Overview
This tech paper offers a comprehensive overview of leveraging Citrix Gateway service for StoreFront. It enables organizations to effectively support HDX launches through Gateway service in various deployment types (not limited to those discussed below).
- Multi-Datacenter Architecture: Enabling satellite data centers to leverage Citrix Gateway service while maintaining NetScaler Gateway in the primary data center, using Resource Location (zone-based) Configuration
- Hybrid-Site Architecture: Accessing applications and desktops in DaaS sites through Citrix Gateway service and resources in on-premises sites through NetScaler Gateway (on-premises).
- Multitenant Architecture: Supporting customers with resources segregated into multiple CustomerIDs as different DaaS sites.
Each section provides a detailed use case, configuration steps, application launch flow, and deployment strategy to help organizations effectively deploy Citrix Gateway service for StoreFront in their specific environment.
Multi-Datacenter Architecture
Use case: Enable satellite data centers to leverage Citrix Gateway service while maintaining NetScaler Gateway in the primary data center.
Approach: Zone-Based Configuration
- Represent each data center as a Zone and configure Optimal HDX Routing (Optimal Gateway Routing) per Zone.
Configuration
- Create a StoreFront store (Store) and configure the NetScaler Gateway for authentication and enumeration.
- Create Citrix DaaS Site-> Delivery Controller (DDC) for both ResourceLocation-1(RL1) and ResourceLocation-2. (RL2)
- Create a Citrix Gateway service (Gateway1) and point it to RL1's connectors (STA).
- Create a NetScaler Gateway (Gateway2) and point it to RL2's connectors (STA).
- In StoreFront- Optimal HDX Routing wizard binds Gateway service (Gateway1) with Datacenter-1 Zone and on-prem GW (Gateway2) with Datacenter-2 Zone using Optimal HDX Routing.
Application Launch Flow
- End users authenticate to NetScaler Gateway.
- StoreFront enumerates apps from Citrix DaaS, fetches resources, and supplies them to the end user.
- When a user clicks an app from RL1's Citrix DaaS, StoreFront selects Gateway service (Gateway1), sends an STA Ticket creation request, and launches the app through the Citrix Gateway service.
- When a user clicks an app from RL2's Citrix DaaS, StoreFront selects on-prem GW and sends an STA Ticket creation request, launching the app through the NetScaler Gateway.
Note:
In this approach, a single Delivery Controller (in StoreFront) serves both resource locations, and Optimal HDX Routing is configured per Zone (Resource Location) to direct traffic to the appropriate gateway.
Deployment Strategy: Datacenter-Based Deployment
Customers can enable satellite data centers individually to leverage Citrix Gateway service, eliminating the need for NetScaler Gateway in mini/satellite data centers. This approach allows for a gradual migration while maintaining authentication and enumeration in the primary data center.
Hybrid-Site Support
Use case: Customers can access applications/desktops in DaaS sites through Citrix Gateway service and on-premises sites through NetScaler Gateway (on-premises).
Approach: Site-Based Configuration
- Represent each Site as a Delivery Controller (in StoreFront) and configure Optimal HDX Routing (Optimal Gateway Routing) per Site.
Configuration
- Create a StoreFront store (Store) and configure NetScaler Gateway (on-premises) for authentication and enumeration.
-
Create Delivery Controllers (DDC1 and DDC2) for cloud Citrix DaaS and on-premises Citrix Virtual Apps and Desktops sites, respectively:
- DDC1 points to cloud Citrix DaaS through connectors.
- DDC2 points to an on-premises Citrix Virtual Apps and Desktops site.
- Create a Citrix Gateway service (Gateway1) and point it to cloud connectors (STA).
- Create a NetScaler Gateway (on-premises) (Gateway2) and point it to on-premises STA servers.
-
In StoreFront, bind Gateway1 with DDC1 and Gateway2 with DDC2 using Optimal HDX Routing (Optimal Gateway Routing) to ensure:
- The Cloud site applications launch through the Citrix Gateway service.
