In deze presentatie informeren wij u over de voordelen en mogelijkheden van Citrix in combinatie met Nutanix. Tevens geven wij u praktische tips & trucs rondom het succesvol doorvoeren van een werkplektransformatie in uw organisatie.
Presentatie van 24 november 2016
12. Web-Scale: Design Point for Invisible
Design Principles
••Unbranded x86 servers: fail-fast systems
••No special purpose appliances
••All intelligence and services in software
••Extensive automation and rich analytics
••Distributed everything
Benefits
••Linear, predictable scale-out
••Always-on systems
••Fast innovation in software
••Operational simplicity
••Lower TCO
14. The Cloud Era Is Well Underway
“I deployed my application
in five minutes.”
Rapid Time to Market
“No more time spent on low-
level infrastructure
management.”
One-Click Simplicity
“I use and pay for just what I
need only when I need it.”
Fractional IT Consumption
“New capabilities are
available on a regular basis.”
Continuous Innovation
15. Why Not AWS For All Workloads?
Predictable Workloads
Elastic Workloads
25%
75%
Balance Owning and Renting For
Today’s Enterprise Workloads
Spin up and down resources
on the public cloud
Lower costs with private cloud
infrastructure
16. Bringing The Cloud To The Enterprise Datacenter
Fractional
Consumption
Invisible
Operations
Instant
Delivery
Frictionless
Tailored SLAs for
Every App
Balance Owning
and Renting
Data Access and
Governance
Choice and Freedom
from Lock-in
Control
Continuous
Innovation
17. Complexity with Legacy Infrastructure
x Lifecycle complexity
x Resource silos
x Support challenges
x High costs
++ Automated operations
++ Self-service provisioning
++ Monitoring and analytics
Network
Virtualization
Compute
Storage Network
Storage
18. Virtualization
App App
Re-Platforming the Enterprise Datacenter
Integrated, scale-out
compute and storage
Virtualization
App App
Storage
Controller
Storage
Controller
Storage
Controller
Storage
Controller
Server Server
Storage
Controller
Storage
Controller
with built-in virtualization
and management
19. Scalable Distributed System Design
VM VM VM CVM
Hypervisor
VM VM VM CVM
Hypervisor
Tier 1 Workloads
(running on all nodes)
Nutanix Controller VM
(one per node)
VM VM VM CVM
Hypervisor
Distributed Storage Fabric
ü Snapshots ü Clones ü Compression ü Deduplication
ü Locality ü Tiering ü Erasure Coding ü Resilience
Node 1 Node 2 Node N
X86 X86 X86
20. Extensible Storage Fabric
20
CVM
Distributed Storage Fabric
NFS/SMB/iSCSI SMB File Shares
FSVM FSVMFSVM
iSCSI Volume Groups
Bare Metal Apps
FSVM
VM
VM VMVM
CVM CVM CVM
HYPERVISOR HYPERVISOR HYPERVISORHYPERVISOR
21. Seamless Application and Data Mobility
ü Sizer ü One-click Hypervisor Conversion ü Cross-Hypervisor DR
ü Foundation ü Backup to Public Cloud ü Cross-Hypervisor Backup
App Mobility Fabric
VM VM VM CVM VM VM VM CVM
ESXi
VM VM VM CVM
ESXi
Node 1 Node 2 Node N
Distributed Storage Fabric
X86 X86 X86
ESXiESXiESXi ESXiESXi
AHV AHV AHV
25. Hyper-V
Prism
Deduplication
Innovating at the Speed of The Cloud
vSphere support
Scale-out storage
KVM Support
Multi-cluster
Management
Backup to AWS
Built-in Virtualization
VM High Availability
Backup to Azure
VM Flash Mode
Erasure Coding
Product
Launch
2.5
3.0
3.5
4.0
4.1
4.5
4.6
Major New Features in the
Nutanix Enterprise Cloud
Platform
2011 2012 2013 2014 2015
VM-centric Backup + DR
Non-disruptive Upgrades
Compression
4.7
4x Faster Performance
Integrated File Services
AMF Hypervisor Conversion
Prism Pro with X-Fit
2016
Block Services
Container Support
What-If Planning &
more..
