Hands-on Lab Exercise Guide
|
|
- Tracy Lindsey
- 6 years ago
- Views:
Transcription
1 Netscaler Gateway Hands-on Lab Exercise Guide Paul Walker 11/4/2014
2 Contents Contents... 1 Overview... 3 Scenario... 7 Module1-Exercise First time Configuration of Netscaler Gateway... 9 Module1-Exercise Installing a Demo Certificate on Netscaler...11 Module1-Exercise Importing an Existing Windows Certificate...13 Module1-Exercise Requesting a Certificate from the Netscaler...16 Module1-Exercise Create a Netscaler Gateway Virtual Server...19 Module1-Exercise Configuring Authentication and Secure Ticket Authority Details...21 Module1-Exercise Configure WebInterface Site for Access via Netscaler Gateway...24 Module1-Exercise Configure Session Policy Profile to Access XenApp Server using WebInterface...28 Module1-Exercise Test Application Enumeration and Launch...29 Module1-Exercise Define Client Security Requirements for SmartAccess...31 Module1-Exercise Configuring XenApp Server Policies and Filters...32 Module1-Exercise Test from a Client Computer...33 Module1-Exercise Alternate Deployment Scenarios...34 Module1-Exercise Enable XenApp Server as a Quarantine Access Method...36 Module1-Exercise SmartAccess Validation...38 Module1-Exercise Show Client Choices Page at Logon...39 Module1-Exercise WebInterface Failover
3 Module1-Exercise HTTP Port 80 Redirection...42 Module 2- Exercise Configuring Load Balancing for XenDesktop Delivery Controllers...43 Module 3- Exercise Netscaler Gateway Pre-Authentication...47 Module 4- Exercise Load Balancing XenApp Servers...52 Module 5- Exercise Netscaler Gateway Pre-Authentication...56 Module 5- Exercise Netscaler Gateway Authorization Policy...58 Module 6- Exercise Displaying Client and Configuration Options for VPN...61 Module 7- Exercise Integrating Netscaler with XenDesktop and XenApp...64 Module 7- Exercise Configuring the Netscaler to use Storefront...66 Module 7- Exercise Adding Secure Ticketing Authority Servers to the Netscaler
4 Overview Hands-on Training Module Objective Provide training to NewHire and anyone wanted to understand Netscaler Gateway and its integration capability. This training will provide hands on training on Installation, Configuration and integration using Netscaler Gateway Prerequisites Basic Knowledge of Networking and Windows. Also should take the Netscaler NewHire Training. Audience Technical Support Lab Environment Details Describe the lab environment. The system diagram of the lab is shown below: The Student Desktop is accessed remotely using Citrix Receiver running on your laptop. All windows applications such as XenCenter, (the XenServer GUI management tool), are accessed from the Student Desktop. 3
5 Lab Guide Conventions This symbol indicates particular attention must be paid to this step Special note to offer advice or background information reboot VMDemo Start Text the student enters or an item they select is printed like this Filename mentioned in text or lines added to files during editing Bold text indicates reference to a button or object Focuses attention on a particular part of the screen (R:255 G:20 B:147) Shows where to click or select an item on a screen shot (R:255 G:102 B:0) List of Virtual Machines Used VM Name IP Address Description / OS AD.training.lab DC/CertificateServer DC XenDesktop1 DC XenDesktop Netscaler RDS SF Storefront SF Storefront SQLServer SQL Win7Client Win7 machine Win7Master Win7VDA56 Win8VM XenApp Xenapp6.5/WI/Radius/PHPServer XenApp Xenapp6.5/WI/PHPServer Required Lab Credentials The credentials required to connect to the environment and complete the lab exercises. VM Name IP Address Password Description Win7Client Password1 Training\CitrixAdmin Citrix123 Training\administrator 4
6 5
7 How to Log into the Lab Environment Follow the directions below to access the lab environment. STEP 1 Launch your web browser and go to the training portal URL address provided by your instructor (eg: STEP 2 On the website, enter: Session Code Business Address The Session code provided by your instructor Your address Click Get Started. STEP 3 You will see a welcome screen with XenServer credentials. Example You will use the credentials from your welcome screen to attach XenCenter to your XenServer host. Click Start Lab to launch your lab session. Wait for the application to launch and you will see your student desktop used to launch the various applications needed during the lab. 6
8 Scenario This document is structured as a detailed deployment example illustrating how Netscaler Gateway, Enterprise Edition can meet requirements for secure application access. The following scenario is assumed: Project Requirements Phase 1 1. Connect client computers must be analyzed to determine whether they are company-issued. Any file, process or registry key can be used to make this determination. For this example, we will check for the presence of the file C:\valid.txt. 2. When users log in from a qualified endpoint (company-issued workstation): a. All applications published to the user are included in the application list b. Citrix Presentation Server Clients clipboard mapping is enabled c. Presentation Server Clients drive mapping is enabled d. Presentation Server Clients printer mapping is enabled 3. When users log in from an unqualified endpoint: a. The Sensitive Financial Application icon should not be included in the user s application list b. Presentation Server Clients clipboard mapping is disabled c. Presentation Server Clients drive mapping is disabled d. Presentation Server Clients printer mapping is disabled High-level Implementation s Perform these tasks to demonstrate a solution that meets the requirements defined above. 1. Install Netscaler Gateway 10.1, Enterprise Edition appliance a. Configure networking b. Install a license and a certificate c. Create an Netscaler Gateway virtual server named SmartAccess d. Configure LDAP authentication 2. Publish applications on Presentation Server a. Publish Notepad, Wordpad, etc. b. Publish calc.exe as Sensitive Financial Application 3. Configure Web Interface a. Create a Web Interface site b. Configure the Web Interface site for Advanced Access Control c. Configure Access Gateway, Secure Ticket Authority and DMZ settings 7
9 4. Configure Netscaler Gateway a. Configure Web Interface as the Access Gateway home page b. Define endpoint analysis criteria 5. Modify published application and XenApp Server policy access control settings a. Edit the properties of Sensitive Financial Application to require the Netscaler Gateway endpoint criteria b. Create XenServer policies that enable client device mapping only when the Netscaler Gateway endpoint criteria are met Project Requirements Phase 2 Now that you have WebInterface and XenApp integrated with Netscaler Gateway your company has added XenDesktop and Storefront to the environment. You have been task with testing the different configuration options with these products and eventually integrate them with Netscaler Gateway 8
10 Module1-Exercise 1 First time Configuration of Netscaler Gateway Overview This section contains step-by-step instructions for configuring Netscaler Gateway, XenApp Server and the Web Interface. It is assumed that the Netscaler Gateway is at the factory default settings, XenApp Server, Web Interface and the domain controller are installed and working properly, and a few sample applications are published on XenApp Server Before you begin ensure that the following virtual machines are started Ad.training.lab Netscaler Win7Client XenApp1 XenApp2 by step guidance- Configuring Netscaler Gateway Estimated time to complete this lab: 5 minutes. 1. Power on the Netscaler Gateway Virtual machine if not already started. Logon as nsroot with password nsroot(default administrative account) 2. At the prompt enter the IP address and mask <ip><mask> 3. After the system restarts, Logon to Win7Client vm as CitrixAdmin.In a Chrome Web browser type the new IP address, Your client device needs to be on the same subnet as the appliance, and must have the Sun Java runtime environment (JRE) installed. Note:JRE is already installed. Please don t upgrade in prompted to upgrade Log in as nsroot and choose to start in Configuration. 4. You should now see the Netscaler Gateway Configuration Utility: 5. Click Setup Wizard to complete the network configuration, including the default gateway and changing the default nsroot password if prompted to do so. 9
11 Exercise Summary Completed the first time networking prompts presented by Netscaler Logon to the Netscaler Management console as nsroot/nsroot The following are sample warning and info boxes. This is a sample warning of an important step. Your physical XenServer name will be different. 10
12 Module1-Exercise 2 Installing a Demo Certificate on Netscaler Overview The Access Gateway can generate self-signed certificates for testing purposes, but these selfsigned certificates are not compatible with the Citrix XeApp Server Clients. Therefore, it is strongly recommended that the built-in certificate wizard NOT be used when the deployment calls for access to XenApp Server farms without requiring the Netscaler Gateway VPN client or the Citrix Receiver. Three methods for obtaining and installing a valid server certificate are outlined below. Choose the method that best suits your needs. The procedures to choose from are as follows: 1. Use the demo certificate provided in this document. No certificate server is required. This method is not appropriate for a production deployment of Netscaler Gateway. 2. Export an existing Windows certificate to a PFX file and upload it to the Netscaler Gateway appliance as a PKCS#12 file. This method is recommended when migrating from the Windowsbased Secure Gateway to the Netscaler Gateway appliance or when you have a wildcard certificate that can be reused. 3. Create a certificate signing request (CSR) file on the Netscaler Gateway appliance, send the CSR to a certificate authority, and then upload the response certificate. A sample server certificate and corresponding root certificate are provided in this document. The subject of the server certificate is a wildcard certificate issue *.training.lab. When using this certificate, clients should have a HOSTS file entry that resolves the fully qualified domain name access.training.lab to the IP address of the Netscaler Gateway virtual server. by step guidance- Installing from an existing Certificate Estimated time to complete this lab: 15 minutes. 1. Connect to the win7client vm and login as CitrixAdmin. 2. Open a chrome and connect to and login as nsroot/nsroot 3. In the Netscaler Gateway Configuration Utility, select Traffic Management>SSL > Certificates and click Install. 4. Type NetscalerGatewayDemoTraining for the certificate-key pair name. Keep the file location set to Appliance. 5. For the Certificate Filename field, click Browse and locate the Demotraining.cer file you created. 6. For the Key Filename field, click Browse and select the same demo.training.lab file as above. 7. Keep the PEM format selected and click Create. Then click Close. 11
