Citrix is sponsoring SAP TechEd 09 in Phoenix! Starting on October 13th at the Phoenix Convention Center, Citrix will showcase our desktop virtualization solutions and promote our recent Citrix Delivery Center POC produced jointly with SAP and onsite at SAP Labs in Palo Alto.

Don't miss your chance to learn about our desktop virtualization vision and how our solutions work alongside SAP solutions.

If you're planning to be at SAP TechEd, stop by the Citrix booth (#211) to meet with the team and learn how we're working with SAP to improve application delivery and user experience. Learn more about SAP TechEd or register to attend here.

Visit the Citrix Community for SAP to stay up-to-date on the latest partnership information...and don't forget to follow us on Twitter!

Okay, I'm the first to admit it's been quite a while since I updated my Facebook status, so I never thought I'd say this ... but I'm tweeting. And yes, I said "tweet"...it only took me about a week to stop saying "twit".

But the good news is that there's a lot to talk say about our relationship with SAP and I'm not doing this alone. Joining me will be the rest of the Citrix/SAP alliance team and together we'll be updating our fellow followers on the latest and greatest happenings within the relationship.

There's some really exciting stuff coming down the road...don't you want to be one of the first to hear (or read) about it? 

Come on! Get in with the in crowd. Follow us on Twitter! 

Also, don't forget to check out the Citrix Community page for SAP. On this page we've consolidated all related blogs, news, videos, etc... from Citrix, SAP and third-party sites in our feeds section to provide a one-stop-shop for all things on the alliance.

That's why we've worked together to develop the Citrix Community page for SAP, a dedicated, one-stop shop for all things Citrix & SAP! So while we'll never say there is "too much" information on the Citrix and SAP relationship, we will say having a single place to access all information on the relationship is "wonderful".

On this page we've consolidated all related blogs, news, videos, etc... from Citrix, SAP and third-party sites in our feeds section to save you time on staying up to date on the Citrix and SAP happenings. You can even follow us on Twitter!

There's even a discussion forum dedicated to SAP-related discussions. Look for the answers to your questions within existing threads or post a new question in our discussion forum. Do you have technical questions about an SAP implementation? Do you want to learn more about the validation and performance results of SAP NetWeaver with Citrix XenApp and Citrix NetScaler? Do you want to learn more about Citrix's relationship with SAP? If you said yes, then this is the site for you!

Visit this page to learn the latest and greatest information about our relationship including press announcements, product validations, joint activities and resources...and don't forget to participate in our Community Verified initiative! Let us know how you're working with SAP in your Citrix environment from the convenient console located within the page.

So...why don't you come up and see us some time? And oh yeah...don't forget to participate in the discussion! Stop by the Citrix Community page for SAP today!

I'm sure you are all familiar with the iPhone commercials and the ubiquitous "there is an app for that" phrase that has seemingly become the catch phrase of this decade. Previous catch phrases include --but not limited to -- The 70s-"Heeeey" , The 80s-"Where's the Beef?" The 90s-"Doh!".

All kidding aside, "there's an app for it" reflects the current state of consumerization and customization that is becoming commonplace in today's on-line experience. It is no longer acceptable to have generic applications and content. We all know what we need/want for our apps and we need them now!

Citrix Community Updates

In that same spirit, today I have the pleasure of sharing some of the upgrades we have made to the Citrix community sites. Need a community for discussing Citrix and Microsoft products, "there's a community for that", need a community for the latest and greatest on Citrix and Oracle, "there's a community for that", need a community for finding cool communities "there's a community for that" , need a community where you can geek out (both online and local), "there are 2 communities for that" (gotta spice it up a bit , the first is here and the second is here)... well, I think you get the idea. You should check out the Citrix Community home page and in particular the new partner community module.

My team and I are continually looking for ways to connect with the Citrix community of customers, partners, Citrites and anyone interested in the latest in virtualization of applications, desktops and servers. We are continually soliciting feedback and update the site based on direct comments and industry trends.

Now it's your turn....

Let us know what types of communities you need and (you guessed it) "there will be a community for that", we are open to all types of ideas... here's a few to get the ball rolling (and maybe a peek at the future )... How about a Citrix and Windows 7 community? Or a Citrix and Desktop Virtualization community? Or (heaven forbid!) a Citrix and VMware community?

