Feature brief detailing the MDX mobile application management features, including an overview of the technology and policies that can be added to applications.
The document discusses Microsoft's Identity and Access Management (IAM) solution which enables secure identity-based access to applications both on-premises and in the cloud from any location or device. The IAM solution allows users to use a single identity across their organization and on partner networks. It also helps enterprises reduce security costs by enabling centralized identity management and allowing users to independently resolve identity and password issues. The solution provides seamless access and security across devices and applications.
The document discusses the challenges of enabling user mobility and productivity while maintaining security. It notes that most information workers now use multiple devices and over 80% use unsanctioned apps. The document promotes Microsoft's Enterprise Mobility + Security solution for providing identity-driven security, comprehensive management of mobile devices and apps, and protection of data across platforms. It describes capabilities for unified identity, mobile device management, application management, and information rights management.
Windows 10 Enterprise E3 - Best in Class Security and Control - Presented by ...David J Rosenthal
Introducing Windows 10 Enterprise E3 for CSP
More than 350 million active devices are running Windows 10 and our business customers are moving faster than ever before, with more than 96% of them in active pilots. And, Windows 10 customers are already experiencing improved productivity and cost savings with an average ROI of 188% with a 13-month payback.*
In most instances, organizations are moving quickly to Windows 10 due to the heightened security risks they face and the industry-leading security features in Windows 10 that can help protect them. Companies of all sizes face real security threats from sophisticated hackers and cyber-terrorists, costing an average of $12 million an incident. In the US alone there are more than 56 million small to mid-sized businesses, in critical sectors like healthcare, legal and financial services that need strong security similar to what our large enterprise customers get through volume licensing agreements.
Partners can now offer their business customers the ‘full IT stack’ from Microsoft, including Windows 10, Office 365, Dynamics Azure and CRM as a per user, per month offering through a single channel, which businesses can scale up or down as their needs change. Key features include:
Increased Security: Offering the sophisticated security features of Windows 10 to help businesses secure sensitive data and identities, help ensure devices are protected from cybersecurity threats, give employees the freedom and flexibility to access sensitive data on a variety of devices, and help ensure controlled access to highly-sensitive data.
Simplified Licensing & Deployment: Helping businesses lower up-front costs, eliminating the need for time-consuming device counting and audits, and making it easier to stay compliant with a subscription-based, per-user licensing model. This new offering allows businesses to easily move from Windows 10 Pro to Windows 10 Enterprise E3 without rebooting.
Partner-managed IT: Configuring and managing devices by a partner experienced in Windows 10 and cloud deployments. Partners can also help businesses develop a device security and management strategy with the unique features of Windows 10. Businesses can view subscriptions and usage for Windows 10 Enterprise, and any other Microsoft cloud services purchased, in their partner portal for easier management with one contract, one user account, one support contact, and one simplified bill.
Sections:
Introduction
Cloud Computing background
Securing the Cloud
Virtualization
Mobile Cloud Computing
User safety & energy consumption
Author’s proposal
Conclusion
In order to make cloud computing to be adopted by users and enterprises, security concerns of users should be rectified by making cloud environment trustworthy, discussed by Latif et al. in the assessment of cloud computing risks[2].
We address the questions related to:
security concerns and threats over general cloud computing,
(2) the solutions for these problems and
(3) mobile users safety in convergence with energy consumption.
Microsoft Enterprise Mobility + Security
Control identity + access in the cloud
Centrally manage single sign-on across devices, your datacenter, and the cloud.
Get identity-driven security
Comprehensive, intelligent protection against today's advanced attacks.
Manage mobile devices + apps
Securely manage apps and data on iOS, Android, and Windows from one place.
Protect your information
Intelligently safeguard your corporate data and enable secured collaboration.
Virtualize your desktops
Efficiently deliver and manage Windows desktops and apps on all devices.
This document discusses security architecture in cloud computing. It provides an overview of cloud risk assessments and how they differ from traditional assessments. It also compares cloud security architectures to traditional security architectures. Finally, it outlines the key domains covered by the Cloud Security Alliance, including governance, operations, and others.
This document discusses strategies for securing corporate networks while allowing employees to use their own devices (BYOD). It addresses key challenges like identifying corporate vs personal devices and limiting access. The document recommends creating a separate secure wireless network for BYODs and using authentication like 802.1x, captive portal, or WPA/WPA2 with keys. Device onboarding and role-based firewalls can automatically configure access privileges based on the device type.
This white paper outlines the gaps in providing a secure
browser, including research into data breach trends and
provides a practical solution for centralizing and securing
browsers. The solution includes combining Citrix and
Bitdefender technologies in an innovative approach centered
on new virtualization and hypervisor introspection
technologies.
Cloud has major security challenges which can be a nightmare for any organization or clients. This paper published in IEEE discusses the cloud implementation security challenges with greater details. It is really a good reference for cloud security and privacy researchers.
The boundaries of the corporate network are being challenged. Today’s
enterprise is falling victim to unrelenting attacks that target physical and
logical infrastructures, mobile platforms, user identities, network devices
and more. Entrust provides more than a simple one-step means of protecting the
world’s largest and most respected enterprises. Reduce costs, defend
against targeted attacks and consolidate identity-based security via a
single management and strong authentication platform.
The document discusses Microsoft's Enterprise Mobility + Security (EMS) solution. EMS provides identity-driven security, managed mobile productivity, and a comprehensive solution to address challenges of mobility and cloud adoption. It secures access across devices, apps and user identities on-premises and in the cloud with integrated solutions like Azure Active Directory, Microsoft Intune and Advanced Threat Analytics.
Redefining Business Mobility and Customer ExperienceCitrix
The financial services industry faces unprecedented pressure from customer demands, regulatory mandates, emerging technologies and highly-competitive markets. Citrix powers
financial services mobility to help companies deliver consistent customer service across traditional and digital channels, improve employee productivity and retention, and increase
IT efficiency, while at the same time ensuring security across their evolving infrastructures.
