Citrix MetaFrame
Citrix MetaFrame
The Complete Picture
The Complete Picture
Citrix MetaFrame
Citrix MetaFrame
The Complete Picture
The Complete Picture
Douglas A. Brown
Douglas A. Brown
Senior Systems Engineer
Senior Systems Engineer
September 9, 2003
September 9, 2003
Douglas A. Brown
Douglas A. Brown
Senior Systems Engineer
Senior Systems Engineer
September 9, 2003
Agenda
Agenda
•
Citrix MetaFrame Overview
Citrix MetaFrame Overview
•
Value Add to Terminal Services 2003 and .NET
Value Add to Terminal Services 2003 and .NET
•
Citrix MetaFrame Suite
Citrix MetaFrame Suite
•
Feature Release 3
Feature Release 3
•
Conferencing Center
Conferencing Center
•
Password Manager
Password Manager
•
Secure Access Manger
Secure Access Manger
•
Secure Gateway Services
Secure Gateway Services
•
The Complete Picture
The Complete Picture
•
Demo
Demo
Vision
Vision
Vision
Vision
Make
Make
information
information
access as easy
access as easy
as a phone call –
as a phone call –
anytime,
anytime,
anyplace, for
anyplace, for
anyone
anyone
Make
Make
information
information
access as easy
access as easy
as a phone call –
as a phone call –
4
The Citrix Core Strategy
The Citrix Core Strategy
Subscribe
Secure Access
Publish
N
et
w
or
ks
Devices
A
pp
lic
at
IT Technology Adoption Resulted in
IT Technology Adoption Resulted in
Architectural Complexity
Architectural Complexity
Monolithic
Host and PC
2-Tier
Client-Server
3-Tier
C/S and Web
N-way
Web Services
Technology in Data Centers
Application
Architectures
??
What’s Next?
•
Server Family
Server Family
–
MetaFrame XP Feature Release 3 for Windows 2000
MetaFrame XP Feature Release 3 for Windows 2000
–
MetaFrame XP Feature Release 1 Windows NT 4.0 TSE
MetaFrame XP Feature Release 1 Windows NT 4.0 TSE
–
MetaFrame 1.2 for Unix (Solaris, HP-UX, IBM-AIX)
MetaFrame 1.2 for Unix (Solaris, HP-UX, IBM-AIX)
