Link to home
Start Free TrialLog in
Avatar of xyz abc
xyz abc

asked on

Citrix XenDesktop Handbook

Citrix XenDesktop handbook is it only specific to XD/VDI 7.x part only ?
Is see most of its content is generic project methodology ?
Could you guys can point me something similar specific XenApp 7.x .......?
SOLUTION
Avatar of Sekar Chinnakannu
Sekar Chinnakannu
Flag of Singapore image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of xyz abc
xyz abc

ASKER

Yes I agree with both your links pointed I have been design my implementation plan based on those.
But for project planning, I think XD handbook can also be used for XenApp 7.6.

Thanks Sekar & dkotte.

I have few more questions on this.

Say I plan of having.

1. No Netscalers ( Not a good idea specially considering LB part & VPN or ICA proxy ).

----> So in this case I can place my SF in DMZ and rest of all XA/XD 7.6 on internal range of subnet ?? Where basically internal users can locally connect within the LAN to local internal site which is completely on private LAN..

2. If client choose Netscaler

----> So in this case I need to have an internal and external Netscalers .... Internal Netscalers for load balancing my SF & Controllers and then the external Netscaler for ICA proxy/Full VPN/Client access ... Where my IP addressing would be for public facing will only be related to access to VPN or AGEE URL ?  and rest of the requirement for IP addressing scheme would remain the same as above except the NS/AGEE part.

3. Basically I am trying to figure out in both the scenario, how would I approach my network team for number of Public IP's, Private IP's I need and VLAN configurations .. SSL Certificates & FQDN's ?
1. SF need full domain access. if placed within a DMZ you need a lot of rules.

2. it is possible with only one NetScaler at DMZ also.
and already i deploy a netscaler with private addressees only. NAT to/from internet to the VServer do the work and it works great.

3. there are many options ...
- you may use private addresses only and NAT one public IP to every vserver
- you may use only public ip`s
- you may mix private and public ip`s within one DMZ
-- NS need at least 3 IP`s (NS management, SubNetIP and one IP for every Virtualserver)
-- also one IP for every loadbalancing vserver ... ASO.
... or you use more than one interface and possible connect to multiple DMZ

you should use public certificates and FQDN for every vServer,
Certificates for DDC and StoreFront may come from private CA.
Avatar of xyz abc

ASKER

So rest everything remains within the LAN is private and internal VLAN IP structure. Right ?
basically all the Sites & Controllers, Host servers.?
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of xyz abc

ASKER

ok perfect got it. I think Citrix just changed the terminology everything in terms of network is pretty simple.
I was curious as I am preparing a HLD or just simple projection.

One thing thing is pretty complex if SF is placed in DMZ or implemented with AGEE component then call back & such has to be tested very well with AGEE policies and such. Looks like they have changed the whole GUI of Access gateway AGEE/NS 10.5.
May be it will take time or get familiar during implementation and extensive testing. I hope they will not change GUI anytime soon, this is bit crazy.

Good thing is they have not changed anything in terms of flow or under lying protocol like FMA in XA/XD.