Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Citrix Remote Access

Posted on 2006-07-23
7
Medium Priority
?
463 Views
Last Modified: 2013-11-21
Hi,

Have been looking through this site and others as to what Terminal Services solution to run with.

Background to ths situation is here http://www.experts-exchange.com/Networking/Q_21928425.html

But roughly,

Laptops currently connect over IPSec to VPN via Cisco 3030 conentrator which I beleive also supports SSL-VPN

This passes the user onto the central LAN where I want remote users to connect to a terminal services server.

There are maximum 100 users, each requiring access to Microsoft Office 2003 (Word, Excel, Access and Powerpoint), Internet Explorer, Adobe Acrobat and network share folders.

Each user has a PC/Laptop but many also have PDA's and tablet PC's.  Therefore, Citrix which supports these, I believe is the better option.

ICA protocol outperforms RDP, and because the settings are downloaded into a java applet each connection, Citrix has better management capability.

Also, I read Windows 2003 TS struggled over 70 users where Citrix would not.

I have left my details to be contacted by Citrix sales.
Before talking with their sales people, I would like to have an idea what I need and estimate cost rather than what they tell me I need and what it will cost.

What I would like to know is:

For between 70 and 100 users, say 50 concurrent at any one time which would be highly unlikely to get that high.

How many servers in the farm (Would two be enough)?
What spec (Duel Xeon with 4GB)?
Is one accessed more than others or would using round robin with one fqdn and multile ip addresses share the load?
Can I use the cisco 3030 SSL VPN or do I need citrix hardware to access (accelerate)?
I take it this is active directory integrated?

Thanks
Jess
0
Comment
Question by:jessmca
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 11

Accepted Solution

by:
bwalker1 earned 1400 total points
ID: 17164773
I think you could safely run two servers in the farm with the specs you suggested.  (4g of RAM and a dual proc)  We have two Citrix servers which have a single xeon proc and 2G of RAM that handle 10 users a piece no problem.  You should be able to handle at least 25 connections on each server with the hardware we are discussing.

We use a 'Secure Gateway' server.  It is a web server that handles Citrix requests.  It will split the users among as many servers as you have.  So 1 IP is all you need.  The 'Secure Gateway' passes the requests internally to Citrix application servers.  Each server would have applications like Microsoft Office installed on them.

You wouldn't need a VPN because you would be connecting to the web server which is encrypted with a certificate. Also ICA and RDP are both encrypted protocols and only keystrokes are transmitted across the web.

It is active directory integrated.  Users use the same logins as they would in the office.
0
 
LVL 11

Expert Comment

by:bwalker1
ID: 17164780
I should add, keystrokes, mouse clicks, and screen shots are all that is transmitted over the web. :)
0
 
LVL 11

Expert Comment

by:bwalker1
ID: 17164795
According to this link from Cisco you can use the 3030 with Citrix.  I haven't used a concentrator with Citrix so I wouldn't be able to answer any details about implementation.  

http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_data_sheet09186a00801d3b56.html
0
Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

 
LVL 5

Expert Comment

by:shniz123
ID: 17164961
No doubt you'll want to use the Secure Gateway. It's ease of use and management will make your life better. My general rule of thumb for RAM is 1.5MB per user. Beyond that just about any new proc should run Citrix just fine. If you can I'd recommend something 64x or dual proc. I typically have 30-50 users connected per server. I manage a 15 server farm cluster on W2k3. During a past fail over I saw 80+ connections and they still hummed along. Get the beefiest boxes you can in your budget. If you had x8RAM and dual proc I think you could probably get away with 2 servers. Office requires more memory to run that IE for Sharepoint but with 8 you should have enough.

As for Citrix Hardware, I think the NetScaler is a good unit and provides good load balancing and compression. You don't 'have' to have one but at the edge of your network they are handy to have.

0
 
LVL 4

Assisted Solution

by:nexusds
nexusds earned 600 total points
ID: 17165121
regardless of citrix or windows rdp, you should run two servers with that number of users.. for window rdp, you will need the ent edition of windows 2003 and using a feature called session directory (included). each a dual xeon with 4GB or 8GB RAM (start with 4 and see how it goes, RAM gets cheaper later in life)

If you have another server, great - and use this for storing user profiles and other features - ensure these two new servers are strictly like workstations and with like installs (when you make a change to one, ensure it's done to the other)

Also regardless, I recommend any VPN solution for secuity - let them have web access to email if using exchange, etc.. but that's it.
0
 
LVL 8

Author Comment

by:jessmca
ID: 17170775
bwalker1

So a two serer farm with 20 users connected works fine with single xeon and 2GB ram.  
Excellent

So Dual Xeon with 4Gb should handle 50, 25 on each
I dount there will be more than 25 users connected ever at one time

nexusds

So you reckon using the existing IPSec VPN connection would be ok?

That would make life easier if it wouldnt effect performance any serious amount..

Thanks
Jess
0
 
LVL 4

Expert Comment

by:nexusds
ID: 17170927
a dual xeon (in either case with hyperthread enabled) is better.. the trick is if any one process uses up a lot of cpu time, you want something available for others.

existing IPSec is fine...
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This program is used to assist in finding and resolving common problems with wireless connections.
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question