There is an interesting debate going on over on the Google cloud computing group that also helps point out some of the appropriate use cases for cloud computing. The example used is a simple comparison of Amazon EC2 vs. purchasing a set of servers for development purposes ( I have added some additional costs and scenarios below ) This example also assumes the servers fit in existing space and either environment would be managed by existing staff.

 On the surface it's apparent that EC2 is significantly more expensive if the set up is utilized 24x7x365, even a 40 hour week yields a slightly higher cost. So where is all the savings ? What's all the hype about ? This simple example does point out that the Cloud is not always a more cost effective solution it really comes down to what is the particular use case and alternative costs. For example if there is no space available or the existing space has reached the power limits of the facility ( a more common occurrence ). That means that the likely scenario is finding a Colo facility to provide space power and bandwidth. Depending on location and bandwidth usage this could easily cost $8,000+ per year plus additional remote administration hardware and service fees, effectively increasing the annual cost of purchased equipment to near $ 14,000. Although this option is still less than Amazon if utilized 24x7x365, it now is significantly more than the cost of the 40 hour week at EC2 which may be reality for a development environment. And if you only need the setup for a month of dev or testing Amazon becomes a no brainier.. put on your credit card !
What both examples point out are the fact that there is single answer. In fact the right answer for many companies might be premise plus cloud. In order for this to work for a single workload however a seamless connection would be required, recognizing this has led to the Citrix Cloud Bridge based on our WANScaler acceleration technology. In fact, Citrix is in the unique position to be able to assemble the prerequisite technologies that make the C3 Citrix Cloud Center an optimized solution for many scenarios.

There are many other pro's, con's and hidden costs of each option, I am interested to hear what the community has considered regarding Cloud economics and/or other factors.

A somewhat frequent conversation I seem to have with new acquaintance's not familiar with our industry often turns to a discussion of   " what does Citrix do ? " After a brief elevator pitch on fast app delivery, centralization, security, and minimizing the need to install apps, etc, there is typically a point that they can relate to in their own situation. It may be a failed hard drive, a desire to work from different devices or locations, or the frustration of waiting for IT to come fix their PC. You can tell when the light bulb goes on and they start to envision being able to utilize the benefits of what Citrix ( and our community ) could provide for themselves or their company. 

If the discussion goes further a common question comes up that goes something like " If it's so great , why doesn't every company do this ? " sometimes followed by, why is Citrix only a $ 1.5 Billion company ? why not a lot more ?    

These are some of the objections I have heard  along the way as to why more companies don't adopt Citrix, or the concept of App Delivery on a broader more strategic scale. What is the top objection you hear about ( beyond initial cost ) ?  

Top objection or barrier to Citrix implementations	Choose
Awareness of what is possible and valuing the benefits
Problems with a past implementation
User experience concerns
Application compatibility and/or ISV support
Risk of change from the status quo

Others ?

 A few of us were having a brainstorm session recently regarding the ICA client, mobility and device support, inevitably the discussion led to the topic of competing priorities, limited resources, and business cases. Al Granville ( sometimes affectionately referred to as the " suit " in the blogosphere ) is the Product Manager for the ICA client and has the enviable position of driving what features and functions get included ( and which ones don't ). Nowadays you can't talk about mobility without the topic of support for the iPhone and where that fits versus all the other priorities. If you also want Citrix iPhone support please place your vote and tell us your use case here. Typically this analysis means doing a market analysis, talking to customers and developing a business case comparing all the alternatives and determining the ROI. During this discussion however, Al made the profound statement that maybe in this situation the business case simply needs to say  ...   it's the iPhone.. Stupid !  

This brings up a really interesting point that IT also seems to be dealing with lately, that is what is the value of new and "cool " and do you spend resources to enable these technologies. It could be the iPhone or it could be Web 2.0 collaboration tools or desktop video conferencing, whatever. Sometimes it's straight forward to put an ROI and business case together, however quantifying the value of "cool" is subjective at best. Apple as the best example has done a superb job proving that elegant design, user experience, and "cool " is a profitable business model. This certainly has proven to be the case in the consumer world, but it's also evident that this is impacting the business IT world as well, at least from the perspective of user expectations. I am interested to know if this phenomena is also impacting IT's decision process for implementing new projects.  

