help the community checkout the latest posts at http://www.frameworkx.com/
Welcome aboard !
If you have not visited CDN lately, I suggest you give it a view. The team has made some significant usability enhancements as well as interesting content that is being contributed by employees as well as the larger Citrix community. For example, Vishal Ganeriwala has made a recent blog post that describes multiple ways to get a Client IP address from a Citrix session, in last few days the post has been viewed almost 3000 times ! , apparently lots of our users want to learn an easy way to do this. CDN provides a home for Developers and Citrix Pro's to learn and share ideas, code, and scripts for developing new products to integrate with Citrix or enabling and enhancing their Citrix implementations .
The new site also ranks the contributions by popularity, so a special thanks to Venkata Krishnan part of our Citrix Community who contributed a script providing printer driver information on a farm, this script now ranks at the top for popularity on our Script Exchange.
You will also find featured content, such as new pages and resources describing the exciting new Citrix Workflow Studio , stay tuned for more announcements around this product. The new site will also provide a location for sharing Workflow Templates and leveraging the power of the community.
Let us know what you think and more importantly make use of the resources and contribute so we all can benefit.
The Nirvana Smartphone as a PC , Thin Client , Desktop Appliance ...
As Smartphones become more capable, and fast networks pervasive, plus now with Virtual Desktops going mainstream ( like Citrix XenDesktop ) , the practicality of using a Smartphone as a laptop/desktop alternative is closer than ever. The use case's for this model are many fold. It's is not intended to replace a PC or laptop ( at least initially ), rather the early adopters of this "Nirvana" Smartphone would likely already have a laptop for work and a PC at home. The general use case's revolve around enhanced mobility with broader access to applications and desktops. So even though most users already have access to apps and desktops from PC's and laptops, most of us would prefer to travel locally ( including the inside the office ) or on selective trips without a laptop if it was practical.
So what is missing from today's Smartphone's in a single device ?
Video-out - A few Smartphones have video-out like the Nokia N95 but the resolution is limited and it has no pointing device support. Some PDA's ( HP and Dell Axim ) have better screens and resolution with Video-out but they are not phones and are still too big. The upcoming i-Mates promise this functionality... we'll see. The iPhone also has some video out capability but it's still too limited. The resolution needs to be capable of 1024 x 768 to satisfy most users.
Keyboard & Mouse - The Smartphone user input options continue to improve, however to do "real" work a full keyboard and mouse will continue to the requirement when stationary. Many Smartphone's today do have bluetooth which can work fine for this scenario. Some new portable keyboards are making this more realistic as well.
Docking Station - This scenario works best if there is also a Nirvana docking station that recharges the phone at the same time as providing the VGA video interface and USB hub. The " Nirvana " Smartphone ideally would provide USB host functionally vs. USB slave that many have today. Additional / alternative functionality for the docking station include VGA/USB passthrough - so the docking station can plug into a home PC and use the same monitor and peripherals, as well as audio in/out for headsets. This docking station would also need to come in a portable dongle version as well as stationary.
Industry trends that are also working in favor of this scenario
Free seating / Office hoteling is a growing trend for mobile workers that occasionally work in the office. Today many cubicles already have a monitor for a laptop hook up, they would just need the docking station and keyboard to provide a full desktop experience. Similarly "real" hotels have office facilities with printers and monitors, they just need a "Nirvana" docking station to complete the solution.
LCD TV's are now pervasive and many have VGA and multiple Video inputs. This opens up hotel rooms, kitchens, family rooms, etc.
LCD's in general are getting cheaper and pervasive. They are showing up everywhere; cars, picture frames, book readers.
Digital Projectors - most conference rooms are already equipped and portable projectors are getting smaller and cheaper.
Virtual Desktops - Like XenDesktop ... hosted centrally but available everywhere.
Remote Desktops - Like GoToMyPC ... remote desktop connections to home or office PC's.
Application Virtualization - like Presentation Server .. apps hosted centrally available from any device.
Web based; apps / storage / photos / social networks - more and more of digital life ( work and play ) is available from any device on the web.
Consumer driven use cases
Most device companies we speak to about this concept are interested in the idea, however many are clearly driven by the consumer use cases vs business ones due to the huge volume that the cell phone market drives today. The assumption is that Smartphone's will continue to improve and excel in handling voice, video, music and cameras, but here are some additional consumer use cases that could exploit the unique features of the Nirvana Smartphone;
Web enable all the TV's in your house - most new LCD TV's are VGA capable but normally are only connected to a cable box and DVD player. Simply adding the Nirvana docking station would provide web connectivity without all the other complexity required in today's configurations.