- The on-premises site applications launch through NetScaler Gateway (on-premises).
Application Launch Flow
- End users authenticate to NetScaler Gateway (on-premises).
- StoreFront enumerates apps from DDC1 and DDC2, aggregates them, and supplies them to the end user through NetScaler Gateway (on-premises).
- When a user clicks a cloud site app (DDC1), StoreFront selects Gateway1 and sends an STA Ticket creation request to the Ticketing Service, launching the app through the Citrix Gateway service.
- When a user clicks an on-premises site app (DDC2), StoreFront selects Gateway2 and sends an STA Ticket creation request, launching the app through NetScaler Gateway (on-premises).
Deployment Strategy: Site-Based Deployment
Although Citrix Gateway service doesn't support on-premises DDC yet, customers with hybrid site (Citrix DaaS and CITRIX VIRTUAL APPS AND DESKTOPS) deployments can use both sites while launching DaaS site apps through Citrix Gateway service and Citrix Virtual Apps and Desktopssite apps through NetScaler Gateway (on-premises).
Note:
We look forward to adding support for Citrix Virtual Apps and Desktops on-premises site through the Citrix Gateway service for StoreFront.
Multi-Customer-ID Deployment Support
Use case: Customers with multiple Citrix Cloud Customer IDs can aggregate apps and access them through the Citrix Gateway service.
Configuration
- Create a StoreFront store (Store) and configure NetScaler Gateway (on-premises) for authentication and enumeration.
- Create Delivery Controllers (DDC1 and DDC2) for Customer1 and Customer2, respectively.
- Create Citrix Gateway services (Gateway1 and Gateway2) and point them to the corresponding Cloud Connectors (STA) for each customer.
- In StoreFront, bind Gateway1 with DDC1 and Gateway2 with DDC2 using Optimal HDX Routing (Optimal Gateway Routing) to ensure apps use the respective CustomerID's Cloud connector for STA flow.
Application Launch Flow
- End users authenticate to NetScaler Gateway (on-premises).
- StoreFront enumerates apps from DDC1 and DDC2, aggregates them, and supplies them to the end user through NetScaler Gateway (on-premises).
- When a user clicks an app belonging to Customer1's DDC1, StoreFront selects Gateway1, sends an STA Ticket creation request to the Ticketing Service, and launches the app through Gateway1(Citrix Gateway service).
- Similarly, when a user clicks an app belonging to Customer2's DDC2, StoreFront selects Gateway2, sends an STA Ticket creation request to the Ticketing Service, and launches the app through Gateway2(Citrix Gateway service).
Deployment Strategy: Customer ID-Based Deployment
For customers with multiple Citrix Cloud CustomerIDs pointing to different DaaS sites (DDCs), replace the existing NetScaler Gateway (on-premises) with Citrix Gateway service using Optimal HDX Routing.
Summary
This tech paper has explored different deployment scenarios for Citrix Gateway service for StoreFront, including Multi-Datacenter, Hybrid-Site, and Multi-CustomerID deployment. Each deployment scenario presents unique challenges and opportunities for organizations to optimize their Citrix deployment.
By following the configuration steps, application launch flows, and deployment strategies outlined in this guide, organizations can successfully deploy Citrix Gateway service for StoreFront in various environments, ensuring seamless and secure access to applications and desktops for their users.
Remember to carefully evaluate your organization's needs and requirements before choosing a deployment scenario. With proper planning and execution, the Citrix Gateway service for StoreFront can help you achieve a more agile, flexible, and secure digital workspace.
Key Takeaways
- Citrix Gateway service for StoreFront offers flexibility and scalability in various deployment scenarios.
- Proper configuration and deployment strategies are crucial for successful deployment.
- Understanding user needs and requirements is essential for choosing the right deployment scenario.
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now