Presentation Virtualization utility provider TSFactory just released a free security tool for Windows Server 2008 Server running Terminal Services RemoteApps called "RemoteApp Filter". RemoteApp Filter is an extension to the TS Web Access feature provided by Microsoft in its new Windows 2008 Server. RemoteApp Filter make it possible to filter out applications that are not supposed to be shown to particular users or groups of users....

There are numerous ways to apply a configuration or security setting onto a group of servers within a Citrix Presentation Server environment. Because policies are so unique, diverse and customizable, there is no single, correct method toward policy design. However, this document will give the key areas to consider when deciding on the appropriate approach to implementing a setting using a policy. ...

It's shaping up to be a critical summer for Citrix Systems, the 26-year-old company that has reinvented itself at least twice, suffered at least two near-death experiences and now sees untold opportunity before it....

In my previous post on Geek Speak Bar Camp (May 21st at Citrix Synergy), we had foruteen of the twenty speaking slots filled. As of now, all twenty speaking slots for the first ever Geek Speak BarCamp are filled. (Read background on Geek Speak BarCamp here, here and here).

 
The line up now includes three Citrix Technology Specialists, four consultants, two Escalation Tech Support Engineers, a VDI Specialist from VMWare, four Product Managers, an HP Print Driver Developer and a Senior Architect from a large healthcare company.

I am looking forward to flying to Houston and getting this event started. I think that after seeing this line up and the list of technical sessions in the other tracks, I think you will agree with Shawn Bass when he wrote -

I'm getting the general feeling like this might just be the most technical Citrix iForum ever

I am still working on juggling the time schedule to meet everyones equipment requirements and time constraints. I expect to finalize by Monday or Tuesday.

If you have not yet registered for Citrix Synergy, you can click here to to complete your registration. I look forward to seeing you at Synergy and the Geek Speak BarCamp.

View Online | Add Comment

Out of curiosity I decided to collect the communication ports for any given technology within the Citrix XenApp platform.... It turned out I didn't have to look much further, I found them on Vinny's blog, posted a while back right here on the Citrix blogs, however his post only got a handful of views, since I think Vinny did a great job and tons of people need this kind of information, I'm extending his collection and sharing it out with a broader audience...

This is an extremely helpful list to have always handy:

Application Performance Monitoring (powered by Citrix EdgeSight)

• EdgeSight Agent to Edgesight Server - TCP 80/443 (Payload and alerts)
• EdgeSight Web console (non-IMA) to RSCorSvc on EdgeSight Agent - TCP 9035
• EdgeSight Agent internal communication - TCP 9036 (client-side database)
• EdgeSight database - SQL 1433 (configurable)

Client-side Application Virtualization -

• Streaming Client to Application Hub (File Server/Share) - SMB 445

EasyCall

• To client - HTTP(S)-TCP 8443 (PSync)
• To Admin console (non-IMA) - TCP 443
• To LDAP Directory- TCP 389
• To PBX - port varies by vendor

Independent Management Architecture (IMA) Services - TCP 2512, 2513

Licensing Service - TCP 27000, 27009 (configurable)

Server-side Application Virtualization

• Management Console (Using IMA) - TCP 2512, 2513
• Application requests - TCP XML 80, 8080 or 443 (configurable)
• Access to Applications Virtualized on the Server - ICA-TCP 1494, 2598 (Session Reliability)

Single Sign-on (powered by Citrix Password Manager)

• Management Console (non-IMA) or Agent to Password Manager Service - TCP-443
• Management Console (non-IMA), Agent or Service to credential store
  • Network File Share Credential Store - TCP/UDP 445 (CIFS) or TCP/UDP 135-139 (NetBIOS)
  • Active Directory Credential Store - TCP/UDP - 389, 636, TCP - 3268, 3269
  • Novell File Share Credential Store - TCP/UDP - 524  

SmartAccess (powered by Citrix Access Gateway)

• Standard and Advanced Edition
  • Client connections- TCP-SSL 443 (configurable)
  • Advanced Access Control (AAC) to Appliance communication - TCP 80 or 443 (configurable), 9001, 9002, 9005
  • Management Console
    • to Appliance (non-IMA) - 9001, 9002, 9005
    • to AAC - IMA-TCP-2513
    • Enterprise Edition
    • To client - SSL-TCP 443
    • To internal network - SSL-TCP 443, Native Authentication port (i.e. RADIUS 1812, LDAP 389), Native application ports (i.e. ICA-1494)
    • Management console (non-IMA) - SSH-TCP 22, HTTP(S)-TCP 80/443