Also, let us know what type of content you are looking for in your communities. Check out the partner communities or even XenServerCentral for our real time multi-media feeds. Let us know how we can make them better for you...

Now I need to get back to my favorite iPhone App (an oldie but a goodie) ....

john

I've been using the Sprint HTC Touch Pro for a few months now, and I feel that it is a very compelling mobile device for use with Citrix XenApp and XenDesktop, maybe even for few of the folks I've been hearing from that are looking to move away from the iPhone.  So what I've done in this blog is to video what I feel are some of the compelling use cases for mobile devices with Citrix and let the Sprint HTC Touch Pro take top billing in this post.  I'm sure you can find a few posts about Citrix and the iPhone if you try, and we'll have it out "Sooner than later"!

HTC Touch Pro w/Web Interface

HTC Touch Flo interface does a good job of bringing most of the tasks I want on my mobile device right to my finger tips.  One of the areas that HTC's Touch Flo interface comes into play with Citrix is when connected to Web Interface via the Opera browser.  The Opera browser allows the user to quickly zoom in and out on the Web interface, and move the viewable portion of the page using your finger to quickly find the application you want to launch (no stylus required).  The built in accelerometer will also automatically change the view from portrait to landscape when you tilt the Touch Pro.  If the keyboard is pulled out, the orientation will also switch to landscape mode.  The below video shows the new Web Interface, which has a mobile device mode built in, easily navigated with HTC's Touch Flo integration into Opera.

Mobile Access to Corporate Documents

Being able to quickly and securely access documents on corporate file shares from your mobile device can be a real advantage.  Imaging a lawyer or sales person not having to boot up their laptop to get quick access to a document when they simply want to look up some data in a document or quickly review a file.  Using their mobile device instead they can just launch File Explorer via XenApp from their mobile phone to gain secure access to that any file they have access to in the data center, regardless of its size or type.  They can find the data they were looking for and be done quicker than it takes to boot most laptops.  The HTC Touch Pro's full VGA resolution really shines here, you are able to view a lot more data on its VGA screen than most devices with lesser resolution.  The screen is small (2.7"), but its clarity helps to overcome its size. 

NOTE: in order to make the following videos more viewable, the Touch Pro was controlled from my PC using Soti's Pocket Controller Pro so my fingers weren't in the way!  Like the keyboard is when typing on an iPhone

Mobile Access to ERP, CRM and Other Database Applications

Being able to access to ERP, CRM and other corporate database data while mobile is another key use case.  While I wouldn't recommend that users do a ton of data entry into these systems from any mobile device, there are a lot of cases where a user in the field needs quick access to customer information, sales and program data, payment or purchase approvals, and inventory information for example.  The general use case when using mobile devices is about quick consumption of data, and they can securely gain access to such data from their mobile device using XenApp.

The below video shows the HTC Touch Pro accessing the Citrix corporate SAP system to quickly approve an event, and look up some travel expense report data.

Mobile Access to Technical Documents

Citrix has optimized its ICA protocol for over a decade to deliver some of the most demanding types of data to remote users.  Imagine the technical field worker that needs to look up the proper connectivity of electrical wiring on an expensive piece of equipment.  They could try and carry every possible paper manual in their truck, OR all of the technical drawings could be kept online in the data center for the worker to access via their mobile device, and again, having a device with a full VGA resolution like the HTC Touch Pro makes a big difference.

The below video shows the HTC Touch Pro accessing a 3D AutoDesk drawing, allowing the worker to rotate the drawing on the Touch Pro and zoom in and get whatever level of detail they require to get the job done.

So you wanna full desktop to?

Are you standardizing your desktop deployments on XenDesktop?  Not a problem for mobile users.  The HTC Touch Pro's full VGA screen is one of the few devices I've seen that can easily fit a full desktop on the screen without requiring panning and scaling. 

The below video shows use of the Touch Pro with XenDesktop.  It also shows the ability of the solution to detect a change from landscape to portrait mode and have the application or desktop being run on XenApp/XenDesktop automatically adapt to this change. 