•
Web Access Family
Web Access Family
–
Web Interface for Web Application Access
Web Interface for Web Application Access
–
Secure Access Manager for a Single Access point to
Secure Access Manager for a Single Access point to
your environment
your environment
•
Management Family
Management Family
–
Citrix Resource Management Services 1.0
Citrix Resource Management Services 1.0
–
Citrix Installation Management Services 1.0
Citrix Installation Management Services 1.0
–
Secure Gateway for MetaFrame
Secure Gateway for MetaFrame
MetaFrame XP Suite (
Windows Server 2003 & .NET
Windows Server 2003 & .NET
Value Add
What’s New in Windows Server
What’s New in Windows Server
2003 Terminal Services?
2003 Terminal Services?
•
Client drive mapping
Client drive mapping
•
Com port redirection
Com port redirection
•
Slow performance link optimizations
Slow performance link optimizations
•
Load balancing reconnect support
Load balancing reconnect support
•
High quality audio redirection
High quality audio redirection
•
High color, high resolution support
High color, high resolution support
•
Client time zone support
Client time zone support
•
Smart card login support
Smart card login support
•
User Policies
User Policies
Citrix MetaFrame XP
Citrix MetaFrame XP
Windows 2000
Windows 2000
Value-Add
Value-Add
Unparalleled
Manageability & Scale
• Application publishing
• Program Neighborhood®
• Anonymous user support
• Content publishing
• Content redirection
• Novell® NDS® Support
• User Policies
• Delegated Administration
• Centralized mgmt. console
• Connection control
• CPU prioritization
• 1000+ servers in farm
• 1-to-1 Shadowing
• 1-to-M/M-to-1 shadowing
• Cross-server shadowing
• Shadowing indicator
• Auto client printer detection
• Universal print driver
• Auto client update
• Business recovery
• Web-based client install
•Resource-based load balancing
• Load balancing reconnect
• Schedule app availability
• Specify client IP range
• Application monitoring
• Customized billing reports
• Track user access to apps
• Centrally install apps
• Distribute service packs
• Package customized installs
• Integrate with Network Management consoles
Total “Net” Leverage
• NFuse Classic
• Support for multiple farms
• Support for NFuse Elite
Ultimate Flexibility
• Non-Windows client access
• 16-bit audio
• Support for direct asynch
• Com port redirection
• Automatic drive redirection
• Client drive remapping
• SpeedScreen™ 3 compression
• Text-entry Prediction
• Instant Mouse-Click Feedback
• High/true color depth & greater video resolution
• User collaboration
• Panning & scaling (handhelds)
• Slow performance link opt’s
• Pass-through authentication
• Seamless windows
• Multi-monitor support
• Client time zone support
• Application Save Position
End-to-End Security
• Citrix Secure Gateway
• SSL/TLS 128-bit encryption
• Support for digital certificates
• Socks 4 & 5 proxy support
Citrix MetaFrame XP
Citrix MetaFrame XP
Windows Server 2003
Windows Server 2003
Value-Add
Value-Add
Unparalleled
Manageability & Scale
• Application publishing
• Program Neighborhood®
• Anonymous user support
• Content publishing
• Content redirection
• Novell® NDS® Support
• User Policies
• Delegated Administration
• Centralized mgmt. console
• Connection control
• CPU prioritization
• 1000+ servers in farm
• 1-to-1 Shadowing
• 1-to-M/M-to-1 shadowing
• Cross-server shadowing
• Shadowing indicator
• Auto client printer detection
• Universal print driver
• Auto client update
• Business recovery
• Web-based client install
• Resource-based load balancing
• Load balancing reconnect
• Schedule app availability
• Specify client IP range
• Application monitoring
• Customized billing reports
• Track user access to apps
• Centrally install apps
• Distribute service packs
• Package customized installs
• Integrate with Network Management consoles
Total “Net” Leverage
• NFuse Classic
• Support for multiple farms
• Support for NFuse Elite
Ultimate Flexibility
• Non-Windows client access
• 16-bit audio
• Support for direct asynch
• Com port redirection
• Automatic drive redirection
• Client drive remapping
• SpeedScreen™ 3 compression
• Text-entry Prediction
• Instant Mouse-Click Feedback
• High/true color depth & greater video resolution
• User collaboration
• Panning & scaling (handhelds)
• Slow performance link opt’s
• Pass-through authentication
• Seamless windows
• Multi-monitor support
• Client time zone support
•
Application Save Position
End-to-End Security
• Citrix Secure Gateway
• SSL/TLS 128-bit encryption
• Support for digital certificates
• Socks 4 & 5 proxy support
Citrix MetaFrame XP
Citrix MetaFrame XP
Windows Server 2003
Windows Server 2003
Value-Add
Value-Add
Unparalleled
Manageability & Scale
• Application publishing
• Program Neighborhood®
• Anonymous user support
• Content publishing
• Content redirection
• Novell® NDS® Support
• User Policies
• Delegated Administration
• Centralized mgmt. console
• Connection control
• CPU prioritization
• 1000+ servers in farm
• 1-to-1 Shadowing
• 1-to-M/M-to-1 shadowing
• Cross-server shadowing
• Shadowing indicator
• Auto client printer detection
• Universal print driver
• Auto client update
• Business recovery
• Web-based client install
• Resource-based load balancing
• Load balancing reconnect
• Schedule app availability
• Specify client IP range
• Application monitoring
• Customized billing reports
• Track user access to apps
• Centrally install apps
• Distribute service packs
• Package customized installs
• Integrate with Network Management consoles
Total “Net” Leverage
• NFuse Classic
• Support for multiple farms
• Support for NFuse Elite
Ultimate Flexibility
• Non-Windows client access
• 16-bit audio
• Support for direct asynch
• Com port redirection
• Automatic drive redirection
• Client drive remapping
• SpeedScreen™ 3 compression • Text-entry Prediction
• Instant Mouse-Click Feedback
• High/true color depth & greater video resolution
• User collaboration
• Panning & scaling (handhelds)
• Slow performance link opt’s
• Pass-through authentication
• Seamless windows
• Multi-monitor support
• Client time zone support
• Application Save Position
End-to-End Security
• Citrix Secure Gateway
• SSL/TLS 128-bit encryption
• Support for digital certificates
• Socks 4 & 5 proxy support
• Smart card support
Plus Future
MetaFrame XP
Feature and
Key Features Supplied
Key Features Supplied
by MetaFrame XP…
by MetaFrame XP…
•
…
…
for Enterprise Customers
for Enterprise Customers
–
Server farms > 32 servers
Server farms > 32 servers
–
Resource-based load balancing
Resource-based load balancing
–
Cross-server shadowing
Cross-server shadowing
–
Advanced Printer Management & Universal print driver
Advanced Printer Management & Universal print driver
•
…
…
for ALL Customers, Including Workgroups
for ALL Customers, Including Workgroups
–
Application publishing
Application publishing
–
Push application icons to desktop (Program
Push application icons to desktop (Program
Neighborhood) or Web page (NFuse Classic)
Neighborhood) or Web page (NFuse Classic)
–
Centralized SSL gateway (CSG)
Centralized SSL gateway (CSG)
–
Non-Windows clients (Mac, Java, UNIX, Linux, etc.)
