Fronting XenMobile MDM with NetScaler
This article focuses on the integration of our MDM and NetScaler product lines
Placing a NetScaler appliance in-front of your device manager will allow for a flexible and secure delivery platform for an optimal MDM solution
http://blogs.citrix.com/2013/03/12/fronting-xenmobile-mdm-with-netscaler/
z/OS V2R3 Communications Server introduces HiperSockets Converged Interface (HSCI) support that provides the following benefits:
(1) Linux on z Systems Layer 2 and z/VM VSwitch Bridge Compatibility:
Clients prefer the administrative and operational advantages when configuring Linux guests with a single IP interface using a z System layer 2 configuration. The usability advantages are extended by the z/VM VSwitch bridge support allowing Linux guests to configure a single IP interface for HiperSockets providing both internal CPC and external LAN communications. The current z/OS HS support only provides layer 3 connectivity which is incompatible with this Linux and z/VM environment. The new z/OS V2R3 HSCI support resolves this issue by providing compatibility for both HS Layer 2 and Linux guests using HS with the z/VM VSwitch bridge.
(2) Improved ("hands free") HiperSockets Usability for z/OS Environments:
HSCI transparently "converges" a HS interface with your OSA interface providing transparent and dynamic access and usage of HS.
With the HSCI enhancement:
- Access to HS is achieved without requiring the z/OS network administrator to configure, provision, manage or operate a HS interface (e.g. an IP address is not required for HiperSockets).
- Relocating a z/OS instance to another CPC can be accomplished without making any HS definitions, changes or taking any operator actions to access HS on the new CPC. With HSCI your external LAN is "logically extended" within each CPC (over IQD) providing a single seamless LAN topology within your data center (i.e. the internal LAN is an extension of the external LAN). Once your OSA interface is restarted on the new CPC (z/OS location), your HSCI will dynamically be reestablished.
SMC-D with IBM z13 and z13s Internal Shared Memory (ISM) provides a highly optimized intra-CPC communications.
SMC-D is expected to provide substantial performance, throughput, response time, and CPU consumption
benefits compared to standard TCP/IP communications over HiperSockets.
z/OS V2R3 Communications Server introduces HiperSockets Converged Interface (HSCI) support that provides the following benefits:
(1) Linux on z Systems Layer 2 and z/VM VSwitch Bridge Compatibility:
Clients prefer the administrative and operational advantages when configuring Linux guests with a single IP interface using a z System layer 2 configuration. The usability advantages are extended by the z/VM VSwitch bridge support allowing Linux guests to configure a single IP interface for HiperSockets providing both internal CPC and external LAN communications. The current z/OS HS support only provides layer 3 connectivity which is incompatible with this Linux and z/VM environment. The new z/OS V2R3 HSCI support resolves this issue by providing compatibility for both HS Layer 2 and Linux guests using HS with the z/VM VSwitch bridge.
(2) Improved ("hands free") HiperSockets Usability for z/OS Environments:
HSCI transparently "converges" a HS interface with your OSA interface providing transparent and dynamic access and usage of HS.
With the HSCI enhancement:
- Access to HS is achieved without requiring the z/OS network administrator to configure, provision, manage or operate a HS interface (e.g. an IP address is not required for HiperSockets).
- Relocating a z/OS instance to another CPC can be accomplished without making any HS definitions, changes or taking any operator actions to access HS on the new CPC. With HSCI your external LAN is "logically extended" within each CPC (over IQD) providing a single seamless LAN topology within your data center (i.e. the internal LAN is an extension of the external LAN). Once your OSA interface is restarted on the new CPC (z/OS location), your HSCI will dynamically be reestablished.
SMC-D with IBM z13 and z13s Internal Shared Memory (ISM) provides a highly optimized intra-CPC communications.
SMC-D is expected to provide substantial performance, throughput, response time, and CPU consumption
benefits compared to standard TCP/IP communications over HiperSockets.
Practical Design Patterns in Docker NetworkingDocker, Inc.
