SlideShare une entreprise Scribd logo

Citrix Internals: ICA Connectivity

Denis Gundarev
Denis Gundarev

Slides from BriForum London 2014: Citrix Internals: ICA Connectivity

TechnologieFormation
1  sur  52
Télécharger pour lire hors ligne
@fdwl #BriForum @entisys Citrix Internals: ICA Connectivity Denis Gundarev, Senior Consultant, Entisys Solutions May 21, 2014
@fdwl #BriForum @entisys Name: ENTISYSDenis Groups: Group1: Bay Area Citrix User Group Group2: Citrix Technology Professional Email: DenisG@entisys.com Twitter: @fdwl [Length: 112] About me 0000 30 45 4E 54 49 53 59 53 5C 44 65 6E 69 73 0D 0A 0ENTISYSDenis.. 0010 31 0D 0A 32 0D 0A 42 61 79 20 41 72 65 61 20 43 1..2..Bay Area C 0020 69 74 72 69 78 20 55 73 65 72 20 47 72 6F 75 70 itrix User Group 0030 0D 0A 32 43 69 74 72 69 78 20 54 65 63 68 6E 6F ..2Citrix Techno 0040 6C 6F 67 79 20 50 72 6F 66 65 73 73 69 6F 6E 61 logy Professional 0050 6C 0D 0A 33 44 65 6E 69 73 47 40 65 6E 74 69 73 l..3DenisG@entis 0060 79 73 2E 63 6F 6D 0D 0A 34 40 66 64 77 6C 0D 0A ys.com..4@fdwl..
@fdwl #BriForum @entisys Agenda  Everything that you need to know about ICA protocol
@fdwl #BriForum @entisys What does ICA stand for? Independent Computing Architecture? ICA = Intelligent Console Architecture!
@fdwl #BriForum @entisys ICA 1.0 - 1992  Originally for Serial connections  IPX and NetBIOS was added later
@fdwl #BriForum @entisys ICA 2.0 - 1992  First Graphical version of ICA  Citrix WinCredible - add-on to Citrix MultiUser  Multiple Operating Systems  OS/2  DOS  Windows 3.1  TCP/IP stack for OS/2 from FTP Software
@fdwl #BriForum @entisys ICA 3.0 - 1995  Introduced in WinFrame For Networks  Thinwire 1, Printing, Client drive mapping, audio, Clipboard  TCP/IP, IPX, SPX, NetBEUI, Serial, Modems  $5,995 for 15 concurrent users
@fdwl #BriForum @entisys PRD – Product Renaming Disorder Before After Core Virtual channels HDX Broadcast Thinwire HDX SmartRendering Virtual Channel fallback HDX Adaptive Orchestration Flash and Windows media redirection HDX MediaStream Server-side flash rendering HDX MediaStream Network Conditions 3D Pro and RemoteFX HDX RichGraphics Bidirectional audio and UDP Audio HDX RealTime Device mapping HDX Plug-n-Play Built-In compression and Branch Repeater HDX WAN Optimization NetScaler session policies HDX SmartAccess
@fdwl #BriForum @entisys ICA Overview The ICA protocol is a protocol optimized for Wide Area Networks or WANs with high latency links. It also supports Quality-Of-Service (QoS) and other bandwidth optimization features. Since this is OSI-Layer 6, what does ICA do for optimization. The ICA packet contains the following headers: Frame Head, Reliable, Encryption, Compression, Command, Command Data, Frame Trail. The command is the only required information. Within ICA are virtual channels for KVM, printing, audio, Drive Mapping, Clipboard, Seamless windows, etc. that can be encapsulated. You can have a max of 32 virtual channels. RDP channels are different. Each channel has a counter-point on the server. These channels sit on top of the ICA Winstation Driver, on top of Protocol driver, on Transport Driver.
@fdwl #BriForum @entisys ICA In Real Life TCP SSL CGP/WinSocks ICA Protocoldriver Framedriver Encryption WinStation Compression AUDIO CLIPBOARD DRIVE PRINTING VIDEO SPEEDSCREEN COM
@fdwl #BriForum @entisys Virtual Channels TCP SSL CGP/WinSocks ICA Protocoldriver Framedriver Encryption WinStation Compression AUDIO CLIPBOARD DRIVE PRINTING VIDEO SPEEDSCREEN COM
@fdwl #BriForum @entisys Virtual Channels Channel Name Priority Description Virtual Driver CTXCAM 0 Client Audio Mapping vdcamN.dll CTXCCM 3 Client COM Port Mapping vdcom30N.dll CTXCDM 2 Client Drive Mapping vdcdm30n.dll CTXCLIP 2 Client Clipboard Mapping vdclipn.dll CTXCM 3 Client Management (Auto-Update) vdcmN.dll CTXCOM1 3 Legacy COM1 Port Mapping vdcom30N.dll CTXCOM2 3 Legacy COM2 Port Mapping vdcom30N.dll CTXCPM 3 Printer Mapping for Spooling Clients vdcpm30N.dll CTXCTL 1 ICA Session Control vdctln.dll CTXD3D 1 Direct3D Virtual Channel Adapter vd3dn.dll CTXEUEM 1 End User Experience Monitoring vdeuemn.dll CTXFLSH 2 Multimedia - Flash vdflash.dll CTXGUSB 2 USB Redirection vdgusbn.dll CTXLIC 1 License Management wfica32.exe CTXLPT1 3 Legacy LP1 Port Mapping vdcpm30N.dll CTXLPT2 3 Legacy LPT2 Port Mapping vdcpm30N.dll CTXMM 2 Multimedia - Streaming vdmmn.dll CTXPASS 2 Transparent Key Pass-Through vdkbhook.dll CTXPN 1 Process Notification vdpnn.dll CTXSBR 1 Citrix Browser Acceleration vdtw30n.dll CTXSCRD 1 Smartcard vdscardn.dll CTXTW 1 Remote Session Screen Update (THINWIRE) vdtw30n.dll CTXTWI 1 Seamless Windows Screen Update (THINWIRE) vdtwin.dll CTXTWN 2 Twain Redirection vdtwn.dll CTXZLC 0 Speed Screen Latency Reduction - Screen vdzlcn.dll CTXZLFK 0 Speed Screen Latency Reduction - Fonts vdfon30n.dll OEMOEM 3 OEMOEM2 3 CTXVFM 1 CTXVFM?
@fdwl #BriForum @entisys Virtual Channels  At client load time, list of channel drivers populated from the registry/.ini file  During the connection client passes information about the virtual channels it supports to the XenApp server.  XenApp Server opens virtual channel.  Data sent using the following two methods:  Polling mode  Immediate mode  VC Server can be on the Client  You can remove unneeded channels (http://www.dell.com/downloads/global/solutions/customization_of_the_citrix_ica_web_client. pdf)
@fdwl #BriForum @entisys Virtual Channels  You can create your own Virtual Channels  https://www.citrix.com/downloads/citrix-receiver/sdks/virtual-channel-sdk.html  http://www.citrix.com/community/receiver-ica-sdks.html  3 examples included in SDK  RDP2TCP – nice example   http://rdp2tcp.sourceforge.net/  Citrix ICA Virtual Channels Backgrounder  http://support.citrix.com/article/CTX116890
@fdwl #BriForum @entisys Dynamic Virtual Channel  Up to 64 Static Virtual Channels (SVCs) for Win32  29 SVCs reserved by Citrix  Android client supports up to 32 SVCs  Dynamic Virtual Channels (or DVCs) are multiplexed over traditional SVCs  To write the DVC component over ICA, Microsoft’s DVC API can be used.  http://msdn.microsoft.com/en-us/library/bb540860(v=vs.85).aspx
@fdwl #BriForum @entisys Virtual Channel Priority  XenApp 6.5 - Implementing ICA Multi-Stream or Multi-Port - Virtual Channel Groups and Priorities  http://support.citrix.com/article/CTX131001  How to Change Virtual Channel Priority in XenDesktop 5  http://support.citrix.com/article/CTX128190  Multi-Stream ICA and Cisco QOS  http://www.citrixirc.com/?p=182  Check the VC utilization using Perfmon  http://support.citrix.com/proddocs/topic/xenapp65-admin/ps-ref-counters-ica-sess-count-v2.html
@fdwl #BriForum @entisys ICA Drivers TCP SSL CGP/Winsocks ICA Protocoldriver Framedriver Encryption WinStation Compression DRIVE PRINTING COM
@fdwl #BriForum @entisys WinStation Driver  Establishes the ICA session  Encodes ICA command information into ICA Packet  ICA packet = Command + Command Data < 2048 bytes  Compresses the ICA packet  Combines or separates compressed ICA packets to 1460 bytes buffers  Determines the priority of each output buffer
@fdwl #BriForum @entisys Compression Driver  Enabled by default  VC-specific compression methods  Be careful with WAN optimization recommendations  Disabled compression + Bandwidth limit = Fail  http://support.citrix.com/article/CTX121353
@fdwl #BriForum @entisys Encryption Driver  Basic. Encrypts the client connection using a non-RC5 algorithm.  http://www.monkey.org/~dugsong/icadecry pt.c.txt  RC5 AKA SecureICA  RC5 (128 bit) logon only. Encrypts the logon data with RC5 128-bit encryption and the client connection using Basic encryption.  RC5 (40 bit). Encrypts the client connection with RC5 40-bit encryption.  RC5 (56 bit). Encrypts the client connection with RC5 56-bit encryption.  RC5 (128 bit). Encrypts the client connection with RC5 128-bit encryption.
@fdwl #BriForum @entisys Framing Driver  Rearranges ICA packets according to priority  Citrix ICA Priority Packet Tagging  http://theether.net/download/Citrix/ICA_Priority_Packet_Tagging.pdf  Fit ICA packets into the frame  Send frames to protocol driver
@fdwl #BriForum @entisys Protocol Driver  Transfers frame to underlying protocol without modification  Result is ICA stream, ready for transmission
@fdwl #BriForum @entisys More Info About ICA  Citrix ICA Virtual Channels Backgrounder  http://support.citrix.com/article/CTX116890  Virtual channel names must not be more than seven characters in length  Configuring Citrix MetaFrame XP for Windows by Syngress et al.  http://amzn.com/1931836531  Citrix ICA Technology Brief  http://web.archive.org/web/20000408170851/http://www.bocaresearch.com/technologies/icate ch.html
@fdwl #BriForum @entisys CGP TCP SSL CGP/WinSocks ICA Protocoldriver Framedriver Encryption WinStation Compression AUDIO CLIPBOARD DRIVE PRINTING VIDEO SPEEDSCREEN COM
@fdwl #BriForum @entisys What does CGP stand for?  Certified Guitar Player  Common Gateway Protocol  Formerly known as Citrix Gateway Protocol
@fdwl #BriForum @entisys Common Gateway Protocol  CGP = binary protocol designed for efficient tunneling of one or more TCP streams  Used by Session Reliability  Based on SOCKS proxy protocol
