ICA verses X11 - architecture Application deployment advantages Java applications challenges Simplified application access

(1)

Citrix® MetaFrame® Server

for UNIX® Operating Systems

Simplified Application Access

Citrix® MetaFrame® Server

for UNIX® Operating Systems

Simplified Application Access

David Wagner

(2)

Efficient application management

Any ICA client application access

(3)

What will you learn today?

ICA verses X11 - architecture

Application deployment advantages

Java applications challenges

Simplified application access

ICA verses X11 - architecture

Application deployment advantages

Java applications challenges

(4)

Introducing…

MetaFrame for UNIX

makes it possible to

access UNIX and Java

applications, unchanged,

(5)

PC X Servers

UNIX applications access

Limited to PCs on a LAN

High maintenance cost

Software is licensed per seat

UNIX applications access

Limited to PCs on a LAN

High maintenance cost

Software is licensed per seat

(6)

Advantages of MetaFrame for UNIX

over PC X Servers…

– _{MetaFrame for UNIX uses concurrent licensing}

– _{MetaFrame for UNIX works with NFuse and lightweight}

ICA clients for web deployment

– _{Applications running in MetaFrame for UNIX retain}

unsaved data if the connection drops

– _{MetaFrame for UNIX has intelligent load balancing} – _{MetaFrame for UNIX provides “shadowing”}

over PC X Servers…

– _{MetaFrame for UNIX uses concurrent licensing}

– _{MetaFrame for UNIX works with NFuse and lightweight}

ICA clients for web deployment

– _{Applications running in MetaFrame for UNIX retain}

unsaved data if the connection drops

– _{MetaFrame for UNIX has intelligent load balancing}

(7)

MetaFrame for UNIX ……

Enables access to UNIX applications from all

ICA enabled devices

Is an alternative to X servers

Uses comparatively little bandwidth

Is licensed per seat

Compatible with NFuse Classic

Is a key part of Citrix’s heterogeneous

solutions message

Does have a future roadmap

Enables access to UNIX applications from all

ICA enabled devices

Is an alternative to X servers

Uses comparatively little bandwidth

Is licensed per seat

Compatible with NFuse Classic

Is a key part of Citrix’s heterogeneous

solutions message

(8)

Remove Limitations on Access

Workstations Laptops

Wireless PCs

Macs WBTs

PDAs

(9)

PC X Server and X11 protocol

PC

X11 App

App runs on server

PC X Server software

App displays on the PC

X11 on the LAN Display updates, mouse

and keystrokes

(10)

Using ICA instead of X11

X11 App App runs

on server

Any ICA device UNIX Server

M

e

ta

F

ra

m

e

(11)

ICA Compared to X11

SpeedScreen™ 2

enables reduced

bandwidth

consumption

SpeedScreen™ 2

enables reduced

bandwidth

consumption

ICA is a fraction of

the bandwidth

(12)

ICA Protocol Efficiency

Applications

Accessed

From Desktop

PC or Thin

Client

Applications

Install & Run

on Server

Only screens,

mouse clicks &

keystrokes travel

the network

Shared Ethernet 10 Mbps

Wireless Ethernet 2 Mbps ISDN 64 Kbps

Modem 28.8 bps

(13)

Flexible Access – Any Connection

Maximum performance over any bandwidth

–

LAN, WAN, dial-up, Internet, wireless, even GSM…

SpeedScreen™ 2 technology

–

Intelligent caching of frequently repainted graphics

–

Reduces bandwidth consumption by 25% to 30%,

and transmitted packets by up to 60% for greater

network efficiency

Maximum performance over any bandwidth

–

LAN, WAN, dial-up, Internet, wireless, even GSM…

SpeedScreen™ 2 technology

–

Intelligent caching of frequently repainted graphics

–

Reduces bandwidth consumption by 25% to 30%,

(14)

Benefits of MetaFrame for UNIX

Central management

Rapid application deployment

Increased application performance over

fat client/server solutions

Increased user mobility

Reliable Java application deployment

Central management

Rapid application deployment

Increased application performance over

fat client/server solutions

Increased user mobility

(15)

Direct Access to UNIX Applications

No need to maintain & support an emulation package

– only an ICA client is needed

User able to connect directly to the UNIX server

hosting the applications via ICA

Significantly simplify your user’s experience

connecting to critical UNIX applications

No need to maintain & support an emulation package

– only an ICA client is needed

User able to connect directly to the UNIX server

hosting the applications via ICA

(16)