SmartAuditor

• Management (non-IMA) - Use local console on Agent or on Server.
• Agent to Broker (Recording and Policy Check) - TCP 80/443 (configurable)
• Player to Broker - TCP 80/443 (configurable)
• Agent to Server (Metadata and Video)- Microsoft Message Queuing,
  • Default - TCP: 1801; RPC: 135, 2101*, 2103*, 2105*; UDP: 3527, 1801 (*These port numbers may be incremented by 11 if the initia choice of RPC port is being used when Message Queuing initializes. A connecting QM queries port 135 to discover the 2xxx ports.)
  • Over SSL- TCP 80,443

WAN Optimizer -Guidance provided was to get it from Admin Guide

• Appliance to Appliance - Pass-through native application port (e.g. ICA-1494, HTTP-80, LDAP-389)
• Management Console (non-IMA) - TCP 80
• Client to Appliance - TCP 443

Web Interface

• Client connections - TCP 80/443 (configurable)
• Server-to-server - TCP XML 80/8080, 443 (using SSL Relay)

Management console (partially IMA) - DCOM 135 (+ configurable high port range), IMA-TCP 2513, TCP 80/443

---

Nice work Vinny boy!
Keep an eye on this guy's blog!!!



Cheers,

Gus Pinto
Microsoft MVP - Virtualization
Twitter/GusPinto

View Online | Add Comment

I'm truly impressed with Microsoft Live Mesh services, it's an awesome approach to cloud computing, however, the service relies on RDP and we all know RDP is not fine tuned for HPRD (high-performance remote desktop).

I'm showing on this screencast a comparison of GoToMyPC and Live Mesh Remote Desktop side by side, and I add my thoughts on how Microsoft can partner with Citrix to deliver superior quality for this unique platform.





cheers,

Gus Pinto
Microsoft MVP - Virtualization
Twitter.com/GusPinto

View Online | Add Comment

We are getting closer to the end of “Good to Great”.  This is about chapter 8 which is titled “The Flywheel and the Doom Loop”.  Sounds a bit like something from Indiana Jones.  Seriously, it hits upon the nature of success.  Most people, from the media’s coaching, believe that things happen overnight.    Most people and companies have to work at it.  I remember years ago when Sharon Stone became an “overnight success”.  It turns out that she had already been trying to get ahead for more than a decade.

The flywheel is associated with momentum.  It takes energy to get it going, but it gets easier to make it go faster if the energy is applied in the same direction.  If energy is consistently applied, the flywheel will continue to accelerate and will eventually reach great speeds.

Companies are similar.  Instead of a flywheel, the momentum is a chosen path to a chosen focus.  As long as the ideas are attached to, the momentum builds and the company pushes forward.  It is difficult to be consistent but as long as it is, the velocity of improvement and change will increase.  “Good to Great” companies with their hedgehog concepts are more like to stick with it.  The temptations to be distracted are so huge but focus sees the true mission.

Companies have a potentially unlimited lifespan.  Unlike humans, they can live on long after the start.  This makes them an organism of their own.  The workers and managers and executives are only elements of a much larger story.  This brings in one of my favorite topics of emergence.  The sum is a quite different beast from the individual parts.  And, even more important, the company is composed of an intelligence that would be seen to exceed any individual employee.

Anyways, back to the point.  In order to achieve any kind of consistent vision, everyone has to see it as their own vision.  With the hedgehog concept, it is possible to crystallize the employees around a common vision what the company should be doing.  I would like to introduce this analogy.  Rowing!

Given that there is a goal, if everyone rows in time and in the right direction, there will be momentum and the goal will be reached.  However, if like most companies, not everyone is in sync and the leaders are always changing directions, you are not going to reach the goal.

The fox cannot stay on the same track for too long.  This explains the shift in direction and lack of momentum.  Every time the fox changes the flow, the momentum is lost.  Not only that, it pretty much guarantees that no goal will be reached simply because the goal is always changing.  It looks like much is happening but it is actually more like spinning wheels with no momentum at all.

Given that momentum builds, it will eventually hit a breakthrough.  This breakthrough is where things are actually growing in strength and with less and less effort.  There is no magic instant where the breakthrough happens.  The momentum is built from many many turns of the flywheel.  It is impossible to identify which push created the change.  The point is that it was all the changes that brought about the breakthrough.  This thinking goes against what business leaders like to think.

Also important to mention is that there was no magic program or policy or other enthusiastically promoted internal company goal that created this transition.  Essentially once started, it happens on its own.  It is similar to the difference to cheering on a team versus playing the game.  Cheering might help some but the actually players with real internal motivation that are going to make the biggest difference.