27. Powering All Workloads and Use Cases
VDI
Branch
Office
Data Protection &
Disaster
Recovery
Big Data
Private &
Hybrid Clouds
Collaboration
and UC
Enterprise
Applications
29. TAC Centers
NBD Depots
Durham
Amsterdam
24x7x365
“Follow the Sun”
Support
97%
Customer
Satisfaction
+90
Net Promoter
Score
70+
Countries
Languages
7
WW Support
Centers
Global Support Overview
San Jose
Sydney
Bangalore
Tokyo
Beijing
30.
31. Haal meer uit uw werkplek
met Citrix & Nutanix!
Door Bert Jansema, ICT-Partners
37. Werkplek 2.0
• Technische realisatie (SBC, VDI, virtualisatie)
• Informatie altijd beschikbaar door internet en massacommunicatie
• Mobiliteit: werkplek op kantoor, thuis en onderweg
• Security is een vakgebied
47. •Any Cloud Hybrid Cloud Provisioning
• Amazon Web Services
• Windows Azure
• Citrix CloudPlatform
•Any Device
• Citrix Receiver voor Windows, IOS, Android, Linux
•Any App
• Published Apps (XenApp)
• VDI (XenDesktop)
• Remote PC
SimpleScalable
48. Long Term Service Release
• Lagere TCO door hoge kwaliteit van de releases en voorspelbare
onderhoudsintervallen
• Voorspelbaar onderhoud door cumulatieve update packs
• 5 jaar “gewoon” support en 5 jaar extended support
• Voorwaarde is dat alle Citrix componentversies LTSR compliant zijn
Simple
53. Citrix Provisioning Services
• Stream van ‘image’ (vDisk) naar meerdere machines tegelijkertijd
• Maakt gebruik van PXE boot technologie
• Sterke afhankelijkheid van goede netwerk-setup, DHCP
• Sizing is van groot belang (failover/caching)
Mooie oplossing, maar redelijk complex
55. Citrix Machine Creation Services
• Functionaliteit van PVS met……
• …..Eenvoud van MCS
• Gebruik bestaande hypervisor functies
• Geen afhankelijkheid van PXE en DHCP
• Geen additionele componenten
• Eenvoudige updates
58. Voordelen van MCS op Nutanix?
Verdere vereenvoudiging van de MCS architectuur!
Eenvoudige configuratie in XenDesktop Studio maakt het leven eenvoudiger:
Meerdere kopieën
van images
Onderhoud van
meerdere
datastores
IO problemen
59. Meer voordelen van MCS Nutanix!
Gereduceerde
Opstarttijden
Betere
schaalbaarheid
VM migratie
60. Desktop virtualisatie lagen
Compute and Storage (HW)
Hypervisor
Control and Access Layer
Desktop Layer
User Layer
Infrastructure (Studio, file, AD, SQL, License)
Nutanix Acropolis Hypervisor / Vmware ESX / Microsoft Hyper-V
Desktop Delivery (XD) & Image Controllers (MCS)
Access Controllers (StoreFront) and Networking (NetScaler)
Profile management, golden image, and apps
User type and end-points (Receiver)
Citrix ShareFile and file services
61. HP, Dell, Cisco, Lenovo
Cisco, HP, Arista, Mellanox
Qlogic, Emulex
EMC, NetApp, HP, Dell, HDS
Cisco, Brocade
VMware, Microsoft, XenServer
Cisco, HP, Arista, Mellanox
VMware, Microsoft
Simplifying the XenDesktop Infrastructure Stack
Network
Scale out compute
and storage
Virtualization
Network
Virtualization
Compute
SAN Fabric
Storage
AHV
Nutanix
62. Citrix – Nutanix Integration
Production
Ready for AHV
Integrated Management Fast Provisioning
No vTax to run Citrix on Nutanix
Fully integrated with Desktop
Studio UI
High speed image updates and
operations
Includes Nutanix standard benefits
• Shadow clones and boot-storm handling
• Rapid troubleshooting and clear ops line-of-sight
• Linear scaling and pay-as-you-grow consumption model
65. Linearly Scaling Virtual Desktop Infrastructure
VMs(Desktops)
• Scale incrementally one node at a time
• Protect infrastructure investment by eliminating forklift upgrades
• Scale storage capacity & performance linearly
Pay-as-you-grow
Number of Nodes
66. Citrix XenDesktop/XenApp on Nutanix AHV
VM VM VM
VM VM VM
VM
VM
VM
VM
AHV
Nutanix AHV is
Citrix XenApp/XenDesktop
Citrix NetScaler VPX*
Citrix ShareFile
Citrix Cloud
Citrix
StoreFront
XenDesktop
Delivery Controller
AHV
Citrix Sharefile &
File services
SQL Server & Infra
/network services
Citrix Studio, Director
VM
Citrix
NetScaler VPX
67. Desktop virtualisatie lagen
Compute and Storage (HW)
Hypervisor
Control and Access Layer
Desktop Layer
User Layer
Infrastructure (Studio, file, AD, SQL, License)
Nutanix Acropolis Hypervisor / Vmware ESX / Microsoft Hyper-V
Desktop Delivery (XD) & Image Controllers (MCS)
Access Controllers (StoreFront) and Networking (NetScaler)
Profile management, golden image, and apps
User type and end-points (Receiver)
Citrix ShareFile and file services
68. “SET THE USER FREE”
e n d p o i n t s e c u r i t y s i m p l i f i e d
AppSense now part of the LANDESK family
72. Users want to Personalize their workspace and access
their Data. IT wants to manage Policy, Privilege,
Performance and Analytics for each user. Combined,
these elements define User DNA™
Workspace Management
IT Settings
User Settings
+
= User DNA™
AppSense unlocks User DNA™
so IT can manage it independently.