@fdwl #BriForum @entisys What is SOCKS  SOCKS is a generic, proxy protocol for TCP/IP based networking application.  SOCKS consists of two parts: SOCKS server and SOCKS client.  SOCKS server can communicate directly with both the Internet and the internal computers.  SOCKS client contacts the SOCKS server instead of sending requests directly to the Internet
@fdwl #BriForum @entisys SOCKS Connection TCP ServerUser SOCKS Proxy SOCKS Request TCP Connect SYN TCP Connect ACKSOCKS Reply DATA DATA DATADATA
@fdwl #BriForum @entisys Secure Gateway Proxy/NetScaler Gateway Next Hop  Unauthenticated SOCKS, tunnels any TCP traffic  When configured with a certificate, the Secure Gateway Proxy/NetScaler Gateway Next Hop expects traffic to be SOCKS+SSL on port 443
@fdwl #BriForum @entisys What is the difference between CGP and SOCKS?  CGP is completely different protocol, but share the same idea   CGP support ticket-based authentication and addressing  CGP server sends keep-alive messages (60 sec by default)  CGP drop TCP connection without response if ticket is invalid  CGP support TCP Multiplexing, but it’s not really used  SOCKS is still in Citrix Products
@fdwl #BriForum @entisys Ticket Types Name Issued by Purpose Logon Ticket XenApp Data Collector/ XenDesktop Controller Authenticate user to ICA session; ticket replaces user credentials LogonTicket=34B79930FBFC20BEF54D597A6A1595 LogonTicketType=CTXS1 ACR Ticket XenApp Server/ XenDesktop VDA Allow reconnection via Auto Client Reconnect without requiring user to enter credentials, stored in memory of the client Gateway Traversal Ticket (v1) AppController Allow ICA connection through SOCKS; ticket replaces destination server address Common Gateway Protocol Token Citrix XTE Service/ICA-CGP Listener Allow reconnection via Auto Client Reconnect without requiring user to enter credentials, stored in memory of the client Gateway Traversal Ticket (v4) XenApp ctxsta.dll or XenDesktop Broker Service Allow ICA connection through Gateway with Session Reliability; ticket replaces server address Address=;40;STA403126471;54D2368FFFD32A448EA55350100553
@fdwl #BriForum @entisys Session Reliability  Explaining ICA Session Reliability, Common Gateway Protocol, on TCP Port 2598  http://support.citrix.com/article/CTX104147  Session Reliability, Frozen Screens and The Hourglass of Death By Nick Rintalan  http://blogs.citrix.com/2013/01/23/session- reliability/ 
@fdwl #BriForum @entisys CGP Implementations: XTE Service  Extensible Transformation Engine (XTE) is an Apache-based proxy server that support:  CGP  SOCKS  HTTP  All of the above over SSL  Can be seen on XenApp <= 6.5 and XenDesktop <=5.x as Citrix XTE Service providing:  Session Reliability  SSL Relay  Password Manager Service  Universal Print Server
@fdwl #BriForum @entisys CGP Implementations: RDS Listeners
@fdwl #BriForum @entisys CGP Implementations: CSG  Gateway between an SSL enabled ICA client and XenApp Servers  Tunnels ICA/CGP traffic inside SSL  Citrix Secure Gateway is a deprecated component that is still supported for XenApp 6.5  Similar to XTE Service, based on Apache  Basically XTE + 3 additional Apache modules + GUI  Supports STA Ticketing Authentication
@fdwl #BriForum @entisys STA Ticket Request  The following data are included as part of the ticket request sent by the Web server:  User name and domain name  Published application name  Least-busy Presentation Server address <?xml version="1.0" encoding="UTF-8"?> <!--DOCTYPE CtxConnInfoProtocol SYSTEM "CtxConnInfo.dtd"-- > <CtxConnInfo version="1.0"> <ServerAddress>192.168.1.176:1494</ServerAddress> <UserName>fdwl</UserName> <UserDomain>corp</UserDomain> <ApplicationName>XA75 $S4-5</ApplicationName> <Protocol>ICA</Protocol> </CtxConnInfo>
@fdwl #BriForum @entisys STA Ticket Response  The encoding format is a string of the form:  ;STA_VERSION;STA_ID;TICKET  STA_VERSION. 40 for XenApp and XenDesktop. 10 for AppController.  STA_ID is a sequence of 0 – 16 characters usually generated from the MAC address. Each STA ID must be unique. This allows the gateway to locate the STA that created the ticket and return to that STA for ticket validation.  TICKET is a randomly-generated sequence of 32 uppercase alphabetic or numeric characters.  Example:  ;40; STA403126471;FE0A7B2CE2E77DDC17C7FD3EE7959E79 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE CtxSTAProtocol SYSTEM "CtxSTA.dtd" > <CtxSTAProtocol version="1"> <ResponseTicket> <AuthorityID authorityType="STA-v1"> STA403126471 </AuthorityID> <Ticket ticketType="STA-v1">245489CECBC3CAA3B88446F12FF80B6A</Ticket> <TicketVersion>40</TicketVersion> </ResponseTicket> </CtxSTAProtocol>
@fdwl #BriForum @entisys CGP Implementations: NetScaler Gateway/Access Gateway  ICA Proxy Mode  The Only supported gateway for XenDesktop 7.x  ICA Proxy Session Migration in 10.1
@fdwl #BriForum @entisys WebSockets  “SOCKS over HTTP”  HTTP Upgrade  TCP 8008 by default, but can be changed  <html5 enabled="Always" platforms="Force" launchURL="clients/HTML5Client/src/Session Window.html“ preferences="wsPort:8080" singleTabLaunch="true" chromeAppOrigins="chrome- extension://haiffjcadagjlijoggckpgfnoeiflne m" />  XTE Service on XA 6.5  HRP3 is required for StoreFront 2.x  RDS Listener ICA-HTML5 on XD 7.x Server OS  ICA Service on XD 7.x Client OS
@fdwl #BriForum @entisys Direct connection Component Connecting to Session Reliability Protocol TCP Port ICA Client version 8.0 or later XenApp Server/XenDesktop VDA Enabled ICA in Common Gateway Protocol 2598 ICA Client version 8.0 or later XenApp Server/XenDesktop VDA Disabled ICA 1494 HTML5 Receiver XenApp Server/XenDesktop VDA N/A ICA in WebSockets 8008
@fdwl #BriForum @entisys One hop DMZ Component Connecting to Session Reliability Protocol TCP Port ICA Client version 9.0 or later Secure Gateway/Access Gateway/NetScaler Enabled ICA in Common Gateway Protocol in SSL 443 ICA Client version 9.0 or later Secure Gateway/Access Gateway/NetScaler Disabled ICA in SSL 443 HTML5 Receiver Secure Gateway/Access Gateway/NetScaler N/A ICA in WebSockets in SSL 443 Secure Gateway/Access Gateway/NetScaler XenApp Server/XenDesktop VDA Enabled ICA in Common Gateway Protocol 2598 Secure Gateway/Access Gateway/NetScaler XenApp Server/XenDesktop VDA Disabled ICA 1494
@fdwl #BriForum @entisys Dual hop DMZ Component Connecting to Session Reliability Protocol TCP Port Secure Gateway/Access Gateway/NetScaler in DMZ1 Secure Gateway/Access Gateway/NetScaler in DMZ2 with SSL N/A SOCKS in SSL 443 Secure Gateway/Access Gateway/NetScaler in DMZ1 Secure Gateway/Access Gateway/NetScaler in DMZ2 without SSL N/A SOCKS 1080
@fdwl #BriForum @entisys Multi-Stream ICA
@fdwl #BriForum @entisys Multi-Stream ICA Citrix Receiver for Windows XenDesktop Windows 7 HTTP Server Router ICA Real Time HTTP HTTP ICA Interactive ICA Background ICA Bulk ICA Real Time ICA Interactive ICA Background ICA Bulk ICA UDP/RTP Audio * ICA UDP Audio * * UDP/RTP Audio initially only in VDI FlexCast model (XenDesktop)
@fdwl #BriForum @entisys Multi-Stream vs. Multi-Port ICA  Single-port, Multi-Stream ICA  4 random ports at client, 1 primary port on server  Multi-port, Multi-Stream ICA  4 random ports at client, 1 primary and up to 3 secondary ports on server  Single-port, Single-stream ICA  1 random port at client, 1 primary port on server  The default connection type  Multi-Stream with NetScaler  4 random ports at client, 1 primary port on NetScaler VIP  4 random ports at NetScaler SNIP/MIP, 1 primary and up to 3 secondary ports on server
@fdwl #BriForum @entisys Multi-Stream ICA
@fdwl #BriForum @entisys Multi-Stream ICA  XenApp 6.5 - Implementing ICA Multi-Stream or Multi-Port - Virtual Channel Groups and Priorities  http://support.citrix.com/article/CTX131001  Very High (numeric 0): Real time channels, such as audio and webcam conferences  High (numeric 1): Interactive channels, such as graphics, keyboard, and mouse  Medium (numeric 2): Bulk channels, such as drive mapping, scanners, USB redirection, clipboard, Flash  Low (numeric 3): Background channels, such as printing, COM port mapping, LPT port mapping  Requirements:  XenDesktop 5.5+  XenApp 6.5+  Receiver 3.0+
@fdwl #BriForum @entisys UDP Audio  Speex codec  Real-time Transport Protocol (RTP)  Quality must be set to Medium  Not using ICA or CGP  Citrix Receiver creates a listener on a client device during session initialization  Not supported with NetScaler
@fdwl #BriForum @entisys SSL TCP SSL CGP/WinSocks ICA Protocoldriver Framedriver Encryption WinStation Compression AUDIO CLIPBOARD DRIVE PRINTING VIDEO SPEEDSCREEN COM
@fdwl #BriForum @entisys SSL  Citrix uses custom SSLSDK library to wrap native OS SSL functions and form Secured Socket  Recommended for every connection  SSL Relay is no longer available in XenDesktop 7.x, Use IPSec to enforce encryption  Wildcard and SAN certificates are supported
@fdwl #BriForum @entisys SSL on NetScaler  SNI (Server Name Indication) is not supported by Receiver yet.  NetScaler VPX does not support TLS 1.1 and TLS 1.2  Always add CA certificates chain to vserver
@fdwl #BriForum @entisys Q&A