Microsoft Enterprise Mobility Suite Presented by AtidanDavid J Rosenthal
Windows 10 is better with EMS
Windows 10 is the best Windows ever and provides a foundation for protection against modern threats and continuous management while enabling your users to be more productive. To get the most out of your mobile security and productivity strategy, integrate the Microsoft Enterprise Mobility Suite (EMS) with Windows 10 for greater protection of users, devices, apps, and data.
A key concern for you continues to be security, and rightly so. Identity is the control plane at the center of our solution helping you to be more secure. Only Microsoft offers cloud identity and access management solutions running at Internet scale and designed to help secure your IT environment. Microsoft Azure Active Directory has hundreds of millions of users, is available in 35 datacenters around the world, and has processed more than 1 trillion (yes, trillion) authentications. Our innovative new technology, Microsoft Advanced Threat Analytics is designed to help you identify advanced persistent threats in your organization before they cause damage.
KEY FEATURES
Threat detection: Detect abnormal user behavior, suspicious activities, known malicious attacks and security issues right away. Focus on what is important using a simple, convenient feed.
Conditional access: Control access to applications and other corporate resources like email and files with policy-based conditions that evaluate criteria such as device health, user location etc. This includes support for multi factor authentication (MFA).
Single sign-on: Sign in once to cloud and on-premises web apps from any device. Pre-integrated support for Salesforce, Concur, Workday, and thousands more popular SaaS apps.
This webinar summarizes Windows Intune, a cloud-based PC management service from Microsoft. It allows administrators to securely manage updates, monitor PCs, provide remote assistance, and set security policies from a simple web-based console. Windows Intune helps protect PCs from malware, enables a mobile workforce, and drives savings through automated updates and low infrastructure overhead.
EPC Group Intune Practice and Capabilities OverviewEPC Group
Microsoft Intune is a cloud-based service that allows organizations to securely manage devices, apps, and corporate data. It provides mobile device management, mobile application management, and PC management. Intune helps enable employee productivity while keeping corporate information secure across devices and platforms through features like device enrollment, app deployment, policy management, and data protection.
Data Stream Controller for Enterprise Cloud ApplicationIJSRD
Cloud computing is an emerging computing paradigm where computing resources are provided as services over Internet while residing in a large data center. Even though it enables us to dynamically provide servers with the ability to address a wide range of needs, this paradigm brings forth many new challenges for the data security and access control as users outsource their sensitive data to clouds, which are beyond the same trusted domain as data owners. The occupier need not be concerned with how the Paas system achieves expansion under high load.MAC systems differ as security policy is defined for the entire system, typically by administrators. Information flow control (IFC) is a MAC approach, developed originally from military information management methodologies. IFC can be used to enforce more general policies, using appropriate labeling and checking schemes. The labels can be used to manage both confidentiality and integrity concerns, tracking “secrecy†and “quality†of data, respectively. Decentralized Information Flow Control (DIFC) is an approach to security that allows application writers to control how data flow between the pieces of application and the outside world. As applied to privacy DIFC allows un trusted software to compute with private data while trusted security code controls the release of that data. As applied to integrity DIFC allows trusted code to protect un trusted software from unexpected inputs.
Microsoft Intelligent Communications - Skype and Teams with Office 365David J Rosenthal
We built Microsoft Teams as a chat-based workspace in Office 365 to meet the needs of this changing modern workplace by making it easier to collaborate. Teams provides a team workspace in Office 365, with persistent chat, easy file access, customizable and extensible features, and the security that customers trust. Since Teams launched in March 2017, more than 125,000 organizations have started using Teams to streamline communication, improve collaboration, and get more done together.
Over time we’ll create a single client experience for cloud-based business voice and video. Skype-branded capabilities will power the voice and video experiences in Teams. Microsoft will continue to sell and support the Skype for Business client and service, so customers can move to Teams when it best meets their needs.
Microsoft Intune y Gestión de Identidad Corporativa Plain Concepts
Gestiona todos tus dispositivos corporativos Windows 10 desde Microsoft Intune. Entornos híbridos de autenticación, autenticación multi factor y acceso seguro a aplicaciones SaaS. Por Jose María Genzor
IRJET- A Survey on SaaS-Attacks and Digital ForensicIRJET Journal
This document discusses security issues related to software-as-a-service (SaaS) applications in cloud computing environments. It first highlights different environments where SaaS is used and then analyzes common SaaS security challenges like data, application, and deployment security. The document then discusses digital forensics investigations of crimes related to cloud environments. It proposes a cloud forensics strategy to help investigators examine cybercrimes in an effective and efficient manner. Finally, the document identifies different types of security attacks on cloud computing and SaaS components, along with associated vulnerabilities and potential countermeasures.
Presentation to the San Francisco SQL Server User Group on June 11, 2009.
Christian Wade of EMC discusses the numerous features in Analysis Services 2005 and 2008 as well as dimension/cube design.
This document provides an agenda and overview for a presentation on MDX query language for Essbase databases. It includes definitions of key MDX concepts like cubes, dimensions, and levels. It also describes the basic syntax of MDX queries with examples showing simple select statements with columns and rows axes using crossjoins and slices.
This document contains a portfolio of business intelligence projects completed by Hong-Bing Li using Microsoft's BI product stack. It includes examples of SQL Server Integration Services (SSIS) packages to perform ETL, SQL programming, SQL Server Reporting Services (SSRS) reports including dashboards, SQL Server Analysis Services (SSAS) cubes, and MDX queries. The portfolio demonstrates skills in data integration, reporting, analytics, and dashboard development with a focus on Microsoft tools.
MDx Dubai Campus known for excellence in teaching and research offers UG, PG courses in Arts, Science, technology. Middlesex MBA is the most sought after course in Dubai.