What criteria does your IT organization use for evaluating new projects ?	Choose
Business requirements, ROI, and compliance only
The above plus,  Executive mandates
The above plus,  User productivity and desires ( like iPhone support )
The above plus,  Does the new IT technology provide a competitive advantage

 
There is a lot of hype and reality in the world of Cloud computing today. On the hype side there are numerous data points; VC investments, M&A, data centers under construction,  new conferences and events. Adding fuel to the fire is extensive press, analyst and blog coverage ( like this ) plus books like Nickolas Carr's book " The Big Switch ".  It definitely feels like we are in the Hype cycle. On the other hand there are now many examples of reality as well. SaaS offerings like Salesforce.com and many HR applications plus web site Hosting have established themselves as a legitimate part of the IT portfolio of many corporations large and small. 

 Will traditional corporate IT really move dramatically to the cloud as Carr predicts?  I think a lot of the answer comes down to control and customization .... or lack of it. SaaS Clould offerings can work great if the application offered aligns with the business requirement without significant customization or integration. If IT is comfortable without the hands-on control they may even manage and support the project because it's good example of doing more with less. However in most cases there are too many custom requirements and perhaps regulatory controls that make premise based solutions the norm and leave SaaS offerings relegated to specific point solutions. As business requirements continue to grow, premised based solutions grow accordingly  and sometimes disproportionately when centralizing into limited data centers.  A resulting problem that most IT shops now face is a lack of space and/or power. Once the local premise is at capacity a typical next step is to move some or even all the equipment to a dedicated Co-location facility. For many companies this is more of an incremental step because they have already centralized their Application Delivery Infrastructure and may already be using Co-Lo's for back up and Disaster Recovery operations. The definition of "premise" gets blurry, but IT remains in control. The facility is likely owned and operated by a service provider, but everything inside the " cage " is owned and operated remotely by corporate IT.       

For companies that have taken this step of moving some or all of their infrastructure to the "Cage"  the transition seems to have worked well. Co-Lo Data Centers typically have great bandwidth, power, and room to grow. Plus the high cost of specialized facilities are spread across many Co-Lo tenants often lowering the cost compared to providing company managed dedicated Data Centers. IT is remotely managing the infrastructure with perhaps some on site assistance or occasional trips to the Co-Lo. As long as the App Delivery Infrastructure is robust users don't know or care were the servers are, management is happy because it reduces Real Estate dependencies and  facility upgrades like added power, AC and generators. So, if IT is satisfied remotely managing their infrastructure ( except the trips to the cage... ) new applications get implemented, security is enforced , new users provisioned, etc, do they really care about the hardware the server images and storage is running on as long as it stays up with predictable performance ?  I suspect many IT Pros would give up the responsibility, time and burden of acquiring, deploying, cabling, and configuring servers and storage ( and trips to the Cage.. ). As long as they could still architect the solution they need, deploy server images, reboot images, network servers together and generally administer the functions they need to deliver apps and store data, there is a good chance they don't view the underlying hardware as something they really need to own and manage, just like the datacenter real estate.         
 
Perhaps the movement to the Cloud for companies that have already moved to the Cage will not be such a disruptive event. As long as there are Cloud providers that can provide the underlying infrastructure including servers, storage and networking with SLA's, Security, and the appropriate level of administrative control. And if IT can still customize and "control" at the level they need to, they will likely be compelled to make the next transition to the Cloud.  The benefits of Virtualization for rapid deployment and flexibility plus the intrinsic cost benefits of muti-tenancy will win-over converts that are faced with demanding time to deployment challenges and capital cost constraints ( isn't that most of IT ? ). These Cloud service provider offerings will need to overcome some of the SLA challenges that have faced the early adopters like Web 2.0 startups on EC2, plus address security, sustainability and redundancy fears, but these are all curable issues. This will take some time and there are likely scenario's of hybrid models of premise plus Cloud solutions, but the writing is on the wall .. the Cage is just a step to the Cloud.    

As you may have seen in previous blog discussions some of us are very keen on the idea of a device that goes beyond the existing smartphone limitations of small screens and keyboards. The ability to connect to XenApp - XenDesktop from a phone and view it ( & use it ) on a large screen is now possible. This video demos the Nirvana Phone concept with an iMate 6150 and a Redfly from Celio. We are not at Nirvana yet, but these devices make it visible we are getting closer.

Do you ever go on trips and wish you could leave your laptop home?	Choose
All the time
Occasionally
Wishfull thinking ..

Let us know of other candidates for the Nirvana Phone, and what you think is still missing.

In case you missed it there is a really interesting story circulating on the Net, best told by Jim Louderback the CEO of Revision3 and victim of a DDOS attack over Memorial day weekend ( his Blog & CNET interview ). If you're a fan of Revision3 you already know that they got taken off-line for 3 days, if your not you may want to check out their site. They represent perhaps the best example of new Media and the future of TV, including HD video, channels, live and on-demand, etc, all delivered via the web. In order to achieve high quality video Revision3 utilizes BitTorrent technology legitimately for distributing content to users. The problem came about when a "legitimate" media tracking company identified a Revision3 server as a potential source of " questionable " BitTorrent traffic. Once Revision3 was made aware of this situation ( by a forum poster ) they appropriately locked down the server, what happened next was the strange part...