13 8. The NetscalerGatewayDemoTraining certificate should now be listed and is available for use with your deployment. Note We will not be using this certificate 9. Exercise Summary Install an exisiting certificate using the Netscaler configuration manager. 12
14 Module1-Exercise 3 Importing an Existing Windows Certificate Overview If a server running the IIS is currently deployed, you might be able to export its server certificate for use on the Netscaler Gateway appliance. In some cases however, the private key may not be exportable in which case the certificate cannot be used. You can also use this technique to export a certificate that has been installed using the Internet Information Services (IIS) certificate wizard on any Windows-based Web server. Perform the following steps to export a Windows certificate and private key to a PFX file and then upload the PFX file to the Access Gateway appliance. by step guidance- Importing an Existing Windows Certificate Estimated time to complete this lab: 15 minutes. 1. Login to the XenApp1 vm as CitrixAdmin. 2. Once connect, run mmc.exe. Add the Certificates snap-in for the Local Computer account. Hint: click File>Add/Remove Snapin Click Certificates>Click Add>Select Computer Account, then Finish, then Finish again Click Ok 3. Expand Certificates (Local Computer) > Personal > Certificates. Right-click the server certificate(*.training.lab) and select All tasks > Export 4. During the certificate export wizard, choose Yes, export the private key. If the option to export the private key is disabled, you cannot use the certificate. Keep all other options at the default settings and use training for the export password. Save the file as C:\nsglab.pfx. 5. Return to the win7client vm. Map a drive to \\XenApp1\c$ so we can access the certificate that was saved on the XenApp1 server 6. In the Netscaler Gateway Configuration Utility, select the Traffic Management>SSL > Certificates node and click Install Enter IISCertificate for the certificate-key pair name. In the Certificate File Name, click browse>local and locate the nsglab.pfx files on the networkshare \\Xenapp1\c$ 13
15 7. Click Create and an error appears: Invalid certificate. Click OK and Close. This error occurs because the PFX file is not yet converted to PEM format. However, the PFX file has now been copied to the appliance and can be converted using the CA Tools section. 8. Select Traffic Management>SSL > Tools and click Import PKCS#12. Enter the following: Output File Name: nsglab.pem PKCS12 File Name: nsglab.pfx (hint: make sure to browse appliance) Import Password: training Encoding format: DES3 PEM Passphrase: training Verify PEM Passphrase: training After clicking OK, you should see in the lower left status bar: PKCS12 file [nsglab.pfx] imported successfully. 9. The certificate from the Netscaler Gateway is now converted and ready to be added to the Netscaler Gateway as a certificate entity. Select Traffic Management>SSL> Certificates and click Install. 10. Enter the following information in the Install Certificate panel: Certificate-Key Pair Name: vpn-cert File Location: Appliance System (hint click browse make sure appliance is selected) Certificate Filename: nsglab.pem Key Filename: nsglab.pem Password: training Format: PEM 11. Click Create and you should see a new certificate entry appear in the background. Then click Close 12. After a few seconds, the certificate entity should appear in the background. Click Close. The vpn-cert certificate can now be used for the Netscaler Gateway. Exercise Summary Export certificate from Windows Server Convert the certificate from PFX to PEM 14
16 Install the certificate on Netcaler 15
17 Module1-Exercise 4 Requesting a Certificate from the Netscaler Overview- Request a Certificate from the appliance Perform the following steps to request a new certificate for the Netscaler Gateway and get the certificate signed by a Certificate Authority server. If this was for a company they can leverage public CA authority but for our Lab purpose we will be using a Microsoft Authority Server that was preinstalled on the AD.training.lab VM. by step guidance Estimated time to complete this lab: 15 minutes. 1. Logon to the Win7Client vm and login as CitrixAdmin. Open Chrome and connect to login as nsroot/nsroot 2. In the Netscaler Gateway Configuration Utility, select Traffic Management>SSL > SSL keys and then click Create RSA Key in the right-hand pane. (Do not use the <Certificate wizard> link shown on the SSL page) 3. Type agee.key for the key filename and type 2048 for the key size. Keep PEM as the key format and select DES3 for the PEM encoding algorithm. Enter and verify a PEM passphrase to protect the private key. Use training for the password Click Create and then click Close. 4. Next, click Create Certificate Request on the SSL Certificates section. Type agee.csr for the request file name and agee.key for the key file name. Reenter the PEM passphrase you created in the previous step. For the Common Name field, enter the fully-qualified host name that you intend to use for the Netscaler Gateway on the Internet, such as cag.training.lab. Supply all other required fields with the appropriate location and company information. Click OK 5. The file agee.csr now resides on the appliance in the /nsconfig/ssl directory. The next step is to obtain the contents of that file and save it to a local file on your workstation. Use WinSCP application on the Win7Client or any other secure FTP client to connect to the Netscaler Gateway. Logon as nsroot. Note that this server is already defined within the WINSCP application as Netscaler so just click to run and Login with nsroot and password nsroot 6. Browse to the /nsconfig/ssl directory and locate the agee.csr file. Copy it to Files Folder on the Win7Client Desktop. 16
18 7. If you would like to obtain a certificate from a commercial certificate vendor such as VeriSign, submit the contents of the agee.csr file as part of your certificate request. Once you receive a response certificate from the vendor, save the response file as agee.cer and then skip to step 10 below to install the response certificate. s 8 and 9 below illustrate how to fulfill the certificate request using Microsoft Certificate Services CA. 8. Point to a Microsoft Certificate Services server, such as Log in as an administrator of the certificate server if prompted. Hint: Access the above url using Internet Explorer browser Username:training\administrator Password: Citrix Click Request a certificate and then click Advanced certificate request. 2. Select the second of the three advanced options, which says Submit a certificate request by using a base-64-encoded CMC or PKCS #10 file, or submit a renewal request by using a base-64-encoded PKCS #7 file. 3. In the Saved Request field, paste the contents of your agee.csr file. Select Web Server as the Certificate Template and click Submit. Note: Make sure no whitespaces appear when pasting the contents of the certificate in the website. Use Wordpad or Notepad++ for better formatting output. 9. Once the certificate is issued to you, select to download the certificate in Base 64 encoded format. Base64 encoding is the same format as PEM. Click Save AS, then save the file to your local system as agee.cer in the Files folder on the Win7Client Desktop. Close the IE Browser 10. Connect to Chrome and access the Netscaler Gateway Configuration Utility, select Traffic Management>SSL > Certificates and click Install. 11. For the certificate-key pair name, enter a descriptive name for this certificate entity, such as access.training.lab 12. For File Location select Local 13. For Certificate Filename, click Browse and locate the agee.cer file you saved in step 9 or the response certificate you received from your certificate vendor. For the key filename type agee.key and supply the PEM passphrase you created in step 3. Keep PEM selected as the format. 14. Click Create and then Close. After a few seconds, the certificate entity should appear in the background. Click Close. The access.training.lab certificate can now be used for the Netscaler Gateway Exercise Summary In this section we create a Certificate key file 17
19 Created a Certificate signing request file Use a Microsoft Certificate Authority server to sign and issue us a certificate. Note we could have sent this to a third party vendor to sign if we had wanted to get a publicly trusted CA Install Certificate on Netscaler 18