Enhancing Dashboard Visuals with Multi-Dimensional Expressions (MDX)Daniel Upton
Here's an original presentation I gave at the SoCal Business Intelligence User Group in 2008. On reviewing it, and although the underlying platforms have evolved since then, the topic still seems relevant.
2012 Acura MDX Brochure presented by DCH Acura of Temecula.
To see the 2012 Acura MDX in person or for more information contact DCH Acura of Temecula at (888) 690-6111 or visit our website at www.dchacuraoftemecula.com
This document provides an introduction to writing MDX queries and member formulas. It covers basic MDX syntax including selecting members on columns and rows, specifying member names, understanding tuples and sets, and useful MDX functions like Children, Descendants, Generations, and Levels. It also discusses creating simple member formulas using relative and absolute references, and more advanced concepts like IIF, CASE, rolling calculations, and working with multiple time dimensions. Exercises are included to help apply the concepts.
The document provides an overview of MDX (Multidimensional Expressions), a declarative query language for extracting information from Essbase databases. It compares MDX to the existing report writer interface, highlighting similarities and key differences in functions, member selection, sorting, and other capabilities. MDX allows for more complex, multidimensional queries and automated analysis with fewer steps than report writer. The document also gives examples of MDX query execution and using MDX to migrate existing report writer queries.
Multidimensional Expressions (MDX) is the query language used to retrieve multidimensional data from Analysis Services cubes. MDX utilizes expressions composed of identifiers, values, functions, and operators to retrieve objects like members, sets, or scalar values from cubes. The MDX language defines elements like identifiers, expressions, operators, functions, and comments that are used to construct MDX queries and scripts.
Despite widespread adoption of OLAP technologies, the MDX query language remains a bit of an enigma. It's not until a very simple but seldom explored concept is understood that the power and elegance of the language is revealed. Join Bryan Smith, co-author of Microsoft SQL Server 2008 MDX Step by Step, in exploring this central concept, providing a foundation for your success with the MDX language.
This portfolio contains examples of work done during a 10-week Business Intelligence training program. It includes projects on data modeling, T-SQL programming, SQL Server Integration Services, SQL Server Analysis Services, MDX query programming, SQL Server Reporting Services, Performance Point Server, and SharePoint Server. Relevant work experience demonstrating skills in these BI technologies is also included. The portfolio contains examples of designing an SSAS cube for a fictitious construction company including calculated members, partitioning, and a KPI. It also includes reports developed in SSRS, PPS dashboards, and an SSRS report deployed to SharePoint.
IBM Cognos Dimensional Dashboarding TechniquesSenturus
Learn best practices for creating interactive dashboards in the Cognos portal.
View the video recording and download this deck: http://www.senturus.com/resources/cognos-multi-dimensional-dashboarding-new-techniques/.
Senturus experts provide demonstrations using Report Studio, Cognos Connection, multi-dimensional expressions (MDX), Cognos portlets and inter-portlet communication techniques. All techniques covered are applicable to all versions of Cognos 8 and Cognos 10.
Senturus, a business analytics consulting firm, has a resource library with hundreds of free recorded webinars, trainings, demos and unbiased product reviews. Take a look and share them with your colleagues and friends: http://www.senturus.com/resources/.
The document provides an overview of the Miami-Dade Expressway Authority's (MDX) Fiscal Year 2015-2019 Work Program. Key points include: MDX maintains five expressways and is funded solely through toll revenues; the five-year, $879 million work program focuses on safety, system preservation, and mobility projects; and major projects include improvements to SR 836, planning for extensions of SR 924, and study of a potential SR 836 Southwest Extension.
Smart Query is a new feature in Oracle Smart View that allows users to create, save, and share customizable queries with user-defined sets, filters, and calculated rows and columns. It gives users control over aggregates, filters, and calculations to build reusable perspectives without having to start from scratch each time. Key capabilities include creating custom members and sets with filters, saving reusable elements, and sharing queries via the repository or email.
Moore Advanced Calculations in Calc Manager OW 20151015Ron Moore
This document provides an overview of using custom defined templates (CDTs) in Calc Manager to automate repetitive calculation development tasks. It discusses conceptualizing a framework for CDT implementation and applying CDTs to a driver-based budgeting application. The agenda includes reviewing CDTs, developing a conceptual framework, and demonstrating CDTs in Calc Manager to create a calculation and use variables and member ranges.
This document provides an overview of the MDX (Multidimensional Expressions) language. It discusses the history and rise in popularity of MDX, how MDX differs from SQL, the basic components and terminology used in MDX, MDX syntax including tuples, sets, and queries, and examples of calculated members and named sets in MDX.
This document provides an introduction and overview of MDX (Multidimensional Expressions), including:
- MDX is a query language used for OLAP cubes to return multidimensional cell sets of cube data.
- The basics of MDX syntax and concepts like axes, members, tuples, and sets are explained.
- Functions, calculated members, and different reporting scenarios using MDX are also discussed.
- Examples are provided throughout to illustrate MDX concepts and functionality.
This is an introductory look at MDX presented by Nathan Peterson of Solid Quality Mentors
Every developer should be able to write the MDX needed to create Key Performance Indicators (KPIs) to meet business requirements. This short session will give you a solid introduction to the language, so that you can start using its power to give your business the information it needs.
You will learn how to:
* Think multi-dimensionally to better understand how cube data works
* Use MDX, the query language for Analysis Services
* Create Named Sets and Calculated Members with MDX to meet business needs
This document contains a portfolio summary of BI projects completed by Hong-Bing Li using Microsoft's BI product stack. It includes examples using SQL Server Integration Services for ETL processes, SQL programming, SQL Server Reporting Services for dashboards and reports, SQL Server Analysis Services for cube development and MDX queries, and SharePoint integration. The portfolio aims to demonstrate Hong-Bing Li's skills and experience across the main Microsoft BI technologies.