Migrating an application to Docker creates an opportunity to utilize new networking topologies and features, which can provide new functionality to an existing application. This talk will provide an overview of Docker networking with a focus on the architectural choices when migrating applications. Taking sample applications we will look at the existing networking topology and cover the options available to create a simple migration and provide additional functionality.
Container orchestration from theory to practiceDocker, Inc.
"Join Laura Frank and Stephen Day as they explain and examine technical concepts behind container orchestration systems, like distributed consensus, object models, and node topology. These concepts build the foundation of every modern orchestration system, and each technical explanation will be illustrated using SwarmKit and Kubernetes as a real-world example. Gain a deeper understanding of how orchestration systems work in practice and walk away with more insights into your production applications."
The Presentation given at Guru Gobind Singh Polytechnic, Nashik for Third Year Information Technology and Computer Engineering Students on 08/02/2011.
Topic: Java Network Programming
2/23/2016 Sample Implementation Plan1.html
file:///C:/Users/Kevo24/AppData/Local/Temp/Temp1_Sample%20Implementation%20Plan1.html.zip/Sample%20Implementation%20Plan1.html 1/8
Now you are completing Part 5 of the AAP (WWTC) which is:
“This section will lay out the implementation plan of the entire AAP design, which include configuration
of key networking devices, detailing milestones, activities, resources, and budgets, as well as providing a
deliverables schedule.”
Project Implementation Plan
In this lecture I will discuss implementation plan through an example of an enterprise network.
The figure presents a fictitious enterprise factious network. The company would like to implement a
scalable solution with a routing protocol that provides fast convergence. For optimal routing and packet
forwarding, hierarchical addressing with summarization is required. Users require highspeed access to
the server farm with redundant connectivity for protection. The company has many remote offices; a
redundant connection to the Internet is required to provide the remote offices with nonstop access to its
server farm. For remote offices, a secure connection must be implemented to prevent unauthorized
persons from accessing data.
The first step before creating an implementation plan is to gather existing information about the networks
and all the requirements.
The existing topology provides redundant connectivity among all the network devices. Internet
connectivity is dual homed, which provides redundant access to the remote sites as well as World Wide
Web resources. The equipment can provide all the functionalities that are required, but the software
version of the operation system must be upgraded.
The networking equipment has existing IP addressing that needs to be changed to ensure optimal routing
and forwarding of packets as well as summarization. Requirements for server farm access and remote
2/23/2016 Sample Implementation Plan1.html
file:///C:/Users/Kevo24/AppData/Local/Temp/Temp1_Sample%20Implementation%20Plan1.html.zip/Sample%20Implementation%20Plan1.html 2/8
office connectivity do not include changes in QoS configuration. The server farm hosts the critical
applications of the company including VoIP, and these require preferred treatment. OSPF is configured
in the network. This configuration must be changed, because a faster convergence time is required.
EIGRP is better choice than OSPF.
Security configuration is required to provide secure access to terminal resources. In this case existing
security is sufficient, therefor no changes are needed.
For this scenario implementation plan would be
Project contact list
Location information and means of accessing the premises
Tools and resources
Assumption
Task and detailed description
Network staging plan
Project Contact List
Consultant Project Team Customer Project Team
Project Manager
Telephone
EMail
Project Manager
Telephone
EMail
Configuration Engineer
Telephone
Email
Con.
Good news from the Worldwide Consulting Desktop & Apps (DnA) team! We’ve just finished updating theVirtual Desktop Handbook for XenDesktop 7, StoreFront 2.0 and XenServer 6.2.
The Virtual Desktop Handbook is an architect’s guide to desktop virtualization. It provides you with the methodology, experience and best practices you need to successfully design your own desktop virtualization solution.
Updates in this release include:
Resource requirements for Windows 8 and Server 2012
XD controller sizing
XenDesktop 7 policy guidelines
Database sizing for XenDesktop 7
SQL 2012 chapter
StoreFront 2.0 chapter
32-bit or 64-bit desktop OS guidance
Desktop group & StoreFront integration
In addition, we’ve also included a Citrix policy quick reference spreadsheet so that you can quickly identify default, baseline and template settings from XenDesktop 5 / XenApp 6 all the way up to XenDesktop 7. Thanks go out to Michael Havens, Maria Chang and Uzair Ali for creating this great reference spreadsheet.