20 Module1-Exercise 5 Create a Netscaler Gateway Virtual Server Overview The next step is to create a Netscaler Gateway virtual server. You can do this using the Netscaler Gateway Wizard that is included in the Configuration Utility or manually configure it. For this exercise we will use the wizard as it steps us through the Virtual Server creation process. by step guidance Estimated time to complete this lab: 15 minutes. 1. Logon to the Win7Client vm as CitrixAdmin. Open a chrome and connect to and login as nsroot/nsroot 2. In the Configuration Utility, in the left pane, click Netscaler Gateway> Netscaler Gateway Wizard under the Getting Started section Click Netscaler Gateway wizard>click Next. Note: if prompted to upgrade java click run this time. DON T upgrade JAVA. 3. For IP address, enter the external IP address or externally translated (NAT d) address to which users should connect. This is a new IP address, not the system IP address or mapped IP address. In this example, the IP address is For the virtual server name, type SmartAccess (case-sensitive). 4. For the SSL certificate, select the certificate you created in the previous section and click Next Hint: Under Certificate Options select Use an installed certificate and private key pair Under Server Certificate select vpn-cert 5. Click Add to add a name server and enter the IP address of your internaldns server. Give name lookup priority to DNS. Click Next. Enter for the DNS server 6. For now, use LOCAL for the authentication type and enter a training as user name and password: citrix Click Next Username: training Password: citrix 19
21 7. Click Next, Next again and Finish. Click Exit Test the virtual server by pointing a firefox browser to Use firefox browser Note we have already predefined the DNS server hosted on AD.training.lab to resolved this name but if you did not have a DNS server then you could add this as a host entry on local PC. You should see the Netscaler Gateway logon page: Exercise Summary Use the Netscaler Gateway wizard to create a Netscaler Gateway vserver Use Browser to access the newly create Netscaler Gateway vserver 20
22 Module1-Exercise 6 Configuring Authentication and Secure Ticket Authority Details Overview Next, create an LDAP authentication policy that corresponds to the domain controller in your Active Directory domain. The LDAP details will vary according to your domain. In this example, the domain name is training.lab and the domain controller s IP address is We can configure Netscaler Gateway to authenticate against local database, Radius Server, LDAP,TACACS,CERT and SAML server. For now we will use LDAP in our test environment. by step guidance Estimated time to complete this lab: 20 minutes. 1. Logon to the Win7Client vm as CitrixAdmin. Open a chrome bowser and connect to and login as nsroot/nsroot 2. In the Netscaler Gateway Configuration Utility, in the left pane, click Netscaler Gateway>Polices>Authentication>LDAP. 3. Click Policies node, then Add. Note: Remember Not to Upgrade Java. Select run this time option 4. The Create Authentication Policy window appears. Enter Active Directory for the policy name. Make sure the authentication type is set to LDAP and next to Server, click New. 21
23 5. Type AD-LDAP for the authentication server name. Then supply the appropriate Details for connecting to your domain controller via LDAP. For example: Under Server, use for the IP address and port 636 (default port for secure LDAP directory services). Under LDAP specific details, be sure to configure the details which are specific to your Active Directory environment. For example: The Base DN must be based on fully-qualified Active Directory domain. In the case of training.lab the Base DN is dc=training,dc=lab The Administrator Bind DN is the user name of the account with permissions to log into the LDAP directory. In this example, we ve used the credentials for the domain administrator and this could also be a service account user name. After specifying the Bind DN, the Bind DN Password must be configured. This is the Active Directory password corresponding to Bind DN account. Hint: Password1 Configure the remaining attributes necessary for Active Directory authentication (using LDAP) including a Login Name of samaccountname (case-sensitive), a Group Attribute Name of memberof (case-sensitive), and a Sub Attribute Name of CN. Enter the samaccountname again as the SSO Name Attribute Choose SSL for the security type. Note: SSL is required to allow users to change their password during logon if their password expires. SSL uses port 636 and the Domain Controller must have a certificate installed. The Allow Password Change option must also be checked if password change is required. Depending on the backend application normally password change only occurs on first logon or when expired. 6. Click Create and you are returned to the Create Authentication Policy window. Next to Named Expressions, select ns_true from the list of expressions and click Add Expression. The expression ns_true or True value should now appear in the expression editor: 7. Click Create and click Close. The Active Directory authentication policy appears in the policies node. 8. Under Netscaler Gateway>Virtual Servers>SmartAccess node Open the Smartacces virtual server. Click Authentication, Then Insert Policy Select the ActiveDirectory policy to bind it to the SmartAccess vserver. Click OK 22
24 9. Test the virtual server again opening a Firefox Web browser and typing Log on using a domain user name and password. Username:user1 Password: Password1 10. In the Netscaler Gateway>Virtual Servers>SmartAccess node Open the SmartAcces virtual server node. Click Publish Applications. Under the Secure Ticket Authority node enter the STA server IP by clicking ADD For the URL, type the HTTP URL that corresponds to the XenApp Server XML Service. The path to the STA (/Scripts/CtxSta.dll) can be omitted. STA address : Note: If the XML Service is running on a port other than 80, enter the port number after the server address, such as Click Create and OK 11. Click Close to close the Netscaler Gateway Virtual Server window if prompted. Note: To verify the State of the STA server open the SmartAccess vserver> Publish Application tab. If the Netscaler can communicate with the STA it will show state as UP. Exercise Summary Learn how to create authentication policy and profile for LDAP Learn that apart from LDAP can perform authentication against local database, RADIUS Server, TACACS server, Cert, SAML Learnt how to add and bind an STA server to Netscaler Gateway vserver. 23
25 Module1-Exercise 7 Configure WebInterface Site for Access via Netscaler Gateway Overview Next, create a Web Interface site and configure it to use the Advanced Access Control access method. A server running Advanced Access Control is not configured in this deployment; the Netscaler Gateway virtual server emulates the services of Advanced Access Control for the Web Interface. In order for the Web Interface to work properly with Netscaler Gateway Enterprise Edition, the server running the WebInterface must trust the Netscaler Gateway certificate and be able to resolve the Netscaler Gateway virtual server FQDN to the appropriate IP address. If the virtual server to which users connect is not accessible from the Web Interface, create an additional virtual server with an IP address that the Web Interface can reach. This is normally referred to as a CALLBACK VIP as its sole purpose is to respond back to WebInterface. This CALLBACK virtual server contacted by the Web Interface does not need to be enabled for user logons and does not need to have authentication policies or session policies associated with it. In the steps that follow, it is assumed that the certificate named access.training.lab is being used. by step guidance Estimated time to complete this lab: 15 minutes. 1. Logon to XenApp1 vm as CitrixAdmin. This machine will be hosting the WebInterface software as well as XenApp On the server running Web Interface, use Notepad to edit the file C:\WINDOWS\system32\drivers\etc\hosts. Add an entry for your Netscaler Gateway virtual server certificate FQDN and IP address: smartaccess.training.lab Note: the DNS server already contains an entry to resolved smartaccess.training.lab but if resolution fails you can use the hostfile option 3. Save and close the hosts file. To verify that you can reach the virtual server by name, open a command prompt on the server running the Web Interface and type ping smartaccess.training.lab. You should receive a response from the virtual server IP address. 24
26 4. Locate the root certificate file TrainingLabRoot.cer on the C:\Files directory of the server running the Web Interface (or whichever root certificate is required for your Netscaler Gateway certificate). Important: Do not simply double-click the root certificate file to import the certificate. Doing so imports the certificate only for the current user. The certificate must be trusted by the local computer. 5. On the server running the WebInterface, run mmc.exe and add the Certificates snap-in for the Local Computer account. Hint:File>Add Remove Snap-in 6. Expand Certificates (Local Computer) > Trusted Root Certification Authorities > Certificates. Right-click the Certificates node and select certificate and select All tasks > Import 7. Follow the instructions in the Certificate Import Wizard to locate the root certificate on C: drive. Once the import is complete, close the MMC snapin 8. Verify the certificate trust and name resolution requirements by pointing a Webbrowser (Internet Explorer) to The Netscaler Gateway logon page should load without any certificate errors or warnings. 9. On the server running the Web Interface, open the Citrix Web Interface Management Console. If prompted, configure and run discovery. Hint: Start run>all Programs>Citrix>Management Console>Citrix Web Interface Management 10. Select Citrix Web Interface>XenApp Web Sites 11. Click Create Site 12. Keep the default IIS Site and Path selected (/Citrix/XenApp/) and Click Next. 13. On the Specify Point of Authentication Select At Access Gateway from the drop menu Click Next 14. On the Specify Access Gateway Settings enter: Note: The URL path for CitrixAuthService is case sensitive so make sure to enter it in the correct case. Click Next 15. Click Next to confirm Settings 16. Click Next to Configure Site now 25
