Citrix Remote Access Solution Soup
•
1 j'aime•1,090 vues
BriForum London 2012 Lightning Round session
Recommandé
Recommandé
Contenu connexe
Tendances
Tendances (20)
En vedette
En vedette (20)
Similaire à Citrix Remote Access Solution Soup
Similaire à Citrix Remote Access Solution Soup (20)
Dernier
Dernier (20)
Citrix Remote Access Solution Soup
- 1. Welcome BriForum | © TechTarget
- 2. Citrix Remote Access Solution Soup - CSG, AG, AGEE, NS Dan Brinkmann @dbrinkmann blog.danbrinkmann.com Solutions Architect, VMware vExpert Lewan & Associates (Denver, CO) BriForum | © TechTarget
- 3. Agenda ● Architecture ● Citrix Secure Gateway (CSG) ● Citrix Access Gateway Standard (CAG) ● Citrix Access Gateway Enterprise Edition (CAG-EE) ● Netscaler platform ● What do you choose? BriForum | © TechTarget 3
- 4. Remote Access Architecture BriForum | © TechTarget 4
- 5. Remote Access ● ICA Proxy - Included in AG platform licenses - Most common requirement ● SSL VPN - Included in Platinum or Universal License ● Endpoint Analysis ● Included in Platinum or Universal License BriForum | © TechTarget 5
- 6. Citrix Secure Gateway ● Windows based ● Proxies all traffic to Web Interface ● “Free” ● No built in HA/LB ● ICA Proxy only ● Long path for Pnagent ● No authentication ● No support for Storefront/CloudGateway (no 2 factor in SF) ● Effectively it’s finally dead BriForum | © TechTarget 6
- 7. Citrix Access Gateway Standard (5.04) ● Physical or virtual appliance - Both “rated” to 500 users for SSL VPN - Model 2000 (EOL) or Model 2010 physical appliance - *Also a model MPX 5500 but is using EE* - VPX (virtual appliance) model ● ICA Proxy and SSL VPN ● Opswat integration for Endpoint Analysis ● Long path for pnagent ● Supports HA/Clustering ● Supports multistream ICA ● No built-in LB for WI/SF/XML BriForum | © TechTarget 7
- 8. Citrix Access Gateway BriForum | © TechTarget 8
- 9. Citrix Access Gateway Enterprise Edition (AG 10) ● Physical (MPX 5500) and virtual appliance (VPX) - VPX rated for 500/100 SSL trans/sec (1K/2K) - VPX rated for 300 concurrent SSL VPN users ● ICA proxy and SSL VPN ● Endpoint Analysis isn’t using Opswat ● HTTP header policy ● Supports multistream ICA ● Supports HA/Clustering ● Web socket support HTML5 Receiver ● No built-in LB for WI/SF/XML BriForum | © TechTarget 9
- 10. Netscaler ● All versions Standard/Enterprise/Platinum include CAG-EE ● Adds additional functionality for LB/AF…. ● Physical or virtual appliance - Adds throughput options on VPX 10, 200, 1000, 3000 - Additional scalability options in physical appliance ● Health monitors for WI/XML and aware of STA availability ● Load balancing of WI/SF/XML ● GSLB for XA/XD infrastructure ● Support for WI on NS BriForum | © TechTarget 10
- 11. Physical vs Virtual ● Limited SSL scalability on virtual platform ● Network placement (resources available internal vs dmz) ● SSL transactions/sec ● Certificate size ● Throughput ● Other uses BriForum | © TechTarget 11
- 12. Want me to make it easy for you? ● Secure Gateway – dead/dying…move on ● Access Gateway ● Access Gateway Enterprise Edition ● Netscaler Standard/Ent/Plat ● Physical or virtual BriForum | © TechTarget 12