I hope you find this handbook useful during your next desktop virtualization project.
And we’re not done yet, future updates will include:
Bandwidth
Hyper-V 2012
PVS 7
User data
And more …
The Virtual Desktop Handbook is not the only resource to guide you through your desktop virtualization journey. Citrix also provides Project Accelerator; an interactive online tool creating customized sizing and design recommendations based on the methodology, best practices and expert advice identified within this handbook.
You can still reach the XenDesktop 5 handbook using the old URL – CTX136546
Andy Baker – Architect
Worldwide Consulting
Desktop & Apps Team
http://blogs.citrix.com/2013/10/10/new-xendesktop-7-handbook-published/
Practical Design Patterns in Docker NetworkingDocker, Inc.
Migrating an application to Docker creates an opportunity to utilize new networking topologies and features, which can provide new functionality to an existing application. This talk will provide an overview of Docker networking with a focus on the architectural choices when migrating applications. Taking sample applications we will look at the existing networking topology and cover the options available to create a simple migration and provide additional functionality.
Container orchestration from theory to practiceDocker, Inc.
"Join Laura Frank and Stephen Day as they explain and examine technical concepts behind container orchestration systems, like distributed consensus, object models, and node topology. These concepts build the foundation of every modern orchestration system, and each technical explanation will be illustrated using SwarmKit and Kubernetes as a real-world example. Gain a deeper understanding of how orchestration systems work in practice and walk away with more insights into your production applications."
The Presentation given at Guru Gobind Singh Polytechnic, Nashik for Third Year Information Technology and Computer Engineering Students on 08/02/2011.
Topic: Java Network Programming
2/23/2016 Sample Implementation Plan1.html
file:///C:/Users/Kevo24/AppData/Local/Temp/Temp1_Sample%20Implementation%20Plan1.html.zip/Sample%20Implementation%20Plan1.html 1/8
Now you are completing Part 5 of the AAP (WWTC) which is:
“This section will lay out the implementation plan of the entire AAP design, which include configuration
of key networking devices, detailing milestones, activities, resources, and budgets, as well as providing a
deliverables schedule.”
Project Implementation Plan
In this lecture I will discuss implementation plan through an example of an enterprise network.
The figure presents a fictitious enterprise factious network. The company would like to implement a
scalable solution with a routing protocol that provides fast convergence. For optimal routing and packet
forwarding, hierarchical addressing with summarization is required. Users require highspeed access to
the server farm with redundant connectivity for protection. The company has many remote offices; a
redundant connection to the Internet is required to provide the remote offices with nonstop access to its
server farm. For remote offices, a secure connection must be implemented to prevent unauthorized
persons from accessing data.
The first step before creating an implementation plan is to gather existing information about the networks
and all the requirements.
The existing topology provides redundant connectivity among all the network devices. Internet
connectivity is dual homed, which provides redundant access to the remote sites as well as World Wide
Web resources. The equipment can provide all the functionalities that are required, but the software
version of the operation system must be upgraded.
The networking equipment has existing IP addressing that needs to be changed to ensure optimal routing
and forwarding of packets as well as summarization. Requirements for server farm access and remote
2/23/2016 Sample Implementation Plan1.html
file:///C:/Users/Kevo24/AppData/Local/Temp/Temp1_Sample%20Implementation%20Plan1.html.zip/Sample%20Implementation%20Plan1.html 2/8
office connectivity do not include changes in QoS configuration. The server farm hosts the critical
applications of the company including VoIP, and these require preferred treatment. OSPF is configured
in the network. This configuration must be changed, because a faster convergence time is required.
EIGRP is better choice than OSPF.
Security configuration is required to provide secure access to terminal resources. In this case existing
security is sufficient, therefor no changes are needed.
For this scenario implementation plan would be
Project contact list
Location information and means of accessing the premises
Tools and resources
Assumption
Task and detailed description
Network staging plan
Project Contact List
Consultant Project Team Customer Project Team
Project Manager
Telephone
EMail
Project Manager
Telephone
EMail
Configuration Engineer
Telephone
Email
Con.