27 17. Enter the XML Service information for your server farm and click Next. Click Add, Enter for the XenApp server and XML Service port 8080 Then Click Next Note: You can leave the Farm name field as Farm1 or specify a different name. For this lab we will leave it as Farm1 18. Click Next, Then Next again 19. Click Finish 20. Highlight the newly created site and Click Secure Access 21. On the Specify Access Methods change the default Access method to Gateway Direct. Click Edit to open the Edit default Route for all User devices and select Gateway direct from the Access Method Click Ok Click Next 22. On the Specify Gateway Settings enter the FQDN of your Netscaler Gateway vserver In our lab it will be Address FQDN:smartaccess.training.lab Leave default port :443 Leave Session Reliability check Click Next 23. Add your XenApp Server XML Service address as a Secure Ticket Authority URL, such as Note: the path for the Secure Ticket Authority is necessary when defined on the WebInterface server. It is optional when defined on the Netscaler Gateway >Published Application tab Click OK and Click Finish 24. Repeat s 1 to 23 but this time connect to the XenApp2 virtual machine. Note: Remember to login as CitrixAdmin Exercise Summary Install root certificate Create a new WebInterface site with authentication at the Gateway 26
28 27
29 Module1-Exercise 8 Configure Session Policy Profile to Access XenApp Server using WebInterface Overview In this exercise we will configure Clientless Access to XenServer Server so uses can access there publish application via Netscaler Gateway Vserver. by step guidance Estimated time to complete this lab: 15 minutes. 1. Logon to the Win7Client vm as Citrix Admin. Open a chrome browser and connect to Enter nsroot/nsroot to login 2. In the Netscaler Gateway Configuration Utility access the Netscaler Gateway>Global Settings. Click Change Global Settings 3. Under the Publish Applications Setting set the following ICAProxy:On WebInterface Address: Single Sign-on Domain: training Note: The Single Sign-on Domain value should match the user account domain. Note: we can only add one domain in this field so if you have users login from multiple domains we will need multiple session profile or configure AD to use UserPrincipalName for SSO attribute. With this option we can pass the correct domain to backend resources without the need to specify this on the session profile. 4. Click Security tab. Set the Default authorization to Allow. 5. Click OK 6. The Netscaler Gateway is now configured for use with Web Interface
30 Exercise Summary Modified the Netscaler Gateway Global Settings to allow access to WebInterface site Module1-Exercise 9 Test Application Enumeration and Launch Overview At this point, domain users should be able to log on to the Netscaler Gateway virtual server and receive a list of published applications. Perform the following steps from a client device to make sure that the environment is working as expected. by step guidance Estimated time to complete this lab: 15 minutes. 1. Logon to the Win7Client vm as CitrixAdmin. 2. Install the root certificate traininglabroot.cer (or your private root certificate) on the client device. If you are using a commercial certificate, this step is not necessary. The certificate is located on the Desktop in a folder call Files. For this certificate you can double Click to start the install process 3. A DNS entry for smartaccess.training.lab already exist in DNS but if you did not have an available DNS server editing the host file on the test PC can worked as well. Using Notepad, edit the client hosts file C:\WINDOWS\system32\drivers\etc\hosts and add a line containing the Access Gateway virtual server IP address and certificate name: smartaccess.training.lab 4. Point your IE Web browser to You should not receive any certificate warnings. (If you do, connections using XenApp Server Clients fail.) 5. Log on using domain credentials. At this point, any published applications assigned to the domain user should enumerate. After an initial delay, the application set appears while the Web Interface scripts are compiled. Username:user1 Password:Password1 Note: If you receive an error, check the event viewer on the server running the WebInterface for information. 29
31 6. Start a published application and use the Citrix Receiver Connection Center to confirm that your ICA traffic is tunneled through the Netscaler Gateway. Note: This same traffic can also be checked on the Netscaler Gateway>Monitor Connections>ICA Connections node in the GUI 30
32 Module1-Exercise 10 Define Client Security Requirements for SmartAccess Overview In this section, client security requirements are added. For this demonstration, the client is considered valid if the file C:\valid.txt exists on the client device. When the file valid.txt exists, the user should receive a published application called Sensitive Financial Application (calculator). When the file does not exist, the Sensitive Financial Application icon should not appear for the user. Furthermore, when the file valid.txt is not present, the following XenAppServer policies are enforced: Disable client drive mapping Disable client printing Disable client clipboard by step guidance Estimated time to complete this lab: 25 minutes. 1. Logon to the Win7Client vm as Citrix Admin. Open Chrome and connect to and login as nsroot/nsroot 2. Under Netscaler Gateway> Policies>Session, Click Session Policies and Click Add Note: Don t upgrade Java. 3. For the policy name, type ValidEndpoint. 4. Next to Request Profile, click New. Name the profile SmartAccessFilter and click Create. You are returned to the Create Session Policy window. 5. Click Add Next to Match Any Expression. In Expression Type select Client Security. In Component, select File. In Name, type C:\\\\valid.txt. Click OK. You are returned to the Create Session Policy window 6. Confirm that the Create Session Policy window appears Click Create and click Close. ValidEndpoint now appears as a session policy. 7. Open the Netscaler Gateway vserver>virtual Servers node. Open SmartAccess vserver 8. Click Policies>Session. 9. Click Insert Policy and bind the ValidEndPoint policy to the vserver 10. Click Ok to Close 31
33 Module1-Exercise 11 Configuring XenApp Server Policies and Filters Overview by step guidance Estimated time to complete this lab: 25 minutes. 1. Logon to the XenApp1 vm as CitrixAdmin. Open Citrix AppCenter Hint: Click Start>All programs>administrative Tools>Citrix>Management Console 2. Verify that calc.exe is publish as with a name Sensitive Financial Application 3. Right Click and Select Application Properties to Edit the Access Control properties of the Sensitive Financial Application. Change the connections allowed to Any connection that meets the following filters. Click Add. 4. In Access Gateway farm, type SmartAccess (the name of your Netscaler Gateway virtual server). In Access Gateway filter, type ValidEndpoint (the name of your conditional session policy) 5. Click OK. Click to clear Allow all other connections. 6. Click OK. You might receive a warning about enabling the Trust requests sent to the XML Service setting. Click Ok 7. Edit Policies>Computer>Unfiltered. Then goto Settings tab and select XML Service 8. Verify that Trust XML requests is Enabled Note: This is already set as part of the lab so don t make any changes here 9. Click Ok 32
34 10. To enforce client device mapping policies, two XenApp Server policies: Restrictive ICA disables client device mapping and applies to all Netscaler Gateway users Full ICA enables client device mapping and applies only to users who fulfill the requirements for the ValidEndpoint session policy. The filtered Full ICA policy must be given a higher priority than the Restrictive ICA policy so that when it applies to a user, it overrides the policy that disables client device mapping. Note: For this Lab the policies are already created. You can view the policies but don t change any of the settings. 11. To view the polices Click Polices>User Module1-Exercise 12 Test from a Client Computer Overview From a client device, compare the behavior with and without the file C:\valid.txt present. The first time you access the site, you are prompted to install the Endpoint Analysis plug-in. by step guidance Estimated time to complete this lab: 25 minutes. 1. Logon to the Win7Client vm as CitrixAdmin. 2. Copy the file valid.txt from the files folder on the desktop Files Folder to the client C:\ drive. When this file is present during the Netscaler Gateway logon: The Sensitive Financial Application icon appears in the user s application set Client drives appear in the Save As dialog when running Notepad or Wordpad from the XenApp Server Client printers should appear when you select File > Print from an application running on XenApp Server It can copy text from a local application into an application running on XenApp Server 33
35 3. To test open IE bowser and access Login:user1 Password:Password1 What is your experience? 4. Log off of XenApp Server application and the WebInterface site completely. Close all browser windows. Delete the file C:\valid.txt from the C: drive of the Win7Client vm. 5. Log back on to the Netscaler Gateway with the file C:\valid.txt missing. When this file is not present during the Netscaler Gateway logon: The Sensitive Financial Application icon is not be included in the user s application set Client drives does not appear in the Save As dialog when running Notepad or Wordpad from XenApp Server Client printers do not appear when you select File > Print from an application running on XenApp Server It is not be possible to copy text from a local application into a XenApp Server application Module1-Exercise 13 Alternate Deployment Scenarios Overview Enable the Secure Access Client for all users If you want users to access other types of applications, the environment can be modified to deploy the Netscaler Gateway Secure Access Client when users log on. Follow these steps to alter the basic configuration so that all users run the Secure Access Client to establish a network-layer VPN tunnel. Web Interface continues to be used as the landing page, and single sign-on to the Web Interface can still be achieved. In addition to running applications from XenApp Server, users can also run local applications that make network connections through a VPN tunnel. Follow these steps to change the basic configuration from an ICA Server-only deployment to a VPN deployment with Web Interface single sign-on: by step guidance Estimated time to complete this lab: 25 minutes. 34
