Oracle EBS 12.1 runs on XenApp

Citrix XenApp™, a member of the Citrix Delivery Center™ product family, is the industry's de facto standard for delivering Windows-based applications with the best performance, security and cost savings. XenApp is the most complete application virtualization system available with the ability to virtualize applications on both the client side and server side, delivering them on demand based on the user, the application or the location (online or offline).

By centralizing applications and data in secure datacenters, IT can reduce the costs of management and support, increase data security and facilitate business continuity. XenApp Platinum Edition adds critical capabilities for application performance monitoring, secure remote access, WAN optimization and single-sign-on application security.

Citrix XenApp is compatible with Oracle E-Business Suite 12.1. Organizations of any size can deploy XenApp on industry standard servers anywhere in the datacenter, on a single server or across all cloud computing datacenters. This simple integration takes Enterprise applications into the virtual realm, allowing customers to run Oracle on Virtual Machines, within XenServer, delivered to the end user through XenApp.

Tap into the power of AppExpert!

Oracle EBS 12.1 is integrated with Citrix NetScaler

Deployed in front of Web servers, NetScaler application delivery controller models combine load balancing and content switching. Potential benefits include application acceleration, content caching, SSL acceleration, network optimization, and application performance monitoring in a single built-for-purpose hardware platform. Unlike other approaches that require multiple point products, NetScaler is an all-in-one appliance that is easy to deploy, configure, and operate with AppExpert Visual Policy Builder GUI-based tools, AppExpert Templates, and multiple wizards.

NetScaler 9.1 is available in both hardware-based (NetScaler MPX) and application-based deployments (NetScaler VPX). All deployment options available in version 9.1 are compatible with Oracle E-Business Suite 12.1. Organizations of any size can deploy NetScaler VPX on industry standard servers anywhere in the datacenter. NetScaler VPX enables load balancing, application acceleration, application security and server offload to become virtual appliance-based services that can be easily and dynamically deployed; on-demand and anywhere in the datacenter. Whether installed on a single server or across all cloud computing datacenters.

Download the Citrix NetScaler, Oracle EBS 12.1 Deployment Guide.

Download the Citrix NetScaler, Oracle EBS 12.1 Data Sheet.

Tap into the power of AppExpert!

NetScaler Virtual Machine

Today, Citrix announced a virtual appliance version of their NetScaler Application Delivery Controller - the NetScaler VPX, the first of its kind. All of the functions that traditionally were performed in the datacenter can now be performed in the domain of virtual machines. Load balancing, application acceleration, security and offload functionality are now available as a XenServer virtual appliance.

Industry's first Virtual Load Balancer

No other vendor offers this type of software as a Virtual Appliance. By making advanced web application delivery functionality available as a virtual appliance, NetScaler VPX drives convergence of virtualization and networking. In the continued movement toward simple and affordable convergence, NetScaler VPX makes sophisticated application delivery functionality available to any size organization. This breaks down deployment barriers for all types of organizations.

What used to run on a proprietary piece of hardware now runs on any hardware that supports virtualization. Because there is no physical appliance to ship, install or move VPX can be installed at a moment's notice, on any server running XenServer.

The challenge

• Check out The Great NetScaler VPX challenge and get $10,000.
• The Tech Preview will be downloadable from citrix on May 18th.
• If you are running VMWare, you need to run Xen - and why wouldn't you, Xen is free.
  

NetScaler VPX

It's powerful - AppExpert!

New NetScaler Technology Speeds Applications that Push Data to Users, Achieving Greater Real-time Interactivity with Fewer Servers Required

This groundbreaking new capability was specifically designed to address the demands that today's interactive Web 2.0 applications are placing on server infrastructures. While Web 2.0 applications are ushering in a new era of enhanced functionality and responsiveness for end users, they are highly inefficient when it comes to server computing resources. In order to create a rich interactive experience, Web 2.0 applications need to maintain a one-to-one user connection to backend servers for extended periods, which severely taxes datacenter resources and adversely impacts performance and scalability. NetScaler is the first application delivery controller to streamline this process by "pushing" data directly to thousands of users concurrently, offloading web servers from this burdensome task. As a result, server costs for delivering Web 2.0 applications can be reduced by five to ten times.

Rich Web Experience at a Fraction of the Cost

These new capabilities allow NetScaler to free up backend servers from inefficient connection management tasks, thus shrinking the number of servers needed. This reduced server footprint in the datacenter improves server utilization and allows a smaller set of servers to accomplish the same business tasks, cutting server costs by up to 90 percent by decreasing power, cooling and operational overhead.

Read more.

Its available now.

Its powerful - AppExpert!

NetScaler supports the chaining of Intermediate SSL Certificates

Up to 10 Chained Certificates to be exact, one Server Certificate and nine CA Certificates.

Verisign recently posted an advisory stating the discontinuance of Unchained SSL Certificates, and that all Verisign SSL Certificates issued after Dec 11, 2008 will be chained to Root CAs to align with security best practices - Read the advisory here.

Chaining of Certificates is done with Intermediate Certificates. What are Intermediate Certificates?

They sit in the middle, between the Public Trusted Certificate Authority (CA) and your Server, in our case the Citrix NetScaler.