As reported by Revision3, the media tracking company ( presumably automatically ) launched a DDOS attack on Revision3's site flooding it with as many as 8,000 packets per second taking down the site by exceeding the capacity of limited web servers. Complicating the matter was the long weekend and unreachable staff at the offending company. Once they were finally able to get in contact the company stopped the attack and they both started to unravel what had happened.

The NetScaler system may not be positioned as protection from "good" guys ( vs. typical bad guys ) but this situation exemplifies why it is worth consideration as part of a comprehensive protection plan. That is why web based media companies like MSN, CNET, Digg, and many others rely on NetScaler's to protect their infrastructure. Among other features NetScaler protects sites from SYN flood DDOS attacks by handling all requests and only forwarding legitimate ticketed traffic to the web server, all other SYN flood requests are dropped before ever reaching the company Web Servers.

So for the next review of your security infrastructure, keep in mind who are the "good" or bad guys and are you protected either way.

Running Windows applications on the iPhone may not be a high priority for Steve Jobs, but for many IT users and providers the desire seems to be increasing. The recent SDK and upcoming release of the Apple 3G iPhone has increased the interest in Citrix enabling iPhone access to XenApp hosted Windows applications. We are always encouraging expanded access to XenApp from any suitable device and the iPhone appears to be a very good candidate. The great screen and touch features would provide usable viewing of apps even though they were designed for bigger screens. Plus the improved email and networking capability of the device can now make it a real contender for business use. The iPhone could be even be the " Nirvana Phone " if a new docking station was offered to provide video access to a full sized monitor plus a standard keyboard.

So the question is one of priority and market demand, where does this fit on the list of nice to have vs. must have now, and does the solution need to come from Citrix or could it be partner provided such as the Rove Mobile client for BlackBerry. We encourage your opinions and feedback.

Do you need a Citrix client for the iPhone ?	Choose
I want it for myself
I need it for my company users ( and myself )
Cool, but my company is not likely to enable it

Many news reports have recently identified the increased threat to web sites and applications from SQL injections, the most recent example being the Nihaorr1 script that resulted in over 600,000 sites being infected even including the Department of Homeland Security and the UN. Although initially identified as a Windows IIS server vulnerability, the root cause of the recent exposure goes beyond IIS and has identified lax web application coding as the culprit. A Register interview with the DHS assistant secretary for Cybersecurity is quoted as saying " our networks are only as strong as the weakest link " which makes sense but also identifies how vulnerable web applications are on the web. If a company is relying on the variability of programmer security knowledge and limited QA testing to protect their web app from yet to be defined threats, it's no wonder that so many sites are exposed and hacked. 

Perhaps one of the ways to better protect an organization from the next undefined attack is to look at minimizing the impact of variability. A common best practice in the manufacturing industry is to evaluate every process and implement techniques and tools to reduce variability so as not be overly dependent on a final test or inspection which always has some level of escapes. This is the core of the Six Sigma  technique that many world class manufacturers utilize to improve product quality.  

As applied to IT protecting Web Applications, a tool that can be implemented to reduce the impact of programmer variability is to utilize a Web App firewall such the positive security model feature of the NetScaler Application Firewall. This feature recognizes best coding practices for HTML and Industry HTTP standards and automatically blocks Web App behavior and variations outside a known-good model. The result is a significant reduction in the risk created by variable programmer skills and expensive but incomplete QA testing.  In the specific example of the Nihaorr1 attack, a recent test validated that the NetScaler Firewall was indeed able to block the Nihaorr1 script using the default configurations. Additionally the learning features of the App Firewall can be used for more granular configurations and protection as well.  

So before the next threat to your web applications is discovered, it may be worth further investigation as to the human influence of variability in IT operations and consider steps to mitigate the risks.   

If you have been following some of the recent blog posts about Nirvana Devices and Nirvana Phones, you can get a better idea of what we are talking about in this video clip. Conceptually the Nirvana Phone takes the Smartphone to the next level by solving the existing limitations of small screens and keyboards. There are now some new devices that are close to making this possible, especially in combination with a Virtualized Desktops and applications like XenDesktop and XenApp.

Stay tuned for more videos and demos of the state of the art in Nirvana Phones , or better yet register for Citrix Synergy and try them for yourself, you may even win one !

