Mastering NetScaler VPX™

Table of Contents

Mastering NetScaler VPX™

Notice

Credits

About the Authors

About the Reviewer

www.PacktPub.com

Support files, eBooks, discount offers, and more

Why subscribe?

Free access for Packt account holders

Instant updates on new Packt books

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Downloading the example code

Downloading the color images of this book

Errata

Piracy

Questions

1. Configuring the Standard Features of NetScaler®

The basic features

NSIP

MIP

SNIP

VIP

IP set

Net profile

Load balancing

Active/active load balancing

Active/passive load balancing

Load balancing StoreFront™

Configuring authentication

LDAP integration

Two-factor integration

Configuring NetScaler® AAA

Citrix Receiver™ authentication

Troubleshooting

NetScaler Gateway™

Session policies

Integration StoreFront™

Citrix Receiver™

Receiver for Web

Citrix® StoreFront™

Group policies

SmartAccess filters

Summary

2. Using the Features of NetScaler® AppExpert

AppExpert applications and templates

HTTP Callouts

How HTTP Callout works

Configuring HTTP Callout

Rate limiting

Configuring rate limiting

Policies and expressions

Policy binding

Evaluation order

Parsing policies

Rewrite

The working of the rewrite feature

The GoTo expression

Rewrite actions

Configuring a rewrite policy

Responder

Configuring a responder policy

Rewrite versus responder

Summary

3. Integration with Citrix® Components

NetScaler® Insight Center

Licensing

Reporting

Web Insight

HDX Insight

WAN Insight

Installation

Configuration

System menu

Authentication

Insight deployment management

Thresholds

Updating NetScaler® Insight Center

Troubleshooting

CloudBridge™

Appliances

Link capacity

User capacity

Disk capacity

Deployment modes

CloudBridge™ Connector

Installation

Compression

Encrypted traffic acceleration

SSL compression

Traffic shaping

XenApp®/XenDesktop® acceleration

The Citrix® Command Center

Software

Supported devices

Hardware appliances

High availability

Distributed agents

Device profiles

Device groups

Port settings

Device discovery

Automatic back-up

Tasks

Change management

SSL certificate management

Reporting

Citrix NetScaler® syslog

AppFirewall Signature syslog analytics

Summary

4. Traffic Management

Content switching

DNS

Global Server Load Balancing

Load balancing methods

Active/passive GSLB

Troubleshooting GSLB

DataStream

Setting up generic SQL load balancing

Master/slave deployment

AppQoE

Summary

5. Tuning and Monitoring NetScaler® Performances

Tuning the network and virtual environment

TCP and SSL profiles

HTTP/2 and SPDY

Monitoring network traffic

nstrace

nstcpdump

Analyzing network trace files using Wireshark

Analyzing network traffic using Citrix NetScaler® Insight

Troubleshooting NetScaler® Insight

Summary

6. Security Features and Troubleshooting

Management best practices for security

Security features in NetScaler®

HTTP DoS protection

Access-lists

SSL settings

Admin partitions

Analyzing issues using Citrix® Insight Services

Setting up AAA – authentication and authorization

Authentication policy

Authorization policy

Authentication profiles

Troubleshooting AAA and setting up audit policies

Summary

7. Real-World Deployment Scenarios

A small PoC VDI environment

An enterprise VDI multisite environment

Citrix® StoreFront™ multisite configuration

Citrix® StoreFront™ optimal NetScaler Gateway™ routing

Citrix® StoreFront™ subscription synchronization

An enterprise VDI active-passive environment

A global web services environment

An active-active data center for application hosting

An active-passive data center for disaster recovery

Reverse proxy

Summary

Index

Mastering NetScaler VPX™

Mastering NetScaler VPX™

Copyright © 2015 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

First published: November 2015

Production reference: 1161115

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham B3 2PB, UK.

ISBN 978-1-78528-173-0

www.packtpub.com

Notice

The statements made and opinions expressed herein belong exclusively to the author and reviewers of this publication, and are not shared by or represent the viewpoint of Citrix Systems®, Inc. This publication does not constitute an endorsement of any product, service, or point of view. Citrix® makes no representations, warranties or assurances of any kind, express or implied, as to the completeness, accuracy, reliability, suitability, availability, or currency of the content contained in this publication or any material related to this publication. Any reliance you place on such content is strictly at your own risk. In no event shall Citrix®, its agents, officers, employees, licensees, or affiliates be liable for any damages whatsoever (including, without limitation, damages for loss of profits, business information, or loss of information) arising out of the information or statements contained in the publication, even if Citrix® has been advised of the possibility of such loss or damages. Citrix®, XenApp®, XenDesktop®, CloudBridge™, StoreFront™, and NetScaler® are trademarks of Citrix Systems®, Inc. and/or one or more of its subsidiaries, and may be registered in the United States Patent and Trademark Office and in other countries. Some of the images in the chapters are taken from the Citrix® website and documentation.