Citrix XenMobile is a mobile device management solution that allows organizations to securely manage mobile apps, devices, and data. It offers features such as device management, policy configuration, security and compliance controls, and mobile application management. It provides these capabilities across major mobile platforms through three editions - XenMobile MDM Edition, XenMobile App Edition, and XenMobile Enterprise Edition. The Enterprise Edition includes additional capabilities such as delivery of Windows apps, ShareFile Enterprise features and email attachment encryption.
Modern mobile devices by their capabilities are almost equal to office computers. For working with different types of document or an access to corporate resources, employees often use their own tablets and smartphones ignoring the prohibition of IT service. This BYOD scenario is impossible to avoid. BYOD brings significant risks and often results in confidential data breaches. The usual restrictions are no longer working, businesses are unable to stop employees from bringing personal devices into the workplace, and today every company needs more mobile and flexible solutions.
Future of Fed Mobility | Citrix Technical Exchange hosted by AMARC | Faisal I...Tim Harvey
The Advanced Mobility Academic Research Center (AMARC) hosted a Citrix Technical Exchange on July 18 at The Hamilton in Washington, D.C. Faisal Faisal Iqbal, Director of Systems Engineering, U.S. Public Sector for Citrix spoke at the event, which featured a Digital Government Strategy panel with Anil Karmel (NNSA), Brad Nix (USDA FNS) and Dan Mintz (AMARC).
Citrix provides access infrastructure that allows users to connect to applications from any device or location. Citrix has incorporated RSA's two-factor authentication technology to provide an additional layer of security when accessing business applications. The combination of Citrix and RSA technologies provides streamlined, secure access to enterprise applications for local, remote, and mobile users through the Citrix Access Platform and RSA SecurID authentication.
Citrix provides a solution to mobilize Windows applications by delivering them to diverse mobile devices like tablets and smartphones. The solution leverages Citrix XenApp, Citrix Receiver, StoreFront and Citrix NetScaler Gateway to seamlessly deliver optimized Windows applications to any device without rewriting code. Mobile optimization policies make applications more usable on touchscreens by enlarging controls and adding automatic keyboards. The solution allows just the application, not the Windows OS, to be delivered to mobile devices. It provides secure access to business-critical applications from any device.
The document discusses the evolution and future direction of Citrix Receiver. It describes how Receiver has evolved from Updater in 2008 to take on more "broker" functions like discovery of apps/services, connectivity to the enterprise, and providing access to common value-added services. It highlights key trends driving this evolution, like mobility, BYOD, and new devices/platforms. Going forward, Receiver will focus on providing a unified experience across all devices and platforms, including a new Windows 8/WinRT version with metro-style interface. The summary emphasizes how Receiver acts as a "normalizer" to provide access and manage interactions across a diverse environment of devices, operating systems, and application types.
1. Citrix is proposing a new approach called the Secure Digital Perimeter (SDP) to address security challenges in a world where work is distributed across SaaS apps, cloud services, and remote users.
2. Traditional security approaches focused on protecting networks and resources within organizational perimeters but SDP takes a people-centric approach that follows users across devices and locations.
3. SDP provides simplified control, 360-degree visibility, and intelligent analytics across networking and security services to minimize attack surfaces and gain compliance while allowing access from any device.
Windstream Hosted Solutions: Public Cloud SecurityJason Proctor
Cloud computing presents a number of unique benefits as compared to traditional or virtualized IT environments. Cloud computing shifts capital expenses (CAPEX) to operational expenses (OPEX) and introduces a new
level of speed, flexibility and scale to the IT organization. These benefits help overcome challenges faced by IT organizations, including rapidly changing technology, budget constraints and time-to-market pressures.
While cloud services can yield a number of advantages, this new model for computing also raises a few new questions.
Mobile cloud computing combines cloud computing, mobile computing and wireless networks to provide data storage and processing services to mobile users without requiring powerful device hardware. This allows mobile apps to be built and updated quickly using cloud services and to seamlessly continue across different devices. Key benefits include improved data access, reliability and flexibility compared to relying solely on local device resources. Effective mobile cloud computing requires dynamic partitioning of apps between mobile devices and cloud servers to optimize for factors like energy usage and execution time.
The document discusses the different types of cloud computing models: public cloud, private cloud, hybrid cloud, community cloud, and multi-cloud. It provides details on the key characteristics, advantages, and disadvantages of each cloud model. The public cloud is open for general use over the internet, private cloud is for exclusive use within an organization, hybrid cloud combines public and private, community cloud is for a specific community, and multi-cloud uses multiple cloud solutions.
Cloud Security: What you need to know about IBM SmartCloud SecurityIBM Security
Safeguarding the cloud with IBM Security solutions - Maintain visibility and control with proven security solutions for public, private and hybrid clouds.
IBM Endpoint Manager for Mobile Devices (Overview)Kimber Spradlin
Manage all devices - smartphones, tablets, laptops, desktops, and servers - from a single console. IBM Endpoint Manager also integrates Enterproid Divide secure container and NitroDesk TouchDown secure email technologies for separation of organizational content on BYOD and contractor devices.
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
Based on 6 years of creating zero trust networks at Google, the BeyondCorp framework has led to the popularization of a new network security model within enterprises, called the software-defined perimeter.
This document is a presentation by Todd Smith from Citrix about taking businesses and users to the cloud. It discusses how mobility trends like BYOD and the rise of tablets are changing the workplace. It also covers challenges of managing security and complexity across many devices and apps. The presentation promotes Citrix's mobile solutions including XenMobile for mobile device management, secure apps and data sharing with ShareFile, and single sign-on capabilities. It positions Citrix as providing the most comprehensive mobile portfolio to enable secure productivity from any device.