Great things happen over a beer at Citrix events. As many of you who attend can attest, you never know what you will learn or who you will meet. For me this year the highlight at Summit was having a beer with Gus Pinto and Rich Crusco. After being summoned by Barry Flanagan to join a conversation about what Citrix can do to better to connect with the community and provide the resources and web presence to leverage the growing opportunities. At Citrix we have been making some fairly recent concerted efforts to better engage with the community including the CTP program, the Citrix Blog, the new CDN site, and a few other activities. However we also recognize there is a long way to go to really utilize and grow the massive skills that exist around the Citrix Community.

It turns out we have been planning some specific projects like the ADI Best Practices site to help educate the industry around App Delivery methods and solutions, but we were also looking for more insight from experts in the community. It did not take much beer to have Gus and Rich exploding with ideas and passion about how Citrix can deliver on the ADI vision. And they are not just talk, many of you already know Gus and Rich as MVP's, a CTP, and huge contributors to the community. In their spare time they have been running the Fameworkx.com site that has helped literally millions of IT Pros and users.  Their day job has been very significant as well, designing and implementing  ADI solutions for Citrix ( and VMware ) award winning partner Entisys. So imagine if we could tap that energy and experience and make it a full time effort ( day and night... ) supporting and growing the Citrix community and ecosystem. Well that's just what we are doing , starting next week Gus and Rich will be joining Citrix as full time Citrites and Technology Evangelists. To find out more about Gus and Rich and their plans to help the community checkout the latest posts at http://www.frameworkx.com/

Welcome aboard !

If you have not visited CDN lately, I suggest you give it a view. The team has made some significant usability enhancements as well as interesting content that is being contributed by employees as well as the larger Citrix community. For example, Vishal Ganeriwala has made a recent blog post that describes multiple ways to get a Client IP address from a Citrix session, in last few days the post has been viewed almost 3000 times ! , apparently lots of our users want to learn an easy way to do this. CDN provides a home for Developers and Citrix Pro's to learn and share ideas, code, and scripts for developing new products to integrate with Citrix or enabling and enhancing their Citrix implementations .

The new site also ranks the contributions by popularity, so a special thanks to Venkata Krishnan part of our Citrix Community who contributed a script providing printer driver information on a farm, this script now ranks at the top for popularity on our Script Exchange.  

You will also find featured content, such as new pages and resources describing the exciting new Citrix Workflow Studio , stay tuned for more  announcements around this product. The new site will also provide a location for sharing Workflow Templates and leveraging the power of the community.   

Let us know what you think and more importantly make use of the resources and contribute so we all can benefit.  

The Nirvana Smartphone as a PC , Thin Client , Desktop Appliance ... 

 
As Smartphones become more capable, and fast networks pervasive, plus now with Virtual Desktops going mainstream ( like Citrix XenDesktop ) , the practicality of using a Smartphone as a laptop/desktop alternative is closer than ever. The use case's for this model are many fold. It's is not intended to replace a PC or laptop ( at least initially ), rather the early adopters of this "Nirvana" Smartphone would likely already have a laptop for work and a PC at home. The general use case's revolve around enhanced mobility with broader access to applications and desktops. So even though most users already have access to apps and desktops from PC's and laptops, most of us would prefer to travel locally ( including the inside the office ) or on selective trips without a laptop if it was practical.

So what is missing from today's Smartphone's in a single device ?
Video-out -  A few Smartphones have video-out like the Nokia N95 but the resolution is limited and it has no pointing device support. Some PDA's ( HP and Dell Axim ) have better screens and resolution with Video-out but they are not phones and are still too big. The upcoming i-Mates promise this functionality... we'll see. The iPhone also has some video out capability but it's still too limited. The resolution needs to be capable of 1024 x 768 to satisfy most users.
Keyboard & Mouse -  The Smartphone user input options continue to improve, however to do "real" work a full keyboard and mouse will continue to the requirement when stationary. Many Smartphone's today do have bluetooth which can work fine for this scenario. Some new portable keyboards are making this more realistic as well.
Docking Station - This scenario works best if there is also a Nirvana docking station that recharges the phone at the same time as providing the VGA video interface and USB hub. The " Nirvana " Smartphone ideally would provide USB host functionally  vs. USB slave that many have today. Additional / alternative functionality for the docking station include VGA/USB passthrough - so the docking station can plug into a home PC and use the same monitor and peripherals, as well as audio in/out for headsets. This docking station would also need to come in a portable dongle version as well as stationary.