So is a 2.7" screen a bit small to run a full desktop on, probably.  But I find the Touch Pro very usable for quick access to applications and data, even with XenDesktop. I can only hope for HTC to come out with an HTC HD Pro version with an external keyboard which would really make this solution pop.  Give it full SVGA output via a VGA connector (Sprint HTC Touch Pro has VGA output today) and you may just have the first real Nirvana Device along with my Celio Redfly to complete the package.

I know there are a lot of other differences between the Touch Pro and the iPhone, iPhone pinch .vs. Touch Flo swirl, Opera browser .vs. Safari, iPhone has a cool Star Wars light saber application and Touch Pro does not   Overall, the Touch Pro has been an excellent device, very stable, phone works great, Touch Flo interface makes it very easy to get to the most common features I use on a phone, and it works with XenApp today!   So what's the "right" business device for you and your employees, that's for you to decide.  But hopefully this post helps you look at some of the use cases that can add value to your mobile workforce, and another great device for you to consider.

Sprint HTC Touch Pro Keyboard TIP!!!!! 

I did initially have an issue with the external keyboard with XenApp applications and have seen a number of posts on the web about this.  I quickly found a few settings in the ICA Client that quickly resolved this issue.  To make these changes, open the "ICA Client" from the Programs folder and navigate to the "Edit Preferences" page:

"Edit Global Settings" -> "Edit Preferences" then make the changes highlighted below:

You may also be interested in Full Screen Mode for Your Nirvana Device 

NetScaler 9 is officially here. Well, actually, it's officially announced. It won't be officially available to download from mycitrix.com until November 27^th. Yes, I know that's Thanksgiving. However, Citrix is a global company, and what better way to prove it than to post the NetScaler 9 code on a major US holiday? And, there is a chance that it might show up a day or two before the 27^th.

NetScaler 9 is a pretty big release. Looking at the detailed feature tracker, it contains over 350 new features and feature enhancements. I'm not going to go through all of them in this post, because that's what release notes are for. However, I do want to highlight some of the major new features that folks seem to be most excited about, and point you to some additional resources on this site that go into a bit more detail on some of them.

I like to think that NetScaler acts as the bridge between the network and the applications that run on it, making each of them work better with the other. NetScaler 9 furthers this.  A lot of the new capabilities and features making NetScaler more application-saavy than it already is. This is not to say that there aren't any hardcore networking enhancements in NetScaler 9, because there are a lot of them. These include everything from end-to-end support for IPv6 to enhancements to our GSLB functionality to the ability to tunnel IP within IP.

But in the end our networks are there to run applications, and it's the new AppExpert features in NetScaler 9 that seem to be generating the most interest.

AppExpert Templates make a given application the "first class citizen" within NetScaler. They do this by encapsulating everything about a NetScaler configuration that is specific to a given application, including:

1. The different application components (e.g., pages, files, archives, Web Services) NetScaler is managing
2. The various NetScaler entities and settings (e.g., VServers/VIPs, load-balancing algorithms, health checks, persistence methods, SSL offload settings) defined for these application components
3. The specific NetScaler policies (e.g., caching, compression, application firewall, rewrite) used for the application

All of this is presented in a way that puts the application front and center, and configuration and policy changes can be made from there as well. So, while today understanding the entire NetScaler configuration for Microsoft SharePoint (for example) involves moving around between the various NetScaler GUI tabs, with AppExpert Templates everything is centralized in one place.

AppExpert Templates can be imported and exported as well, so they make it pretty easy to move app-specific configurations between different systems. More broadly, several folks have told us that this, and the general look and feel of AppExpert Templates, will help with knowledge transfer within their organizations. You can see an example of the Microsoft SharePoint template being imported and then applied here.

If you go here when NetScaler 9 becomes available in a couple of weeks, you'll be able to download AppExpert Templates we've already built. And, as you'll quickly notice, AppExpert Templates aren't static. The underlying infrastructure makes it really easy for you tweak a template to your own specific needs, or to improve the template by adding to it. Hopefully, you'll all post any improvements and modifications you make back to the community site so that others can benefit. And definitely look for additional AppExpert Templates to be made available by us, but Citrix partners, and hopefully by other NetScaler users.  