Recommandé

Reverse eningeering
Reverse eningeeringReverse eningeering
Reverse eningeering
Kent Huang
 
Step by Step Beginner's Guide on Workday Integration
Step by Step Beginner's Guide on Workday IntegrationStep by Step Beginner's Guide on Workday Integration
Step by Step Beginner's Guide on Workday Integration
ERP Cloud Training
 
Software Maintenance and Evolution
Software Maintenance and EvolutionSoftware Maintenance and Evolution
Software Maintenance and Evolution
kim.mens
 
SRS on Online Blood Bank Managment system...
SRS on Online Blood Bank Managment system... SRS on Online Blood Bank Managment system...
SRS on Online Blood Bank Managment system...
GCWUF
 
Software development process
Software development processSoftware development process
Software development process
university of mumbai
 
Online E-Voting System
Online E-Voting SystemOnline E-Voting System
Online E-Voting System
Prashant Upadhyay
 
Audit proposal-iNITIAL
Audit proposal-iNITIALAudit proposal-iNITIAL
Audit proposal-iNITIAL
U.Aashik Ahamed
 
Online examination system
Online examination systemOnline examination system
Online examination system
Rahul Khanwani
 

Recommandé

Reverse eningeering
Reverse eningeeringReverse eningeering
Reverse eningeering
Kent Huang
 
Step by Step Beginner's Guide on Workday Integration
Step by Step Beginner's Guide on Workday IntegrationStep by Step Beginner's Guide on Workday Integration
Step by Step Beginner's Guide on Workday Integration
ERP Cloud Training
 
Software Maintenance and Evolution
Software Maintenance and EvolutionSoftware Maintenance and Evolution
Software Maintenance and Evolution
kim.mens
 
SRS on Online Blood Bank Managment system...
SRS on Online Blood Bank Managment system... SRS on Online Blood Bank Managment system...
SRS on Online Blood Bank Managment system...
GCWUF
 
Software development process
Software development processSoftware development process
Software development process
university of mumbai
 
Online E-Voting System
Online E-Voting SystemOnline E-Voting System
Online E-Voting System
Prashant Upadhyay
 
Audit proposal-iNITIAL
Audit proposal-iNITIALAudit proposal-iNITIAL
Audit proposal-iNITIAL
U.Aashik Ahamed
 
Online examination system
Online examination systemOnline examination system
Online examination system
Rahul Khanwani
 
Kv cbsc class 3 hindi paractice set question answares सीबीएसई कक्षा तीसरी हि...
Kv cbsc class 3 hindi paractice set question answares सीबीएसई कक्षा तीसरी हि...Kv cbsc class 3 hindi paractice set question answares सीबीएसई कक्षा तीसरी हि...
Kv cbsc class 3 hindi paractice set question answares सीबीएसई कक्षा तीसरी हि...
ABHIJEET KHIRE
 
Formal Verification
Formal VerificationFormal Verification
Formal Verification
Ilia Levin
 
Why SIL3 (ENG)
Why SIL3 (ENG)Why SIL3 (ENG)
Why SIL3 (ENG)
ie-net ingenieursvereniging vzw
 
Software Re-Engineering
Software Re-EngineeringSoftware Re-Engineering
Software Re-Engineering
Saqib Raza
 
For The Project Of Examination System
For The Project Of Examination SystemFor The Project Of Examination System
For The Project Of Examination System
Usama Ahmed Peerzada
 
SDD-FinalYearProject
SDD-FinalYearProjectSDD-FinalYearProject
SDD-FinalYearProject
Alexandre Amado de Castro
 
software configuration management ppt
software configuration management ppt software configuration management ppt
software configuration management ppt
Yeshiwas Getachew
 
Chapter 6 software metrics
Chapter 6 software metricsChapter 6 software metrics
Chapter 6 software metrics
despicable me
 
Student database management system PROJECT
Student database management system PROJECTStudent database management system PROJECT
Student database management system PROJECT
Rai Saheb Bhanwar Singh College Nasrullaganj
 
Student Management System
Student Management SystemStudent Management System
Student Management System
Amit Gandhi
 
cost-estimation-tutorial
cost-estimation-tutorialcost-estimation-tutorial
cost-estimation-tutorial
shopnohin_shopnobalok
 
System analysis and design
System analysis and design System analysis and design
System analysis and design
Razan Al Ryalat
 
Software Re-engineering Forward & Reverse Engineering
Software Re-engineering Forward & Reverse EngineeringSoftware Re-engineering Forward & Reverse Engineering
Software Re-engineering Forward & Reverse Engineering
Ali Raza
 
Software Testing: History, Trends, Perspectives - a Brief Overview
Software Testing: History, Trends, Perspectives - a Brief OverviewSoftware Testing: History, Trends, Perspectives - a Brief Overview
Software Testing: History, Trends, Perspectives - a Brief Overview
Softheme
 
Improving Tests With Object Mothers And Internal Dsls
Improving Tests With Object Mothers And Internal DslsImproving Tests With Object Mothers And Internal Dsls
Improving Tests With Object Mothers And Internal Dsls
Chris Richardson
 
Library management system
Library management systemLibrary management system
Library management system
Imdad Ul Haq
 
Software Development Standard Operating Procedure
Software Development Standard Operating Procedure Software Development Standard Operating Procedure
Software Development Standard Operating Procedure
rupeshchanchal
 
Software Quality Assurance class 1
Software Quality Assurance class 1Software Quality Assurance class 1
Software Quality Assurance class 1
Santhiya Grace
 