Industry trends that are also working in favor of this scenario

Free seating / Office hoteling is a growing trend for mobile workers that occasionally work in the office. Today many cubicles already have a monitor for a laptop hook up, they would just need the docking station and keyboard to provide a full desktop experience. Similarly "real" hotels have office facilities with printers and monitors, they just need a "Nirvana" docking station to complete the solution.
LCD TV's are now pervasive and many have VGA and multiple Video inputs. This opens up hotel rooms, kitchens, family rooms, etc.

LCD's in general are getting cheaper and pervasive. They are showing up everywhere; cars, picture frames, book readers.

Digital Projectors - most conference rooms are already equipped and portable projectors are getting smaller and cheaper.

Virtual Desktops - Like XenDesktop ... hosted centrally but available everywhere.

Remote Desktops - Like GoToMyPC ... remote desktop connections to home or office PC's.

Application Virtualization - like Presentation Server .. apps hosted centrally available from any device.

Web based; apps / storage / photos / social networks - more and more of digital life ( work and play )  is available from any device on the web.

Consumer driven use cases

Most device companies we speak to about this concept are interested in the idea, however many are clearly driven by the consumer use cases vs business ones due to the huge volume that the cell phone market drives today. The assumption is that Smartphone's will continue to improve and excel in handling voice, video, music and cameras, but here are some additional consumer use cases that could exploit the unique features of the Nirvana Smartphone;

Web enable all the TV's in your house - most new LCD TV's are VGA capable but normally are only connected to a cable box and DVD player. Simply adding the Nirvana docking station would provide web connectivity without all the other complexity required in today's configurations.

Video conference from your TV -  add a camera to the front of the Smartphone and use the TV to view and communicate with others doing the same.

Photo / Video Playback - many cameras already offer viewing from a TV, the Nirvana Smartphone will carry your photos and videos that could be viewed full size from the Smartphone Video-out to any LCD monitor or TV through the Nirvana docking station.

So how long is this going to take ? Why has this failed so far.

It's easy to project everything is going to be possible in the far future; wireless video, virtual keyboards, rollup video screens, etc. However, I am more interested in the next 12-18 months, the technologies to build this Nirvana Smartphone and use it as a Desktop Appliance are all available now, it just needs a leading device vendor to put together all the parts ( and embed some Citrix SW.. ).

So far there have been a few attempts to build full PC functionality into a Smartphone/PDA however they all come up short ( too big, too slow, too expensive ) because they try to replicate a full PC in a small device. Instead, if device makers can assume that a remote virtual desktop is accessible with all the apps you need and full size keyboard+mouse+monitors are readily available and connectible, then the Nirvana device could be built at a reasonable price, fit in your pocket, and provide the freedom to leave your PC or laptop at home.

Who will build the Nirvana Smartphone ?	Choose
Apple
HP
Motorola
Nokia
I-Mate
BlackBerry
HTC

Would you buy the Nirvana Smartphone ?	Choose
Yes, even if it's $400-$800
Yes, only if its less than $400
Not interested

Related links

Update : What is a Nirvana Phone video post

Adam Marano's search for the Nirvana Device posts from CTIA 2008

The Viewsonic ViewDock with an iPod looks like a perfect combination, unfortunately it still needs a PC to run and view.

John Dvorak's PC week article from 2003..

Nokia N95 TV-out feature review.

i-Mate 8150 with VGA out on youtube. 

The RedFly Mobile companion announced at CES.

If you're a developer that's looking for a simple web standards based interface to windows applications hosted on Citrix Presentation Servers you now have a new option beyond the existing MFCOM SDK. One of our partners Extentrix has released a product called Extentrix Web Services 2.0 - Application Edition which provides a suite of web services API's that communicate directly to the Citrix XML Service.  The Web Service uses SOAP and XML to deliver information about CPS published apps, the developers app can then discover the web service's API's via WSDL and generate the appropriate proxy in order to deliver the app to the client.

Extentrix has an online TestDrive site that demonstrates a few examples of how this could be used; the sample page has an embedded link that when clicked first checks to see if the client has the required application locally installed, if so the content is redirected to natively launch locally. However, if the client does not have the app installed then the content is redirected to a CPS server and delivered ( launched ) via CPS/ICA.

Some additional use cases that we see for  this include :

Enterprise portal integrations - If no CPS portlet exists or a unique implementation is desired - Extentrix also provides sample integration with Microsoft Share Point 2007. 

Workflow - Enterprise work flows such as Oracle BPEL that can include launching the right app and the right document at the appropriate point in the workflow and maintain security of sensitive content.

Enterprise 2.0 Mashups -  Now you can include all your existing windows apps in an enterprise mashup without completely rebuilding the app and UI.

So if this sounds interesting check it out and let us know what you think.

Developers can find more resources at this link

Chris Fleck