36 Ste p 1. Logon to the Win7Client vm as CitrixAdmin. Open Chrome browser and connect to and login as nsroot/nsroot 2. In the Netscaler Gateway Configuration Utility, select Netscaler Gateway> Global Settings>Change Global Settings 3. Under Client Experience Check display Home Page and Enter the URL of your Web Interface site as the homepage. Set these addition values as well. Split Tunnel:OFF Plug-in Type: Windows/MAC OSX Clientless: Off Check Single Sign-on to Web Applications Checkbox 4. Click the Published Application tab and set ICA Proxy parameter to OFF. Keep the Single Signon Domain populated with the user account domain name. This should already be set as training. 5. Click Security node and make sure it is set to ALLOW Click OK 6. On The Global Settings page under Intranet Applications, Click Create mappings to TCP applications in the secure network. The Configure VPN intranet Application window opens 7. Click Add then New on Intranet Application window 8. In Name, type LAN Subnet for the Intranet application name and choose TRANSPARENT as the interception mode. For the destination, enter the network ID and subnet mask that represents your internal network. For example, enter the IP address and the subnet mask to represent all servers on the x subnet. The address of the Web Interface, XenApp Server and all other servers to which the user connects must fall within one of the subnets defined as an intranet application. 9. Click Create. Confirm that the LAN Subnet intranet application is now listed in the configured column and Click OK. Click Save to write the running Netscaler Gateway configuration to disk. 35
37 10. Test your connection by connecting to Login as user1/password1. When users logon, a full VPN tunnel is established and the Web Interface is used as the homepage. Note: You may need to download and install the Netscaler Gateway VPN plugin client To View vpn traffic>right Click Receiver icon>about>advanced>access Gateway Settings>Configure Access Gateway>Profile Module1-Exercise 14 Enable XenApp Server as a Quarantine Access Method Overview Enable the Secure Access Client for all users Follow these steps to alter the configuration created in the previous scenario so that users who pass an endpoint scan are provided with network-layer access, while users who fail the scan are quarantined and can access applications running on Presentation Server only. For this example, we 36
38 use the presence of a client process, notepad.exe, to determine if the user qualifies for network layer access. If notepad.exe is running, the user is offered the Netscaler Gateway Client. When notepad.exe is not running, the user receives XenApp Server application access only. XenApp Server application filtering based on the presence of C:\valid.txt continues to work as before in both cases. by step guidance Estimated time to complete this lab: 25 minutes. 1. Logon to the Win7Client vm as CitrixAdmin. Open Chrome browser and connect to and login as nsroot/nsroot Note: You must have completed all the steps from the previous lab for this to work. 2. In the Netscaler Gateway Configuration Utility, in the left pane, click Netscaler Gateway. In the right pane, click Change group settings and user permissions under Policy Manager 3. Under Configured Policies / Resources, right-click Groups and select Add to create a new group. Type ICA Quarantine Group for the group name and click Create. Click Close 4. Under Available Policies / Resources, click Session Policies. Under Related Tasks, click Create new session policy. 5. In Name, type Limited Access - XenApp Only. 6. Next to Request Profile, click New. Type ICA Only for the profile name. Click Published Applications tab, next to ICA Proxy, click Override Global and then select ON. Click Create. 7. In the Create Session Policy dialog box, select ns_true or True Value from the list of Named Expressions and click Add Expression. Click Create. Click Close 8. Drag the Limited Access - XenApp Only session policy icon onto the ICA Quarantine Group icon. 9. Click Close to exit Netscaler Gateway Policy Manager. In the Configuration Utility, in the left pane, click Netscaler Gateway> Global Settings Change Global Settings. Under Security Settings section, click Advanced Settings 10. In the Client Security Box type Client.application.process(notepad.exe) EXISTS. 11. Next to Quarantine Group, select ICA Quarantine Group from the dropdown menu For quarantine group. Click OK. Click Save to write the running Netscaler Gateway configuration to disk. 37
39 12. From the Win7Client VM client device, test the results after logging on with and without notepad.exe running. Only when notepad.exe is running should the user be able to log on using the Netscaler Gateway Plug-in. U:user1 P:Password1 What is your experience? Notepad running Notepad not running 13. Remember to Close all Browser and exit the vpn client Hint: Use the Receiver client in systray to exit vpn client Module1-Exercise 15 SmartAccess Validation Overview Enable the Secure Access Client for all users Given the current configuration of the ICA quarantine group and the SmartAccess filter based on the presence of c:\valid.txt, we should now observe the following results based on the conditions of the client machine: NotePag Running? C:\valid.txt file present? Access Method XenApp Server Applications and Virtual Channels No No WebInterface Only Limited application set and ICA virtual Channels No Yes WebInterface Only Full application set and ICA virtual channels Yes No Netscaler Gateway Plugin Limited application set and ICA virtual channels Yes Yes Netscaler Gateway Plugin Full application set and ICA virtual channels by step guidance Estimated time to complete this lab: 25 minutes. 1. Logon to the Win7Client vm as CitrixAdmin. Connect to the Netscaler Gateway vserver and login as user1/password1 Test with the different variables to see if your results match up. 38
40 Module1-Exercise 16 Show Client Choices Page at Logon Overview Follow these steps to alter the configuration so that users are provided with a choice page after logon that lets them choose between the Netscaler Gateway Client and Web Interface. If the user selects Netscaler Gateway, a network-layer connection is established. If they choose WebInterface, their experience matches the basic configuration outlined in previous exercise where only XenAppServer applications are available by step guidance Estimated time to complete this lab: 25 minutes. 1. Logon to the Win7Client vm as CitrixAdmin. Open Chrome browser and connect to and login as nsroot/nsroot Note: You must have completed all the steps from the previous lab for this to work. 2. In the Netscaler Gateway Configuration Utility, in the left pane click Netscaler Gateway>Global Settings. In the right pane, click Change global settings. 3. Under Client Experience section, click Advanced Settings 4. On the General tab, click Client Choices and Click OK. Click Close 5. Test Login to the Netscaler Gateway vserver What is your experience? 6. Close all Browsers. Connect back to and disable Client Choices Exercise Summary When Client Choices is enabled: Users receive both options (Netscaler Gateway Plugin and Web Interface) if a client security expression is not defined in the Netscaler Gateway global settings or in a session policy that applies to the user. If a client security expression is defined for the user and the user fails the scan, only the Web Interface option is presented to the user. Do not use quarantine groups. Users who fail an endpoint scan and are quarantined are treated the same as users who pass the endpoint scan. 39
41 The following diagram illustrates the firewall port requirements for normal operation when the Netscaler Gateway is deployed in a DMZ: If a route does not exist from the LAN to the DMZ subnet, it becomes necessary to create a second Netscaler Gateway virtual server(callback VIP) for the purpose of the Web Interface callback: 40
42 Module1-Exercise 17 WebInterface Failover Overview Even when the load balancing feature is not licensed, it is possible to create a virtual server with one real server bound to it. Multiple real servers cannot be load balanced, but the virtual server can provide health monitoring and failover capabilities. Leverage this capability to implement a backup Web Interface server. For example, suppose you have two servers running the Web Interface on the LAN and they are configured identically: WISRV01: WISRV02: by step guidance Estimated time to complete this lab: 25 minutes. 41
Hands-on Lab Exercise Guide
611: NetScaler is the Gatekeeper. Become the Keymaster. Hands-on Lab Exercise Guide Christopher Rudolph May 2015 1 Table of Contents Table of Contents... 2 Overview... 3 Lab Preparation... 6 Exercise 1:
More informationApp Orchestration 2.6
Configuring NetScaler 10.5 Load Balancing with StoreFront 3.0 and NetScaler Gateway for Last Updated: June 04, 2015 Contents Introduction... 3 Configure the NetScaler load balancer certificates... 3 To
More informationHands-on Lab Exercise Guide
606: Improving Microsoft Exchange 2013 Performance with NetScaler Hands-on Lab Exercise Guide Johnathan Campos and Daniel Kuenzli May 2015 Table of Contents Table of Contents... 1 Overview... 2 Scenario...