A Comprehensive Review on Data Security and Threats for Data Management in Cl...AJASTJournal
The cloud is a network of virtual computers that are linked together and may exhibit and offer computational capabilities continuously depending on certain Service Level Agreements (SLAs) that have been agreed between the parties to a contract between the clients and the internet provider. Cloud computing has several benefits, including endless computational resources, cheap cost, security controls, hypervisor protection, instantaneous elasticity, high throughput, and fault-tolerant solutions with increased performance. Since cloud computing is a comparatively recent computing model, there exists a lot of uncertainty about how well confidentiality of all levels, including host, network, data levels, and implementation, can be achieved. As a result, there still are important obstacles to cloud computing adoption. These constraints include security issues concerning privacy, compliance, and legal issues. When databases and software applications are moved from the cloud to large data centers, data management becomes a major challenge. Numerous security issues may develop while using cloud computing, including issues with privacy and control, virtualization and accessibility issues, confidentiality, management of credentials and identities, authentication of responding devices, and authenticity. In this paper, an effort is made to offer a comprehensive review of data security and threats in cloud computing.
Similar to Citrix MDX Technologies Feature Brief (20)
The document discusses eG Innovations' performance management monitoring solution. It provides an overview of eG and how it can monitor virtual desktop infrastructure (VDI) deployments. eG offers deep visibility into all layers of VDI, including the virtualization platform, connection broker, profile server, and individual user sessions. It monitors over 150 applications and infrastructure components to provide comprehensive performance monitoring of complex VDI environments.
Good news from the Worldwide Consulting Desktop & Apps (DnA) team! We’ve just finished updating theVirtual Desktop Handbook for XenDesktop 7, StoreFront 2.0 and XenServer 6.2.
The Virtual Desktop Handbook is an architect’s guide to desktop virtualization. It provides you with the methodology, experience and best practices you need to successfully design your own desktop virtualization solution.
Updates in this release include:
Resource requirements for Windows 8 and Server 2012
XD controller sizing
XenDesktop 7 policy guidelines
Database sizing for XenDesktop 7
SQL 2012 chapter
StoreFront 2.0 chapter
32-bit or 64-bit desktop OS guidance
Desktop group & StoreFront integration
In addition, we’ve also included a Citrix policy quick reference spreadsheet so that you can quickly identify default, baseline and template settings from XenDesktop 5 / XenApp 6 all the way up to XenDesktop 7. Thanks go out to Michael Havens, Maria Chang and Uzair Ali for creating this great reference spreadsheet.
I hope you find this handbook useful during your next desktop virtualization project.
And we’re not done yet, future updates will include:
Bandwidth
Hyper-V 2012
PVS 7
User data
And more …
The Virtual Desktop Handbook is not the only resource to guide you through your desktop virtualization journey. Citrix also provides Project Accelerator; an interactive online tool creating customized sizing and design recommendations based on the methodology, best practices and expert advice identified within this handbook.
You can still reach the XenDesktop 5 handbook using the old URL – CTX136546
Andy Baker – Architect
Worldwide Consulting
Desktop & Apps Team
http://blogs.citrix.com/2013/10/10/new-xendesktop-7-handbook-published/
This document provides guidance on designing network configurations for Citrix XenServer. It discusses basic XenServer networking concepts, such as connecting virtual machines to networks. It then presents several sample networking scenarios and considerations for specifying networking requirements. The document also offers recommendations for designing XenServer networks, including using the distributed virtual switch, network redundancy, and bonding. Additionally, it covers designing storage networks and verifying XenServer networking configurations.
1. XenMobile allows you to manage mobile devices, apps, and data through its main components: NetScaler Gateway, XenMobile Device Manager, XenMobile App Edition, MDX Toolkit, and Worx apps.
2. You can deploy the XenMobile components in various configurations depending on your needs, such as deploying only NetScaler Gateway and App Controller to enable remote access to apps, or deploying all components for comprehensive device, app, and data management.
3. A common deployment involves NetScaler Gateway for secure remote access, Device Manager for mobile device management, and App Controller for mobile app and data access, with optional integrations with StoreFront and ShareFile.
This document discusses how Citrix CloudBridge can optimize video delivery in XenApp and XenDesktop environments through features like video caching, disk-based compression, and Quality of Service (QoS). Video caching improves performance by serving cached video over LAN speeds. Disk-based compression reduces bandwidth usage by eliminating duplicate video content. QoS allows administrators to classify and prioritize different types of video traffic to control bandwidth utilization. Together these features enhance the user experience and reduce WAN bandwidth consumption of video streams in virtual desktop and application environments.
The document contains event log entries from Citrix services and applications. It includes information, warning, and error log entries related to services starting and stopping, license checks, configuration changes, virtual memory optimization, and HDX MediaStream for Flash. Issues include services not starting, database errors, license failures, and client incompatibility.
Citrix CloudPlatform is a turn-key cloud solution that provides fast time to value through a simple one-package installation. It is proven to scale beyond 40,000 hosts per region and multiple regions, providing users virtually unlimited computing resources on demand. It offers granular tracking and metering of resource usage for showback/chargeback. The solution is hypervisor and storage agnostic, and supports enterprise-grade networking and security for multi-tenant environments through logical and physical isolation.
Cloud portal business manager product overviewNuno Alves
CloudPortal Business Manager is a cloud services delivery platform that allows organizations to aggregate, simplify the delivery of, and provide self-service access to internal, external, and third party cloud and IT services through a centralized catalog. It automates and streamlines provisioning, billing, user management and other operational aspects of managing cloud services. Key benefits include empowering users with self-service access, delivering any type of cloud service, and helping organizations and service providers transition to and manage an IT-as-a-Service model.
Reference architecture dir and es - finalNuno Alves
Citrix Director with EdgeSight provides a complete troubleshooting window to quickly resolve issues around desktops or applications. Previous versions of XenApp leveraged EdgeSight, while XenDesktop deployments looked to Director for assistance. Starting in XenDesktop 7, these two great technologies have been merged into one central point for troubleshooting.
The purpose of this document will be to provide you an overviewof all the necessary parts required to give your company a holistic view. With this being a new product with new features, this document will provide administrators the tools to feel comfortable moving forward with monitoring of a XenDesktop 7 deployment.