Personalization
Policy
Privileges
Performance
Data Access
Analytics
73. User DNA™ is stored, managed and distributed from a central
AppSense database, leveraging the AppSense platform. IT gets
granular, contextual control allowing User DNA™ to follow the user,
creating a seamless workspace experience.
AppSense
Database
Physical Virtual Cloud
Workspace Management
74. Creating a Balanced Portfolio
Patch
Management
Endpoint Security
Configuration
Management
Physical, Virtual
& Mobile
Service
Management
Asset
Management
User
Environment
Management
Security
AnalyticsandDashboards
Environment
Management
Privilege
Management
Application
Control
File & Profile
Migration
75. PROTECT
Protects against zero-day attacks by preventing malicious software
from executing
CONTROLEXECUTION
Apply precise control over how authorized applications execute and
whether applications can launch other applications to prevent stealth
rootkits from infiltrating your enterprise systems.
RANSOMWARECONTINUOUSTORISE
Ransomware is not going away any time soon, because the business
model offers high reward for minimal effort. Compared to 2015’s 29
ransomware families, 79 new families already emerged this year
PREVENT
Prevents malware from running when your host system reboots. Also locks
down the registry until rights are approved by the IT administrator
01
02
03
04
Protect Against Ransomware
Source: TrendLabs 2016 Security Roundup
76. Common Security Weakness
§ Almost all forms of attack use privilege escalation when installing malware that needs
administrative privileges.
§ Phishing, which continues to be the most common front end for damaging attacks, is
used to obtain user credentials from which to start the escalation, and phishing
succeeds because of poor hygiene in application and privilege management.
77. 85% of all Critical vulnerabilities documented
in the report can be mitigated by removing
admin rights *2015 Microsoft Vulnerabilities Report
99.5% of all vulnerabilities reported in Internet
Explorer in 2015 could be mitigated by
removing admin rights *2015 Microsoft Vulnerabilities Report
86% of reported vulnerabilities come from 3rd
party applications. *National Vulnerability Database
In 2015, Microsoft Windows represented the most targeted
software platform, with 42 percent of the top 20 discovered
exploits directed at Microsoft platforms and applications. *HP
Cyber Risk Report 2016
Malware Monetization and
Application Vulnerabilities
The average ransom discovered to date
in 2016 stands at US$679, up from $294
in 2015 *ISTR Ransomware & Business, Symantec
Feb 2016, the Hollywood
Presbyterian Medical Center
(HPMC) paying the attackers’
demand of US$17,000
78. Missing Patches
• Third Party
• MS Office
• Adobe
• Java
01
Dangerous
Applications
• Media
• Runtimes
• Web browsers
02
Misconfigured
User Access
• Admin rights
• Least Privilege
• Password
Management
03
Unprotected
Data
• Sensitive Data
• Unencrypted
• Multiple
Storage
04
Endpoint Security Threats
79. Patching
• Clear visibility
on all
endpoints
• Effective
Detection
• Automatic
Policy
Enforcement
• Single
Management
Console
01
Unhazardous
Applications
• Minimize
exposure
• Automatic
uninstall
• Application
Whitelist/Blac
klist
• EPC for
remote
connections
02
Proper User
Access
• Remove
Admin rights
• Determine
Least
Privilege
• Automate
Elevation
• User self-
service Portal
03
Data Protection
• Enable Data
Encryption
• Automated
Scans
• Protect
External
Media
• Backup and
Recovery
04
Endpoint Security Best Practices
81. Strategic Approach & Benefit
MITIGATES AT LEAST
OF TARGETED
CYBER INTRUSIONS
• National Security Agency, Information Assurance Guidance, www.nsa.gov/ia/mitigation_guidance/
• Australian Government Department of Defence, Strategies to Mitigate Targeted Cyber Intrusions,