There is always going to be resistance to becoming consistent with the flywheel.  One of the first thoughts might be to worry about the “Wall Street” reaction to long term versus short term focus.   Based on the summary for the book, the flywheel is actually completely compatible with “Wall Street”.  This makes sense too given that the flywheel brings great success.  Which investor is going to complain about consistently high gains over the long term?

The greatest driver in “Wall Street” is not money but rather fear.  Emotions cripple the desire to see the long term view.  Why wait when you can push for more money now?  But why?  Greed.  But what is greed?  I would propose that it is the fear of not having enough money.  Any unsatisfied want is likely to grow, even when it is being satisfied.  The point is that short term investing is bound to run a company into the ground.  It also burns up lots of energy and wastes time.  Many a company has been driven by the “Wall Street” gods without realizing that it could actually be the other way around.

Great companies don’t have to worry about the markets.  They exceed the market easily.  They have bigger fish to fry.  They love their jobs and know what they are supposed to do.  They also happen to be the best in the world.  Who wouldn’t want that?

The momentum is so strong that it brings along the whole company in a way that could never be dictated from above.  It is more like a realization that everyone reaches over time that “We can be the best at this and we will be”.

On the other hand, the Doom Loop is found at most other companies.  The doom comes from a lack of understanding that drives the company deeper and deeper into the abyss.  It starts with bad results that lead to a bad decision that leads to changes that bring more bad results and so forth.  It smells of fox.  It also brings a company down fast.  Obviously it is much easier to fall into this trap.

The Doom Loop is all about stopping momentum.  It takes a working company and brings it virtually to a halt.  All the easy changes are tried (laying off, changing CEO, changing focus, employee education) but it just makes things worse.  Part of this comes from sheer bravado/ego.  The new leaders think they can make things much better but fail to realize that there is something still good about the existing company.  They also tend to want to make it theirs and discard that which is associated with the previous leaders.

From the outside, the Doom Loop is easy to recognize.  Any long term gain is either negative or very small.  It is kind of like going on a family holiday with a destination in mind.  As the trip begins, the parents squabble over the destination.  Half way there, the driver changes direction.  The next day, the direction is changed again.  The car is in turmoil since no one is getting what they want.  Eventually they have to turn around and go home because they don’t have enough time to make the destination.  The holiday is ruined.  The family is unhappy.  No one wins.

A company with a mixed up purpose is only going to give you a mixed up result.

There is only one more chapter after this.  It’s been good writing about “Good to Great” and hopefully some of you will get the chance to read the book.

Just remember “healthy flywheel with momentum is good, doom loop bad”.

Out of curiosity I decided to collect the communication ports for any given technology within the Citrix XenApp platform.... It turned out I didn't have to look much further, I found them on Vinny's blog, posted a while back right here on the Citrix blogs, however his post only got a handful of views, since I think Vinny did a great job and tons of people need this kind of information, I'm extending his collection and sharing it out with a broader audience...

This is an extremely helpful list to have always handy:


Application Performance Monitoring (powered by Citrix EdgeSight)

EdgeSight Agent to Edgesight Server - TCP 80/443 (Payload and alerts)
EdgeSight Web console (non-IMA) to RSCorSvc on EdgeSight Agent - TCP 9035
EdgeSight Agent internal communication - TCP 9036 (client-side database)
EdgeSight database - SQL 1433 (configurable)



Client-side Application Virtualization...

Citrix XenApp Platinum Reference Design is an independent publication originally created by Rick Dehlinger the CEO/Chief Technologist of the iQurious Corporation in 2004 / 2005. From 2005 through 2008 Roddy Rodstein maintained and re-distributed the publication.

I'm honored to have both these brilliant minds as close friends of mine.

If you don't know Rick, you're probably new to this industry or have been kept far away from all technical conversations around Citrix. Rick is one of Citrix's Technology Professionals - a true community leader and CEO of a Citrix partner company named iQurious where he applies his revolutionary technical vision around App Delivery.

Roddy Rodstein is a world-class technical guru for Citrix products, he's been the most active and renowned SEs in the community while working for Citrix; Roddy recently started his own company named SE Outsourcing.

--

This Paper is a complete guide covering every aspect of XenApp Platinum; If you have Citrix XenApp currently implemented or you're thinking of delivering your applications using XenApp technology this is a must read!

Fantastic Job Guys, you know I'm a big fan!

To download the whitepaper visit: http://seoutsourcing.com/node/28



Cheers,

Gus Pinto
Twitter/GusPinto

View Online | Add Comment

Alright, latelly I have received quite unsual number of emails from readers asking about virtualizing and remoting usage when deliverying Microsoft Office 2007.