This document will cover the configuration of the Director server, as well as how to interface with the Insight Center provided from our NetScaler product line. For more of an overview of the EdgeSight product, please reference the whitepapersfound at www.citrix.com/xendesktop.
http://support.citrix.com/article/CTX139051
Provisioning server high_availability_considerations2Nuno Alves
The purpose of this document is to give the target audience an overview about the critical components of a Citrix
Provisioning Server infrastructure with regards to a high availability implementation. These considerations focus on the
following areas:
• Virtual Disk (vDisk) Storage
• Write Cache Placement
• SQL Database
• TFTP Service
• DHCP Service
Xd planning guide - storage best practicesNuno Alves
This document provides guidelines for planning storage infrastructure for Citrix XenDesktop environments. It discusses organizational requirements like alignment with IT strategy and high availability needs. Technical requirements covered include performance needs like typical I/O rates and functional requirements like supported protocols. The document recommends avoiding bottlenecks, choosing appropriate RAID levels based on read/write ratios, validating storage performance, and involving storage vendors in planning.
This document is an introduction to Disk Storage technologies and its terminology. Within this
document basic disk and storage architectures as well as storage protocols and common fault
tolerance technologies will be discussed. It is not intended as a comprehensive guide for planning
and configuring storage infrastructures, nor as a storage training handbook.
Due to scope, this guide provides some device-specific information. For additional device- specific
configuration, Citrix suggests reviewing the storage vendor‘s documentation, the storage vendor‘s
hardware compatibility list, and contacting the vendor‘s technical support if necessary.
For design best practices and planning guidance, Citrix recommends reviewing the Storage Best
Practices and Planning Guide (http://support.citrix.com/article/CTX130632)
This document provides an overview of how XenServer manages storage supplied to virtual machines. It describes how Linux views physical disks and partitions, as well as logical volume management and network file systems. The key concepts covered include storage repositories, virtual disk images, storage attributes, and different storage types like local, NFS, Fibre Channel, and appliance-based storage. The target audience is IT specialists who need to understand XenServer's storage concepts and terminology for planning virtualized infrastructures.
Citrix XenDesktop 7 provides a unified framework for virtual desktop and application solutions based on a 5-layer model. The blueprint details architectures for standardized desktops, customizable desktops, and applications. It recommends Machine Creation Services for image delivery and defines policies, personalization settings, and control components to meet requirements for different user groups accessing resources from various locations.
XenDesktop relies on the hypervisor for many core functions, including VM creation, power operations, performance and redundancy. Therefore, it is important that you take the time to design an appropriate hypervisor infrastructure (XenServer, Hyper-V or vSphere). Otherwise, you may experience performance, functionality or even reliability issues.
Most information required to design a XenDesktop deployment on your chosen hypervisor platform is available publicly, but it can be hard to find since it’s spread across a multitude of knowledge base articles or white papers. In order to simplify and speed-up the design process, we’re in the process of consolidating the information that you need into a single document and augmenting it with recommendations and best practices. We’ve just finished incorporating the Hyper-V 2008 R2 and SCVMM 2012 planning section into the latest release of the Citrix Virtual Desktop Handbook, which includes important design decisions relating to this hypervisor, for example:
Selecting and sizing the right physical hardware for virtual machines
Knowing what storage options available for Hyper-V 2008 R2
What type of networks to build on the Hyper-V host
How to size the SCVMM servers
Designing a highly available SCVMM solution
Planning an effective failover cluster
The products covered in this current release of the handbook include XenDesktop 5.6, XenApp 6.5, Provisioning Services 6.x and XenClient Enterprise 4.5. A version of the Virtual Desktop Handbook covering XenDesktop 7.x, Provisioning Services 7, Hyper V 2012 R2 and SCVMM 2012 R2 is in the works with an initial release scheduled later in Q4. As always your feedback is welcomed.
http://blogs.citrix.com/2013/09/05/citrix-virtual-desktop-handbook-hyper-v-update/
New eBook! Citrix howto build an all star app desktop virtualization teamNuno Alves
This document discusses how to build an effective team for an app and desktop virtualization project. It outlines four key competencies (prepare, assess and design, deploy, support) and the skills needed for each. It also provides principles for building a successful team, such as finding people with the right attitude, creating a learning culture, getting executive buy-in, and leveraging free resources. The overall message is that the people on the team and the skills they have are critical to the success of an app and desktop virtualization project.
CTX138217 - IntelliCache Reduction in IOPS: XenDesktop 5.6 FP1 on XenServer 6.1 - Citrix Knowledge Center http://ow.ly/o3Ma4
The purpose of this document is to provide testing results based on MCS-delivered streamed virtual desktops leveraging IntelliCache
This document provides guidelines for planning and designing a Citrix StoreFront infrastructure. StoreFront plays a critical role in user authentication, resource enumeration, and aggregation. Key recommendations include:
- Deploy at least two StoreFront servers and use an intelligent load balancer like NetScaler for high availability and load balancing.
- Implement SSL certificates to encrypt communication between Receiver and StoreFront. Also consider encrypting backend traffic between StoreFront and XenApp/XenDesktop controllers.
- Configure multiple controllers per XenApp farm/XenDesktop site and use load balancing for large environments or high login loads.
- Configure highly available internal and external beacon points to determine user network location.
- Use application
NetScaler Deployment Guide for XenDesktop7Nuno Alves
This guide demonstrates how to deploy Citrix NetScaler in conjunction with Citrix XenDesktop 7 with a focus on both simplicity in configuration and advanced features not easily delivered with other products. This guide shows how to provision the XenDesktop 7 infrastructure, the NetScaler appliance and NetScaler Insight Center services to extend Citrix virtual desktop infrastructure and services to remote users in small to medium-size enterprises.
4. Citrix MDX Feature Brief 4
MDX access policies
MDX technologies enable IT to require strong authentication and endpoint analysis
before even permitting users to download and install applications on their devices.