Good news from the Worldwide Consulting Desktop & Apps (DnA) team! We’ve just finished updating theVirtual Desktop Handbook for XenDesktop 7, StoreFront 2.0 and XenServer 6.2.
The Virtual Desktop Handbook is an architect’s guide to desktop virtualization. It provides you with the methodology, experience and best practices you need to successfully design your own desktop virtualization solution.
Updates in this release include:
Resource requirements for Windows 8 and Server 2012
XD controller sizing
XenDesktop 7 policy guidelines
Database sizing for XenDesktop 7
SQL 2012 chapter
StoreFront 2.0 chapter
32-bit or 64-bit desktop OS guidance
Desktop group & StoreFront integration
In addition, we’ve also included a Citrix policy quick reference spreadsheet so that you can quickly identify default, baseline and template settings from XenDesktop 5 / XenApp 6 all the way up to XenDesktop 7. Thanks go out to Michael Havens, Maria Chang and Uzair Ali for creating this great reference spreadsheet.
I hope you find this handbook useful during your next desktop virtualization project.
And we’re not done yet, future updates will include:
Bandwidth
Hyper-V 2012
PVS 7
User data
And more …
The Virtual Desktop Handbook is not the only resource to guide you through your desktop virtualization journey. Citrix also provides Project Accelerator; an interactive online tool creating customized sizing and design recommendations based on the methodology, best practices and expert advice identified within this handbook.
You can still reach the XenDesktop 5 handbook using the old URL – CTX136546
Andy Baker – Architect
Worldwide Consulting
Desktop & Apps Team
http://blogs.citrix.com/2013/10/10/new-xendesktop-7-handbook-published/
Reference architecture dir and es - finalNuno Alves
Citrix Director with EdgeSight provides a complete troubleshooting window to quickly resolve issues around desktops or applications. Previous versions of XenApp leveraged EdgeSight, while XenDesktop deployments looked to Director for assistance. Starting in XenDesktop 7, these two great technologies have been merged into one central point for troubleshooting.
The purpose of this document will be to provide you an overviewof all the necessary parts required to give your company a holistic view. With this being a new product with new features, this document will provide administrators the tools to feel comfortable moving forward with monitoring of a XenDesktop 7 deployment.
This document will cover the configuration of the Director server, as well as how to interface with the Insight Center provided from our NetScaler product line. For more of an overview of the EdgeSight product, please reference the whitepapersfound at www.citrix.com/xendesktop.
http://support.citrix.com/article/CTX139051
Provisioning server high_availability_considerations2Nuno Alves
The purpose of this document is to give the target audience an overview about the critical components of a Citrix
Provisioning Server infrastructure with regards to a high availability implementation. These considerations focus on the
following areas:
• Virtual Disk (vDisk) Storage
• Write Cache Placement
• SQL Database
• TFTP Service
• DHCP Service
Xd planning guide - storage best practicesNuno Alves
The Citrix Storage planning guide provides a list of best practices, recommendations and
performance related tips that cover the most critical areas of storage integration with Citrix
XenDesktop. It is not intended as a comprehensive guide for planning and configuring storage
infrastructures, nor as a storage training handbook.
Due to scope, this guide provides some device-specific information. For additional device- specific
configuration, Citrix suggests reviewing the storage vendor’s documentation, the storage vendor’s
hardware compatibility list, and contacting the vendor’s technical support if necessary
This document is an introduction to Disk Storage technologies and its terminology. Within this
document basic disk and storage architectures as well as storage protocols and common fault
tolerance technologies will be discussed. It is not intended as a comprehensive guide for planning
and configuring storage infrastructures, nor as a storage training handbook.
Due to scope, this guide provides some device-specific information. For additional device- specific
configuration, Citrix suggests reviewing the storage vendor‘s documentation, the storage vendor‘s
hardware compatibility list, and contacting the vendor‘s technical support if necessary.