Introduction To Software Quality Assurance
Introduction To Software Quality AssuranceIntroduction To Software Quality Assurance
Introduction To Software Quality Assurance
ruth_reategui
 
Chapter06 initiating and planning systems development projects
Chapter06 initiating and planning systems development projectsChapter06 initiating and planning systems development projects
Chapter06 initiating and planning systems development projects
Dhani Ahmad
 
SAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your EnterpriseSAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your Enterprise
Denis Gundarev
 
What's new in Citrix xen Desktop
What's new in Citrix xen DesktopWhat's new in Citrix xen Desktop
What's new in Citrix xen Desktop
Digicomp Academy AG
 

Contenu connexe

Tendances

Formal Verification
Formal VerificationFormal Verification
Formal Verification
Ilia Levin
 
For The Project Of Examination System
For The Project Of Examination SystemFor The Project Of Examination System
For The Project Of Examination System
Usama Ahmed Peerzada
 
System analysis and design
System analysis and design System analysis and design
System analysis and design
Razan Al Ryalat
 
Improving Tests With Object Mothers And Internal Dsls
Improving Tests With Object Mothers And Internal DslsImproving Tests With Object Mothers And Internal Dsls
Improving Tests With Object Mothers And Internal Dsls
Chris Richardson
 

Tendances (20)

Kv cbsc class 3 hindi paractice set question answares सीबीएसई कक्षा तीसरी हि...
Kv cbsc class 3 hindi paractice set question answares सीबीएसई कक्षा तीसरी हि...Kv cbsc class 3 hindi paractice set question answares सीबीएसई कक्षा तीसरी हि...
Kv cbsc class 3 hindi paractice set question answares सीबीएसई कक्षा तीसरी हि...
 
Formal Verification
Formal VerificationFormal Verification
Formal Verification
 
Why SIL3 (ENG)
Why SIL3 (ENG)Why SIL3 (ENG)
Why SIL3 (ENG)
 
Software Re-Engineering
Software Re-EngineeringSoftware Re-Engineering
Software Re-Engineering
 
For The Project Of Examination System
For The Project Of Examination SystemFor The Project Of Examination System
For The Project Of Examination System
 
SDD-FinalYearProject
SDD-FinalYearProjectSDD-FinalYearProject
SDD-FinalYearProject
 
software configuration management ppt
software configuration management ppt software configuration management ppt
software configuration management ppt
 
Chapter 6 software metrics
Chapter 6 software metricsChapter 6 software metrics
Chapter 6 software metrics
 
Student database management system PROJECT
Student database management system PROJECTStudent database management system PROJECT
Student database management system PROJECT
 
Student Management System
Student Management SystemStudent Management System
Student Management System
 
cost-estimation-tutorial
cost-estimation-tutorialcost-estimation-tutorial
cost-estimation-tutorial
 
System analysis and design
System analysis and design System analysis and design
System analysis and design
 
Software Re-engineering Forward & Reverse Engineering
Software Re-engineering Forward & Reverse EngineeringSoftware Re-engineering Forward & Reverse Engineering
Software Re-engineering Forward & Reverse Engineering
 
Software Testing: History, Trends, Perspectives - a Brief Overview
Software Testing: History, Trends, Perspectives - a Brief OverviewSoftware Testing: History, Trends, Perspectives - a Brief Overview
Software Testing: History, Trends, Perspectives - a Brief Overview
 
Improving Tests With Object Mothers And Internal Dsls
Improving Tests With Object Mothers And Internal DslsImproving Tests With Object Mothers And Internal Dsls
Improving Tests With Object Mothers And Internal Dsls
 
Library management system
Library management systemLibrary management system
Library management system
 
Software Development Standard Operating Procedure
Software Development Standard Operating Procedure Software Development Standard Operating Procedure
Software Development Standard Operating Procedure
 
Software Quality Assurance class 1
Software Quality Assurance class 1Software Quality Assurance class 1
Software Quality Assurance class 1
 
Introduction To Software Quality Assurance
Introduction To Software Quality AssuranceIntroduction To Software Quality Assurance
Introduction To Software Quality Assurance
 
Chapter06 initiating and planning systems development projects
Chapter06 initiating and planning systems development projectsChapter06 initiating and planning systems development projects
Chapter06 initiating and planning systems development projects
 

En vedette

What's new in Citrix xen Desktop
What's new in Citrix xen DesktopWhat's new in Citrix xen Desktop
What's new in Citrix xen Desktop
Digicomp Academy AG
 
10 Tips Every XenDesktop Admin Should Know
10 Tips Every XenDesktop Admin Should Know10 Tips Every XenDesktop Admin Should Know
10 Tips Every XenDesktop Admin Should Know
David McGeough
 
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
eG Innovations
 
15 stephan pfister citrix day hdx-multimedia
15 stephan pfister citrix day hdx-multimedia15 stephan pfister citrix day hdx-multimedia
15 stephan pfister citrix day hdx-multimedia
Digicomp Academy AG
 
How to Avoid the Top 7 Mistakes Made When Managing Citrix Performance
How to Avoid the Top 7 Mistakes Made When Managing Citrix PerformanceHow to Avoid the Top 7 Mistakes Made When Managing Citrix Performance
How to Avoid the Top 7 Mistakes Made When Managing Citrix Performance
eG Innovations
 

En vedette (20)

SAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your EnterpriseSAML and Other Types of Federation for Your Enterprise
SAML and Other Types of Federation for Your Enterprise
 
What's new in Citrix xen Desktop
What's new in Citrix xen DesktopWhat's new in Citrix xen Desktop
What's new in Citrix xen Desktop
 
VIR401 RDP, RemoteFX, ICA/HDX, EOP and PCoIP VDI Remoting Protocols Turned In...
VIR401 RDP, RemoteFX, ICA/HDX, EOP and PCoIP VDI Remoting Protocols Turned In...VIR401 RDP, RemoteFX, ICA/HDX, EOP and PCoIP VDI Remoting Protocols Turned In...
VIR401 RDP, RemoteFX, ICA/HDX, EOP and PCoIP VDI Remoting Protocols Turned In...
 
Troubleshooting Provisioning Services Target Boot Processes
Troubleshooting Provisioning Services Target Boot ProcessesTroubleshooting Provisioning Services Target Boot Processes
Troubleshooting Provisioning Services Target Boot Processes
 
The Top Eight Best Practices for Deploying XenApp and XenDesktop 7.6
The Top Eight Best Practices for Deploying XenApp and XenDesktop 7.6The Top Eight Best Practices for Deploying XenApp and XenDesktop 7.6
The Top Eight Best Practices for Deploying XenApp and XenDesktop 7.6
 
Real world experience with provisioning services
Real world experience with provisioning servicesReal world experience with provisioning services
Real world experience with provisioning services
 
PVS and MCS Webinar - Technical Deep Dive
PVS and MCS Webinar - Technical Deep DivePVS and MCS Webinar - Technical Deep Dive
PVS and MCS Webinar - Technical Deep Dive
 
Citrix TechEdge 2014 - How to Troubleshoot Deployments of StoreFront and NetS...
Citrix TechEdge 2014 - How to Troubleshoot Deployments of StoreFront and NetS...Citrix TechEdge 2014 - How to Troubleshoot Deployments of StoreFront and NetS...
Citrix TechEdge 2014 - How to Troubleshoot Deployments of StoreFront and NetS...
 
10 Tips Every XenDesktop Admin Should Know
10 Tips Every XenDesktop Admin Should Know10 Tips Every XenDesktop Admin Should Know
10 Tips Every XenDesktop Admin Should Know
 
Troubleshooting XenApp with the Citrix Diagnostic Toolkit
Troubleshooting XenApp with the Citrix Diagnostic ToolkitTroubleshooting XenApp with the Citrix Diagnostic Toolkit
Troubleshooting XenApp with the Citrix Diagnostic Toolkit
 
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
Choosing the Best Approach for Monitoring Citrix User Experience: Should You ...
 
Top Troubleshooting Tips and Techniques for Citrix XenServer Deployments
Top Troubleshooting Tips and Techniques for Citrix XenServer DeploymentsTop Troubleshooting Tips and Techniques for Citrix XenServer Deployments
Top Troubleshooting Tips and Techniques for Citrix XenServer Deployments
 
Citrix Group Policy Troubleshooting for XenApp and XenDesktop
Citrix Group Policy Troubleshooting for XenApp and XenDesktopCitrix Group Policy Troubleshooting for XenApp and XenDesktop
Citrix Group Policy Troubleshooting for XenApp and XenDesktop
 
What's new in Citrix XenApp 7.5 und XenDesktop 7.5?
What's new in Citrix XenApp 7.5 und XenDesktop 7.5?What's new in Citrix XenApp 7.5 und XenDesktop 7.5?
What's new in Citrix XenApp 7.5 und XenDesktop 7.5?
 