Once these apps are installed, Citrix Receiver™, a universal software client that
provides access to desktops, apps and data, ensures that the desired policies are
continuously enforced, always keeping IT in control of the enterprise content on
users’ devices. Additionally, with MDX Access policies working in conjunction with
the Citrix @WorkWeb™ secure browser, IT can control how the application traffic is
routed: the application can use either the micro VPN tunnel (to access resources
within the corporate network) or the device’s network connection (to access SaaS
applications hosted by a third party).
Figure 2 provides a screenshot and a description of each of the security policies
that can be applied to any mobile application delivered through CloudGateway.
App Interaction
• Cut and copy
Blocks, permits or restricts
clipboard cut/copy operations
for this application. When set to
Restricted, the copied clipboard
data is placed in a private clipboard
that is only available to MDX apps.
• Paste
Blocks, permits or restricts clipboard
paste operations for this application.
When set to Restricted, the
pasted clipboard data is sourced
from a private clipboard that is only
available to MDX applications.
• Document exchange (open-in)
Blocks, permits or restricts
document exchange operations
for this application. When set to
Restricted, documents may only
be exchanged with other MDX
applications.
• App URL schemes
iOS applications can dispatch URL
requests to other applications that
have been registered to handle
specific schemes (such as “http://”),
providing a mechanism for one
application to pass requests for help
to another. This policy serves to Figure 2
filter the schemes that are actually
passed into this application for
handling (that is, inbound URLs).
citrix.com
5. Citrix MDX Feature Brief 5
• Allowed URLs
iOS applications can dispatch URL requests to other applications that have been
registered to handle specific schemes (such as “http://”). This facility provides a
mechanism for an application to pass requests for help to another application.
This policy serves to filter the URLs that are passed from this application to other
applications for handling (that is, outbound URLs).
App restrictions
• Location services
When set to On, this policy prevents an application from utilizing location
services components (GPS or network).
• AirPrint
When set to On, this policy prevents an application from printing data to
AirPrint-enabled printers.
• Camera
When set to On, this policy prevents an application from directly utilizing the
camera hardware on the device.
• SMS compose
When set to On, this policy prevents an application from utilizing the SMS
composer feature used to send SMS/text messages from the application.
• Email compose
When set to On, this policy prevents an application from utilizing the email
compose feature used to send email messages from the application.
• iCloud
When set to On, this policy prevents an application from utilizing Apple® iCloud
features for cloud-based backup of application settings and data.
• Microphone recording
When set to On, this policy prevents an application from directly utilizing the
microphone hardware on the device.
Authentication
• Reauthentication period (hours)
Defines the period before a user is challenged to authenticate again. If set
to zero, the user is prompted for authentication each time the app is started
or activated.
• Maximum offline period (hours)
Defines the maximum period an application can run offline without
requiring a network logon for the purpose of reconfirming entitlement
and refreshing policies.
citrix.com
6. Citrix MDX Feature Brief 6
• Authentication
— nterprise logon required
E
The app requires the user to log on and will permit online usage only
— ffline access permitted after challenge
O
The app prompts the user to log on but allows offline usage after PIN/
passcode/password challenge
— ffline challenge only
O
The app challenges the user for an offline PIN/passcode/password
— ot required
N
The app does not require the user to log on
Device security
• Black jailbroken and rooted devices
When set to On, the application is locked when the device is jailbroken or
rooted. If Off, the application can run even if the device is jailbroken or rooted.
This policy determines whether an application will be allowed to run on a
jailbroken device.
Encryption
• Enable database encryption
When set to On, this policy ensures that the data held in local database files is
encrypted. When set to Off, the data held in local databases is not encrypted.
• Encryption keys
When Online access only is selected, secrets used to derive encryption keys
may not persist on the device. Instead, they must be recovered each time they
are needed from the key management service of CloudGateway. When Offline
access permitted is selected, secrets used to derive encryption keys may
persist on the device.
When set for Online access only, then the Authentication policy is assumed to
be “Network logon required” regardless of the authentication policy setting that
is actually configured for this app. When set to Offline access permitted, it is
recommended (but not required) that the authentication policy be set to enable
an offline password challenge to protect access to the keys and associated
encrypted content.
Miscellaneous access
• Erase app data on lock
When set to On, when an application is locked, any persistent data maintained
by the app is erased, effectively resetting the app to its just-installed state. If Off,
application data is not erased when the app is locked.
An application can be locked for any of the following reasons: loss of app
entitlement for the user, app subscription removed, Citrix Receiver account
removed, Citrix Receiver uninstalled, too many app authentication failures,
jailbroken or rooted device detected without policy permitting app to run on
jailbroken/rooted devices or device placed in lock state by administrative action.
citrix.com
7. Citrix MDX Feature Brief 7
• Auth failure before lock
This sets the number of consecutive failed offline authentication attempts that
will cause an app to become locked. Once locked, apps can only be unlocked
through a successful enterprise logon.
• App update grace period (hours)
Defines the grace period for which an app may be used after the system has
discovered that an app update is available.
• Active poll period (minutes)
When an application starts, the MDX framework polls CloudGateway in
an attempt to determine current application and device status. Assuming
CloudGateway is reachable, it will return information about the lock/erase status
of the device and the enable/disable status of the application that the MDX
framework will act on. Whether CloudGateway is reachable or not, a subsequent
poll will be scheduled based on this interval. After this period expires, a new poll
will be attempted.
Network access
• Network access
Prevents, permits or redirects application network activity. If Unrestricted
is selected, no restrictions are placed on the network access. If Blocked,
all network access is blocked. If Tunneled to the internal network is
selected, a per-application VPN tunnel back to the internal network is used for
all network access.
Network requirements
• Require internal network
When set to On, the app is allowed to run only from inside the company
network. The application will be blocked when the device is not connected to an
internal network as determined by CloudGateway beacons. If Off, the app can
run from an external network.