Office is the application most frequently delivered with XenApp. 

I will share two papers on this topic today.

One to show some of the many benefits of delivering Office applications with XenApp. It will also explain how XenApp can eliminate challenges associated with migrating to the new Office builds, allowing you to deliver the new versions immediately and at a fraction of the cost of a traditional deployment.

Download: Using XenApp 4.5 to rapidly deliver Office 2007



And for those looking for more information on how to deliver Office 2007 using XenApp streaming technology, you can download this advanced guide that has every technical detail needed.

Download: Streaming Office 2007 using XenApp 4.5



Hope this helps!

Cheers,
Gus Pinto

Ps. Hi Mom! Happy Mother's day!

View Online | Add Comment

  I had an opportunity to hear a pitch from a company called "DNSstuff" recently, which was interesting. Most of us know a bit about how the Domain Name Service (DNS) works.  But there are very few "experts" in DNS because we rarely need to worry about it.  We enable it and it usually works.  The guys as DNSstuff are more expert than you or I.  They make a case (?exaggerated?) that DNS attacks are the next big thing, and you had better be prepared. They started with some free tools on a website hosted in one of their basements.  Now they have grown this into a pay-for service (although a few free tools remain available) hosted in (currently) three data centers.  This service is aimed at companies with an internet presence (and what company doesn't have one?).   It externally examines your internet presence for DNS routing and email.  While I am less than worried about DNS attacks, I found the email...

In the following DABCC Virtualization Video Podcast, Douglas Brown interviews Kevin Goodman, CEO and Founder of RTO Software. Doug and Kevin discuss RTO Software's Virtual Profiles solution and how it eliminates user profile data corruption problems, enhances user flexibility, and delivers faster logons. ...

Dell has recently announced it will integrate XenServer as the hypervisor for their PowerEdge line of servers. I have gathered some more information on how this will actually work out...



Dell factory will integrate Citrix XenServer into Dell PowerEdge platforms, Citrix and Dell provide a simpler deployment and management environment that speeds adoption of flexible, cost-saving server virtualization technology, making it the optimal choice for virtualization on Dell systems.  

Highlights include:

• Quick Start-up - An embedded hypervisor and intuitive interface into Citrix XenServer Dell products ensure easy installation.
• OpenManage Integration - The only virtualization solution integrated with Dell OpenManage, Citrix XenServer management console allows users to monitor and manage physical and virtual machines from a single console, with simple drag and drop controls.
• High performance - With a thin layer of code, true 64-bit hypervisor architecture and full use of hardware virtualization optimization from Intel and AMD, Citrix.
  
  
  
  cheers,
  
  Gus Pinto
  Follow Me

View Online | Add Comment

Nothing like seeing a product in action...

I could crank out dozen of posts but they would all be very superficial until I could actually show you guys this solution in action.

Instead of going down the written path alluding to the product's functionality, I will share with you a couple of demos showing some of the gained functionalities when OEMing the Xen hypervisor within the Dell PowerEdge servers.

Check out these two demos from XenSource.com:

Fast Virtual Machine Cloning Demo

Hot Add/Remove Resources Demo



cheers,

Gus Pinto
Follow Me

View Online | Add Comment

This part we will understand more about the OEM relationship between Citrix and Dell including factory integration with Dell PowerEdge servers and OpenManage Systems Management software.

Instead of typing it away, I will share a video where Simon Crosby elaborates on this topic.

cheers,
Gus Pinto

View Online | Add Comment

Wanted to do a quick post on some of the cool gadgets we will be demoing in the Geek Speak Lounge at Synergy 2008 sponsored by Intel.  Alot of the devices are  the ones you may have seem me blog on earlier, and a few are potential candidates to add into the mix down the road.  Here's your chance to get hands on with some of these next generation access devices, and BYOG (Bring Your Own Gadget) that you think would make a good Nirvana Device candidate for use with Citrix:

 
If you look close you'll see 4 of these devices actively connected to a XenDesktop, and 2 of them remoting that desktop from the device out to a larger screen in true Nirvana Device fashion!
 
Devices shown starting in the front and moving counter clockwise:
 

• i-Mate 9502
• Impatica Showmate
• Nokia 810N
• HP iPAQ 210 - accessing a XenDesktop
• i-Mate 6150 (behind the iPAQ) - accessing a XenDesktop connected to the 22" Dell Monitor
• Celio Redfly Mobile Companion
• Sprint Treo 700wx (on the Redfly) - accessing a XenDesktop connected to the Redfly
• Nokia E90 - accessing a XenDesktop
• Nokia E61i

All of the devices shown currently work with XenApp and XenDesktop except for the Nokia 810N.  Intel will also be providing some prototype devices to show off as well. 

