Citrix® MetaFrame XP™ Server for Windows® with Feature Release 3 Theme and Scope Feature Release 3 will focus on:

Feature Release 3

for

Citrix® MetaFrame XP™ Server for

Windows®

Feature Release 3

for

Citrix® MetaFrame XP™ Server for

Windows®

Norm Erlendson

Citrix Confidential

Agenda

•

Feature Release Development

•

Windows Server 2003 (Formerly .Net server)

•

Feature Release 3 Highlights

•

Availability

Citrix® MetaFrame XP™ Server for

Windows® with Feature Release 3

Theme and Scope

Feature Release 3 will focus on:

Feature Release 3 will focus on:

Simplicity

Speed

Experience

For both end users and

administrators

Easier to deploy, use

and manage

Improve overall user

perception of the

product – usability

=

=

Citrix Confidential

Citrix Product Delivery Process

•

Modular approach to software delivery

•

Deliver Feature Releases on a yearly basis

(1 or 2 per year)

•

Deliver Platform Releases based on new

operating system releases (18 - 24 months)

Provide Feature Releases as part of

subscription value

Applications Information Content

Identity Management

Roaming Users Collaboration

Enterprise Access

Citrix Confidential Enterprise

Access

Easy To Understand Product Suite

Citrix®

MetaFrame XP ™ Servers

Citrix® MetaFrame® Secure Access

Manager

Project “Bimini”

Future Project Project

Development Cycle

FR2 FR2

• Windows Installer Support

• Enhanced Citrix Management Console

• Delegated Administration

• User Policies

• Enhanced System Monitoring & Analysis

• Enhanced Application Packaging & Delivery

• Enhanced Citrix Web Console

• Server Farm Health Alerting

• NFuse Classic 1.7

• Enterprise Services for Nfuse

• New Java ICA Client 6.30

• Improved ICA Performance

• Content Redirection

• Enhanced Content Publishing

• User Collaboration

• Roaming User Reconnect

• Printing Improvements

• IBM DB2 Support

• Novell Integration Notes

• Citrix Secure Gateway 1.1

• Smart Card Ready

• Expanded Internet Proxy Support

• TLS Encryption

FR1

FR1

• SSL Support for ICA

• NDS® Support

• Program Neighborhood® Agent

• Citrix Universal Print Driver

• Content Publishing

• Citrix Web Console

• Improved Printing Performance

• Improved ThinWire Performance

• Auto Client Reconnect

• Enhanced CMC

• Connection Control (MetaFrame XPa & XPe only)

• CPU Prioritization (MetaFrame XPa & XPe only)

• ICA Session Monitoring (MetaFrame XPe only)

• Enhanced Application Packaging and Delivery (MetaFrame XPe only)

• CA Unicenter TNG® Plug-in (MetaFrame XPe only

FR1 FR1

• SSL Support for ICA

• NDS® Support

• Program Neighborhood® Agent

• Citrix Universal Print Driver

• Content Publishing

• Citrix Web Console

• Improved Printing Performance

• Improved ThinWire Performance

• Auto Client Reconnect

• Enhanced CMC

• Connection Control (MetaFrame XPa & XPe only)

• CPU Prioritization (MetaFrame XPa & XPe only)

• ICA Session Monitoring (MetaFrame XPe only)

• Enhanced Application Packaging and Delivery (MetaFrame XPe only)

Citrix Confidential

Citrix and Windows Server 2003

•

Citrix® MetaFrame XP™

Server for Windows® with

Feature Release 3

– XPs/a/e run on Windows Server 2003

•

Component Support



Web Interface for

MetaFrame XP™



Web Interface Extension for

MetaFrame XP™



Secure Gateway for

Windows Server 2003

How it delivers

Improves Productivity

Improves Productivity

Dependable

Dependable ConnectedConnected

Role

Role

 _{Proactive security,}

PKI, Kerberos

 _{Improved scalability,}

Availability, Reliability

 2x performance

 _{Active Directory}

simplification

 _{Automation w/ improved}

policy, scripting, wizards

 Easier deployment and

software updating

 _{Trust connections}

between Active Directory forests

 _{Simple wireless,}

VPN and

embedded firewall

 _{Easy application}

creation

 _{.NET Framework}

integrated

 _{Novice to expert}

management tools

 _{Secure Web Server}

(IIS6)