Credits

Authors

Rick Roetenberg

Marius Sandbu

Reviewer

Yugandhar Ananda

Commissioning Editor

Dipika Gaonkar

Acquisition Editor

Harsha Bharwani

Content Development Editor

Sumeet Sawant

Technical Editor

Tanmayee Patil

Copy Editors

Stephen Copestake

Vikrant Phadke

Project Coordinator

Shweta H Birwatkar

Proofreader

Safis Editing

Indexer

Tejal Soni

Graphics

Jason Monteiro

Production Coordinator

Aparna Bhagat

Cover Work

Aparna Bhagat

About the Authors

Rick Roetenberg is a technical consultant at ITON ICT in the Netherlands. He has more than 5 years of experience in implementing products available from Citrix, especially networking products. He is also responsible for pre-sales with customers at ITON ICT. Recently, he succeeded the Citrix Networking for Datacenter Specialist Practicum. Rick has also presented at DuCUG, the Dutch Citrix User Community, where he explained that NetScaler is more than just an ICA proxy. He has always had a lot of interest in technology, and his current focus is on Citrix network products.

Rick posts blogs at www.rickroetenberg.com, where he shares more information about Citrix's products and all that is necessary in addition to these products. He can be contacted at . His Twitter handle is @rroetenberg.

Marius Sandbu is a senior consultant from Norway. He has over 10 years of experience in IT. He has worked as an architect and instructor at Veeam, Microsoft, and Citrix. He has also presented at the NetScaler master class and been to local Citrix user groups' events. Marius is the author of other NetScaler books as well, including Implementing NetScaler VPX™, Packt Publishing.

He is also a Microsoft MVP, Veeam Vanguard, and PernixPro.

Marius posts blogs on https://msandbu.wordpress.com/, where he shares information from the software-defined space. He can be contacted at or on Twitter at @msandbu.

About the Reviewer

Yugandhar Ananda works as a Citrix consultant. This has helped him get good exposure to Citrix technologies, real-time issues with production servers, XA/XD/PVS, and NetScaler.

He is a quick learner and can easily adopt new technologies, which is his strength. His hobbies are making new friends and reading new technical articles.

www.PacktPub.com

Support files, eBooks, discount offers, and more

For support files and downloads related to your book, please visit www.PacktPub.com.

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters and receive exclusive discounts and offers on Packt books and eBooks.

https://www2.packtpub.com/books/subscription/packtlib

Do you need instant solutions to your IT questions? PacktLib is Packt's online digital book library. Here, you can search, access, and read Packt's entire library of books.

Why subscribe?

Fully searchable across every book published by Packt

Copy and paste, print, and bookmark content

On demand and accessible via a web browser

Free access for Packt account holders

If you have an account with Packt at www.PacktPub.com, you can use this to access PacktLib today and view 9 entirely free books. Simply use your login credentials for immediate access.

Instant updates on new Packt books

Get notified! Find out when new books are published by following @PacktEnterprise on Twitter or the Packt Enterprise Facebook page.

Preface

NetScaler is becoming more and more essential in many environments and is often crucial for many of the services it offers. Mastering NetScaler VPX™ is a book that covers many advanced topics, such as optimizing traffic, setting up redundant web services, and integrating with other Citrix products, as well as many best practices.

This book starts out with an easy introduction to the product, what it can offer, and how to do an initial setup on an on-premise deployment.

Later, it goes into some of the more advanced features, such as remote access against Citrix, different VPN features, and optimizing network services.

It also covers features of high availability such as GSLB, redirecting traffic using content switching, and different real-life scenarios and deployments.

What this book covers

Chapter 1, Configuring the Standard Features of NetScaler ®, covers the basic setup of NetScaler, load balancing, and integration with XenDesktop.

Chapter 2, Using the Features of NetScaler ® AppExpert, explains many of the different features found within AppExpert such as deployments of different templates, HTTP callout, rate limiting, rewrites, and responder policies.