XenDesktop Master Class - Live Installation of XenDesktop/XenApp 7.6
XenDesktop Master Class - Live Installation of XenDesktop/XenApp 7.6XenDesktop Master Class - Live Installation of XenDesktop/XenApp 7.6
XenDesktop Master Class - Live Installation of XenDesktop/XenApp 7.6
 
XenDesktop Master Class - Virtualising Microsoft Lync - March 2015
XenDesktop Master Class - Virtualising Microsoft Lync - March 2015XenDesktop Master Class - Virtualising Microsoft Lync - March 2015
XenDesktop Master Class - Virtualising Microsoft Lync - March 2015
 
15 stephan pfister citrix day hdx-multimedia
15 stephan pfister citrix day hdx-multimedia15 stephan pfister citrix day hdx-multimedia
15 stephan pfister citrix day hdx-multimedia
 
CC-4006, Deliver Hardware Accelerated Applications Using RemoteFX vGPU with W...
CC-4006, Deliver Hardware Accelerated Applications Using RemoteFX vGPU with W...CC-4006, Deliver Hardware Accelerated Applications Using RemoteFX vGPU with W...
CC-4006, Deliver Hardware Accelerated Applications Using RemoteFX vGPU with W...
 
Citrix xenapp & xendesktop 7.5 training
Citrix xenapp & xendesktop 7.5 trainingCitrix xenapp & xendesktop 7.5 training
Citrix xenapp & xendesktop 7.5 training
 
How to Avoid the Top 7 Mistakes Made When Managing Citrix Performance
How to Avoid the Top 7 Mistakes Made When Managing Citrix PerformanceHow to Avoid the Top 7 Mistakes Made When Managing Citrix Performance
How to Avoid the Top 7 Mistakes Made When Managing Citrix Performance
 

Similaire à Citrix Internals: ICA Connectivity

EPL011-Ioannou
EPL011-IoannouEPL011-Ioannou
EPL011-Ioannou
Videoguy
 
Citrix/Intel Brochure salon Hit
Citrix/Intel Brochure salon HitCitrix/Intel Brochure salon Hit
Citrix/Intel Brochure salon Hit
Christian Hym
 
Digital Media Production - Future Internet
Digital Media Production - Future InternetDigital Media Production - Future Internet
Digital Media Production - Future Internet
Maarten Verwaest
 
Video Conferencing Experiences with UltraGrid:
Video Conferencing Experiences with UltraGrid: Video Conferencing Experiences with UltraGrid:
Video Conferencing Experiences with UltraGrid:
Videoguy
 
Video Conferencing Experiences with UltraGrid:
Video Conferencing Experiences with UltraGrid: Video Conferencing Experiences with UltraGrid:
Video Conferencing Experiences with UltraGrid:
Videoguy
 
Accelerating Innovation from Edge to Cloud
Accelerating Innovation from Edge to CloudAccelerating Innovation from Edge to Cloud
Accelerating Innovation from Edge to Cloud
Rebekah Rodriguez
 

Similaire à Citrix Internals: ICA Connectivity (20)

Xilinx Data Center Strategy and CCIX
Xilinx Data Center Strategy and CCIXXilinx Data Center Strategy and CCIX
Xilinx Data Center Strategy and CCIX
 
WebRTC Webinar & Q&A - Sumilcast Standards & Implementation
WebRTC Webinar & Q&A - Sumilcast Standards & ImplementationWebRTC Webinar & Q&A - Sumilcast Standards & Implementation
WebRTC Webinar & Q&A - Sumilcast Standards & Implementation
 
EPL011-Ioannou
EPL011-IoannouEPL011-Ioannou
EPL011-Ioannou
 
Transtec nice webinar v2
Transtec nice webinar v2Transtec nice webinar v2
Transtec nice webinar v2
 
La visualisation 3D distante sans compromis avec NICE DCV
La visualisation 3D distante sans compromis avec NICE DCVLa visualisation 3D distante sans compromis avec NICE DCV
La visualisation 3D distante sans compromis avec NICE DCV
 
Cisco Cloud Networking Workshop
Cisco Cloud Networking Workshop Cisco Cloud Networking Workshop
Cisco Cloud Networking Workshop
 
Citrix/Intel Brochure salon Hit
Citrix/Intel Brochure salon HitCitrix/Intel Brochure salon Hit
Citrix/Intel Brochure salon Hit
 
VMworld 2014: vCloud Hybrid Service Networking Technical Deep Dive
VMworld 2014: vCloud Hybrid Service Networking Technical Deep DiveVMworld 2014: vCloud Hybrid Service Networking Technical Deep Dive
VMworld 2014: vCloud Hybrid Service Networking Technical Deep Dive
 
Synergy 2015 Session Slides: SYN234 Delivering Lync & Other Audio-Video Appli...
Synergy 2015 Session Slides: SYN234 Delivering Lync & Other Audio-Video Appli...Synergy 2015 Session Slides: SYN234 Delivering Lync & Other Audio-Video Appli...
Synergy 2015 Session Slides: SYN234 Delivering Lync & Other Audio-Video Appli...
 
A REPORT ON CITRIX INDEPENDENT COMPUTING ARCHITECTURE (ICA) PROTOCOL
A REPORT ON CITRIX INDEPENDENT COMPUTING ARCHITECTURE (ICA) PROTOCOL A REPORT ON CITRIX INDEPENDENT COMPUTING ARCHITECTURE (ICA) PROTOCOL
A REPORT ON CITRIX INDEPENDENT COMPUTING ARCHITECTURE (ICA) PROTOCOL
 
Digital Media Production - Future Internet
Digital Media Production - Future InternetDigital Media Production - Future Internet
Digital Media Production - Future Internet
 
Video QoS
Video QoSVideo QoS
Video QoS
 
Building the SD-Branch using uCPE
Building the SD-Branch using uCPEBuilding the SD-Branch using uCPE
Building the SD-Branch using uCPE
 
SMARTSTATION
SMARTSTATION SMARTSTATION
SMARTSTATION
 
Video Conferencing Experiences with UltraGrid:
Video Conferencing Experiences with UltraGrid: Video Conferencing Experiences with UltraGrid:
Video Conferencing Experiences with UltraGrid:
 
Video Conferencing Experiences with UltraGrid:
Video Conferencing Experiences with UltraGrid: Video Conferencing Experiences with UltraGrid:
Video Conferencing Experiences with UltraGrid:
 
2014/09/02 Cisco UCS HPC @ ANL
2014/09/02 Cisco UCS HPC @ ANL2014/09/02 Cisco UCS HPC @ ANL
2014/09/02 Cisco UCS HPC @ ANL
 
Nutanix Puts the I in VDI
Nutanix Puts the I in VDINutanix Puts the I in VDI
Nutanix Puts the I in VDI
 
Ccna 4 Chapter 4 V4.0 Answers
Ccna 4 Chapter 4 V4.0 AnswersCcna 4 Chapter 4 V4.0 Answers
Ccna 4 Chapter 4 V4.0 Answers
 
Accelerating Innovation from Edge to Cloud
Accelerating Innovation from Edge to CloudAccelerating Innovation from Edge to Cloud
Accelerating Innovation from Edge to Cloud
 

Plus de Denis Gundarev

How to fail or succeed with desktop virtualization and workspace mobility
How to fail or succeed with desktop virtualization and workspace mobilityHow to fail or succeed with desktop virtualization and workspace mobility
How to fail or succeed with desktop virtualization and workspace mobility
Denis Gundarev
 
Application Virtualization overview - BayCUG
Application Virtualization overview - BayCUGApplication Virtualization overview - BayCUG
Application Virtualization overview - BayCUG
Denis Gundarev
 
BriForum 2013 Chicago - Citrix Troubleshooting - Denis Gundarev
BriForum 2013 Chicago - Citrix Troubleshooting - Denis GundarevBriForum 2013 Chicago - Citrix Troubleshooting - Denis Gundarev
BriForum 2013 Chicago - Citrix Troubleshooting - Denis Gundarev
Denis Gundarev
 
DaaS/IaaS Forum Moscow - Ivo Murris
DaaS/IaaS Forum Moscow - Ivo MurrisDaaS/IaaS Forum Moscow - Ivo Murris
DaaS/IaaS Forum Moscow - Ivo Murris
Denis Gundarev
 
DaaS/IaaS Forum Moscow - Chris Rogers
DaaS/IaaS Forum Moscow - Chris RogersDaaS/IaaS Forum Moscow - Chris Rogers
DaaS/IaaS Forum Moscow - Chris Rogers
Denis Gundarev
 
DaaS/IaaS Forum Moscow - Najat Messaoud
DaaS/IaaS Forum Moscow - Najat MessaoudDaaS/IaaS Forum Moscow - Najat Messaoud
DaaS/IaaS Forum Moscow - Najat Messaoud
Denis Gundarev
 