Non-Windows clients (Mac, Java, UNIX, Linux, etc.)
–
Advanced usability features:
Advanced usability features:
•
Seamless windows
Seamless windows
•
Panning & scaling for handhelds
Panning & scaling for handhelds
•
SpeedScreen latency reduction
SpeedScreen latency reduction
•
Pass-through authentication
Pass-through authentication
Citrix MetaFrame
Citrix MetaFrame
Feature Release 3
MetaFrame FR3 Feature Highlights
MetaFrame FR3 Feature Highlights
•
Speed
Speed
–
SpeedScreen Browser Acceleration
SpeedScreen Browser Acceleration
- .jpg, gif files
- .jpg, gif files
–
Reduce Farm Deployment time
Reduce Farm Deployment time
–
Lightweight Active X Client
Lightweight Active X Client
•
Simplicity
Simplicity
–
Simplified License Activation
Simplified License Activation
–
Enhanced print driver compatibility
Enhanced print driver compatibility
and control
and control
–
Universal Print Driver II (color and
Universal Print Driver II (color and
increased resolution)
increased resolution)
–
CMC enhancements – search, Farm
CMC enhancements – search, Farm
summary screen, instant desktop
summary screen, instant desktop
–
PN Agent as pass-thru client
PN Agent as pass-thru client
–
WMI and MOM Health Pack
WMI and MOM Health Pack
–
Improved server monitoring, control,
Improved server monitoring, control,
billing and alerting
billing and alerting
–
Blade Server integration (HP/CPQ/Dell)
Blade Server integration (HP/CPQ/Dell)
•
Speed
Speed
–
SpeedScreen Browser Acceleration
SpeedScreen Browser Acceleration
- .jpg, gif files
- .jpg, gif files
–
Reduce Farm Deployment time
Reduce Farm Deployment time
–
Lightweight Active X Client
Lightweight Active X Client
•
Simplicity
Simplicity
–
Simplified License Activation
Simplified License Activation
–
Enhanced print driver compatibility
Enhanced print driver compatibility
and control
and control
–
Universal Print Driver II (color and
Universal Print Driver II (color and
increased resolution)
increased resolution)
–
CMC enhancements – search, Farm
CMC enhancements – search, Farm
summary screen, instant desktop
summary screen, instant desktop
–
PN Agent as pass-thru client
PN Agent as pass-thru client
–
WMI and MOM Health Pack
WMI and MOM Health Pack
–
Improved server monitoring, control,
Improved server monitoring, control,
billing and alerting
billing and alerting
–
Blade Server integration (HP/CPQ/Dell)
Blade Server integration (HP/CPQ/Dell)
eXPerience
–
.Net Server support
–
Theme (e.g. “Luna”) support
for Seamless
–
Seamless in Java Client
–
SecurID Integration with
NFuse Classic
–
Columbia enhancements
–
FIPS 140 – crypto modules
–
Improved Security - No
storing of credentials in ESN
DB
–
Mac OS X client support
–
More descriptive error codes
eXPerience
–
.Net Server support
–
Theme (e.g. “Luna”) support
for Seamless
–
Seamless in Java Client
–
SecurID Integration with
NFuse Classic
–
Columbia enhancements
–
FIPS 140 – crypto modules
–
Improved Security - No
storing of credentials in ESN
DB
–
Mac OS X client support
Citrix Universal Print Driver II
Citrix Universal Print Driver II
•
HP LaserJet 4500
HP LaserJet 4500
Driver
Driver
•
PCL5c engine
PCL5c engine
including HPGL/2
including HPGL/2
support
support
•
Client-side rasterizer
Client-side rasterizer
•
Up to 600 dpi
Up to 600 dpi
•
Color
Color
SpeedScreen Browser Acceleration
SpeedScreen Browser Acceleration
Supported published
Supported published
applications:
applications:
•
Internet Explorer
Internet Explorer
5.5 and higher
5.5 and higher
•
Outlook and
Outlook and
Outlook Express
Outlook Express
Improving the
user experience
when browsing
HTML content.