With AppExpert rate controls, we've integrated the concept of data rate into the core NetScaler policy infrastructure.  This allows building policies that are only triggered when a defined data rate is exceeded.  And since it's integrated with the core policy infrastructure, it can be used with the various NetScaler functional modules (e.g., content switching, responder), so you're not limited to just dropping traffic as an action.

There's a number of ways folks have told us they're going to use AppExpert rate controls. Of course straight-up rate limiting (e.g., DNS rate-limiting, limiting traffic originating from a single subnet) is one example. Ensuring a given resource (e.g., anything from a VServer to a specific URL) isn't overwhelmed by requests is another. Two specific examples are:

1. One customer allows some of its partners to scrape its website so the partners can republish content on their own sites. However, the customer wants to ensure that overly aggressive scraping by the partners doesn't overwhelm the website and degrade the site's performance. AppExpert rate controls can be used to limit how much scraping each partner can do. This same approach could be used to ensure that websites that publish APIs -- so that partners can do mashups, for example -- aren't overwhelmed by any particular partner's use of the API.
2. Another example is a customer that was having problems with a couple of users FTPing a few too many large files at the same time. By using AppExpert rate controls to build an expression around bandwidth consumed per sourceIP, they can drop any additional FTP requests coming from a sourceIP (aka a user) that already has too much FTP activity. A more generalized use could also do something along the lines of limiting the amount of concurrent file downloading for a given SharePoint site, to ensure that downloads don't drown out other SharePoint (or other application) activity.

AppExpert service callouts make NetScaler policies extensible, and will allow you to integrate logic or functionality available in other systems and applications into NetScaler policies. Specifically, using an AppExpert service callout, a policy can send (over HTTP or HTTPS) any part of an incoming request to an external service. The result returned by the external service is then used like any other policy evaluation result.

As an example, one beta customer has an application that identifies and tracks IP addresses that are scraping its site's content. No, this is not the same customer that is interested in AppExpert rate controls. In earlier case, scraping is encouraged, they just needed to control it. In this case, the scraping of content amounts to theft, and the customer want to prevent as much of it as possible. Unfortunately, the IP addresses doing scraping change constantly (hence the reason they had to build an app), so statically defining them within the policy itself isn't practical. However, a service callout can query the application in real-time, and NetScaler then uses the response to either pass or drop the request.

Other use cases customers have mentioned include:

• Passing content to an external transformation engine
• Integration with UDDI or other directory services
• Geo-targeting or other token-based switching decisions, where the logic for the content switch is available in an external application  

NetScaler 9 has the first availability of the XML technology we acquired from QuickTree last year. New XML protections in the NetScaler Application Firewall module will now be able to inspect and protect XML as well as HTML traffic. In addition to protecting XML-based applications from attack, this can also be used to ensure that incoming XML traffic conforms to various standards (e.g., XML syntax, schema, WSDL validation). With XML, sometimes "bad" traffic isn't malicious but is just a mistake. Either way, the XML capabilities in the app firewall will catch it.

We've had the ability to rewrite payloads within the TCP header or payload since NetScaler 8.0. However, in NetScaler 9.0 we've added a URL transformation 'mini-module' to our generalized rewrite functionality specifically for rewriting HREFs. While this function is often thought of in the context of either SSL VPN or application firewall, it has uses beyond these as well. For example, onboarding apps acquired through M&A activity, simplifying change management or "Akamai-zing" graphics content.

Again, NetScaler 9.0 is big release. There is a lot more than the app-centric things mentioned above. There is a pretty comprehensive What's New in NetScaler 9 writeup here for those of you that want a more comprehensive overview.

Updated November 12, 2008:

I received a question via comments asking about Access Gateway Enterprise enhancements. As many of you know, Access Gateway Enterprise is in essence another module in NetScaler. So, all Access Gateway Enterprise functionality is included in NetScaler, which is why NetScaler is such a great solution for Citrix XenApp and XenDesktop. There are definitely enhancement to Access Gateway Enterprise in NetScaler 9. At a high level, they are:

• Support for IPv6 XenApp Client Connections
• Single sign-on to file shares, so your users won't get get as annoyed by as many authentication prompts (unless you want them to be)
• Full clientless access to Microsoft SharePoint 2003 and 2007 so users can access SharePoint sites from any browser
• Historical charting which allows you to see trend data on system activity

Application Delivery is at the top of the list of any organization's priorities. Keeping up with those priorities requires a move to dynamic application delivery and virtualization. The Citrix NetScaler Application Switch is a powerful step in that direction.