Enterprise-Class Management – Users

Session Shadowing

– _{Enables remote troubleshooting and support}

Session Disconnect/Reconnect

– _{Retains session during a broken connection}

Business Recovery Client

– _{Automatically connects to a backup server farm if}

necessary

Session Shadowing

– _{Enables remote troubleshooting and support}

Session Disconnect/Reconnect

– _{Retains session during a broken connection}

Business Recovery Client

(17)

Central Management

Application managed at server

Upgrades managed at server

Only ICA client managed on the clients

Application managed at server

Upgrades managed at server

Only ICA client managed on the clients

“We can now get distributed offices up and running in

significantly less time than before, which means that we

can be much more responsive in new markets”

(18)

Rapid Application Deployment Rapid Application Deployment

Quickly provide remote and mobile access

Deploy applications in hours not months

–

Access in the time it takes to install ICA client

Integrate new companies easily

Quickly provide remote and mobile access

Deploy applications in hours not months

–

Access in the time it takes to install ICA client

(19)

Increases Application Speed

Up to 10X faster than client/server

28.8k modem to WAN to Wireless

Up to 10X faster than client/server

28.8k modem to WAN to Wireless

“Our MetaFrame for Solaris servers deliver

applications in real time, compared with screen

delays of up to 10 seconds with X.11.”

Michael McCollough, Senior Manager Network Services for Madison River Communications

“Previously, our remote telecommuters experienced

performance challenges running X-Windows

applications, even across high-speed lines. The low

bandwidth requirements of MetaFrame have vastly

improved performance.”

(20)

Increases User Mobility

Thin enough for a phone line

Recovery from dropped connections

Overcomes network latency problems

Thin enough for a phone line

Recovery from dropped connections

Overcomes network latency problems

“… users are able to reconnect to dropped

sessions easily without losing any unsaved

information.”

Matt Ferris, Manager Wireless Subscriber Systems Group, Motorola Semiconductor

“Network engineers and administrators in our

various locations were experiencing very slow

performance … using the X.11 protocol. … we

expected great performance from Citrix’s new Solaris

product, and we got it.”

Michael McCollough, Senior Manager

(21)

Typical Deployment

UNIX Workstations

Wireless ICA Terminals

Desktop PCs

Trading Floor system running on Solaris

ICA

Dial-in Win98 laptop

(22)

JAVA™ Application

Access JAVA applications

–

SAP GUI – the Java version

–

Oracle 11 front ends, Oracle Financials

Meant to “run anywhere” but

–

Some don’t work well on WANs/dial-up

–

Different browsers run Java differently

Access JAVA applications

–

SAP GUI – the Java version

–

Oracle 11 front ends, Oracle Financials

Meant to “run anywhere” but

(23)

Java clients for n-Tier systems

ERP Java client on Citrix MetaFrame Server Desktop PCs

ERP server

Macs

WBTs

ERP data

Flexible Access

(24)

Deploying JAVA via ICA

Eliminate the limitation on size

One JVM or browser configuration

One JAVA development environment

Instant deployment through ICA

Eliminate the limitation on size

One JVM or browser configuration

(25)

Citrix MetaFrame Server Architecture

Any ICA Client

Access to Windows, UNIX and Java

applications from a single client, seamlessly

Access to Windows, UNIX and Java

applications from a single client, seamlessly

Citrix MetaFrame

UNIX

Citrix MetaFrame

Windows

(26)

Any Application on the Web. Now!

Each user’s logon screen

can have a unique, customized,

desktop appearance

with

personalized application access and dynamic web

(27)

Web Interface Access

Windows

(28)

A screenshot from a Windows desktop

This screenshot shows AIX, HP and Solaris apps

simultaneously accessed in Seamless windows

A screenshot from a Windows desktop

(29)

Key Markets

Many verticals have special requirements for

remote and mixed-device access to

mission-critical UNIX and Java applications

–

Investment banking

–

EDA - Engineering – aerospace, semiconductors

–

CAD

–

Telecommunications

–

Oil/Gas Exploration and Production

Many verticals have special requirements for

remote and mixed-device access to

mission-critical UNIX and Java applications

–

Investment banking

–

EDA - Engineering – aerospace, semiconductors

–

CAD

–

Telecommunications

(30)

