Más contenido relacionado
La actualidad más candente (20)
Similar a Citrix Remote Access Solution Soup (20)
Citrix Remote Access Solution Soup
- 2. Citrix Remote Access Solution
Soup - CSG, AG, AGEE, NS
Dan Brinkmann @dbrinkmann
blog.danbrinkmann.com
Solutions Architect, VMware vExpert
Lewan & Associates (Denver, CO)
BriForum | © TechTarget
- 3. Agenda
● Architecture
● Citrix Secure Gateway (CSG)
● Citrix Access Gateway Standard (CAG)
● Citrix Access Gateway Enterprise Edition (CAG-EE)
● Netscaler platform
● What do you choose?
BriForum | © TechTarget 3
- 5. Remote Access
● ICA Proxy
- Included in AG platform licenses
- Most common requirement
● SSL VPN
- Included in Platinum or Universal License
● Endpoint Analysis
● Included in Platinum or Universal License
BriForum | © TechTarget 5
- 6. Citrix Secure Gateway
● Windows based
● Proxies all traffic to Web Interface
● “Free”
● No built in HA/LB
● ICA Proxy only
● Long path for Pnagent
● No authentication
● No support for Storefront/CloudGateway (no 2 factor in SF)
● Effectively it’s finally dead
BriForum | © TechTarget 6
- 7. Citrix Access Gateway Standard (5.04)
● Physical or virtual appliance
- Both “rated” to 500 users for SSL VPN
- Model 2000 (EOL) or Model 2010 physical appliance
- *Also a model MPX 5500 but is using EE*
- VPX (virtual appliance) model
● ICA Proxy and SSL VPN
● Opswat integration for Endpoint Analysis
● Long path for pnagent
● Supports HA/Clustering
● Supports multistream ICA
● No built-in LB for WI/SF/XML
BriForum | © TechTarget 7
- 9. Citrix Access Gateway Enterprise Edition (AG 10)
● Physical (MPX 5500) and virtual appliance (VPX)
- VPX rated for 500/100 SSL trans/sec (1K/2K)
- VPX rated for 300 concurrent SSL VPN users
● ICA proxy and SSL VPN
● Endpoint Analysis isn’t using Opswat
● HTTP header policy
● Supports multistream ICA
● Supports HA/Clustering
● Web socket support HTML5 Receiver
● No built-in LB for WI/SF/XML
BriForum | © TechTarget 9
- 10. Netscaler
● All versions Standard/Enterprise/Platinum include CAG-EE
● Adds additional functionality for LB/AF….
● Physical or virtual appliance
- Adds throughput options on VPX 10, 200, 1000, 3000
- Additional scalability options in physical appliance
● Health monitors for WI/XML and aware of STA availability
● Load balancing of WI/SF/XML
● GSLB for XA/XD infrastructure
● Support for WI on NS
BriForum | © TechTarget 10
- 11. Physical vs Virtual
● Limited SSL scalability on virtual platform
● Network placement (resources available internal vs dmz)
● SSL transactions/sec
● Certificate size
● Throughput
● Other uses
BriForum | © TechTarget 11
- 12. Want me to make it easy for you?
● Secure Gateway – dead/dying…move on
● Access Gateway
● Access Gateway Enterprise Edition
● Netscaler Standard/Ent/Plat
● Physical or virtual
BriForum | © TechTarget 12