Citrix AppExpert is an online community dedicated to NetScaler users. This moderated community is the best place for conversations on how to get the most from your NetScaler deployment, including creative AppExpert policies, innovative configurations, integration with other infrastructure technologies and more
While the AppExpert Visual Policy Builder represents a breakthrough in ease-of-use, developers occasionally need more programmatic ways to invoke policies or system settings as well. For these scenarios, AppExpert also provides powerful APIs that use industry-standard WSDL (web services description language). Using AppExpert APIs, external applications and systems can automatically modify any NetScaler system setting and any AppExpert policy.
The XML API provides developers the advantage of controlling or monitoring the NetScaler from a custom application.The standards-based SOAP interface allows the developers to easily and securely develop client applications using a language and platform with which the developer is comfortable.
Recently Updated
Partner Wiki updated by Vishal Ganeriwala on 6/19/08 3:04 PM
Shorewall updated by Craig Ellrod on 6/19/08 2:53 PM
Performing content rewrite at milli-speed is key to providing a front-end device for application delivery. Most important is the capability to rewrite both request and response headers & body content which the Citrix Application Switch does and it is an easy 3-step process to configure. Not only is it easy, it scales to Enterprise class applications, which we demonstrated here with the Oracle Enterprise Business Suite v12 in our lab in Santa Clara, CA, USA.
This Content Rewrite Deployment Guide walks through the steps necessary to quickly profile an application and configure the Citrix Application Switch for content rewrite. This deployment guide can be used as a reference for other Enterprise applications, in addition to Oracle. Some typical examples of how customers use the Citrix Application Swtich for content rewrite are to Insert the Client-IP as an HTTP Header, Delete old X-Forwarded-For headers, Tag SSL and non-SSL Connections, Mask the HTTP server type (Server Obfuscation), Redirect external URLs to Internal URLs (Application Obfuscation), Migrate Apache rewrite module rules, Redirect marketing keyword requests, Redirect old home pages and Redirect queries to the appropriate server.
In case you missed it there is a really interesting story circulating on the Net, best told by Jim Louderback the CEO of Revision3 and victim of a DDOS attack over Memorial day weekend ( his Blog & CNET interview ). If you're a fan of Revision3 you already know that they got taken off-line for 3 days, if your not you may want to check out their site. They represent perhaps the best example of new Media and the future of TV, including HD video, channels, live and on-demand, etc, all delivered via the web. In order to achieve high quality video Revision3 utilizes BitTorrent technology legitimately for distributing content to users. The problem came about when a "legitimate" media tracking company identified a Revision3 server as a potential source of " questionable " BitTorrent traffic. Once Revision3 was made aware of this situation ( by a forum poster ) they appropriately locked down the server, what happened next was the strange part...
As reported by Revision3, the media tracking company ( presumably automatically ) launched a DDOS attack on Revision3's site flooding it with as many as 8,000 packets per second taking down the site by exceeding the capacity of limited web servers. Complicating the matter was the long weekend and unreachable staff at the offending company. Once they were finally able to get in contact the company stopped the attack and they both started to unravel what had happened.
The NetScaler system may not be positioned as protection from "good" guys ( vs. typical bad guys ) but this situation exemplifies why it is worth consideration as part of a comprehensive protection plan. That is why web based media companies like Google, MSN, CNET, Digg, and many others rely on NetScaler's to protect their infrastructure. Among other features NetScaler protects sites from SYN flood DDOS attacks by handling all requests and only forwarding legitimate ticketed traffic to the web server, all other SYN flood requests are dropped before ever reaching the company Web Servers.
So for the next review of your security infrastructure, keep in mind who are the "good" or bad guys and are you protected either way.
In the Application Expert series part 2, Caching, I released a Deployment Guide discussing Static and Dynamic Caching. As we are partners with Microsoft, we recently did some work here internally setting up some Dynamic Caching for an ASP.NET application and thought we would share the knowledge. This Caching Deployment Guide for ASP.NET Web Applications discusses the way an Application Expert would find out the potential caching scenarios that a web application can benefit from, and shows how to create and test the NetScaler caching policies and settings to put these scenarios into effect.
And it's FREE! Throw away those behemoths that suck power from every grid in the state and drain your budget. This baby is Free, Open Source and VIRTUAL, meaning you can run as many instances of this router as you want on your choice of hardware. What is even more gratifying is it's faster than the old router technology.
Vyatta has commoditized router, firewall and VPN deployment in the same way that Linux commoditized the operating system market. Vyatta open-source networking offers you an alternative to over-priced, inflexible products from proprietary vendors.
Vyatta software enables customers to build routing and security solutions using standard x86-based hardware of their choosing, ensuring networks will always meet performance requirements. Vyatta open-source software delivers the unique advantage of allowing customers to scale networks from the simplest LAN configurations to large BGP WAN edge configurations using a single software package.
Vyatta software includes support for most commonly used network interfaces, industry standard routing and management protocols, and all of these features are configurable via a single command-line interface (CLI) or web-based graphical user interface (GUI) - avail Q3'08. The integrated features and functionality make Vyatta software ideal for SMB, Branch Office, Enterprise and Service Provider deployments.
This open source router is already running on XenServer in a large service provider in Europe. We are using it in our Citrix Ready program as a multi-link Intranet with connections to the Internet along with high availability link load balancing.
This para-virtualized Vyatta image runs as a virtual appliance in XenServer v3.2.1 and v4.1.
Join Citrix Experts for this TechTalk webinar and learn how Citrix NetScaler Application Firewall prevents web applications attacks automatically-without degrading throughput or application response times!
In this session learn:
- How NetScaler Application Firewall works
- How to manage web traffic & provide protection at application layer 7
- The inside scoop on SQL injection, cross-site scripting exploits, forceful browsing & many other attacks
When
Wednesday, June 11th 2008
1:00p (EDT)
Duration: 60 Minutes