DaaS/IaaS Forum Moscow - Rick Dehlinger
DaaS/IaaS Forum Moscow - Rick DehlingerDaaS/IaaS Forum Moscow - Rick Dehlinger
DaaS/IaaS Forum Moscow - Rick Dehlinger
Denis Gundarev
 
Hypervisor and VDI security
Hypervisor and VDI securityHypervisor and VDI security
Hypervisor and VDI security
Denis Gundarev
 
How to hack Citrix (So, You Just Inherited Someone Else's Citrix Environment....
How to hack Citrix (So, You Just Inherited Someone Else's Citrix Environment....How to hack Citrix (So, You Just Inherited Someone Else's Citrix Environment....
How to hack Citrix (So, You Just Inherited Someone Else's Citrix Environment....
Denis Gundarev
 

Plus de Denis Gundarev (20)

VMware App Volumes Troubleshooting
VMware App Volumes TroubleshootingVMware App Volumes Troubleshooting
VMware App Volumes Troubleshooting
 
How to encrypt everything that moves and keep it usable
How to encrypt everything that moves and keep it usableHow to encrypt everything that moves and keep it usable
How to encrypt everything that moves and keep it usable
 
Citrix Internals: Tracing, Debugging & Troubleshooting
Citrix Internals: Tracing, Debugging & TroubleshootingCitrix Internals: Tracing, Debugging & Troubleshooting
Citrix Internals: Tracing, Debugging & Troubleshooting
 
Application Streaming is dead. A smart way to choose an alternative
Application Streaming is dead. A smart way to choose an alternativeApplication Streaming is dead. A smart way to choose an alternative
Application Streaming is dead. A smart way to choose an alternative
 
How to build a Citrix infrastructure on AWS
How to build a Citrix infrastructure on AWSHow to build a Citrix infrastructure on AWS
How to build a Citrix infrastructure on AWS
 
How to fail or succeed with desktop virtualization and workspace mobility
How to fail or succeed with desktop virtualization and workspace mobilityHow to fail or succeed with desktop virtualization and workspace mobility
How to fail or succeed with desktop virtualization and workspace mobility
 
Application Virtualization overview - BayCUG
Application Virtualization overview - BayCUGApplication Virtualization overview - BayCUG
Application Virtualization overview - BayCUG
 
BriForum 2013 Chicago - Citrix Troubleshooting - Denis Gundarev
BriForum 2013 Chicago - Citrix Troubleshooting - Denis GundarevBriForum 2013 Chicago - Citrix Troubleshooting - Denis Gundarev
BriForum 2013 Chicago - Citrix Troubleshooting - Denis Gundarev
 
Deep dive in Citrix Troubleshooting
Deep dive in Citrix TroubleshootingDeep dive in Citrix Troubleshooting
Deep dive in Citrix Troubleshooting
 
SYN507: Reducing desktop infrastructure management overhead using “old school...
SYN507: Reducing desktop infrastructure management overhead using “old school...SYN507: Reducing desktop infrastructure management overhead using “old school...
SYN507: Reducing desktop infrastructure management overhead using “old school...
 
DaaS/IaaS Forum Moscow - Ivo Murris
DaaS/IaaS Forum Moscow - Ivo MurrisDaaS/IaaS Forum Moscow - Ivo Murris
DaaS/IaaS Forum Moscow - Ivo Murris
 
DaaS/IaaS Forum Moscow - Chris Rogers
DaaS/IaaS Forum Moscow - Chris RogersDaaS/IaaS Forum Moscow - Chris Rogers
DaaS/IaaS Forum Moscow - Chris Rogers
 
DaaS/IaaS Forum Moscow - Najat Messaoud
DaaS/IaaS Forum Moscow - Najat MessaoudDaaS/IaaS Forum Moscow - Najat Messaoud
DaaS/IaaS Forum Moscow - Najat Messaoud
 
DaaS/IaaS Forum Moscow - Rick Dehlinger
DaaS/IaaS Forum Moscow - Rick DehlingerDaaS/IaaS Forum Moscow - Rick Dehlinger
DaaS/IaaS Forum Moscow - Rick Dehlinger
 
Hypervisor and VDI security
Hypervisor and VDI securityHypervisor and VDI security
Hypervisor and VDI security
 
How to hack Citrix (So, You Just Inherited Someone Else's Citrix Environment....
How to hack Citrix (So, You Just Inherited Someone Else's Citrix Environment....How to hack Citrix (So, You Just Inherited Someone Else's Citrix Environment....
How to hack Citrix (So, You Just Inherited Someone Else's Citrix Environment....
 
RUCUG: 9. Sergey Khalyapin: Представляем XenDesktop 5
RUCUG: 9. Sergey Khalyapin: Представляем XenDesktop 5RUCUG: 9. Sergey Khalyapin: Представляем XenDesktop 5
RUCUG: 9. Sergey Khalyapin: Представляем XenDesktop 5
 
RUCUG: 6. Fabian Kienle - NetScaler and Branch Repeater for Hyper-V
RUCUG: 6. Fabian Kienle - NetScaler and Branch Repeater for Hyper-VRUCUG: 6. Fabian Kienle - NetScaler and Branch Repeater for Hyper-V
RUCUG: 6. Fabian Kienle - NetScaler and Branch Repeater for Hyper-V
 
Anton Zhbankov: 7. Back side of the cloud
Anton Zhbankov: 7. Back side of the cloudAnton Zhbankov: 7. Back side of the cloud
Anton Zhbankov: 7. Back side of the cloud
 
RUCUG: 4. Brian Madden:Terminal Services или VDI, что сейчас происходит с des...
RUCUG: 4. Brian Madden:Terminal Services или VDI, что сейчас происходит с des...RUCUG: 4. Brian Madden:Terminal Services или VDI, что сейчас происходит с des...
RUCUG: 4. Brian Madden:Terminal Services или VDI, что сейчас происходит с des...
 

Dernier

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Dernier (20)

FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 

Citrix Internals: ICA Connectivity

  • 1. @fdwl #BriForum @entisys Citrix Internals: ICA Connectivity Denis Gundarev, Senior Consultant, Entisys Solutions May 21, 2014
  • 2. @fdwl #BriForum @entisys Name: ENTISYSDenis Groups: Group1: Bay Area Citrix User Group Group2: Citrix Technology Professional Email: DenisG@entisys.com Twitter: @fdwl [Length: 112] About me 0000 30 45 4E 54 49 53 59 53 5C 44 65 6E 69 73 0D 0A 0ENTISYSDenis.. 0010 31 0D 0A 32 0D 0A 42 61 79 20 41 72 65 61 20 43 1..2..Bay Area C 0020 69 74 72 69 78 20 55 73 65 72 20 47 72 6F 75 70 itrix User Group 0030 0D 0A 32 43 69 74 72 69 78 20 54 65 63 68 6E 6F ..2Citrix Techno 0040 6C 6F 67 79 20 50 72 6F 66 65 73 73 69 6F 6E 61 logy Professional 0050 6C 0D 0A 33 44 65 6E 69 73 47 40 65 6E 74 69 73 l..3DenisG@entis 0060 79 73 2E 63 6F 6D 0D 0A 34 40 66 64 77 6C 0D 0A ys.com..4@fdwl..
  • 3. @fdwl #BriForum @entisys Agenda  Everything that you need to know about ICA protocol
  • 4. @fdwl #BriForum @entisys What does ICA stand for? Independent Computing Architecture? ICA = Intelligent Console Architecture!
  • 5. @fdwl #BriForum @entisys ICA 1.0 - 1992  Originally for Serial connections  IPX and NetBIOS was added later
  • 6. @fdwl #BriForum @entisys ICA 2.0 - 1992  First Graphical version of ICA  Citrix WinCredible - add-on to Citrix MultiUser  Multiple Operating Systems  OS/2  DOS  Windows 3.1  TCP/IP stack for OS/2 from FTP Software
  • 7. @fdwl #BriForum @entisys ICA 3.0 - 1995  Introduced in WinFrame For Networks  Thinwire 1, Printing, Client drive mapping, audio, Clipboard  TCP/IP, IPX, SPX, NetBEUI, Serial, Modems  $5,995 for 15 concurrent users
  • 8. @fdwl #BriForum @entisys PRD – Product Renaming Disorder Before After Core Virtual channels HDX Broadcast Thinwire HDX SmartRendering Virtual Channel fallback HDX Adaptive Orchestration Flash and Windows media redirection HDX MediaStream Server-side flash rendering HDX MediaStream Network Conditions 3D Pro and RemoteFX HDX RichGraphics Bidirectional audio and UDP Audio HDX RealTime Device mapping HDX Plug-n-Play Built-In compression and Branch Repeater HDX WAN Optimization NetScaler session policies HDX SmartAccess
  • 9. @fdwl #BriForum @entisys ICA Overview The ICA protocol is a protocol optimized for Wide Area Networks or WANs with high latency links. It also supports Quality-Of-Service (QoS) and other bandwidth optimization features. Since this is OSI-Layer 6, what does ICA do for optimization. The ICA packet contains the following headers: Frame Head, Reliable, Encryption, Compression, Command, Command Data, Frame Trail. The command is the only required information. Within ICA are virtual channels for KVM, printing, audio, Drive Mapping, Clipboard, Seamless windows, etc. that can be encapsulated. You can have a max of 32 virtual channels. RDP channels are different. Each channel has a counter-point on the server. These channels sit on top of the ICA Winstation Driver, on top of Protocol driver, on Transport Driver.
  • 10. @fdwl #BriForum @entisys ICA In Real Life TCP SSL CGP/WinSocks ICA Protocoldriver Framedriver Encryption WinStation Compression AUDIO CLIPBOARD DRIVE PRINTING VIDEO SPEEDSCREEN COM
  • 11. @fdwl #BriForum @entisys Virtual Channels TCP SSL CGP/WinSocks ICA Protocoldriver Framedriver Encryption WinStation Compression AUDIO CLIPBOARD DRIVE PRINTING VIDEO SPEEDSCREEN COM
  • 12. @fdwl #BriForum @entisys Virtual Channels Channel Name Priority Description Virtual Driver CTXCAM 0 Client Audio Mapping vdcamN.dll CTXCCM 3 Client COM Port Mapping vdcom30N.dll CTXCDM 2 Client Drive Mapping vdcdm30n.dll CTXCLIP 2 Client Clipboard Mapping vdclipn.dll CTXCM 3 Client Management (Auto-Update) vdcmN.dll CTXCOM1 3 Legacy COM1 Port Mapping vdcom30N.dll CTXCOM2 3 Legacy COM2 Port Mapping vdcom30N.dll CTXCPM 3 Printer Mapping for Spooling Clients vdcpm30N.dll CTXCTL 1 ICA Session Control vdctln.dll CTXD3D 1 Direct3D Virtual Channel Adapter vd3dn.dll CTXEUEM 1 End User Experience Monitoring vdeuemn.dll CTXFLSH 2 Multimedia - Flash vdflash.dll CTXGUSB 2 USB Redirection vdgusbn.dll CTXLIC 1 License Management wfica32.exe CTXLPT1 3 Legacy LP1 Port Mapping vdcpm30N.dll CTXLPT2 3 Legacy LPT2 Port Mapping vdcpm30N.dll CTXMM 2 Multimedia - Streaming vdmmn.dll CTXPASS 2 Transparent Key Pass-Through vdkbhook.dll CTXPN 1 Process Notification vdpnn.dll CTXSBR 1 Citrix Browser Acceleration vdtw30n.dll CTXSCRD 1 Smartcard vdscardn.dll CTXTW 1 Remote Session Screen Update (THINWIRE) vdtw30n.dll CTXTWI 1 Seamless Windows Screen Update (THINWIRE) vdtwin.dll CTXTWN 2 Twain Redirection vdtwn.dll CTXZLC 0 Speed Screen Latency Reduction - Screen vdzlcn.dll CTXZLFK 0 Speed Screen Latency Reduction - Fonts vdfon30n.dll OEMOEM 3 OEMOEM2 3 CTXVFM 1 CTXVFM?
  • 13. @fdwl #BriForum @entisys Virtual Channels  At client load time, list of channel drivers populated from the registry/.ini file  During the connection client passes information about the virtual channels it supports to the XenApp server.  XenApp Server opens virtual channel.  Data sent using the following two methods:  Polling mode  Immediate mode  VC Server can be on the Client  You can remove unneeded channels (http://www.dell.com/downloads/global/solutions/customization_of_the_citrix_ica_web_client. pdf)
  • 14. @fdwl #BriForum @entisys Virtual Channels  You can create your own Virtual Channels  https://www.citrix.com/downloads/citrix-receiver/sdks/virtual-channel-sdk.html  http://www.citrix.com/community/receiver-ica-sdks.html  3 examples included in SDK  RDP2TCP – nice example   http://rdp2tcp.sourceforge.net/  Citrix ICA Virtual Channels Backgrounder  http://support.citrix.com/article/CTX116890
  • 15. @fdwl #BriForum @entisys Dynamic Virtual Channel  Up to 64 Static Virtual Channels (SVCs) for Win32  29 SVCs reserved by Citrix  Android client supports up to 32 SVCs  Dynamic Virtual Channels (or DVCs) are multiplexed over traditional SVCs  To write the DVC component over ICA, Microsoft’s DVC API can be used.  http://msdn.microsoft.com/en-us/library/bb540860(v=vs.85).aspx
  • 16. @fdwl #BriForum @entisys Virtual Channel Priority  XenApp 6.5 - Implementing ICA Multi-Stream or Multi-Port - Virtual Channel Groups and Priorities  http://support.citrix.com/article/CTX131001  How to Change Virtual Channel Priority in XenDesktop 5  http://support.citrix.com/article/CTX128190  Multi-Stream ICA and Cisco QOS  http://www.citrixirc.com/?p=182  Check the VC utilization using Perfmon  http://support.citrix.com/proddocs/topic/xenapp65-admin/ps-ref-counters-ica-sess-count-v2.html
  • 17. @fdwl #BriForum @entisys ICA Drivers TCP SSL CGP/Winsocks ICA Protocoldriver Framedriver Encryption WinStation Compression DRIVE PRINTING COM
  • 18. @fdwl #BriForum @entisys WinStation Driver  Establishes the ICA session  Encodes ICA command information into ICA Packet  ICA packet = Command + Command Data < 2048 bytes  Compresses the ICA packet  Combines or separates compressed ICA packets to 1460 bytes buffers  Determines the priority of each output buffer
  • 19. @fdwl #BriForum @entisys Compression Driver  Enabled by default  VC-specific compression methods  Be careful with WAN optimization recommendations  Disabled compression + Bandwidth limit = Fail  http://support.citrix.com/article/CTX121353
  • 20. @fdwl #BriForum @entisys Encryption Driver  Basic. Encrypts the client connection using a non-RC5 algorithm.  http://www.monkey.org/~dugsong/icadecry pt.c.txt  RC5 AKA SecureICA  RC5 (128 bit) logon only. Encrypts the logon data with RC5 128-bit encryption and the client connection using Basic encryption.  RC5 (40 bit). Encrypts the client connection with RC5 40-bit encryption.  RC5 (56 bit). Encrypts the client connection with RC5 56-bit encryption.  RC5 (128 bit). Encrypts the client connection with RC5 128-bit encryption.
  • 21. @fdwl #BriForum @entisys Framing Driver  Rearranges ICA packets according to priority  Citrix ICA Priority Packet Tagging  http://theether.net/download/Citrix/ICA_Priority_Packet_Tagging.pdf  Fit ICA packets into the frame  Send frames to protocol driver
  • 22. @fdwl #BriForum @entisys Protocol Driver  Transfers frame to underlying protocol without modification  Result is ICA stream, ready for transmission
  • 23. @fdwl #BriForum @entisys More Info About ICA  Citrix ICA Virtual Channels Backgrounder  http://support.citrix.com/article/CTX116890  Virtual channel names must not be more than seven characters in length  Configuring Citrix MetaFrame XP for Windows by Syngress et al.  http://amzn.com/1931836531  Citrix ICA Technology Brief  http://web.archive.org/web/20000408170851/http://www.bocaresearch.com/technologies/icate ch.html
  • 25. @fdwl #BriForum @entisys What does CGP stand for?  Certified Guitar Player  Common Gateway Protocol  Formerly known as Citrix Gateway Protocol
  • 26. @fdwl #BriForum @entisys Common Gateway Protocol  CGP = binary protocol designed for efficient tunneling of one or more TCP streams  Used by Session Reliability  Based on SOCKS proxy protocol