Chapter 3, Integration with Citrix ® Components, covers different integration possibilities with products such as Insight Center, CloudBridge, and Command Center.

Chapter 4, Traffic Management, illustrates many traffic management features, such as compression/caching, how to use content switching, and setting up GSLB.

Chapter 5, Tuning and Monitoring NetScaler ® Performances, teaches you how to perform network optimization using TCP and SSL. This chapter also dives into the use of different tools for monitoring performance.

Chapter 6, Security Features and Troubleshooting, teaches you how to set up AAA, the use of security features such as HTTP DDoS, application firewalls, admin partitions, and lastly how you can troubleshoot using built-in tools and Wireshark.

Chapter 7, Real-World Deployment Scenarios, covers many real-life scenarios and shows how we can use NetScaler to set up a solution such as NetScaler Gateway for a small VDI environment, large web services spanning globally, and more.

What you need for this book

You can download a trial of the NetScaler virtual appliance from Citrix here: https://secureportal.citrix.com/MyCitrix/login/EvalLand.aspx?downloadid=1857216&LandingFrom=1005.

You should also have a virtual environment running any one of VMware, Citrix XenServer, or Hyper-V. If you do not have a virtual environment, you can test it on a client hypervisor.

For instance, if you are using Windows 8.1/10, you can use Client Hyper-V, which is an add-on that needs to be added from Programs and features under Control Panel.

Alternatively, you can use VMware Player (https://my.vmware.com/web/vmware/free#desktop_end_user_computing/vmware_player/6_0).

Who this book is for

This book is intended for system administrators who work with either Citrix or networking and want to learn more advanced topics around Citrix NetScaler, such as integrating with other Citrix components or setting up advanced features such as GSLB and traffic optimization.

Conventions

In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.

Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: The expression will be SYS.HTTP_CALLOUT(NAMEOFTHECREATEDHTTPCALLOUT ).

A block of code is set as follows:

  Default wingName=Default />

When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:

  {true | false}>

      farmname />

Any command-line input or output is written as follows:

show vpn icaconnection show vpn stats

New terms and important words are shown in bold. Words that you see on the screen, in menus or dialog boxes for example, appear in the text like this: Go to AppExpert | HTTP Callouts and click on Add.

Note

Warnings or important notes appear in a box like this.

Tip

Tips and tricks appear like this.

Reader feedback

Feedback from our readers is always welcome. Let us know what you think about this book—what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of.

To send us general feedback, simply send an e-mail to <feedback@packtpub.com>, and mention the book title via the subject of your message.

If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on www.packtpub.com/authors.

Customer support

Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.

Downloading the example code

You can download the example code files for all Packt books you have purchased from your account at http://www.packtpub.com. If you purchased this book elsewhere, you can visit http://www.packtpub.com/support and register to have the files e-mailed directly to you.

Downloading the color images of this book

We also provide you a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from: https://www.packtpub.com/sites/default/files/downloads/B04217_1730EN_Graphics.pdf.

Errata

Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in the text or the code—we would be grateful if you would report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting http://www.packtpub.com/submit-errata, selecting your book, clicking on the errata submission form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded on our website, or added to any list of existing errata, under the Errata section of that title. Any existing errata can be viewed by selecting your title from http://www.packtpub.com/support.

Piracy

Piracy of copyright material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works, in any form, on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.

Please contact us at <copyright@packtpub.com> with a link to the suspected pirated material.

We appreciate your help in protecting our authors, and our ability to bring you valuable content.

Questions

You can contact us at <questions@packtpub.com> if you are having a problem with any aspect of the book, and we will do our best to address it.

Chapter 1. Configuring the Standard Features of NetScaler®

Welcome to the first chapter of this book. Throughout the course of this book, we will cover how to master Citrix NetScaler. This chapter will cover the most commonly used features of Citrix NetScaler.

Throughout this book, we will be focusing mostly on how to use the most common features of Citrix NetScaler. These features make Citrix NetScaler one of the best Application Delivery Controller (ADC). The features will be available depending on the installed license. So, to sum it up, here's what we will cover throughout this chapter:

Load balancing

The NetScaler Gateway

StoreFront integration

Authentication

The basic features

During the installation, it's required to install the purchased license. Then, depending on the installed license, you will get the purchased functionality. The load balancing functionality is one of the most commonly used features in Citrix NetScaler. This is because of support from third-party vendors, which provide support and specific templates for particular services. These