Video conference from your TV - add a camera to the front of the Smartphone and use the TV to view and communicate with others doing the same.
Photo / Video Playback - many cameras already offer viewing from a TV, the Nirvana Smartphone will carry your photos and videos that could be viewed full size from the Smartphone Video-out to any LCD monitor or TV through the Nirvana docking station.
So how long is this going to take ? Why has this failed so far.
It's easy to project everything is going to be possible in the far future; wireless video, virtual keyboards, rollup video screens, etc. However, I am more interested in the next 12-18 months, the technologies to build this Nirvana Smartphone and use it as a Desktop Appliance are all available now, it just needs a leading device vendor to put together all the parts ( and embed some Citrix SW.. ).
So far there have been a few attempts to build full PC functionality into a Smartphone/PDA however they all come up short ( too big, too slow, too expensive ) because they try to replicate a full PC in a small device. Instead, if device makers can assume that a remote virtual desktop is accessible with all the apps you need and full size keyboard+mouse+monitors are readily available and connectible, then the Nirvana device could be built at a reasonable price, fit in your pocket, and provide the freedom to leave your PC or laptop at home.
| Who will build the Nirvana Smartphone ? | Choose |
|---|---|
| Apple | |
| HP | |
| Motorola | |
| Nokia | |
| I-Mate | |
| BlackBerry | |
| HTC | |
| Would you buy the Nirvana Smartphone ? | Choose |
|---|---|
| Yes, even if it's $400-$800 | |
| Yes, only if its less than $400 | |
| Not interested | |
Related links
Update : What is a Nirvana Phone video post
Adam Marano's search for the Nirvana Device posts from CTIA 2008
The Viewsonic ViewDock with an iPod looks like a perfect combination, unfortunately it still needs a PC to run and view.
John Dvorak's PC week article from 2003..
Nokia N95 TV-out feature review.
i-Mate 8150 with VGA out on youtube.
The RedFly Mobile companion announced at CES.
If you're a developer that's looking for a simple web standards based interface to windows applications hosted on Citrix Presentation Servers you now have a new option beyond the existing MFCOM SDK. One of our partners Extentrix has released a product called Extentrix Web Services 2.0 - Application Edition which provides a suite of web services API's that communicate directly to the Citrix XML Service. The Web Service uses SOAP and XML to deliver information about CPS published apps, the developers app can then discover the web service's API's via WSDL and generate the appropriate proxy in order to deliver the app to the client.
Extentrix has an online TestDrive site that demonstrates a few examples of how this could be used; the sample page has an embedded link that when clicked first checks to see if the client has the required application locally installed, if so the content is redirected to natively launch locally. However, if the client does not have the app installed then the content is redirected to a CPS server and delivered ( launched ) via CPS/ICA.
Some additional use cases that we see for this include :
Enterprise portal integrations - If no CPS portlet exists or a unique implementation is desired - Extentrix also provides sample integration with Microsoft Share Point 2007.
Workflow - Enterprise work flows such as Oracle BPEL that can include launching the right app and the right document at the appropriate point in the workflow and maintain security of sensitive content.
Enterprise 2.0 Mashups - Now you can include all your existing windows apps in an enterprise mashup without completely rebuilding the app and UI.
So if this sounds interesting check it out and let us know what you think.
Developers can find more resources at this link
Chris Fleck
-
July 2008 Sun Mon Tue Wed Thu Fri Sat 1 2 3 4 56 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Search
-
Subscriptions
-
Group Blogs
-
Blogger Profile
-
Popular Tags
-
nirvana smartphone (3)
xendesktop (3)
load balancer (2)
security (2)
xenapp (2)
appexpert (1)
apple (1)
f5 (1)
firewall (1)
grp-ce grp-cdn (1)
ica (1)
iphone (1)
load balancing (1)
mfcom web services (1)
mobility (1)
netscaler (1)
nihaorr1 (1)
nokia (1)
presentation server (1)
symbian (1)
termial services (1)
terminal services (1)
windows mobile (1)
-
nirvana smartphone (3)
Most Viewed Posts