More informationVendor: Citrix. Exam Code: 1Y Exam Name: Implementing Citrix NetScaler 10 for App and Desktop Solutions. Version: Demo
Vendor: Citrix Exam Code: 1Y0-250 Exam Name: Implementing Citrix NetScaler 10 for App and Desktop Solutions Version: Demo QUESTION NO: 1 Citrix 1Y0-250 Exam A company uses various pre-approved user devices
More informationNetScaler Gateway 10.5
NetScaler Gateway 10.5 Jun 26, 2014 About This Release Key Features What's New Known Issues Compatibility with Citrix Products System Requirements NetScaler Gateway Plug-in System Requirements Endpoint
More informationVendor: Citrix. Exam Code: 1Y Exam Name: Implementing Citrix NetScaler 10.5 for App and Desktop Solutions. Version: Demo
Vendor: Citrix Exam Code: 1Y0-253 Exam Name: Implementing Citrix NetScaler 10.5 for App and Desktop Solutions Version: Demo QUESTION 1 A Citrix Administrator needs to configure a single virtual server
More informationPrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps
PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : 1Y0-250 Title : Implementing Citrix NetScaler 10 for App and Desktop Solutions Vendor
More informationAppController :21:56 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement
AppController 2.6 2014-03-18 13:21:56 UTC 2014 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents AppController 2.6... 6 About This Release... 8 Getting Started...
More informationCNS 207 3i - Implementing Citrix NetScaler 11.0 for Application and Desktop Solutions
CNS 207 3i - Implementing Citrix NetScaler 11.0 for Application and Desktop Solutions 2 Copyright 2016 Citrix Systems, Inc. CNS 207 3i - Implementing Citrix NetScaler 11.0 for Application and Desktop Solutions
More informationCNS-207-2I Implementing Citrix NetScaler 10.5 for App and Desktop Solutions
1800 ULEARN (853 276) www.ddls.com.au CNS-207-2I Implementing Citrix NetScaler 10.5 for App and Desktop Solutions Length 5 days Price $5500.00 (inc GST) Overview The objective of Implementing Citrix NetScaler
More informationModule 3 Remote Desktop Gateway Estimated Time: 90 minutes
Module 3 Remote Desktop Gateway Estimated Time: 90 minutes A. Datum Corporation provided access to web intranet web applications by implementing Web Application Proxy. Now, IT management also wants to
More informationInstalling and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.
Installing and Configuring VMware Identity Manager Connector 2018.8.1.0 (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.3 You can find the most up-to-date technical documentation on
More informationVMware Identity Manager Connector Installation and Configuration (Legacy Mode)
VMware Identity Manager Connector Installation and Configuration (Legacy Mode) VMware Identity Manager This document supports the version of each product listed and supports all subsequent versions until
More informationCITRIX 1Y0-200 EXAM QUESTIONS & ANSWERS
CITRIX 1Y0-200 EXAM QUESTIONS & ANSWERS Number: 1Y0-200 Passing Score: 800 Time Limit: 120 min File Version: 38.7 http://www.gratisexam.com/ CITRIX 1Y0-200 EXAM QUESTIONS & ANSWERS Exam Name: Managing
More informationAccess Gateway 9.3, Enterprise Edition
Access Gateway 9.3, Enterprise Edition 2015-05-03 05:23:10 UTC 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents Access Gateway 9.3, Enterprise Edition...
More informationAirWatch Mobile Device Management
RSA Ready Implementation Guide for 3rd Party PKI Applications Last Modified: November 26 th, 2014 Partner Information Product Information Partner Name Web Site Product Name Version & Platform Product Description
More information604: Administering and troubleshooting XenDesktop 7.x
604: Administering and troubleshooting XenDesktop 7.x Hands-on Lab Exercise Guide This session is offered as both an instructor led training and a self-paced online lab. Make money selling Field Services
More informationVMWARE HORIZON CLOUD WITH VMWARE IDENTITY MANAGER QUICK START GUIDE WHITE PAPER MARCH 2018
VMWARE HORIZON CLOUD WITH VMWARE IDENTITY MANAGER QUICK START GUIDE WHITE PAPER MARCH 2018 Table of Contents Introduction to Horizon Cloud with Manager.... 3 Benefits of Integration.... 3 Single Sign-On....3
More informationCitrix StoreFront 2.0
White Paper Citrix StoreFront 2.0 Citrix StoreFront 2.0 Proof of Concept Implementation Guide www.citrix.com Contents Contents... 2 Introduction... 3 Architecture... 4 Installation and Configuration...
More informationCitrix Exam 1Y0-253 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions Version: 6.0 [ Total Questions: 186 ]
s@lm@n Citrix Exam 1Y0-253 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions Version: 6.0 [ Total Questions: 186 ] Question No : 1 Scenario: An administrator needs to deliver production
More informationVMware AirWatch Integration with RSA PKI Guide
VMware AirWatch Integration with RSA PKI Guide For VMware AirWatch Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com. This product
More informationDIGIPASS Authentication to Citrix XenDesktop with endpoint protection
DIGIPASS Authentication to Citrix XenDesktop with endpoint protection SmartAccess Configuration with Digipass INTEGRATION GUIDE Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information
More informationAzure MFA Integration with NetScaler
Azure MFA Integration with NetScaler This guide focuses on describing the configuration required for integrating Azure MFA (Multi-Factor Authentication) with NetScaler. Citrix.com 1 NetScaler is a world-class
More informationConfigure the IM and Presence Service to Integrate with the Microsoft Exchange Server
Configure the IM and Presence Service to Integrate with the Microsoft Exchange Server Configure a Presence Gateway for Microsoft Exchange Integration, page 1 SAN and Wildcard Certificate Support, page
More informationPASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year
PASS4TEST IT Certification Guaranteed, The Easy Way! \ http://www.pass4test.com We offer free update service for one year Exam : 1Y0-A04 Title : Gateway 8.1.Enterprise Edition: Administration Vendors :
More informationAndroid Mobile Single Sign-On to VMware Workspace ONE. SEP 2018 VMware Workspace ONE VMware Identity Manager VMware Identity Manager 3.
Android Mobile Single Sign-On to VMware Workspace ONE SEP 2018 VMware Workspace ONE VMware Identity Manager VMware Identity Manager 3.3 You can find the most up-to-date technical documentation on the VMware
More informationPEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server
PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server Document ID: 112175 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Windows
More informationMigrating from Citrix XenApp (IMA / FMA) to Parallels Remote Application Server
Parallels Remote Application Server Migrating from Citrix XenApp (IMA / FMA) to Parallels Remote Application Server Contents 1. Introduction a. Why Should You Migrate from Citrix to Parallels RAS b. Overview
More informationStep-by-step installation guide for monitoring untrusted servers using Operations Manager
Step-by-step installation guide for monitoring untrusted servers using Operations Manager Most of the time through Operations Manager, you may require to monitor servers and clients that are located outside
More informationSetting Up Resources in VMware Identity Manager
Setting Up Resources in VMware Identity Manager VMware Identity Manager 2.7 This document supports the version of each product listed and supports all subsequent versions until the document is replaced
More informationVMware Enterprise Systems Connector Installation and Configuration. JULY 2018 VMware Identity Manager 3.2 VMware Identity Manager VMware AirWatch 9.
VMware Enterprise Systems Connector Installation and Configuration JULY 2018 VMware Identity Manager 3.2 VMware Identity Manager VMware AirWatch 9.3 You can find the most up-to-date technical documentation
More informationHypersocket SSO. Lee Painter HYPERSOCKET LIMITED Unit 1, Vision Business Centre, Firth Way, Nottingham, NG6 8GF, United Kingdom. Getting Started Guide
Hypersocket SSO Getting Started Guide Lee Painter HYPERSOCKET LIMITED Unit 1, Vision Business Centre, Firth Way, Nottingham, NG6 8GF, United Kingdom Table of Contents PREFACE... 4 DOCUMENT OBJECTIVE...
More informationBest Practices for Security Certificates w/ Connect
Application Note AN17038 MT AppNote 17038 (AN 17038) September 2017 Best Practices for Security Certificates w/ Connect Description: This Application Note describes the process and best practices for using
More informationAgility 2018 Hands-on Lab Guide. VDI the F5 Way. F5 Networks, Inc.
Agility 2018 Hands-on Lab Guide VDI the F5 Way F5 Networks, Inc. 2 Contents 1 Lab1 - Getting Started 5 1.1 Jump Host.............................................. 5 1.2 Lab Network Setup.........................................