Improved
bandwidth
efficiency JPEG
Win32 Client Version 7.0
Win32 Client Version 7.0
•
New ActiveX control packages
New ActiveX control packages
•
Auto Client Reconnect
Auto Client Reconnect
improvements
improvements
•
Custom Window shapes
Custom Window shapes
•
Dynamic client name support –
Dynamic client name support –
updated if machine name
updated if machine name
changes
changes
•
“
“
Headless” client support
Headless” client support
•
Program Neighborhood Agent
Program Neighborhood Agent
as the Pass-through client
as the Pass-through client
ICA Client 7.0 – Connect/Reconnect
ICA Client 7.0 – Connect/Reconnect
•
When connecting to a
When connecting to a
seamless App, the user
seamless App, the user
will see feedback of what
will see feedback of what
is happening in the
is happening in the
background.
background.
•
Will not display
Will not display
unnecessary or
unnecessary or
confusing windows.
Why so many internet clients?
Why so many internet clients?
Different customers have different needs
Different customers have different needs
•
Requires Citrix Web Interface or Application
Requires Citrix Web Interface or Application
Launching and Embedding (ALE)
Launching and Embedding (ALE)
•
Ica32t.exe
Ica32t.exe
is an self extracting executable that has all
is an self extracting executable that has all
the virtual drivers (Default Web client – no PN
the virtual drivers (Default Web client – no PN
interface)
interface)
•
Wficat.cab
Wficat.cab
(Thin) is an identical feature set of
(Thin) is an identical feature set of
ica32t.exe, but uses an INF file to instruct IE how to
ica32t.exe, but uses an INF file to instruct IE how to
install and uninstall with no setup program
install and uninstall with no setup program
•
Wficac.cab
Wficac.cab
(Core) is a smaller non-fully featured client
(Core) is a smaller non-fully featured client
when some features are not necessary and a smaller
when some features are not necessary and a smaller
size (quicker download) is required.
size (quicker download) is required. (Upgrade for the
(Upgrade for the
old .779 client)
Citrix Java
Citrix Java
ICA
ICA
Client 7.0
Client 7.0
•
Seamless support with Session Sharing
Seamless support with Session Sharing
•
Improved Client Drive Mapping Performance
Improved Client Drive Mapping Performance
•
Improved Client Printer Mapping Performance
Improved Client Printer Mapping Performance
•
Enhanced XML Error messages for troubleshooting
Enhanced XML Error messages for troubleshooting
•
Reconnection to arbitrary sized sessions
Reconnection to arbitrary sized sessions
•
Content Redirection (Server-to-client)
Content Redirection (Server-to-client)
•
Support for INS files (analogous to proxy auto-config
Support for INS files (analogous to proxy auto-config
(PAC) files)
(PAC) files)
•
Updated SSL library for smaller cab file size
Updated SSL library for smaller cab file size
Extending the functionality of the zero
Java client
Java client
Seamless and Session Sharing now Supported!
Web Improvements
Web Improvements
Web Improvements
The Web Interface for Metaframe XP
The Web Interface for Metaframe XP
•
Multi-Farm Support with Single Set of Credentials
Multi-Farm Support with Single Set of Credentials
•
Multi-Site Support on single web server (For JSP version
Multi-Site Support on single web server (For JSP version
only)
only)
•
RSA SecurID support
RSA SecurID support
•
Drop down choice of login domains
Drop down choice of login domains
•
FIPS 140
FIPS 140
•
Auto Proxy Support for ICA Win32 and ICA Java Clients
Auto Proxy Support for ICA Win32 and ICA Java Clients
•
Private Certificate Authority support with the Java ICA
Private Certificate Authority support with the Java ICA
Client.