For design best practices and planning guidance, Citrix recommends reviewing the Storage Best
Practices and Planning Guide (http://support.citrix.com/article/CTX130632)
This document describes how XenServer provides and keeps track of the storage supplied to its guests. The first section
is a reminder of how Linux looks at storage and the second section builds on that to explain XenServer storage. Basic
knowledge of Linux is required, as some standard tools are used.
XenDesktop relies on the hypervisor for many core functions, including VM creation, power operations, performance and redundancy. Therefore, it is important that you take the time to design an appropriate hypervisor infrastructure (XenServer, Hyper-V or vSphere). Otherwise, you may experience performance, functionality or even reliability issues.
Most information required to design a XenDesktop deployment on your chosen hypervisor platform is available publicly, but it can be hard to find since it’s spread across a multitude of knowledge base articles or white papers. In order to simplify and speed-up the design process, we’re in the process of consolidating the information that you need into a single document and augmenting it with recommendations and best practices. We’ve just finished incorporating the Hyper-V 2008 R2 and SCVMM 2012 planning section into the latest release of the Citrix Virtual Desktop Handbook, which includes important design decisions relating to this hypervisor, for example:
Selecting and sizing the right physical hardware for virtual machines
Knowing what storage options available for Hyper-V 2008 R2
What type of networks to build on the Hyper-V host
How to size the SCVMM servers
Designing a highly available SCVMM solution
Planning an effective failover cluster
The products covered in this current release of the handbook include XenDesktop 5.6, XenApp 6.5, Provisioning Services 6.x and XenClient Enterprise 4.5. A version of the Virtual Desktop Handbook covering XenDesktop 7.x, Provisioning Services 7, Hyper V 2012 R2 and SCVMM 2012 R2 is in the works with an initial release scheduled later in Q4. As always your feedback is welcomed.
http://blogs.citrix.com/2013/09/05/citrix-virtual-desktop-handbook-hyper-v-update/
CTX138217 - IntelliCache Reduction in IOPS: XenDesktop 5.6 FP1 on XenServer 6.1 - Citrix Knowledge Center http://ow.ly/o3Ma4
The purpose of this document is to provide testing results based on MCS-delivered streamed virtual desktops leveraging IntelliCache
NetScaler Deployment Guide for XenDesktop7Nuno Alves
This guide demonstrates how to deploy Citrix NetScaler in conjunction with Citrix XenDesktop 7 with a focus on both simplicity in configuration and advanced features not easily delivered with other products. This guide shows how to provision the XenDesktop 7 infrastructure, the NetScaler appliance and NetScaler Insight Center services to extend Citrix virtual desktop infrastructure and services to remote users in small to medium-size enterprises.
1. ARCHITECTURE | XenMobile
Reference Architecture:
XenMobile with NetScaler
Configuration Guide for Establishing NS Load Balancing Front End
www.citrix.com
2. Table of Contents
Table of Contents .............................................................................................................................................. 2
Introduction ........................................................................................................................................................ 3
Network Flow Diagram .................................................................................................................................... 4
XenMobile Port Table....................................................................................................................................... 4
Load Balancing Configuration on NetScaler ................................................................................................. 7
Conclusion ........................................................................................................................................................17
Additional Links ...............................................................................................................................................17
Key Contributors .............................................................................................................................................17
Disclaimer .........................................................................................................................................................18
XenMobile on NetScaler Reference Architecture Page |2
3. Introduction
Citrix Systems’ offering of XenMobile is a comprehensive solution portfolio designed to enable
customers to experience the benefits of Mobile Device Management while maintaining secure access
to applications and desktops.
The purpose of this document is to provide reference architecture to place a NetScaler in front of
your XenMobile MDM solution. This will allow the XenMobile Device Manager (XDM) to be
placed within the walls of your datacenter leaving the NetScaler appliance in the DMZ. This will
allow for a secure and scalable rollout of your MDM solution.
We will walk through several diagrams to prepare us for the configuration steps near the conclusion
of this document. This document covers configuration of the load balancing VIPs and not the
overall setup of the NetScaler. For additional resources around the NetScaler and other
configurations, please visit the “Additional links” section at the end of this document. Below
(Diagram 1.1) is a basic architecture of the XenMobile environment before the addition of the
NetScaler.