Key Market Characteristics

1) Applications that analyse and process enormous volumes

of data

– _{Huge investment in UNIX software and infrastructure}

– _{Oil exploration, geology, imaging, semiconductor design,}

telecommunications networks, etc…

2) Specialised apps resulting from thousands of man years of

expert development

– _{Huge legacy applications undergoing constant evolution}

– _{Semiconductor design, oil exploration and delivery, geological}

survey, fluid dynamics, simulation, development tools

3) Apps that work in ultra mission-critical environments – _{“We don’t reboot our server”}

– _{Investment banking, retail banking, telecommunications, military}

1) Applications that analyse and process enormous volumes

of data

– _{Huge investment in UNIX software and infrastructure}

– _{Oil exploration, geology, imaging, semiconductor design,} telecommunications networks, etc…

2) Specialised apps resulting from thousands of man years of

expert development

– _{Huge legacy applications undergoing constant evolution}

– _{Semiconductor design, oil exploration and delivery, geological} survey, fluid dynamics, simulation, development tools

3) Apps that work in ultra mission-critical environments

– _{“We don’t reboot our server”}

(31)

UNIX Applications

– _Synopsis

– _Cadence

– _{Reuters Kondor+ & Market Data Sheets – investment banking}

– _{SunGard – Investment Banking (your broker may use it)}

– CATIA – CAD

– _{Numetrix – CRM (acquired by JDE)}

– _{i2 – another CRM}

– _{Dinis – electrical network analysis app made by ICL}

And thousands of in-house applications…

– _{mobile phone network monitoring, development tools, etc…}

– _Synopsis – _Cadence

– _{Reuters Kondor+ & Market Data Sheets – investment banking} – _{SunGard – Investment Banking (your broker may use it)}

– CATIA – CAD

– _{Numetrix – CRM (acquired by JDE)} – _{i2 – another CRM}

– _{Dinis – electrical network analysis app made by ICL}

And thousands of in-house applications…

(32)

Identify MFU Opportunities

Are you using Exceed, or another PC X emulator?

–_{Then they have X11 apps!}

Do you have UNIX workstations?

–_{Then they are using X11 apps on them}

Do you have remote offices or sites?

–_{Then they might need a low bandwidth way to access UNIX/}

Java apps

Do you have mobile users or telecommuters?

–_{Then those users might need ICA access to UNIX/Java apps}

Do you want a single portal for all application types?

–_{NFuse can provide a single point of access to MF/Win and}

MFU servers

Are you using Exceed, or another PC X emulator?

–_{Then they have X11 apps!}

Do you have UNIX workstations?

–_{Then they are using X11 apps on them}

Do you have remote offices or sites?

–_{Then they might need a low bandwidth way to access UNIX/} Java apps

Do you have mobile users or telecommuters?

–_{Then those users might need ICA access to UNIX/Java apps}

Do you want a single portal for all application types?

(33)

The Citrix MetaFrame Server Advantage

(34)

v1.2 – The next release

Citrix MetaFrame Server

for UNIX Operating Systems

(35)

for UNIX Operating Systems

v1.2 - Targeted for March/April 2003

–

Extends performance, usability, security and value

Key Features - Everything in FR1 plus ….

– _{New platforms}

– _{Solaris SPARC 9, AIX 5.1 & 5.2 and HP-UX 11i} – _{RSA SecureID support}

– Performance tuning and improvements – _{OpenGL support (limited)}

– _{Browser Improvements}

– _{Shared licenses between subnets} – _{Backup ICA browser support}

– _{ICA Browser packet encryption}

– _{Logoff handling of disconnect sessions}

v1.2 - Targeted for March/April 2003

–

Extends performance, usability, security and value

Key Features - Everything in FR1 plus ….

– _{New platforms}

– _{Solaris SPARC 9, AIX 5.1 &}_{5.2 and HP-UX 11i}

– _{RSA SecureID support}

– _{Performance tuning and improvements} – _{OpenGL support (limited)}

– _{Browser Improvements}

– _{Shared licenses between subnets} – _{Backup ICA browser support}

– _{ICA Browser packet encryption}

(36)

Feature Release 1 Review

(37)

37

Feature Release 1

Key Features

–

32,767 x 32,767, 24 bit color, multiple monitors

–

NFuse 1.6 feature parity: Filtering, Ticketing, SSL

–

TCP (XML or HTTP) ICA Browser

–

SSL-enabled ICA clients (correct name?)