Client.
Integrating Project Columbia
Features and providing higher
WAR file support
WAR file support
•
WAR File Support
WAR File Support
(Web Archives) files are single file
(Web Archives) files are single file
archives containing all the resources required to run an
archives containing all the resources required to run an
application written in JSP/Java servlet technology.
application written in JSP/Java servlet technology.
•
Using WAR files, installation across many platforms is
Using WAR files, installation across many platforms is
less complex. WAR files can be installed on any
less complex. WAR files can be installed on any
compliant Web server on any operating system (such as
compliant Web server on any operating system (such as
Solaris, Linux, and Microsoft Windows).
Solaris, Linux, and Microsoft Windows).
•
WAR file support allows you to install multiple
WAR file support allows you to install multiple
Nfuse Classic Web sites on a single Web server
Nfuse Classic Web sites on a single Web server
.
.
Program Neighborhood Agent
Program Neighborhood Agent
Admin Utility
Admin Utility
Helping administrators reduce the time
to setup the Program Neighborhood Agent clients.
http://localhost/Citrix/PNAgentAdmin/
• Administrator can
configure all PN Agent
settings from a web page
• Interface to config.xml
Simplified License Activation
Simplified License Activation
•
Ability to add and activate multiple licenses using new
Ability to add and activate multiple licenses using new
“mlicense” command line tool
“mlicense” command line tool
•
Mlicense takes a text file containing license strings as input
Mlicense takes a text file containing license strings as input
and generates an xml file containing license strings and
and generates an xml file containing license strings and
machine codes as output
machine codes as output
•
The Admin uploads the xml file into CAS which generates a
The Admin uploads the xml file into CAS which generates a
new file containing activation codes
new file containing activation codes
•
Mlicense takes new xml file and uses it to activate licenses
Mlicense takes new xml file and uses it to activate licenses
•
Mlicense can also take a snapshot of license strings for
Mlicense can also take a snapshot of license strings for
disaster recovery purposes
disaster recovery purposes
Citrix MetaFrame
Citrix MetaFrame
Conferencing Center
Conferencing Center
“
“
Real Time Collaboration”
Real Time Collaboration”
Citrix MetaFrame
Citrix MetaFrame
Conferencing Center
Conferencing Center
“
Sound Familiar?
Sound Familiar?
•
What’s the dial in?
What’s the dial in?
•
Who is currently dialed in?
Who is currently dialed in?
•
I don’t have that document?
I don’t have that document?
•
I need a copy of the presentation?
I need a copy of the presentation?
Lost Decisions
Lost Decisions
•
Multiple document copies
Multiple document copies
•
Merge into a ‘final’ document
Merge into a ‘final’ document
•
Overlapping feedback
Overlapping feedback
Business Meeting Needs
Business Meeting Needs
•
Easily and quickly coordinate meetings
Easily and quickly coordinate meetings
•
Content immediately distributable
Content immediately distributable
•
Capture Key Decisions
Capture Key Decisions
•
Manage attendees
Manage attendees
Auto-hide menu bar –
Switch Between Full
Screen and Window, Leave
Meeting, View attendee list,
meeting description and
available applications
Attendee List, Meeting Description
and Available Applications –
Access via Auto-hide menu bar
Citrix MetaFrame Password Manager
Citrix MetaFrame Password Manager
“
“
Single Sign-on”
Single Sign-on”
Citrix MetaFrame Password Manager
Citrix MetaFrame Password Manager
“
Password Management Problems
Password Management Problems
End-User Problems
End-User Problems
•
Numerous passwords
Numerous passwords
•
Password change policies
Password change policies
•
Forgotten passwords
Forgotten passwords
•
Store passwords in insecure places
Store passwords in insecure places
Problems for Employers
Problems for Employers
•
Reduced security