Diagram 1.1
XenMobile on NetScaler Reference Architecture Page |3
4. Network Flow Diagram
In the basic diagram below, we are showing the key ports within the function of the MDM solution.
A full description of the ports required for the solution is laid out in the ports table. A quick
summary of the current diagram is that port 80 and 443 are used by iOS, Android and Windows
devices for communication.
With regards to port 8443, Apple iOS uses this for over-the-air registration of the device with the
XDM. The use of the server FQDN will also make use of this port. This FQDN is key, as this has
been registered with the Apple Push Notification Service.
Diagram 1.2
INTERNET ZONE CORPORATE DMZ ZONE CORPORATE LAN ZONE
/S
Active Directory/LDAP
P
A
LD
6)
63
9/
38
P
C
(T
TCP 80 TCP 80 TCP 1433
TCP 443 TCP 443
TCP 8443 NetScaler LB TCP 8443
XenMobile Device MS SQL Server
H
TT
Manager
P
S
44
3
Microsoft CA or PKI Entity
Diagram 1.2: A basic diagram of the network flow for NetScaler and XenMobile
XenMobile Port Table
This table is designed to guide the XenMobile Administrator and Network Administrator through
the TCP/IP Port requirements for the Device Manager Server and mobile device agent connections.
XenMobile Device Manager Firewall Port Requirements
TCP
Description Source Destination
Port
By default, the XDM SMTP configuration of
XenMobile
25 the Notification Service uses port 25. However, if Corporate SMTP Server
Device
your corporate SMTP server uses a different port,
Manager
make sure that your corporate firewall does not
XenMobile on NetScaler Reference Architecture Page |4
5. block that port. Server
Over-the-Air (OTA) Enrollment and Agent
Internet
Setup (Android and Windows Mobile)
XenMobile Device
Over-the-Air (OTA) Enrollment and Agent Corporate Manager Server
Setup (Android and Windows Mobile), ZDM Web LAN and
Console, ZDM Remote Support Client Wi-Fi
80
ZDM Server Enterprise App Store connection to
XenMobile
Apple iTunes App Store (ax.itunes.apple.com). Apple iTunes
Device
Used for publishing recommended iTunes App App Store
Manager
Store apps from the available iOS applications (ax.itunes.apple.com)
Server
within the Web Console and iOS Agent
XenMobile
80 or XenMobile Device Manager Nexmo SMS Device Nexmo SMS Relay
443 Notification Relay outbound connection Manager server
Server
LDAP/LDAPS connection from ZDM Server to XenMobile
389 or Directory Service Host (Active Directory Global Device LDAP / Active
636 Catalog server or equivalent LDAP directory service Manager Directory Services
host) Server
SSL OTA Enrollment/Agent Setup (Android and
Windows Mobile), All Device-related traffic and data Internet
connections (iOS, Android and Windows Mobile)
XenMobile Device
443 SSL OTA Enrollment/Agent Setup (Android and
Corporate Manager Server
Windows Mobile), All Device-related traffic and data
LAN and
connections (iOS, Android and Windows Mobile),
Wi-Fi
ZDM Web Console
XenMobile
Remote database server connection to separate SQL Device
1433 SQL Server
Server (Optional) Manager
Server
Apple APNS (Push Notification Service) outbound XenMobile Internet (Apple APNS
2195 connection to gateway.push.apple.com, used for Device Service Hosts on public
iOS device notifications and device policy push Manager IP network17.0.0.0/8)
XenMobile on NetScaler Reference Architecture Page |5
6. Apple APNS (Push Notification Service) outbound Server
2196 connection to feedback.push.apple.com, used for
iOS device notifications and device policy push
iOS device
Apple APNS (Push Notification Service) outbound
on Wi-Fi
5223 connection from iOS devices connected via Wi-Fi
network
network to *.push.apple.com
service
Internet
Over-the-Air (OTA) Enrollment for iOS Devices Corporate XenMobile Device
8443
only LAN and Manager Server
Wi-Fi
Mobile App Tunnel Ports (Android and Windows
App Mobile) to destination internal Application Server
Application Server via
Tunnel via the ZDM Server (All ports are individually Internet XenMobile Device
defined for each Mobile AppTunnel used by a
Ports Device through a ZDM Device Configuration Manager Server
Policy)
1
Corporate LAN traffic outbound to DMZ and the Internet is assumed to be allowed.