–

“International” text in user dialogs

–

Client Drive Mapping

–

NIS+ (PAM) Support through NFuse

–

Load Balancing can be tuned to server capacity

–

Parameter Passing to applications

–

Bind ICA Browser to NIC

Key Features

–

32,767 x 32,767, 24 bit color, multiple monitors

–

NFuse 1.6 feature parity: Filtering, Ticketing, SSL

–

TCP (XML or HTTP) ICA Browser

–

SSL-enabled ICA clients (correct name?)

–

“International” text in user dialogs

–

NIS+ (PAM) Support through NFuse

–

Load Balancing can be tuned to server capacity

–

Parameter Passing to applications

(38)

38

Feature Release 1

Other New Features

–

Persistent bitmap caching

–

Palette refresh handling

–

Mouse Click Feedback (a Zero Latency feature)

–

Backing store

–

Task Bar context menus in Seamless Windows

–

Easier use as a proxy

–

Improved system logging

–

Unified session startup script

–

Optional logon without home directory

Other New Features

–

Persistent bitmap caching

–

Palette refresh handling

–

Mouse Click Feedback (a Zero Latency feature)

–

Backing store

–

Task Bar context menus in Seamless Windows

–

Easier use as a proxy

–

Improved system logging

–

Unified session startup script

(39)

8-bit color

16-bit color

Increased Color Depth and Resolution

Many engineering and geology type applications require true color – e.g. CAD, Seismic Analysis

(40)

40

Multiple-monitor Support

Financial, development and CAD application often

have large working areas that are difficult to

contain on even a 20” monitor

Financial, development and CAD application often

have large working areas that are difficult to

(41)

41

SSL Support for ICA

Work securely – from anywhere

Standard ports used

–

Eliminate ‘special’ firewall configurations

Work securely – from anywhere

Standard ports used

–

Eliminate ‘special’ firewall configurations

(42)

Connections

secured by

128-bit SSL

Connections

secured by

128-bit SSL

SSL Support for ICA and NFuse

(43)

See client drives from UNIX applications

(44)

44

Performance Improvements

Overall improved user experience!

Color handling

Graphics optimizations

Eliminate unnecessary graphic redraws

Persistent Bitmap Caching

– _{stores frequently seen bitmap images locally}

Instant changes in the mouse pointer

(45)

45

TCP/IP Browser Support

ICA clients discover servers and applications

– _{Even via the Internet}

XML eliminates the need for UDP broadcasts

ICA over TCP/IP Citrix XML

Protocol

Firewall

ICA Client

(46)

46

Enhanced NFuse Authentication

Authenticate using

–

NIS

–

NIS+

–

LDAP

(47)

47

Enhanced Load Balancing

Tune the allocation of user connections to a

MetaFrame for UNIX server depending on its

capacity.

– _{Balance more users to servers with 4 CPUs than with 2 CPUs}

Load-balanced Load-balanced

(48)

Parameter Passing

Just like on MetaFrame for Windows…

Publish application and add %* to the command line

– _{A published app “text”, command line “/usr/bin/text %*”}

Use the following in appsrv.ini or the .ica file:

– _{InitialProgram=#”text” /home/docs/MyDoc.text}

The parameters passed are interpreted by the shell

– _{Use wildcards and environment variables}

Specifying parameters disables session sharing

Also specify InitialDirectory

– _{From the client or appsrv.ini or .ica file}

Just like on MetaFrame for Windows…

Publish application and add %* to the command line

– _{A published app “text”, command line “/usr/bin/text %*”}

Use the following in appsrv.ini or the .ica file:

– _{InitialProgram=#”text” /home/docs/MyDoc.text}

The parameters passed are interpreted by the shell

– _{Use wildcards and environment variables}

Specifying parameters disables session sharing

Also specify InitialDirectory

(49)

49

International Dialogs

(50)

V1.2 Overview

(51)