Reduced security
•
Reduced productivity
Reduced productivity
Password Manager Components
Password Manager Components
Sync
Push
Administration Console
Administration Console
• Application Configurations
• Controls All Agent Settings
• Agent First Time Use Settings
• No Manual Scripting Required
SSO Agent
SSO Agent
• Responds to login event
• Web, Windows or Legacy applications
Bimini Config SSO Client Settings SSO Enterprise Application Configs SSO FTU Settings People Secrets user1 Bimini Config SSO Client Settings SSO Enterprise Application Configs SSO FTU Settings People Secrets user1
Directory
Sample Configurations
Sample Configurations
= SSO Agent
MetaFrame XP
MetaFrame XP
Server-based
Server-based
Applications
Applications
Pure
Pure
MetaFrame
MetaFrame
Deployed
Deployed
Pure
Pure
MetaFrame
MetaFrame
Deployed
Deployed
Desktop Desktop Desktop DesktopMetaFrame XP
MetaFrame XP
Server-based Applications
Server-based Applications
+
+
Local Applications
Local Applications
Hybrid
Hybrid
Deployment
Deployment
Hybrid
Hybrid
Deployment
Deployment
Uniquely Able to Address Complex
Uniquely Able to Address Complex
MetaFrame Configurations
MetaFrame Configurations
Uniquely Able to Address Complex
Uniquely Able to Address Complex
MetaFrame Configurations
Single Point of Access
Single Point of Access
•
Delivers the entire enterprise with a single point of
Delivers the entire enterprise with a single point of
access
access
–
Applications
Applications
–
Content
Content
Role-based Access
Role-based Access
•
Access is based on an employee’s role
Access is based on an employee’s role
•
Administrators can tailor access to applications
Administrators can tailor access to applications
and content. For example, Sales Dashboard
Personal Access
Personal Access
•
Users can personalize their environment
Users can personalize their environment
–
Content
Content
–
Page layout
Page layout
–
Colors
Colors
Fully Secure Internet Connectivity
Fully Secure Internet Connectivity
•
Provides standards-based encryption over the Internet
Provides standards-based encryption over the Internet
•
Protects traffic between the client and server
Protects traffic between the client and server
–
Application traffic
Application traffic
Citrix MetaFrame
Citrix MetaFrame
Secure Gateway
Secure Gateway
Citrix MetaFrame
Citrix MetaFrame
Secure Gateway
Secure Gateway Today
Secure Gateway Today
Internet
Secure Gateway
Web Interface
STA
3rd Party Auth
MetaFrame XP Server
Farm Internet
Explorer and ICA
Client
Port 443
Port 1494
Single DMZ Design
Single DMZ Design
Internet
Secure Gateway
Logon Agent Authorization Service +
STA
3rd Party Auth
MetaFrame Secure Access Manager MetaFrame
XP Server Farm
HTTP(S) ICA
Internet Explorer
Single DMZ Design with Gateway
Single DMZ Design with Gateway
Client
Client
Internet
Secure Gateway
Logon Agent
Authorization Service +
STA
3rd Party Auth
MetaFrame Secure Access Manager MetaFrame
XP Server Farm
HTTP(S) ICA
Internal Web Servers Internet
Explorer and ICA
Client
Single DMZ Design MetaFrame XP
Single DMZ Design MetaFrame XP
Only
Only
Internet
Secure Gateway
Web Interface STA
3rd Party Auth
MetaFrame XP Server
Farm
HTTP(S) ICA
Internet Explorer
Double DMZ Design with Gateway
Double DMZ Design with Gateway
Client
Client
Internet
Secure Gateway Logon Agent Authorization Service + STA3rd Party Auth
Double DMZ Design with
Double DMZ Design with
MetaFrame XP
MetaFrame XP
Internet
Secure Gateway
Web Interface
STA
3rd Party Auth
MetaFrame XP Server
Farm
HTTP(S)
ICA/Secure ICA
Internet Explorer
and ICA
The Complete Picture
Typical Citrix Employee
Typical Citrix Employee
Company
Documentation and Knowledge
Resource Utilization Market Analytics
and Reports
Company Analytics and Reports
Application Set (ICA enabled Desktop)
People and Employees Various Intranet
Demo
Demo
&
&
Conclusion
So What Does All This Mean?
So What Does All This Mean?
•
Citrix MetaFrame Offers
Citrix MetaFrame Offers
Simple Access to all
Simple Access to all
your everything from
your everything from
anywhere!
?