PLEASE NOTE: When using Remote Support or Mobile App tunnel (Android and Windows
Mobile), the following traffic needs to be open at the firewall:
TCP
Description Source Destination
Port
Remote Support Console default server inbound
Remote Support XenMobile Device
8081 connection (depending on the Remote Support Tunnel
Console Manager Server
definition)
80 or Remote Support Console access to ZDM to Remote Support XenMobile Device
443 retrieve device list. Console Manager Server
Tunnel Mobile Application Tunnel access to Application XenMobile Device Internal Application
port Server (port configured in the tunnel definition) Manager Server Server
XenMobile on NetScaler Reference Architecture Page |6
7. Load Balancing Configuration on NetScaler
This section covers the required load balancing configuration on the NetScaler for use with
XenMobile. For other links to other possible configurations, please see the Additional Links section
at the end of this document. To begin configuration, the first step of this process will be to create
the “Servers” entry in the load balancing section of the NS console. Add the name of the server and
the internal IP address that the NetScaler will be routing the traffic.
Create your “XenMobile Server” that you are load balancing
After you have created the entry for the XenMobile server, create your services for the 3 major ports
as depicted in the Diagram 1.2. The screen shots below have incorporated the port number into the
name for easy reference. All three services will be pointing to the same server. The screen shots
only show tabs with information that has been edited.
XenMobile on NetScaler Reference Architecture Page |7
8. Create our Services:
Here is the basic setup for the services over port 80.
Basic information for the port 80 monitor, all other tabs are configured as default;
XenMobile on NetScaler Reference Architecture Page |8
9. Basic setup of the services for port 443:
Configure the monitor for port 443, and all other tabs are configured as default:
XenMobile on NetScaler Reference Architecture Page |9
10. Basic setup of services for port 8443:
Configure the services for port 8443, and all tabs are configured as default:
The final step will be to create the Virtual Servers using the Load Balancing Services and Server(s)
that were previously configured. We have named the Virtual Server with the proper task in line
from the port table from above.
Configure your virtual servers:
XenMobile on NetScaler Reference Architecture Page |10
11. For the enrollment Virtual Server (port 443), we place a check box next to the proper service that
was setup. We then set the “Method and Persistence” tab for “Least Connection” and
“SSLSESSION” with a timeout of 2 minutes. The IP address listed will be the address accessible in
the DMZ address space. This IP address will be registered with DNS, please verify that devices on
the corporate LAN environment can be routed to this virtual server.
Configure your XenMobile_Enroll (443) virtual server with your external/DMZ IP address:
XenMobile on NetScaler Reference Architecture Page |11
12. Configure the Method and Persistence as before:
The same process will be followed for the creation of the Virtual Server for ports 8443 and 80.
XenMobile on NetScaler Reference Architecture Page |12
13. Configure 8443 (profiles for iOS) with same external IP:
XenMobile on NetScaler Reference Architecture Page |13
17. Conclusion
This completes the configuration for front ending the XenMobile MDM environment with
NetScaler. Load Balancing of all essential ports for the XenMobile server is complete
Additional Links
Below is a list of additional links for other configurations:
Citrix XenMobile Solutions:
http://support.citrix.com/proddocs/topic/cloudgateway/xmob-landing-page-con.html
XenMobile MDM eDocs:
http://support.citrix.com/proddocs/topic/cloudgateway/xmob-mdm-landing-page-con.html
Deploying Mobility Solutions Bundle Components:
http://support.citrix.com/proddocs/topic/clg-deployment/clg-deployment-cloudgateway-options-
con.html
Key Contributors
Josh Fleming, Senior Systems Engineer Author
Jon Eugenio, Senior Systems Engineer Content Contributor and Reviewer
Florin Lazurca, Senior Architect Content Contributor
XenMobile on NetScaler Reference Architecture Page |17