• Require Wifi
When set to On, the app is locked when the device is not connected to a Wifi
network. If Off, the app can run even if the device does not have an active Wifi
connection such as 4G/3G or a LAN connection.
• Internal Wifi networks
Allows a comma separated list of allowed internal Wifi networks. From inside the
company network, app access is blocked unless the device is associated with
one of the listed network SSIDs. If this field is empty, any internal Wifi network
may be used. If logged on from an external network (or not logged on), this
policy is not enforced.
The app requires a connection to one of the wireless networks specified.
Here, you provide a list of SSIDs representing trusted internal network names
and the application will only be allowed to launch if the device is connected to
one of the defined wireless networks.
citrix.com
8. Citrix MDX Feature Brief 8
MDX Vault
The MDX Vault secure mobile container technology separates and isolates mobile
business applications and data from personal content on any mobile device. Now,
IT can remotely manage, control, lock and wipe critical business applications and
data without touching the employee’s personal content or device.
To create a complete, secure container using MDX Vault, three additional
technology pieces should be used:
1) Citrix Receiver, the universal client, provides both MDX and HDX
technologies to enable both a beautiful user experience and full IT
security and control over mobile apps and data.
2) ative mobile apps that have been properly “wrapped” with policies using
N
the MDX App Prep Tool are published to the AppController component
of CloudGateway.
3) For mobile data management and control, Citrix strongly recommends
ShareFile, which is integrated with CloudGateway to secure corporate data
on the device.
Mobile apps: locally installed while fully controlled
To manage native mobile applications, over-the-air distribution files (.ipa files for iOS
or .apk files for Android) must be wrapped using the MDX App Prep Tool. There
is no requirement to modify the original .ipa/.apk source files to use the MDX App
Prep Tool. During the wrapping process, security and usage policies are applied to
each individual mobile app.
Policies can include preventing the user from taking screenshots, copying and
pasting content, requiring the mobile device to be connected to a secure wireless
network / denying access to content while connected via a cellular network,
forcing authentication at every app launch, disabling iCloud for app backup,
disabling content being sent via SMS or native email for a secured application
and disabling the camera.
In preparation for app distribution to mobile devices, the wrapped applications
are uploaded to CloudGateway. These properly wrapped apps are then
contained within MDX Vault. If users download an app from a source other than
CloudGateway (e.g., public Apple or Android store) IT cannot make that app
part of the secure container. To prevent unauthorized usage, access rights to
each application are managed by assigning user groups from Microsoft® Active
Directory® to the application. Applications will not be visible to any user who is not
part of the Active Directory user group(s) authorized within CloudGateway to use
the specified application.
citrix.com
9. Citrix MDX Feature Brief 9
CloudGateway
Figure 3: MDX Vault keeps corporate applications and data separate from personal apps in a secure container.
Citrix Receiver enables users to subscribe to any application for which they
are authorized based on their role. These applications are then deployed from
CloudGateway into a secure container enabled by MDX Vault on the mobile device.
These secure containers are invisible to employees, who can seamlessly exit the
application to use their own consumer apps without risking data leakage.
In addition to mobile application management, IT can manage and secure mobile
data using Citrix ShareFile®. ShareFile gives people secure access to files on
their device of choice while giving IT complete security and control over corporate
data. To deploy a shared secure container for both apps and data and allow
seamless interaction between ShareFile docs and native mobile apps such as
Citrix @WorkMail™, IT must deliver ShareFile using CloudGateway. Downloaded
files as well as locally installed apps are secured “at rest” on the device using AES
256-level encryption. Data in motion is secured with SSL 3 encryption. In this vault,
IT can apply the following comprehensive policy-based controls over corporate data:
• Mobile data leakage prevention (DLP)
— Disable copy/paste
— Disable iCloud
— Disable “Open In” functionality
— Disable emailing of corporate docs
• AES 256 encryption when data is at rest and SSL 3 encryption when data
is in motion
• Mobile application management enforcement, such as store logon requirement,
device requirements, network requirements
• Lock and wipe apps and data remotely
• Mobilization of any iOS or Android app
• App and data control via policies
• Open attachments only with MDX-enabled apps
citrix.com
10. Citrix MDX Feature Brief 10
• Enable MDX-enabled apps to seamlessly integrate with each other
• Control communication between MDX-enabled apps
• Disable iCloud backup
• Allow @WorkMail to open attachments in any MDX-enabled app
• Enable @WorkWeb to open files and mailto links in any MDX-enabled app
MDX Interapp mobile security and control
MDX Interapp ensures that all MDX-enabled apps can interact with each other for
a seamless experience. For example, clicking a link in @WorkMail on an iOS device
automatically opens @WorkWeb, not Safari. A Microsoft® Word document from
ShareFile can be opened with a published app from Citrix XenApp® while online
and with a locally installed native mobile application when offline. This is done by
offering only applications secured with CloudGateway in the “Open with…” dialog
that pops up when a user clicks on a Word document. In all cases the application
and its data will be executed inside the secure container on the mobile device. No
application residing outside the MDX container will be able to access the data. With
@WorkMail secured by MDX Interapp users can attach docs to emails and save
attachments using ShareFile, open attachments and send calendar invites with
Citrix GoToMeeting® using the free/busy information of attendees provided by @
WorkMail, all inside the secure container on the mobile device.
MDX Interapp
Citrix Receiver
Open with…
Deny access
to insecure
applicaƟons
private data
Figure 4: MDX Interapp allows MDX-enabled apps to communicate.
@WorkMail supports Microsoft® ActiveSync® and Microsoft® Exchange and
offers security features such as encryption for email, attachments and web links,
including internal sites, @WorkWeb enables simple, secure access to internal
corporate web, external SaaS, and HTML5 web applications. @WorkWeb
leverages MDX technologies such as MDX Access to create a dedicated VPN
tunnel for accessing a company’s internal network and encryption for the browser
cache, bookmarks, cookies and history.
citrix.com