-
Posts
124 -
Joined
-
Last visited
Content Type
Forums
Articles
Labs
Videos
TechZone
Citrix Community Articles
Events
Profiles
Event Comments posted by Isha Khurana
-
-
Hi Team,
Please check if you are still facing issues. We are working to get the video available on YouTube at the earliest.
-
17 hours ago, Jeff Riechers said:
This is not accessible as on-demand. Could that be setup so we can access it after the fact?
To access the zoom recording link, registration is required. We will post the YouTube link soon, that will be accessible directly.
-
Q: How does DoT/DNSSEC this impact my internal users who connect to Gateway Service gateways; specifically around the POP steering (Cedexis)?
-
Q: Is NetScaler DNS considered fully featured? In order to host public DNS zones/records? I've read on some support sites (CS) that it was not, but maybe that has changed.
A: In my opinion, the only thing missing from a standard BIND implementation would be performing a zone transfer. NetScaler can host all the records neccessary ... However this functionality is only needed to create backups or to move DNS config from one DNS Server to another. The same action can be achieved by copying NS config lines, or config via API on a NetScaler.
-
Q: With the enhancements to DNS, can we use the netscaler as an enterprise-wide forwarder/resolver?
-
Q: Is the security Advisory available in Service only? Or current builds for on-prem?
A: Security Advisory is available for On-prem as well. Here is the doc link:
-
Q: Once a trusted cert has been installed, can it simply be updated upon expiry or will it need a new install.
-
Q: I have setup my syslog sent to a file server. i wrote powershell scripts to disect the logs. Can I continue to use this or must I use ADM?
A: If you send syslogs from ADC to the your file server, then this change will not impact you at all. NetScaler ADC will continue to send alerts etc with Syslog. to wherever you want
-
Q: Does the syslog change apply to on prem deployment of ADM?
A: This change is only for Service and not applicaple for on-prem ADM / NetScaler Console
-
Q: Is there a link for the Documentation of this tool?
A: The documentation will be availalbe on public NetScaler docs , when the GUI enhancement is available.
-
Q: Will it tell Storage full issue or if HA status is incorrect like split brain
A: Yes, it will help us figure out these issues.
-
Q: Is there any reason this tool would not work for an on-prem vpx?
A: The tool is primarily used to make sure the Public Cloud deployments are correct and leverages public cloud APIs to do various checks.
-
Q: Do we have any such tools available for on-premise VPX/MPX instances?
A: For on-premises, ADM can be leveraged to check any issues with the NetScaler.
-
Q: We have ADM on-prem. Are these features only available in the Cloud service (ADM)?
A: Yes, since these are Cloud Services. However, you should be able to combine NetScaler Console Service (for the Intelligent Traffic Management) with on-premises ADM (for NetScaler ADC management)
-
Q: How will this be helpful for 1 datacenter with users being statewide only?
A: The monitoring facilities are still useful in identifying and triaging the availability or latency deterioration problem (is it a DC problem? a last-mile one? a combination thereof) and expediting its resolution
-
Q: Do we have any option to visualise the data flow and find if the failure is outside of Data center i.e the ISP?
A: Definitely. We didn't look into details of the breakdown facilities that Radar reports offer and how they help triage problems. A typical triaging process consists of the following steps:
- Load the radar performance reports for the datacenter of interest (on-prem, cloud-region, etc.) and look for Availability and RTT deterioration.
- Optionally breakdown per ISP
- In case of a datacenter problem, it will manifest as a measurable availability drop or latency increase across all ISPs.
- If it looks like an ISP problem, one can check the performance of same ISP against other reference platforms we monitor. For example, assume over the last 2 hours our dashboards indicate user experience deterioration of Comcast users accessing our NY on-premises datacenter. We can look at Radar performance reports for Comcast and Azure, GCP and/or AWS us-east regions
- In case of an ISP problem, we expect similar availability or latency deterioration for reference cloud regions.
- Last but not least, there maybe a "blind spot". By principle of exclusion if our DC is good for all ISPs but Comcast and Comcast is good for all cloud regions except but not our DC, then it's the specific Comcast + DC combination at fault. We can reach to our ISP and try to remediate -
Q: How do I setup ITM? How do I setup and use Radar? Auth.. DNS? The ITM Dashboard?
A: To some extent the limited time in today's demo meant that we could only cover the ITM capabilities rather than how to set things up. However, all of these items are extensively covered in our documentation
- You don't need to do anything about dashboard. If you've configured a multisite app, details about it (synthetic monitoring results, requests / second, Geos from where the DNS requests are coming from etc.) are automatically available there. If you've configured Radar for your on-premises datacenter, Radar reports will automatically be available.
- AuthDNS is a cloud managed service documented extensively at https://docs.netscaler.com/en-us/netscaler-console-service/intelligent-traffic-management/itm-authoritative-dns.html
- Setting up Radar is covered under https://docs.netscaler.com/en-us/netscaler-console-service/intelligent-traffic-management/itm-internet-visibility -
Q: how shall ITM be used with other products at hand?
-
Q: Availability can be monitored with GSLB also?
A: NetScaler GSLB lacks internet visibility, hence can't detect internet outages that affect the entire datacenter where apps are deployed, an entire Internet Service provider or fine grained combination of ISP + datacenter. NetScaler ITM addresses this gap
-
Q: Where are the DNS Aliases hosted? I mean entrypoint is a DNS Record? and where is it hosted, ADM Service?
A: Effectively the customer has two options:
1. create an autogenerated alias for multisite applications. This has the format of 01234.abcd.itm.appdeliverysecurity.com. He can then create a DNS CNAME alias in his authoritative DNS provider of his choice, i.e. "app1.customer.com CNAME 01234.abcd.itm.appdeliverysecurity.com"
2. customer can onboard his DNS zone to the NetScaler console service and let NetScaler manage it as a cloud service. in this case he can create app1.customer.com records directly -
Reference Links:
NetScaler Console service doc links
Release note :
https://docs.netscaler.com/en-us/netscaler-console-service/release-notes/whats-newFeature doc topics:
- https://docs.netscaler.com/en-us/netscaler-console-service/setting-up/configuring-syslog-on-instances.html
- https://docs.netscaler.com/en-us/netscaler-console-service/networks/events/how-to-export-syslog-messages.html
- https://docs.netscaler.com/en-us/netscaler-console-service/networks/events/how-to-suppress-syslog-messages
- https://docs.netscaler.com/en-us/netscaler-console-service/settings/configure-features.html
Document History:
You can find more details in Security Bulletin.
Implementing Automated DNSSEC Signature Rollover
https://docs.netscaler.com/en-us/citrix-adc/current-release/dns/dnssec/dnssec-zone-maintenance
macroAPI
NetScaler Community
NetScaler Virtual Connect Monthly Webinar-APJ/EMEA | May 30
in Webinars
2Posted
Hi @Tomasz Mur, please check the on-demand link is available now.