• No results found

MetaFrame Secure Access Manager Deployment/Integration Tips and Tricks

N/A
N/A
Info
Download
Protected

Academic year: 2020

Share "MetaFrame Secure Access Manager Deployment/Integration Tips and Tricks"

Copied!
40
0
0

Loading.... (view fulltext now)

Download now ( 40 Page )

Full text

(1)
(2)

MetaFrame Secure Access Manager Deployment/Integration Tips and TricksMetaFrame Secure Access Manager

Deployment/Integration Tips and Tricks

Trey Baumgardner

System Engineer – Dallas Texas

Citrix Systems

Trey Baumgardner

System Engineer – Dallas Texas

(3)

Citrix Confidential

Disclaimer

Some customizations, tips, tricks and info supplied on this power point may not be fully supported by Citrix.Please use the information supplied in this power point

at your own risk.

Download these slides - detailed notes with Reg tweaks etc.

(4)

Agenda

Deployment

Integration

Performance

Configuration and

(5)

Deployment

(6)

Deployment Basics

Uninstall Tech Preview

Update Service Packs and OS Hotfixes

Disable unused Services (windows media, ftp etc)

Single Server Setup (Workgroup or Domain)

Distributed Server Setup (Domain)

Multi-server installation

Web, Agent and State Server

(7)

Citrix Confidential

Architect Your Users/Roles

Avoiding Login Delays

Create a local group

Install a DC for the remote domain

Active directory Universal groups

(8)

State Server Cache

The template file is located in:

c:\Program Files\Citrix\Secure Access Manager\Config\State Server

Cache types

Session

User

Role

Configstore

Group

(9)

Citrix Confidential

Access for Unique Users

What about dial-up and wireless users?

Limit the amount of data on the pages

Limit the size of header graphics

Use fewer CDAs on each page

Publish Access Center on a MetaFrame server

Enhance client side performance

(10)

Time keeps on slipping…..

ICA sessions action counted as idle time

Adjust ICO time

Working in Website Viewer or Embedded applications can count as idle time

Increase session timeout

Synchronize Agent servers time

Bios and OS clocks

Unsynchronized Agent servers can…

User session time-outs counted inaccurately

(11)

Integration

Integrating new ideas….

Integration

(12)

Give your CDA’s Namespaces!!!

Shared action:

<a name="<%=application("cdainstanceid")%>">

At the end of any links to this CDA, or form actions posting to this CDA append #<

(13)

Citrix Confidential

Web Favorites CDA

(14)

Shared Documents CDA

(15)

Citrix Confidential

(16)
(17)

Citrix Confidential

Program Neighborhood CDA

Do not place too many apps in Add menu

(18)
(19)

Performance

Improving the User

Experience

Performance

(20)

Server Profiles

Agent servers are CPU intensive

Performance may be improved with…

Additional processors up to 71% faster!!!

Faster processors

Add additional Agent Servers up to 77% faster!!!

256MB is sufficient

Disk caching vital in State server performance

Lots of MEMORY

Not CPU intensive

Use 15,000 rpm, SCSI-3 disk drive for best performance

Accessing data from memory up to 150% faster

Reg tweak IOPageLockLimit reg key to 4 - 8 MB. The default is 0.5 MB or 512 KB

(21)

Citrix Confidential

Further improving Server Performance

Menu configuration affect Agent server performance

Menus appear on every page

Reduce number of pages and folders

Less than 10 Folders

Reduce pages associated with roles

(22)

Also consider Client Side Performance

Client CPU affects page display

Web Browser processes HTML and JavaScript

Menu processed by JavaScript

Reduce Pages and Folders

Limit number of published applications

(23)

Citrix Confidential

Adjust IIS Bandwidth

Tune/enable Bandwidth Throttling for the Default Web Site

How?

To throttle the bandwidth for the Default Site, right-click on its icon in the IIS

console, select Properties, choose the Performance tab, select "Enable

Bandwidth Throttling," and type in the

maximum number of kilobytes per second (KBps) you want to allow.

Why?

(24)

Tuning the IIS

Accurately set Performance Tuning settings based on hits per day

How

To set the Hit Rate Performance Tuning setting, right click on its icon in the IIS console, select Properties, choose the

Performance tab and move the slider to the range that most accurately described your monitored usage. If this is a new

(25)

Citrix Confidential

Adjust IIS Cache

Tune the size of the IIS5 data cache

How?

HKEY_LOCAL_MACHINE \SYSTEM \ CurrentControlSet \Services \Inetinfo \

Parameters\ MemCacheSize (REG_DWORD) (size set in megabytes)

Why?