More informationPrerequisites CNS-220 Citrix NetScaler Essentials and Traffic Management
CNS-221 Citrix NetScaler Unified Gateway Learn the skills required to configure and manage NetScaler Gateway and Unified Gateway features, including how to implement Gateway components including NetScaler
More informationSetting Up Resources in VMware Identity Manager. VMware Identity Manager 2.8
Setting Up Resources in VMware Identity Manager VMware Identity Manager 2.8 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments
More informationVII. Corente Services SSL Client
VII. Corente Services SSL Client Corente Release 9.1 Manual 9.1.1 Copyright 2014, Oracle and/or its affiliates. All rights reserved. Table of Contents Preface... 5 I. Introduction... 6 Chapter 1. Requirements...
More informationNetScaler for Apps and Desktops CNS-222; 5 Days; Instructor-led
NetScaler for Apps and Desktops CNS-222; 5 Days; Instructor-led Course Description Designed for students with little or no previous NetScaler, NetScaler Gateway or Unified Gateway experience, this course
More informationVendor: Citrix. Exam Code: 1Y Exam Name: Managing Citrix XenDesktop 7 Solutions Exam. Version: Demo
Vendor: Citrix Exam Code: 1Y0-200 Exam Name: Managing Citrix XenDesktop 7 Solutions Exam Version: Demo Question Set 1 QUESTION 1 Scenario: A Citrix Administrator installs XenServer. The administrator provisions
More informationUsing the Terminal Services Gateway Lesson 10
Using the Terminal Services Gateway Lesson 10 Skills Matrix Technology Skill Objective Domain Objective # Deploying a TS Gateway Server Configure Terminal Services Gateway 2.2 Terminal Services (TS) Web
More informationAppController :20:49 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement
AppController 2.0 2014-03-18 13:20:49 UTC 2014 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents AppController 2.0... 5 About This Release... 7 Introduction...
More informationSetting Up Resources in VMware Identity Manager (On Premises) Modified on 30 AUG 2017 VMware AirWatch 9.1.1
Setting Up Resources in VMware Identity Manager (On Premises) Modified on 30 AUG 2017 VMware AirWatch 9.1.1 Setting Up Resources in VMware Identity Manager (On Premises) You can find the most up-to-date
More informationCitrix 1Y Deploying Citrix XenDesktop 7.6 Solutions. Download Full Version :
Citrix 1Y0-301 Deploying Citrix XenDesktop 7.6 Solutions Download Full Version : https://killexams.com/pass4sure/exam-detail/1y0-301 QUESTION: 90 Which two Windows components can be selected using the
More informationVMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager
VMware Identity Manager Cloud Deployment Modified on 01 OCT 2017 VMware Identity Manager You can find the most up-to-date technical documentation on the VMware Web site at: https://docs.vmware.com/ The
More informationCitrix NetScaler Introduction
Page: 1 Citrix NetScaler Introduction Table of Contents Introduction 4 Who is this guide for? 4 Prerequisites 4 Prepare your Environment 5 Download the NetScaler Firmware 90 day Evaluation citrix.com/products
More informationNetScaler Analysis and Reporting. Goliath for NetScaler Installation Guide v4.0 For Deployment on VMware ESX/ESXi
NetScaler Analysis and Reporting Goliath for NetScaler Installation Guide v4.0 For Deployment on VMware ESX/ESXi (v4.0) Document Date: October 2016 www.goliathtechnologies.com 1 Legal Notices Goliath for
More informationVMware Identity Manager Administration
VMware Identity Manager Administration VMware Identity Manager 2.4 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationGuide to Deploying VMware Workspace ONE. VMware Identity Manager VMware AirWatch 9.1
Guide to Deploying VMware Workspace ONE VMware Identity Manager 2.9.1 VMware AirWatch 9.1 Guide to Deploying VMware Workspace ONE You can find the most up-to-date technical documentation on the VMware
More informationMerchandising Server 2.2
Merchandising Server 2.2 2014-12-07 04:31:45 UTC 2014 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents Merchandising Server 2.2... 5 About... 6 System Requirements
More information<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. Citrix NetScaler Gateway 12.0
RSA SECURID ACCESS Implementation Guide Citrix 12.0 Peter Waranowski, RSA Partner Engineering Last Modified: February 20 th, 2018 Table of Contents Table of Contents...
More informationInstalling and Configuring Citrix XenApp 6.5 (Part 1)
Installing and Configuring Citrix XenApp 6.5 (Part 1) Introduction The first part of this series describes the installation steps of the first server (which will create the XenApp environment) and the
More informationPass Citrix 1Y0-306 Exam
Pass Citrix 1Y0-306 Exam Number: 1Y0-306 Passing Score: 800 Time Limit: 120 min File Version: 35.7 http://www.gratisexam.com/ Pass Citrix 1Y0-306 Exam Exam Name: Citrix Access Gateway 4.2 with Advanced
More informationCitrix XenApp 6.5 Administration
Citrix XenApp 6.5 Administration CXA206; 5 Days, Instructor-led Course Description Citrix XenApp 6.5 Administration training course provides the foundation necessary for administrators to effectively centralize
More informationWorkspace ONE UEM Integration with RSA PKI. VMware Workspace ONE UEM 1810
Workspace ONE UEM Integration with RSA PKI VMware Workspace ONE UEM 1810 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments
More informationUsing SSL to Secure Client/Server Connections
Using SSL to Secure Client/Server Connections Using SSL to Secure Client/Server Connections, page 1 Using SSL to Secure Client/Server Connections Introduction This chapter contains information on creating
More informationWorkspace ONE UEM Certificate Authentication for EAS with ADCS. VMware Workspace ONE UEM 1902
Workspace ONE UEM Certificate Authentication for EAS with ADCS VMware Workspace ONE UEM 1902 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationCitrix Workspace app for ios
Citrix Product Documentation docs.citrix.com October 22, 2018 Contents What s new in Citrix Workspace app for ios 3 What s new in 1810.1....................................... 3 What s new in 1810........................................
More informationVMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager
VMware Identity Manager Cloud Deployment DEC 2017 VMware AirWatch 9.2 VMware Identity Manager You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationCitrix.Actualtests.1Y0-250.v by.PKASH.65q. Exam Code: 1Y Exam Name: Implementing Citrix NetScaler 10 for App and Desktop Solutions
Citrix.Actualtests.1Y0-250.v2014-02-13.by.PKASH.65q Number: 1Y0-250 Passing Score: 800 Time Limit: 120 min File Version: 12.5 http://www.gratisexam.com/ Exam Code: 1Y0-250 Exam Name: Implementing Citrix
More informationGuide to Deploying VMware Workspace ONE. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1
Guide to Deploying VMware Workspace ONE DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationInstalling and Configuring vcenter Support Assistant
Installing and Configuring vcenter Support Assistant vcenter Support Assistant 6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced
More informationAppController :28:18 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement
AppController 1.0 2013-05-26 04:28:18 UTC 2013 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents AppController 1.0... 9 About This Release... 11 Introduction...
More informationVMware Horizon Cloud Service on Microsoft Azure Administration Guide
VMware Horizon Cloud Service on Microsoft Azure Administration Guide VMware Horizon Cloud Service VMware Horizon Cloud Service on Microsoft Azure 1.4 You can find the most up-to-date technical documentation
More informationDeploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2
Deploying VMware Identity Manager in the DMZ JULY 2018 VMware Identity Manager 3.2 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have
More informationO365 Solutions. Three Phase Approach. Page 1 34
O365 Solutions Three Phase Approach msfttechteam@f5.com Page 1 34 Contents Use Cases... 2 Use Case One Advanced Traffic Management for WAP and ADFS farms... 2 Use Case Two BIG-IP with ADFS-PIP... 3 Phase
More informationNBC-IG Installation Guide. Version 7.2
Installation Guide Version 7.2 2017 Nuance Business Connect 7.2 Installation Guide Document Revision History Revision Date August 8, 2017 Revision List Updated supported SQL Server versions June 14, 2017
More informationCourse CXA-206: Citrix XenApp 6.5 Administration
Course CXA-206: Citrix XenApp 6.5 Administration Course Length: 5 days Overview Citrix XenApp 6.5 Administration training course provides the foundation necessary for administrators to effectively centralize
More informationCMB-207-1I Citrix Desktop Virtualization Fast Track
Page1 CMB-207-1I Citrix Desktop Virtualization Fast Track This fast-paced course covers select content from training courses CXA-206: Citrix XenApp 6.5 Administration and CXD-202: Citrix XenDesktop 5 Administration
More informationReceiver for BlackBerry 2.2
Receiver for BlackBerry 2.2 2015-04-19 05:21:53 UTC 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents Receiver for BlackBerry 2.2... 3 About This Release...