 _{New IIS6 adds order of}

magnitude scalability

 _{WebBench up}

120-165%

 _{Enterprise UDDI}

Services

 _{SOAP-enable COM}

apps

 _{Easy to create}

mobile applications

 _{Windows Media}

Services-2x users supported

 _{SharePoint Team}

Services*

 _{Real Time}

Communications*

 _{Shadow Copy Restore}  Local resource access

for Terminal Server Sessions

 _{“No touch” VPN, RAS,}

PKI setup

 _{Intelligent reconnect}

for RAS, Windows Media

 _{100-140% faster file}

service

 More TS sessions

IT

IT

Infrastructure

InfrastructureIT IT

Citrix Confidential

Windows Server 2003 – TS

Management Features

• Terminal Services settings for GPO - configuration of groups of servers simultaneously.

• Windows Management Instrumentation (WMI) provider – allows scripted configuration of Terminal Services

settings. WMI aliases are included to provide a simple front end for frequently used WMI tasks.

• Active Directory Service® Interface (ADSI) provider -

programmatic access to per-user, Terminal Services profile settings

• Terminal Server License Manager - easier to activate a Terminal Server license server

• Remote Desktop Users Group - simply make users members of the Remote Desktop Users (RDU) group.

Citrix® MetaFrame XP™ Server for

Windows® with Feature Release 3

Citrix® MetaFrame XP™ Server for

Windows® with Feature Release 3

Feature Highlights

Citrix Confidential

SpeedScreen Browser Acceleration

Supported published

applications:

•

Internet Explorer 5.5

and higher

•

Outlook and Outlook

Express

Improving the

user experience

when browsing

HTML content.

Improved

bandwidth

efficiency JPEG

SpeedScreen Browser Acceleration –

Why?

•

Poor responsiveness of the ICA Client

•

The inability to stop a Web page or image from

being loaded once it has started loading

•

The inability to scroll or interact with a page or

image once it has started loading

•

Poor scrolling performance

•

Slow page display times when compared with a

local browser on an equivalent connection

Typical problems experienced when using Internet

Explorer on MetaFrame in a bandwidth-restricted

Citrix Confidential

Speedscreen Browser Acceleration

ICA

Transport

Protocol

Client Drive Mapping ICA Display

Client LPT Port Mapping

Downstream Audio

ICA

Protocol

can support

for up to 32

virtual

channels

Background Image Delivery

New

Channel

Features of Speedscreen Browser

Acceleration

1. Background Image Delivery - images from the server are transferred to the ICA Client in their native

(compressed) format using a new virtual channel.

2. Progressive Drawing - images begin to appear on the client before the image has downloaded completely. Applies to JPEG images only.

The longer that it will take an image to transfer to the client, the greater the likelihood that the image will be drawn progressively

3. Responsive Scrolling - users are free to scroll the page before any image content has been delivered for that page .

Images are not resent during a scroll operation; instead, a reference to the previously downloaded image is sent.

Citrix Confidential

SpeedScreen Browser Acceleration

•

Compress –

select for low

bandwidth

(lower image

quality)

•

When to

compress –

available

bandwidth

determines

compression

level to a max

or not at all

Set on a per farm or per server basis

Dynamic

JPEG image recompression

 = 65% reduction in bandwidth consumption.

 On a 28kbps connection, the original image will take 7.4

seconds to download, while the compressed image will take only 2.56 seconds.