The Citrix NetScaler Application Switch supports the chaining of SSL Certificates just for this very purpose, and to show how easy it is to obtain an SSL Certificate from a Trusted Certificate Authority, such as Verisign, and install it into the Citrix NetScaler, we developed the following deployment guide to walk you through the process.

Verisign Certificate Authority w/ Citrix NetScaler SSL Deployment Guide.

Tap into the Power of AppExpert!

Try it!

This is an interview with Andrew Innes.  Andrew is the Platform Architect for user interaction components of XenApp and XenDesktop, notably Web Interface and the desktop integration clients.  His job entails finding creative ways to improve the usability and security of these products, and helping strike the right balance between them.

Here is Andrew:

 Q: Andrew, what are the security issues Citrix Admins should be aware of with Web Interface?
A: Hi Kate.  There are two main categories of issues admins need to think about: security of the web server itself and security of the whole XenApp or XenDesktop delivery system.  For the web server itself, there are all the standard hardening rules to follow, especially if it is facing the Internet - I won't try to summarize these here.  The aim is to prevent intrusions into the web server itself or the network behind it.

It's worth mentioning though that Web Interface has undergone probably hundreds of evaluations in customer environments as well as regular security audits within Citrix as part of our secure development process.  It has been engineered with all the known web application threats in mind, and we track 'webappsec' developments closely to build in defenses against new styles of attack as they emerge. 

Hardening the web server itself is the #1 recommended best practice for everyone.  Some customers will still want to employ extra measures, such as a web app firewall or other monitoring systems to spot potential attacks.  NetScaler can easily be configured to provide web app firewall, SSL and detailed logs.

For the Citrix specific aspects of security, the admin should start by understanding the business reason for publishing resources (apps, desktops, documents etc) via the web, and the appropriate policies on access rights and restrictions.  These feed into the design requirements for the delivery system, including the configuration of Web Interface.  The aim here is primarily to ensure authorized users are allowed access in the intended way while unauthorized users are denied access, and that policies are not circumvented.
Web Interface has a brokering role in the delivery system, making it an effective place to enforce certain policies, for instance ensuring strong authentication happens before access is granted.  It can be augmented with Citrix Access Gateway to scan end point devices to make fine-grained access decisions; in this case Web Interface plays a supporting role in upholding those policy mechanisms.  It also implements a number of sensitive features, like password change and password reset, which can be enabled when the usability gains outweigh the security considerations.

Q: What are the prescribed security precautions Citrix Admins should use with WI?
A:  There are a few standard precautions we recommend all customers follow:
   -      Require SSL on the Web Interface server; this protects user credentials in transit and helps prevent spoofing attacks (like those that could result from the recent DNS vulnerabilities). 
   -    Use SSL or IPSec for requests to the XML service on XenApp or XenDesktop; again this protects credentials.
   -      Follow best practices for web server administration; this protects against accidental or malicious reconfiguration.
   -      Disabling the HTTP port, or having it redirect to the HTTPS port can be helpful.  Then to prevent potential phishing attacks (MITM against the HTTP connection that redirects to a replicated WI site) the Internet Option setting "Websites in less privileged web content zone can navigate into this zone" should be disabled.

Where possible, we encourage customers to consider using the Kerberos or smart card support in XenApp which avoids the need to send passwords at all.

Q: Do you have any Knowledge Base articles to reference that might be of help?
A:  There is a collection of technotes for Web Interface which cover useful points, but my favorite reference is the Troubleshooter's Guide for Web Interface.

The #1 Web Filter by St.Bernard is now Citrix Ready. The Highest Performance Web Application Solution from Citrix Systems can now be deployed with the the #1 Web Filter by St. Berdard. IDC ranked them #1, SC Magazine gives them high ratings, and you will agree when you plug this thing in. The Citrix Web Application Firewall protects inbound traffic destined to Web and Application Servers without degrading throughput or response time. Now, with St.Bernard's iPrism h-Series high performance appliances, you can also do outbound Web filtering, IM/P2P filtering, and antivirus detection. The iPrism Web Filter is optimized for the datacenter infrastructure and sits behind the firewall while it monitors traffic. St. Bernard's platforms are hybrid so that Web filtering, antivirus and IM/P2P filtering are all contained within one box - unlike other point solutions.

St.Bernard's iPrism Web Filter is easy to use and easy to manage. If fact, it's so easy, we had the device up and running in Proxy mode and then in Bridge mode in a matter of seconds. The management software auto-discovers the box, so you don't have to plug in a console cable - very nice!

It is far better than a transparent proxy because St.Bernard has engineered their filtering technology at the kernel level, so their bridge mode really is a bridge between interfaces, and not just a transparent proxy like other solutions in the market.

We deployed the iPrism Web Filter behind our NetScaler, and had the NetScaler perform NAT (Reverse NAT) for outbound connections to the Internet. The iPrism Web Filter adds another level of security that IT organizations sometimes look for to complement their existing base of high-performance Citrix Gear.


Citrix & St.Bernard Deployment Guide!

You can try this product for free.


The product demo is awesome.


As a hybrid unit, this is a steal.












NetScaler Developer Network!