  • 27. @fdwl #BriForum @entisys What is SOCKS  SOCKS is a generic, proxy protocol for TCP/IP based networking application.  SOCKS consists of two parts: SOCKS server and SOCKS client.  SOCKS server can communicate directly with both the Internet and the internal computers.  SOCKS client contacts the SOCKS server instead of sending requests directly to the Internet
  • 28. @fdwl #BriForum @entisys SOCKS Connection TCP ServerUser SOCKS Proxy SOCKS Request TCP Connect SYN TCP Connect ACKSOCKS Reply DATA DATA DATADATA
  • 29. @fdwl #BriForum @entisys Secure Gateway Proxy/NetScaler Gateway Next Hop  Unauthenticated SOCKS, tunnels any TCP traffic  When configured with a certificate, the Secure Gateway Proxy/NetScaler Gateway Next Hop expects traffic to be SOCKS+SSL on port 443
  • 30. @fdwl #BriForum @entisys What is the difference between CGP and SOCKS?  CGP is completely different protocol, but share the same idea   CGP support ticket-based authentication and addressing  CGP server sends keep-alive messages (60 sec by default)  CGP drop TCP connection without response if ticket is invalid  CGP support TCP Multiplexing, but it’s not really used  SOCKS is still in Citrix Products
  • 31. @fdwl #BriForum @entisys Ticket Types Name Issued by Purpose Logon Ticket XenApp Data Collector/ XenDesktop Controller Authenticate user to ICA session; ticket replaces user credentials LogonTicket=34B79930FBFC20BEF54D597A6A1595 LogonTicketType=CTXS1 ACR Ticket XenApp Server/ XenDesktop VDA Allow reconnection via Auto Client Reconnect without requiring user to enter credentials, stored in memory of the client Gateway Traversal Ticket (v1) AppController Allow ICA connection through SOCKS; ticket replaces destination server address Common Gateway Protocol Token Citrix XTE Service/ICA-CGP Listener Allow reconnection via Auto Client Reconnect without requiring user to enter credentials, stored in memory of the client Gateway Traversal Ticket (v4) XenApp ctxsta.dll or XenDesktop Broker Service Allow ICA connection through Gateway with Session Reliability; ticket replaces server address Address=;40;STA403126471;54D2368FFFD32A448EA55350100553
  • 32. @fdwl #BriForum @entisys Session Reliability  Explaining ICA Session Reliability, Common Gateway Protocol, on TCP Port 2598  http://support.citrix.com/article/CTX104147  Session Reliability, Frozen Screens and The Hourglass of Death By Nick Rintalan  http://blogs.citrix.com/2013/01/23/session- reliability/ 
  • 33. @fdwl #BriForum @entisys CGP Implementations: XTE Service  Extensible Transformation Engine (XTE) is an Apache-based proxy server that support:  CGP  SOCKS  HTTP  All of the above over SSL  Can be seen on XenApp <= 6.5 and XenDesktop <=5.x as Citrix XTE Service providing:  Session Reliability  SSL Relay  Password Manager Service  Universal Print Server
  • 34. @fdwl #BriForum @entisys CGP Implementations: RDS Listeners
  • 35. @fdwl #BriForum @entisys CGP Implementations: CSG  Gateway between an SSL enabled ICA client and XenApp Servers  Tunnels ICA/CGP traffic inside SSL  Citrix Secure Gateway is a deprecated component that is still supported for XenApp 6.5  Similar to XTE Service, based on Apache  Basically XTE + 3 additional Apache modules + GUI  Supports STA Ticketing Authentication
  • 36. @fdwl #BriForum @entisys STA Ticket Request  The following data are included as part of the ticket request sent by the Web server:  User name and domain name  Published application name  Least-busy Presentation Server address <?xml version="1.0" encoding="UTF-8"?> <!--DOCTYPE CtxConnInfoProtocol SYSTEM "CtxConnInfo.dtd"-- > <CtxConnInfo version="1.0"> <ServerAddress>192.168.1.176:1494</ServerAddress> <UserName>fdwl</UserName> <UserDomain>corp</UserDomain> <ApplicationName>XA75 $S4-5</ApplicationName> <Protocol>ICA</Protocol> </CtxConnInfo>
  • 37. @fdwl #BriForum @entisys STA Ticket Response  The encoding format is a string of the form:  ;STA_VERSION;STA_ID;TICKET  STA_VERSION. 40 for XenApp and XenDesktop. 10 for AppController.  STA_ID is a sequence of 0 – 16 characters usually generated from the MAC address. Each STA ID must be unique. This allows the gateway to locate the STA that created the ticket and return to that STA for ticket validation.  TICKET is a randomly-generated sequence of 32 uppercase alphabetic or numeric characters.  Example:  ;40; STA403126471;FE0A7B2CE2E77DDC17C7FD3EE7959E79 <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE CtxSTAProtocol SYSTEM "CtxSTA.dtd" > <CtxSTAProtocol version="1"> <ResponseTicket> <AuthorityID authorityType="STA-v1"> STA403126471 </AuthorityID> <Ticket ticketType="STA-v1">245489CECBC3CAA3B88446F12FF80B6A</Ticket> <TicketVersion>40</TicketVersion> </ResponseTicket> </CtxSTAProtocol>
  • 38. @fdwl #BriForum @entisys CGP Implementations: NetScaler Gateway/Access Gateway  ICA Proxy Mode  The Only supported gateway for XenDesktop 7.x  ICA Proxy Session Migration in 10.1
  • 39. @fdwl #BriForum @entisys WebSockets  “SOCKS over HTTP”  HTTP Upgrade  TCP 8008 by default, but can be changed  <html5 enabled="Always" platforms="Force" launchURL="clients/HTML5Client/src/Session Window.html“ preferences="wsPort:8080" singleTabLaunch="true" chromeAppOrigins="chrome- extension://haiffjcadagjlijoggckpgfnoeiflne m" />  XTE Service on XA 6.5  HRP3 is required for StoreFront 2.x  RDS Listener ICA-HTML5 on XD 7.x Server OS  ICA Service on XD 7.x Client OS
  • 40. @fdwl #BriForum @entisys Direct connection Component Connecting to Session Reliability Protocol TCP Port ICA Client version 8.0 or later XenApp Server/XenDesktop VDA Enabled ICA in Common Gateway Protocol 2598 ICA Client version 8.0 or later XenApp Server/XenDesktop VDA Disabled ICA 1494 HTML5 Receiver XenApp Server/XenDesktop VDA N/A ICA in WebSockets 8008
  • 41. @fdwl #BriForum @entisys One hop DMZ Component Connecting to Session Reliability Protocol TCP Port ICA Client version 9.0 or later Secure Gateway/Access Gateway/NetScaler Enabled ICA in Common Gateway Protocol in SSL 443 ICA Client version 9.0 or later Secure Gateway/Access Gateway/NetScaler Disabled ICA in SSL 443 HTML5 Receiver Secure Gateway/Access Gateway/NetScaler N/A ICA in WebSockets in SSL 443 Secure Gateway/Access Gateway/NetScaler XenApp Server/XenDesktop VDA Enabled ICA in Common Gateway Protocol 2598 Secure Gateway/Access Gateway/NetScaler XenApp Server/XenDesktop VDA Disabled ICA 1494
  • 42. @fdwl #BriForum @entisys Dual hop DMZ Component Connecting to Session Reliability Protocol TCP Port Secure Gateway/Access Gateway/NetScaler in DMZ1 Secure Gateway/Access Gateway/NetScaler in DMZ2 with SSL N/A SOCKS in SSL 443 Secure Gateway/Access Gateway/NetScaler in DMZ1 Secure Gateway/Access Gateway/NetScaler in DMZ2 without SSL N/A SOCKS 1080
  • 44. @fdwl #BriForum @entisys Multi-Stream ICA Citrix Receiver for Windows XenDesktop Windows 7 HTTP Server Router ICA Real Time HTTP HTTP ICA Interactive ICA Background ICA Bulk ICA Real Time ICA Interactive ICA Background ICA Bulk ICA UDP/RTP Audio * ICA UDP Audio * * UDP/RTP Audio initially only in VDI FlexCast model (XenDesktop)
  • 45. @fdwl #BriForum @entisys Multi-Stream vs. Multi-Port ICA  Single-port, Multi-Stream ICA  4 random ports at client, 1 primary port on server  Multi-port, Multi-Stream ICA  4 random ports at client, 1 primary and up to 3 secondary ports on server  Single-port, Single-stream ICA  1 random port at client, 1 primary port on server  The default connection type  Multi-Stream with NetScaler  4 random ports at client, 1 primary port on NetScaler VIP  4 random ports at NetScaler SNIP/MIP, 1 primary and up to 3 secondary ports on server
  • 47. @fdwl #BriForum @entisys Multi-Stream ICA  XenApp 6.5 - Implementing ICA Multi-Stream or Multi-Port - Virtual Channel Groups and Priorities  http://support.citrix.com/article/CTX131001  Very High (numeric 0): Real time channels, such as audio and webcam conferences  High (numeric 1): Interactive channels, such as graphics, keyboard, and mouse  Medium (numeric 2): Bulk channels, such as drive mapping, scanners, USB redirection, clipboard, Flash  Low (numeric 3): Background channels, such as printing, COM port mapping, LPT port mapping  Requirements:  XenDesktop 5.5+  XenApp 6.5+  Receiver 3.0+
  • 48. @fdwl #BriForum @entisys UDP Audio  Speex codec  Real-time Transport Protocol (RTP)  Quality must be set to Medium  Not using ICA or CGP  Citrix Receiver creates a listener on a client device during session initialization  Not supported with NetScaler
  • 50. @fdwl #BriForum @entisys SSL  Citrix uses custom SSLSDK library to wrap native OS SSL functions and form Secured Socket  Recommended for every connection  SSL Relay is no longer available in XenDesktop 7.x, Use IPSec to enforce encryption  Wildcard and SAN certificates are supported
  • 51. @fdwl #BriForum @entisys SSL on NetScaler  SNI (Server Name Indication) is not supported by Receiver yet.  NetScaler VPX does not support TLS 1.1 and TLS 1.2  Always add CA certificates chain to vserver