Original Image

High Compression

Citrix Confidential

SpeedScreen Browser Acceleration

Speed Screen Browser Acceleration does not work when Macromedia Flash or Shockwave content is located on a page. All images on these pages are drawn in Legacy mode

Allow or

disallow the

appearance

of Flash

Citrix® MetaFrame XP™ Server for

Windows® with Feature Release 3

Citrix® MetaFrame XP™ Server for

Windows® with Feature Release 3

Printing Improvements

Citrix Universal Print Driver II

•

HP LaserJet 4500

Driver

•

PCL5c engine

including HPGL/2

support

•

Client-side rasterizer

•

Up to 600 dpi

•

Color

Citrix Confidential

UPD II Client and Sever Interaction

FR3 Server

1. User Hits Print in Client Session

2. Server Gets print command, and uses the native Windows HP Color LaserJet 4500 Driver to create a PCL5c file.

3. Server Transfers PCL5c file that it generated to the client.

4. Client now understands how to translate PCL5c that gets generated from HP 4500 driver. Client translates the PCL5c into a bitmap, which it

sends to the printer.

Autocreate Network Printers

• In FR2 and prior releases, we automatically attempt to

install the named client printer driver from the

Windows driver.cab file for printer autocreation.

• Driver auto-install has been extended to auto-created Network printers as well.

• Auto created network

printers install their drivers during login

• During login, the

auto-created client printers are checked against the driver compatibility list of printers restricted by the

administrator.

Citrix Confidential

Citrix® MetaFrame XP™ Server for

Windows® with Feature Release 3

Citrix® MetaFrame XP™ Server for

Windows® with Feature Release 3

License Improvements

Citrix Confidential

Simplified License Activation

• “Mlicense” command line tool

• Add and activate multiple licenses on XP FR1/2/3 servers

• Citrix Activation System handles multiple licenses

• Backup licenses with “mlicense”

• Details available now from the Knowledgebase! - CTX764288

The Process

Citrix CAS system

1&2. License

file MessageXML

XML file

Datastore

1. Create text file with licenses

2. Mlicense – adds

licenses to datastore

3. Mlicense – outputs to XML file

4. Upload XML file to Citrix

5. Download XML result file

6. Mlicense to insert activated

3&4. Upload

5. Download

Citrix Confidential

Citrix Confidential

Mlicense - Extract

•

Extract unactivated licenses from the

Citrix® MetaFrame XP™ Server for

Windows® with Feature Release 3

Citrix® MetaFrame XP™ Server for

Windows® with Feature Release 3

Administration Improvements

Citrix Confidential

The Management Console for MetaFrame

XP™

menu Improvements!

•

Easier and quicker administration!

•

Removal of Tabs – as administration features

are added, the number of properties for an

object increases in the management console.

FR3 now uses a new easier to use layout.

Management Console – Performance

improvements

•

Management Console Performance

enhancement using JRE 1.4

•

Immediate scalability and

Citrix Confidential

Management Console Navigation

•

Improved navigation

–

Navigate to an item by

typing the first few letters

–

“Details” view persists

through multiple

Management Console Summary

Total

Counts of

Object are

displayed

in the

Citrix Confidential

Management Console Launch Desktop

Perform remote

Management Console Enhancements

(cont.)

• Farm Summary screen

• ICA Keep-alives setting so the MetaFrame server can recognize broken ICA sessions and take appropriate action

– \HKEY_LOCAL_MACHINE\SYSTEM\ CurrentControlSet\Control\Citrix\ IcaEnableKeepAlive DWORD \

HKEY_LOCAL_MACHINE\SYSTEM\ CurrentControlSet\Control\Citrix\ IcaKeepAliveInterval DWORD

Citrix Confidential

MSDE Support

• Microsoft SQL Server 2000 Desktop Engine (MSDE 2000) -

Enterprise applications require scalability, robustness, and security, which can be obtained with MSDE or SQL Server, but not with Jet

• Citrix recommends MSDE for small to mid-sized server farms – sizing guidelines to be released

• MSDE with Service Pack 3 is included on the MetaFrame CD.