(26)

Avoid potential

Bottlenecks

Recommended 5:1 Agent server to Web server ratio with SP1

Monitor MetaFrame servers for excessive CPU utilization

IMAService specifically

Load balance MetaFrame servers

Inadequate MetaFrame Servers can cause delays in Secure Access Manager environment

Never list the data collector or Master ICA Browser as the first server in priority list

Use NIC aggregation technologies or upgrade the network to gigabit technology

(27)

Citrix Confidential

CDA Profiling

The CDA title bar displays execution time in milliseconds and output in bytes

• 1. Stop the Citrix Secure Access Manager State Server service

• 2. Edit the following file:

install_ directory\Config\State Server\Access

CenterNam e\ConfigStore\{\2\{235F25C0-F04D-11D3-8113-00C04F607D9F}&#124;cdsconfig.txt

3. Change the following line:<profile>false</profile>

To:

(28)

Configuration and

Management

(29)

Citrix Confidential

Citrix Service Utility

Use Citrix Service Utility to

change the accounts used for

(30)

NFuse.conf File

Configurations outside the AMC

Timeout

AlternateAddress

EnableServerLoadBalancing

CacheExpireTime

BypassFailedServerDuration

ClientAddressMap

ServerAddressMap

Etc…

(31)

Citrix Confidential

CDA Management

Limit the number of CDAs on a page

Lock down CDAs

“Silo” resource-intensive CDAs on separate pages

Include small number of low-impact CDAs on Home page

Non dynamic data on Home page

(32)

Recovering Data

To recover the server farm configuration data, copy the Config folder from the most recent backup

Use SQL Enterprise Services to Restore backed up databases

(33)

Citrix Confidential

Recovering Virtual Directory

You can regenerate Virtual Directory on Secure Access Manager Webserver

1. In the AMC, right-click the server farm and choose Properties.

2. On the Web Servers tab, clear the check box of the Web server with the problem virtual directory.

3. Click OK.

4. Verify that the virtual directory has been deleted from the Web server. If the directory still exists, delete the

directory manually.

(34)

Import/Export

Moving from a development to production a production environment

Duplicate configurations by exporting and importing with a different name

Portal cannot be overwritten by an imported portal

Users added to the environment individually are exported

Importing portals is resource intensive

(35)

Citrix Confidential

Focus on end user experienceShouldn’t be a liability

Successful deployment draws usersScale as necessary

Read between the linesTEST, TEST, TEST!!!

Special thanks to Jason Maynard, Chong Yi, Kevin Castleman, Chirag Patel and Adam Marano

(36)

Creating Citrix Value-Added Solutions

Get Educated on Citrix Products

Understand full product suite: http://www.citrix.com/products/

Download SDKs and relevant whitepapers from the Citrix Developer Network: http://apps.citrix.com/CDN

• Build Value Add Solutions

Leverage industry standards and tools such as Visual Studio.NET and Web Forms

Leverage SDKs to guide development and test efforts • Post Solution

- Fill out form, and post screen shot, link and/or solution to

http://apps.citrix.com/CDN and www.mycitrix.com

• Other useful sites

- www.dabcc.com

(37)

Citrix Confidential

Questions and Answers

References

Download now ( PPT - 40 Page - 3.18 MB )

Related documents

Detecting Sequence Number Collector Problem in Black Hole Attacks in AODV Based Mobile Adhoc Networks

In order to overcome this defect, a new detection method based on checking the sequence number in the Route Reply message by making use of a new message originated by

Image Denoising Using Curvelet Transform Using Log Gabor Filter

Grace Chang, Student Member, IEEE, Bin Yu, Senior Member, IEEE, and Martin Vetterli, Fellow, IEEE,” Adaptive Wavelet Thresholding for Image Denoising and Compression ,”

Out, Creative and Questioning: Reflexive Self Representations in Queer Youth Homepages

Girls and trans youth are articu- lating young queer self-representa- tions in boldly innovative ways.. Queer girls complicate the very assumptions and categories ofwhat

The Women's Health Movement: Looking Back and Moving Forward

The Commission report itselfwas also lacking in almost any mention of women's health issues and con- cerns (National Coordinating Group on Health Care Reform and Women,

Vulnerabilities of Wireless Security protocols (WEP and WPA2)

Akhil Tiwari will be graduating with a Bachelor's Degree in Engineering in computer science from Veermata Jijabai Technological Institute, Mumbai (India) in 2012. His areas

Hospital Based Responses to Woman Abuse: How Well Are We Doing?

In 1988 Canada launched a four- year Family Violence Initiative (FVI) to address the health, social, and justice issues related to family violence, including woman abuse.. T

The Role of Unpaid Work in Maintaining Individual and Community Health in Atlantic Canada: A Case Study

D e s p i t e these d e m o g r a p h i c changes and changes to and health services, the majority of Parrsboro residents whom we interviewed (84 per cent) report good

MOBILE APPLICATION FOR CANTEEN AUTOMATION SYSTEM USING ANDROID

Canteen automation system is the device where clients order their food and receive meals within the canteen without any delay as they can without delay move and gather what they