Compressing content at the server level can be done, but is tedious, and with the number of hosted servers on the backend growing proportionally with virtualization, it is better suited to a frontend tool. 

As an Application Expert, determining what type of content is compressible vs. that which is not compressible should be at the tip of your tongue, or at least you should be able to reference this post or document.  The thing is, while some content types remain compressible/non-compressible across many applications, you might run across an application that requires some content be treated uniquely.  For example, the SAP application requires that pdf files should not be compressed when sent back to the clients.  Either way, you should know how to dynamically configure rules to accommodate for the applications content.  This Compression Deployment Guide shows you how.

Watch this Compression Tip:

Buy the Citrix NetScaler Application Switch here.

Tap into the power of AppExpert.

Policies are used to configure various Citrix NetScaler Application Switch features. For example, the parameters for compressing content are defined in a compression policy.

The features that use policies are:

• Load Balancing
• Content Switching
• Content Filtering
• AppCompress
• Cache Redirection
• SSL VPN
• Priority Queuing
• DoS Protection
• Sure Connect

Policy expressions are applied to content that enters the switch. Expressions are shared among features, but actions are feature-specific. For example, you can create an expression to identify .pdf files being sent through the system. You can then create a compression policy that uses this expression to compress those files. The Policy Engine (PE) refers to the architecture in the Citrix NetScaler Application Switch for versions up to 8.x. The architecture for Policy Engine and the manner in which it operates is presented in this Deployment Guide.  Did you know that each feature in the Citrix NetScaler Application Switch is processed in a certain order, and the Policy Engine (PE) applies policy according to that order.  That order is represented in this diagram and discussed in the Deployment Guide for Policy Engine (PE).

Watch this Policy Engine Tip:

Tap into the power of AppExpert!

As web applications grow in complexity, the art of accelerating them seems to remain the same. This art is performed by applying some basic concepts to the application; that is, Caching, Compression, Load Balancing, Global Server Load Balancing, SSL Offload & Acceleration, Content Switching, TCP Multiplexing and SSL Session Reuse.

Citrix® is a leader in Gartners magic quadrant for Application Delivery with their flagship appliance NetScaler®. NetScaler accelerates web application performance by leveraging multiple acceleration technologies and innovative TCP optimizations.

Whether you are building out a new datacenter and architecting it the right way, or retrofitting an existing datacenter, Citrix NetScaler will perform and keep costs down. Whether you are looking to accelerate legacy enterprise applications such as Oracle or SAP, or building a new web 2.0 social community, Citrix NetScaler contains all of the tools to get you there.

Citrix NetScaler web application delivery solutions are purpose built appliances that accelerate application performance, while simultaneously reducing datacenter costs and improving web application security. Platforms range from the entry level 7000 to the latest MPX-series appliances that provide an industry-leading 15 Gbs of throughput at Layers 4 through 7.

There's more here: Case Studies, White Papers, Analysts , Datasheets

Check out the new MPX!

Buy it here!

Tap into the power of AppExpert!

This whitepaper outlines the best practices for implementing SAP GUI 7.10 for Windows using Citrix XenApp 4.5

Becoming an Application Expert means that you can profile an application and quickly determine how it can be architected or re-constructed for higher performance. Of course, we want you to use the Citrix Application Switch as part of the architecture. In Part 1, we learned how to profile an application to learn what it looks like as the traffic flows through the Citrix Application Switch. Now we will determine what parts of an application are cacheable and what parts are non-cacheable.

By Application Profiling we can determine which parts of the application are cacheable and non-cacheable just by looking at the Request and Response headers. The application will sometimes tell you through it's "Cache-Control" header directives. Some content that we just know is static and doesn't ever change, we can consider cacheable as static content. Content that changes, such as reports, are often considered non-cacheable but with the help of Selectors and Dynamic Content Groups in the Citrix NetScaler, this content can be cached. As a proof of concept, we deployed the Citrix NetScaler Application Switch in the front of Oracle E-Business Suite v12 application and implemented caching policies for both static and dynamic content. As it turns out, alot of static content is cached by default policies and setting up dynamic policies is not that difficult. To see how, read the Caching Deployment Guide for Oracle E-Business Suite v12.