• Access can be migrated to MSDE

• MS five concurrent workload throttle – indirect access recommended

• Support for single- and dual-processor desktop computers,

MSDE 2000 is a reliable storage engine and query processor for desktop extensions of enterprise applications.

Other Improvements…

•

WMI Provider and MOM Management Pack

•

Oracle 9i for Solaris and 9.2 for Windows support

for the Data Store

•

ICA Client 6.30 for Mac OS X

•

DS read/write optimizations and overall

performance gains

• IMA Start Time on all servers

• LHC Recreation Time

• Printer Driver Replication

• Time to Add License Packs

Client Improvements

Available Client Packages Types

•

Program Neighborhood

–

Ica32.exe

–

Ica32.msi

–

Wfica.cab

•

Program Neighborhood Agent

–

Ica32a.exe

–

Ica32a.msi

•

Internet Client

Citrix Confidential

MSI, EXE, CAB ?

•

MSI is useful as an install method on

modern operating systems. It also allows

for deployment through ADS or SMS

•

EXE is useful as install method on older OS

(Win9x. NT4.0) that don’t have Windows

Installer

Program Neighborhood

Program Neighborhood

Full Client

Full Client

• _{Contains Program}

Neighborhood as a mechanism of

enumerating Published applications or

creating custom connections

• _{Contains all Transport}

Drivers

Program Neighborhood Agent

• _{Contains Program}

Neighborhood Agent as a method of

enumerating published applications

• _{Alternative to a}

browser interface for application access

• _{Requires Web Interface}

• _{Supports only TCP}

Transport Drivers

Program Neighborhood Agent

• _{Contains Program}

Neighborhood Agent as a method of

enumerating published applications

• _{Alternative to a}

browser interface for application access

• _{Requires Web Interface}

• _{Supports only TCP}

Transport Drivers

Internet Client

• _{Contains no}

mechanism of enumerating applications must use a browser

• _{Requires Web}

Interface or

HTML wizard to publish links (ALE)

• _{Requires IE 5}

or Netscape 5 and up

• _{Contains only}

the TCP Transport

Internet Client

• _{Contains no}

mechanism of enumerating applications must use a browser

• _{Requires Web}

Interface or

HTML wizard to publish links (ALE)

• _{Requires IE 5}

or Netscape 5 and up

• _{Contains only}

Citrix Confidential

Why so many internet clients?

Different customers have different needs

• Requires Citrix Web Interface or Application Launching and Embedding (ALE)

• Ica32t.exe is an self extracting executable that has all the virtual drivers (Default Web client – no PN

interface)

• Wficat.cab (Thin) is an identical feature set of

ica32t.exe, but uses an INF file to instruct IE how to install and uninstall with no setup program

Features removed from ActiveX - wficac.cab

•

Zero latency

•

Font manager

•

Client Audio mapping

•

*Universal printer driver

•

Client COM port mapping

•

Netscape plug-in

•

Protocol driver (128-bit Secure ICA Dll)

•

Protocol driver (old compression Dll, not the new

reducer)

•

Auto-client update

Client Size 7.0 client

=======

•wfica.cab is 3.5 MB

•wficat.cab is 1.8 MB

•wficac.cab is 1.0 MB

Features

Not

Included:

Citrix Confidential

Win32 Client Version 7.0

• New ActiveX control packages

• Auto Client Reconnect improvements

• Custom Window shapes

• NTLM Proxy Authentication

• Dynamic client name support – updated if machine name changes

• “Headless” client support

• Certificate Revocation List checking

• Program Neighborhood Agent as the Pass-through client

ICA Client 7.0 – Connect/Reconnect

•

When connecting to a

seamless App, the user

will see feedback of what

is happening in the

background.

•

Will not display

Citrix Confidential

– Support for Windows XP themes such as “Luna”

e.g. Windows

Media Player

9

FR2 Introduced Proxy Server Support

• FR2 - Proxy server enhancements

• Secure proxy traversal

• Auto proxy detection

• PAC script support

• INS script support

• Proxy server authentication

Issue: Some secure proxy servers, such as Microsoft Internet Security and Acceleration (ISA) Server, require Integrated Windows (NTLM) authentication.