www.asd.gov.au/infosec/mitigationstrategies.htm
PATCH
Applications and
Operating System
CATCH
Malicious software with
a Whitelist
MATCH
The Right People with
the Right Privileges
83. Regain Control of Applications
Regain control of applications running across the business without locking
down your users
Use cases – Security and beyond
• Deploy all users as standard users
• Assign privilege to individual applications based on user roles and needs
• Prevent execution of unauthorized applications
85. System Level Visibility
System Level
(ActiveX controls, VBscripts, batch files, MSI packages and registry configuration files, .exe,
.dll processes, App launches, binaries created, drivers, etc.)
86. Intelligence
System Level
(ActiveX controls, VBscripts, batch files, MSI packages and registry configuration files, .exe,
.dll processes, App launches, binaries created, drivers, etc.)
Application Control by :Trusted Ownership – IT Admin or Service Account
White / Blacklisting
Digital Signatures
87. Control
System Level
(ActiveX controls, VBscripts, batch files, MSI packages and registry configuration files, .exe,
.dll processes, App launches, binaries created, drivers, etc.)
Application Control by: Trusted Ownership – IT Admin or Service Account
White / Blacklisting
Digital Signatures
Network Access Control - Application Termination
Application Control - URL Redirection - Rights Management – Self Elevation –
Win Store App Control
88. Prevent & Awareness
System Level
(ActiveX controls, VBscripts, batch files, MSI packages and registry configuration files, .exe,
.dll processes, App launches, binaries created, drivers, etc.)
Application Control by means of Trusted Ownership – IT Admin or Service Account
White / Blacklisting
Digital Signatures
Quarantine Block Warn Dialogue Monitor Educate
Network Access Control - Application Termination
Application Control - URL Redirection – Privilege Management – Self Elevation –
Granular Exceptions & Contextual Aware - Win Store App Control (Win8/8.1/10)
89. Response
System Level
(ActiveX controls, VBscripts, batch files, MSI packages and registry configuration files, .exe,
.dll processes, App launches, binaries created, drivers, etc.)
Application Control by: Trusted Ownership – IT Admin or Service Account
White / Blacklisting
Digital Signatures
Quarantine Block Warn Dialogue Monitor Educate
Auditing / Monitoring Advanced Reporting Application Admin Rights Discovery
Evidentiary Forensics License Management
Network Access Control - Application Termination
Application Control - URL Redirection - Rights Management – Self Elevation –
Granular Exceptions & Contextual Aware - Win Store App Control (Win8/8.1/10)
90. AppSense Endpoint Security
Allows desktop and InfoSec teams to protect endpoints and enable
regulatory compliance without degrading the user experience.
Protection
Identify and block unauthorized applications
from running
Automate Microsoft and third-party
application patch assessment and deployment
Enforce software licensing and ensure
compliance
Detect suspicious endpoint behaviour
User Experience & Productivity
Manage user privileges and policies at a
highly granular level
Allow user self-elevation
Monitor admin rights and self-elevation
trends
102. Wat staat er in?
Waarom
Wat is het doel?
Wat
Welk eindproduct ga je maken?
Hoe
Op welke manier ga je het doen?
Wie
Welke mensen gaan meedoen?
Welke middelen
Welk materiaal, welk materieel?
Wanneer
Wat is het tijdpad van het project?
107. Onze oplossingen
ICT-Partners helpt u succesvol te zijn met uw ICT. Wij ontwerpen,
implementeren en optimaliseren ICT-omgevingen met de nieuwste
technologieën, die bijdragen aan continuïteit, stabiliteit en kostenbesparing.