We'll also be following up to this post with a full rundown of all of the cool stuff that you can see and use in the GS Lounge early next week!

Look forward to seeing you and hearing your comments in the Geek Speak Lounge at Synergy 2008

PS: You might even have a chance to one of these cool devices home with you from the show to use with your own XenApp and soon XenDesktop environment!!!

View Online | Add Comment

It's been over a month since I came back to Citrix, so I decided to do a quick video and share some of my thoughts around the company I found when I got back as well as the latest things I've been working on...



Have a great weekend!

Gus Pinto
Follow Me

View Online | Add Comment

There has been a lot of work going on over the last few weeks to pull together the different activities that will make up our first ever Geek Speak Live! un-conference at Synergy. Seeing as it has been weeks since my last post, I thought it was a good time to give you all a sneak preview of what you'll see when you get there....

Center stage, we'll be headlining with quite a "brains trust" of around 12 speakers from across our industry, such as Doug Brown, Rick Dehlinger, Intel's Jun Nakajima and Russ Daniels from HP. Each of these speakers will be given 10 minutes to talk about the topic of their choice and then another 10 minutes to answer questions from the crowd. If the conversation seems to have legs, I'll direct anyone still interested in continuing it to move over to one of three corners to do so; conversely, if I see a few tumbleweeds blowing across the stage, I'll wind up that session and move us onto the next speaker.

In the fourth corner you will find our lounge which, apart from having food and beverages, will also be packed full of gadgets, which you can get a run down from reading Adam Marano's blog on the lounge. Now I don't want to steal any thunder from Adam, but you can also expect to see a setup that any true geek will want to have in their living room. Expect to read more about this soon.

On Wednesday the 21st, we'll be running late into the evening with our series of barcamps. We've had a fantastic response to Barry Flanagan's call for presenters and he will shortly be posting an updated list of sessions.

While we have done a lot of work to make this a cool event, it won't be truly cool unless you join us there in Houston. So if you haven't done so already, register for Synergy which will get you an overload of geeks speaking tech on top of the great technical content you will receive at the iForum and ADI tracks.

View Online | Add Comment

It is time to start taking votes for the best XenDesktop Video Tip. The creators of the top three video tips will receive prizes including an Apple iPod Touch 16 G, an Applie iPod Touch 8 GB, and a Apple iPod Nano.

Here are the XenDesktop Video Tips -

XenDesktop User Experience Comparison

VDI Made as Easy as Pie

XenDesktop User Personalization with AppSense

20 Desktops Delivered in 2 Minutes

XenDesktop with SC VMM and Hyper V

XenDesktop from Germany

Vote below for the best XenDesktop Video TIp -

Which Video Tip is the best? Choose XenDesktop User Experience VDI Made as Easy as Pie XenDesktop User Personalization with AppSense 20 Desktops Delivered in 2 Minutes XenDesktop with SC VMM and Hyper V XenDesktop from Germany

 
 
Voting will remain open until next Friday, May 16th.

View Online | Add Comment

I get the impression that Microsoft is playing in a lot of different sandboxes. Even if you are just looking at the products they are launching in 2008 - Windows Server 2008, Visual Studio, Sharepoint, Silverlight - you will see great breadth, and a very compelling story. Microsoft's epic tale brings our heroes across a wide landscape of current IT thought, considering virtualization, security, business continuity, and user experience, to name a few. But the telling of the story is refreshing, in that Microsoft recognizes that their story is not the whole story. Yes they present a complete integrated platform that covers the pillars of customer needs. But Microsoft recognizes that it's important to build on the platform. Interoperability, by Design, reigns.

Our presenter stated that 96% of Microsoft's revenues come from their partners. These partners customize the Microsoft solution to meet customer needs far beyond the out-of-box solution. To paraphrase our presenter's comments about a security solution: if you have an existing solution, for instance Cisco, that's great! We're happy. But if you don't, MS Network Access Protection and MS Forefront are the place to start. Or, his response to a question about XenApp and Microsoft's new Virtualization Capabilities: Citrix and Microsoft have enjoyed a partnership for many years, Citrix will always be around, providing more bells and whistles. If you want more than the basic functionality, you need Citrix.

Written live from the Microsoft Launch Event in Fort Lauderdale FL, May 6th 2008.

View Online | Add Comment