The 6.30 ICA clients do not support NTLM authentication. Internet

Citrix Confidential

Win32 7.0 Client NTLM Support

• The ICA client will use the default credentials of the currently logged on NT user first, if the proxy server refuses the credential, a credential input dialog box will pop up asking user to input credentials. This dialog box will be the same as the one used in Basic Authentication.

• This feature is client side only.

• The ICA client will use the default credentials of the

currently logged on NT user first, if the proxy server refuses the credential, a credential input dialog box will pop up asking user to input credentials. This dialog box will be the same as the one used in Basic Authentication.

Citrix Java



ICA



Client 7.0

•

Seamless support with Session Sharing

•

Improved Client Drive Mapping Performance

•

Improved Client Printer Mapping Performance

•

Enhanced XML Error messages for troubleshooting

•

Reconnection to arbitrary sized sessions

•

Content Redirection (Server-to-client)

•

Support for INS files (analogous to proxy auto-config

(PAC) files)

•

Updated SSL library for smaller cab file size

Extending the functionality of the zero

Citrix Confidential

Java client

Web Improvements

Citrix Confidential

The Web Interface for Metaframe XP

•

Multi-Farm Support with Single Set of Credentials

•

Multi-Site Support on single web server (For JSP version

only)

•

RSA SecurID support

•

Drop down choice of login domains

•

FIPS 140

•

Auto Proxy Support for ICA Win32 and ICA Java Clients

•

Private Certificate Authority support with the Java ICA

Client.

Integrating Project Columbia

Features and providing higher

MultiFarm Support

• Like Columbia, the Web Interface can aggregate farms when the user's credentials are valid in all farms

• When the user needs one password for Farm A and a different password for Farm B, you will require the Web Interface Extension

Citrix Confidential

WAR file support

•

WAR File Support

(Web Archives) files are single

file archives containing all the resources required to

run an application written in JSP/Java servlet

technology.

•

Using WAR files, installation across many platforms is

less complex. WAR files can be installed on any

compliant Web server on any operating system (such

as Solaris, Linux, and Microsoft Windows).

•

WAR file support allows you to install multiple

Nfuse Classic Web sites on a single Web server

.

•

IIS not supported as JSP support is required (e.g.

RSA Screen

•

To use SecurID authentication, the Web

Interface for Metaframe must be running on IIS.

Citrix Confidential

Web Interface Admin Tool

• The Admin tool is on Windows/IIS machines, and requires Internet Explorer version 5.0 or later.

Program Neighborhood Agent Admin

Utility

Helping administrators reduce the time

to setup the Program Neighborhood Agent clients.

http://localhost/Citrix/PNAgentAdmin/

• Administrator can

configure all PN Agent

settings from a web page

• Interface to config.xml

Citrix Confidential

PN Agent as Pass Through Client

•

You can choose to install the ICA

Program Neighborhood Agent on the

MetaFrame server during MetaFrame

Setup

•

To enable Pass-Through

Authentication (passing the user’s

Windows credentials) in the Program

Neighborhood Agent, set the logon

mode to

Pass-through

authentication

.

•

If you install NFuse Classic and the

Program Neighborhood Agent on the

MetaFrame server, the Program

Web Interface Extension

• Embedded client support (similar to the Web Interface)

• RSA SecurID support

• Support changing passwords of secondary credentials (Change Password option at the NFuse Classic User IDs page)

• Oracle DB Support (8i or 9i)

• Enhanced Security by removing the primary credentials from the database

• Increased performance for group enumeration (easier to locate and define groups)

• LDAP Failover – ability to switch to backup domain controller, if available

• Farm Refresh improvements

• JRE 1.4 support

• Windows 2003 support, IIS 6

An enterprise-wide solution that provides single point web-based access to applications from multiple Citrix MetaFrame XPe server for