New platform support

Sun Solaris 9 – SPARC 9

– _{SPARC v2.6, 2.7 & 8}

HP-UX 11i

– _{HP-UX 11}

IBM AIX 5.1 & 5.2

– _{IBM AIX 4.3.3}

Sun Solaris 9 – SPARC 9

– _{SPARC v2.6, 2.7 & 8}

HP-UX 11i

– _{HP-UX 11}

IBM AIX 5.1 & 5.2

(52)

Subnet License Pooling

Balance connection licenses between subnets

– _{Eliminate the burden of the administrator ‘balancing’}

Allows customers to manage network traffic for MetaFrame with subnets without a licensing penalty

Balance connection licenses between subnets

– _{Eliminate the burden of the administrator ‘balancing’}

Allows customers to manage network traffic for MetaFrame with subnets without a licensing penalty

Load-balanced Load-balanced Applications & Applications & Licenses

(53)

Backup Browser & Encryption

Automatic Browser Promotion

–

Users do not lose their application lists

Encryption between MF servers

–

v1.2 (or greater) servers

–

Protects against snooping MetaFrame

Automatic Browser Promotion

–

Users do not lose their application lists

Encryption between MF servers

–

v1.2 (or greater) servers

(54)

SecureID

SecureID v4.2 & v5.0

– _{Once installed and functioning MF/UNIX will use}

Supports SecureID authentication for tighter

integration and secure communications

SecureID v4.2 & v5.0

– _{Once installed and functioning MF/UNIX will use}

(55)

Interactive Performance Tuning

Administrators control and manage performance

Applications are more interactive – e.g. stock tickers Active screens are smoother and less ‘choppy’

Ability to balance performance with bandwidth needs

Administrators control and manage performance

Applications are more interactive – e.g. stock tickers Active screens are smoother and less ‘choppy’

(56)

Session Reset Management

Better management of disconnect sessions

Attempt to logoff a disc session verses reset

Both disconnect and disclogoff timeouts must be set

for the new functionality to take effect

Better management of disconnect sessions

Attempt to logoff a disc session verses reset

(57)

OpenGL

OpenGL is accelerated graphics presentation

– _{Typically utilized in apps requiring extensive visual displays}

Application in EDA and Oil & Gas sector use OpenGL

– _{CAD, Seismic Analysis}

Server-Side rendering

– _{Very useful for viewing application data} – _{24-bit color}

Limited Support

– _{Not all applications compatible}

– _{Applications doing hardware detection} – _{OpenGL extensions}

Limitations

– _{Limited application compatibility testing}

OpenGL is accelerated graphics presentation

– _{Typically utilized in apps requiring extensive visual displays}

Application in EDA and Oil & Gas sector use OpenGL

– _{CAD, Seismic Analysis}

Server-Side rendering

– _{Very useful for viewing application data} – _{24-bit color}

Limited Support

– _{Not all applications compatible}

– _{Applications doing hardware detection} – _{OpenGL extensions}

Limitations

(58)

X Keysym Extensions

Inclusion of extra keys found on UNIX system.

– _{E.g. Sparc keyboard ‘special’ keys}

– _{Appropriate client support is needed for this feature}

Often UNIX systems have extending key functionality

that is not always supported within the ICA architecture

Inclusion of extra keys found on UNIX system.

– _{E.g. Sparc keyboard ‘special’ keys}

– Appropriate client support is needed for this feature

(59)

ctxXtw.sh Perseverance

Not stepping on current config when

applying updates or hotfixes

– _{ctxXtw.sh live}

– _{ctxXtw-readme.sh – is updated with new comments}

Not stepping on current config when

applying updates or hotfixes

– _{ctxXtw.sh live}

(60)

FR2 licensed features

Features requiring FR2 license to be present

– _{Sharing license between subnets} – _{Backup browser support}

– _{Browser encryption} – _{OpenGL support} – _SecureID

New features in FR2 which don’t require FR2

licenses

– _{Logging off of disconnected sessions}

– _{Interactive performance tuning parameters} – _{Support for AIX 5.1, Solaris 9, and HP-UX 11i} – _{XKeysym extension}

Features requiring FR2 license to be present

– _{Sharing license between subnets} – Backup browser support

– _{Browser encryption} – _{OpenGL support} – _SecureID

New features in FR2 which don’t require FR2

licenses

– _{Logging off of disconnected sessions}

(61)

(62)