More informationSASSL v1.0 Managing Advanced Cisco SSL VPN. 3 days lecture course and hands-on lab $2,495 USD 25 Digital Version
Course: Duration: Fees: Cisco Learning Credits: Kit: 3 days lecture course and hands-on lab $2,495 USD 25 Digital Version Course Overview Managing Advanced Cisco SSL VPN (SASSL) v1.0 is an instructor-led
More informationCitrix NetScaler Essentials and Unified Gateway
Course Code: CNS2221 Vendor: Citrix Course Overview Duration: 5 RRP: 2,690 Citrix NetScaler Essentials and Unified Gateway Overview Designed for students with little or no previous NetScaler, NetScaler
More informationInstalling and Configuring vcloud Connector
Installing and Configuring vcloud Connector vcloud Connector 2.6.0 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationConfiguring the SMA 500v Virtual Appliance
Using the SMA 500v Virtual Appliance Configuring the SMA 500v Virtual Appliance Registering Your Appliance Using the 30-day Trial Version Upgrading Your Appliance Configuring the SMA 500v Virtual Appliance
More informationUnderstanding of basic networking concepts (routing, switching, VLAN, firewall functionality)
Citrix NetScaler for Apps and Desktops Day(s): 5 Course Code: CNS-222 Overview This course is designed specifically for students who have limited or no previous NetScaler experience. The content is based
More informationExtend your networking skill set by learning NetScaler fundamentals. Self-paced exercise guide
Extend your networking skill set by learning NetScaler fundamentals Self-paced exercise guide Table of Contents Table of Contents... 2 Overview... 3 Exercise 1: Initial Configuration... 5 Exercise 2: Load
More informationVMware AirWatch Integration with SecureAuth PKI Guide
VMware AirWatch Integration with SecureAuth PKI Guide For VMware AirWatch Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.
More informationSAML-Based SSO Configuration
Prerequisites, page 1 SAML SSO Configuration Task Flow, page 5 Reconfigure OpenAM SSO to SAML SSO Following an Upgrade, page 9 SAML SSO Deployment Interactions and Restrictions, page 9 Prerequisites NTP
More informationVMware Content Gateway to Unified Access Gateway Migration Guide
VMware Content Gateway to Unified Access Gateway Migration Guide Workspace ONE UEM v9.7 Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.
More informationDeploying F5 with Citrix XenApp or XenDesktop
Deploying F5 with Citrix XenApp or XenDesktop Welcome to the F5 deployment guide for Citrix VDI applications, including XenApp and XenDesktop with the BIG-IP system v11.4 and later. This guide shows how
More informationUsing ANM With Virtual Data Centers
APPENDIXB Date: 3/8/10 This appendix describes how to integrate ANM with VMware vcenter Server, which is a third-party product for creating and managing virtual data centers. Using VMware vsphere Client,
More informationApp Orchestration 2.0
App Orchestration 2.0 Getting Started with Citrix App Orchestration 2.0 Prepared by: Jenny Berger Commissioning Editor: Erin Smith Version: 1.0 Last Updated: April 4, 2014 Page 1 Contents Welcome to App
More informationSC-T35/SC-T45/SC-T46/SC-T47 ViewSonic Device Manager User Guide
SC-T35/SC-T45/SC-T46/SC-T47 ViewSonic Device Manager User Guide Copyright and Trademark Statements 2014 ViewSonic Computer Corp. All rights reserved. This document contains proprietary information that
More informationBROWSER-BASED SUPPORT CONSOLE USER S GUIDE. 31 January 2017
BROWSER-BASED SUPPORT CONSOLE USER S GUIDE 31 January 2017 Contents 1 Introduction... 2 2 Netop Host Configuration... 2 2.1 Connecting through HTTPS using Certificates... 3 2.1.1 Self-signed certificate...
More informationCitrix Receiver for Universal Windows Platform
Citrix Receiver for Universal Windows Platform Jul 18, 2017 Citrix Receiver for Universal Windows Platform (UWP) is client software available for download from the Microsoft store. It enables users to
More informationIntegrating AirWatch and VMware Identity Manager
Integrating AirWatch and VMware Identity Manager VMware AirWatch 9.1.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a
More informationDeliver and manage customer VIP POCs. The lab will be directed and provide you with step-by-step walkthroughs of key features.
SR L15 Hands-On Lab Description Protecting Corporate Networks with Symantec Validation and ID Protection At the end of this lab, you should be able to Technically present and answer questions from your
More informationConfiguring Windows 7 VPN (Agile) Client for authentication to McAfee Firewall Enterprise v8. David LePage - Enterprise Solutions Architect, Firewalls
Configuring Windows 7 VPN (Agile) Client for authentication to McAfee Firewall Enterprise v8 David LePage - Enterprise Solutions Architect, Firewalls Overview: Microsoft Windows version 7 introduced a
More informationVMware AirWatch Cloud Connector Guide ACC Installation and Integration
VMware AirWatch Cloud Connector Guide ACC Installation and Integration Workspace ONE UEM v1810 Have documentation feedback? Submit a Documentation Feedback support ticket using the Support Wizard on support.air-watch.com.
More informationCertkiller.1Y Q.A
Certkiller.1Y0-253.86Q.A Number: 1Y0-253 Passing Score: 800 Time Limit: 120 min File Version: 4.6 http://www.gratisexam.com/ 1Y0-253 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions Today
More informationSonicWALL Security Appliances. SonicWALL SSL-VPN 200 Getting Started Guide
SonicWALL Security Appliances SonicWALL SSL-VPN 200 Getting Started Guide SonicWALL SSL-VPN 200 Appliance Getting Started Guide This Getting Started Guide contains installation procedures and configuration
More informationDeploying F5 with Citrix XenApp or XenDesktop
Deploying F5 with Citrix XenApp or XenDesktop Welcome to the F5 deployment guide for Citrix VDI applications, including XenApp and XenDesktop with the BIG-IP system v11.4 and later. This guide shows how
More informationReceiver for ios 5.9.x x
Receiver for ios 5.9.x - 5.8.x 2014-12-07 04:28:47 UTC 2014 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents Receiver for ios 5.9.x - 5.8.x... 3 About Receiver
More informationHorizon DaaS Platform 6.1 Service Provider Installation - vcloud
Horizon DaaS Platform 6.1 Service Provider Installation - vcloud This guide provides information on how to install and configure the DaaS platform Service Provider appliances using vcloud discovery of
More informationConfiguring ADFS for Academic Works
Page 1 of 10: ConfiguringADFSForAcademicWorks.docx Configuring ADFS for Academic Works Contents Description... 1 Prerequisites: (for ADFS 3.0)... 2 Install the Public SSL Cert on both the ADFS and the
More informationNetExtender for SSL-VPN
NetExtender for SSL-VPN Document Scope This document describes how to plan, design, implement, and manage the NetExtender feature in a SonicWALL SSL-VPN Environment. This document contains the following
More informationDeployment Guide. ICA Proxy for Citrix Receiver with SMS Authentication. Access Gateway Enterprise Edition XenApp XenDesktop
Mobile Device Deployment Guide ICA Proxy for Citrix Receiver with SMS Authentication Access Gateway Enterprise Edition XenApp XenDesktop www.citrix.com Table of Contents Introduction...3 Solution Requirements...4
More informationConfiguring and Delivering Salesforce as a managed application to XenMobile Users with NetScaler as the SAML IDP (Identity Provider)
Solution Guide ios Managed Configuration Configuring and Delivering Salesforce as a managed application to XenMobile Users with NetScaler as the SAML IDP (Identity Provider) Solution Guide 1 Introduction
More informationCitrix - CXD Deploying App and Desktop Solutions with Citrix XenApp and XenDesktop 7.6
Citrix - CXD-300 - Deploying App and Desktop Solutions with Citrix XenApp and XenDesktop 7.6 Duration: 5 Days Course Price: $4,995 Course Description Course Overview This training course provides students
More informationUsing vrealize Operations Tenant App as a Service Provider
Using vrealize Operations Tenant App as a Service Provider Using vrealize Operations Tenant App as a Service Provider You can find the most up-to-date technical documentation on the VMware Web site at:
More informationVMware Horizon View Deployment
VMware Horizon View provides end users with access to their machines and applications through a unified workspace across multiple devices, locations, and connections. The Horizon View Connection Server
More information