Citrix Confidential

Web Interface Extension – Web Page

Admin

• Configure global settings such as language,

administrator groups, and user authentication method

• Define and manage

MetaFrame farm details

• Specify group settings including home farm, user and application options

• Define and manage the appearance of the Web pages presented to

users

• Administer user credential account mapping policies

• Generate log reports

http://

<Enterprise Services for

NFuse Web

FR3 Tech Preview & EAP Program

•

Access to Tech Preview:

– Included in every iForum attendee’s “Welcome Bag”

– Targeted customers and partners will be sent an email from Citrix notifying them of their opportunity to participate in the FR3 Tech Preview

– Fulfilled via www.mycitrix.com (choice of download and/or request for media)

•

Support:

– Participants can provide comments, ask questions and report problems via e-mail at: [email protected]

– Search for answers to previously asked questions, exchange information and ask new questions under a MF XP, FR3 Tech Preview “message board” available under the

Citrix Confidential

FR3 Install – Tech Preview/EAP

•

You can deploy this technology preview

release of Feature Release 3 as a

complete installation of MetaFrame

XP only

; upgrades from previous releases

of MetaFrame are not supported.

•

Upgrading from previous versions of

Citrix Secure Gateway, NFuse Classic, or

Enterprises Services for NFuse is not

supported.

Availability

Citrix Confidential

Summit Media Kit

Summit Media Kit

Citrix Channel & Partner Resource

Pack

•

Project Pearl

•

Project Amazon (RC1)

•

Project Thames

•

Project Magens Bay

•

Project Bimini

•

Eval Licenses

Review/Takeaways

• Speed

– SpeedScreen Browser Acceleration - .jpg, gif files

– Reduce Farm Deployment time

– Lightweight Active X Client

• Simplicity

– Simplified License Activation

– Enhanced print driver compatibility and control

– Universal Print Driver II (color and increased resolution)

– CMC enhancements – search, Farm summary screen, instant desktop

– PN Agent as pass-thru client

– WMI and MOM Health Pack

– Improved server monitoring, control, billing and alerting

– Blade Server integration (HP/CPQ/Dell)

• Speed

– SpeedScreen Browser Acceleration - .jpg, gif files

– Reduce Farm Deployment time

– Lightweight Active X Client

• Simplicity

– Simplified License Activation

– Enhanced print driver compatibility and control

– Universal Print Driver II (color and increased resolution)

– CMC enhancements – search, Farm summary screen, instant desktop

– PN Agent as pass-thru client

– WMI and MOM Health Pack

– Improved server monitoring, control, billing and alerting

– Blade Server integration (HP/CPQ/Dell)

eXPerience

– _{.Net Server support} – _{Theme (e.g. “Luna”)}

support for Seamless

– _{Seamless in Java Client} – _{SecurID Integration with}

NFuse Classic

– _{Columbia enhancements} – _{FIPS 140 – crypto modules} – _{Improved Security - No}

storing of credentials in ESN DB

– _{Mac OS X client support} – _{More descriptive error}

codes

eXPerience

– _{.Net Server support} – _{Theme (e.g. “Luna”)}

support for Seamless

– _{Seamless in Java Client} – _{SecurID Integration with}

NFuse Classic

– _{Columbia enhancements} – _{FIPS 140 – crypto modules} – _{Improved Security - No}

storing of credentials in ESN DB

– _{Mac OS X client support} – _{More descriptive error}

Citrix Confidential

Citrix Authorized Training

• With Citrix Training:

– Learn tips and techniques for managing and administering Citrix software

– Obtain valuable lab time for hands-on practice

– Prepare for Citrix certification exams

– Learn quickly and efficiently in the classroom

• New Courses and Certification Include:

– CTX-720X Citrix NFuse Elite Administration

– CTX-6100 Citrix Core Technologies and Architecture

– Citrix Certified Integration Architect (CCIA) program to be launched in Q4 2003

• Available Worldwide from 350 CALCs

• Training Locations from www.citrix.com/training