Watch this Caching Tip:

Tap into the power of AppExpert!

Application Profiling

Introduction:

I can turn you into an Application expert in 5 minutes by reading this post.  Just do what the experts do, or even the not-so-experts.  They pay meticulous attention to the requests from clients and the responses from servers, both headers and body content.  You do this the old fashioned way by taking a trace.  There are better tools out there, some free, some not-so-free.

Running a trace:

Running a trace will help you 'profile' the application. It is recommended that you do this before placing the Citrix Application Switch in-line of the Application traffic. This will gather important information about the Application that will help you understand it's basic operation at Layer 7, and help you begin to understand what it is that needs to be accelerated - cached, compressed, load balanced, ssl offloaded, etc.

Running a trace exposes the flow of transactions between all points of interest. Traces are especially helpful when digging in to find what is contained within the headers being exchanged between the client and the application.

Taking a trace with wireshark:

The free network protocol analyzer called wireshark, http://www.wireshark.org, will capture packets for you on the localhost, whether it's windows or linux. By filtering the stream of packets by IP Address, right clicking and selecting 'Follow TCP Stream' inside of wireshark, you can see the headers for both requests and responses.

Wireshark tip 1 Find the first 'SYN' in the stream, right click, 'Follow TCP Stream'.

Wireshark tip 2 Client requests are in Red, Server responses are in Blue.

Taking a trace with the Citrix Application Switch:

If the Citrix Application Switch is already in place, a trace can be run directly on the Citrix Application Switch. Running a trace will expose the flow of transactions between all points of interest, especially the client, load balancing VIPs and backend servers. Traces are especially helpful when digging in to find out if the proper headers are being exchanged between client & VIP and VIP & backend servers. A trace can be run directly on the Citrix Application Switch. Once downloaded this file can be opened and request and response headers read with Wireshark, a free network trace utility, http://www.wireshark.org. From the Citrix Application Switch GUI, navigate to NetScaler -> System -> Diagnostics -> New Trace -> Run. 

Viewing headers with Paros:

Paros was originially written for web security, but has value when viewing request and response headers, cookies and the like. Through Paros's proxy nature, all HTTP and HTTPS data between server and client, including cookies and form fields, can be intercepted. There is an additional option of trapping and modifying data before sending it on to the server, or client. Paros can be found at http://parosproxy.org. Free.

Viewing headers with Live HTTP Headers:

Live HTTP Headers, http://livehttpheaders.mozdev.org/, was developed for use with the Firefox web browser. It is a free add-on and allows you to view HTTP header information in real time. Free.

Viewing headers with IE Analyzer:

IEInspector HTTP Analyzer, http://www.ieinspector.com, is a tool that allows you to monitor, trace, debug and analyze HTTP/HTTPS traffic in real-time. It works with Microsoft Internet Explorer. Not-Free.

Viewing headers with IE Watch:

IEWatch, http://www.iewatch.com, is another plug-in for Microsoft Internet Explorer that helps you profile your web applications. You can use this tool to dig deep into the inner workings of web applications to find hidden issues. Not-Free.

Watch this Application Profiling Tip:

Tap into the power of AppExpert

The SAP Enterprise Service Oriented Architecture (SOA) provides a blueprint for services-based, enterprise scale business solutions that are adaptable, flexible, and open. Enterprise Services Architecture takes the concept of service-oriented architecture to a new level by transforming Web services into enterprise services. Bringing Citrix and SAP Enterprise Services Architecture together reduces the dependence on customized applications, and increases flexibility and reduces time to deployment while reducing operational expenses.

Watch this Load Balancing Tip:

Tap into the power of AppExpert

We recently had a meeting with a large partner of ours and they handed down some hefty requirements.  An average of 100 partners using their portal on any given month to access their development environments on the backend.  It was clear that NetScaler could scale, but the question was how to keep all of those partners separated from each other, without them peeking into each others traffic. It turned out to be easier than we thought using the NetScaler as an SSL VPN with the addition of some policies bound to each partner's user group.  The following is an overview of the network diagram, and there are some deployment guides to walk you through these installations.