Carl Webster Accessibility Statement

Carl Webster is committed to facilitating the accessibility and usability of its website, carlwebster.com, for everyone. Carl Webster aims to comply with all applicable standards, including the World Wide Web Consortium’s Web Content Accessibility Guidelines 2.0 up to Level AA (WCAG 2.0 AA). Carl Webster is proud of the efforts that we have completed and that are in-progress to ensure that our website is accessible to everyone.

If you experience any difficulty in accessing any part of this website, please feel free to email us at info@carlwebster.com and we will work with you to provide the information or service you seek through an alternate communication method that is accessible for you consistent with applicable law (for example, through telephone support).

  • The Citrix Cloud Connector and the Network

    April 5, 2019

    Blog

    This article was posted originally at https//mycugc.com/…

    Let’s talk Citrix Cloud. More specifically, the Citrix Cloud Connector and its relationship with your network.

    So, what is the Cloud Connector?
    Docs.citrix.com tells us:

    “Citrix Cloud Connector: Provides communication between the resources in the resource location and the Citrix Cloud.”

    In other words, it’s a vital component. It’s the bridge between the resources your users do their work on, and the management plane for you as an admin, in the (Citrix) cloud.

    Citrix recommends deploying two Cloud Connectors per resource location to provide high availability. What is a resource location you may ask?
    Again, docs.citrix.com tells us:

    “Resource locations contain the resources required to deliver cloud services to your subscribers.”
    “Your resource location is wherever your resources reside, whether that’s a public or private cloud, a branch office, or a data center. “

    So, let’s say you have a “classic” two datacenter setup, with actively used resources in both of them. They are interconnected and share a common Active Directory. Should you deploy this as one resource location or create a resource location for each datacenter? The latter would look something like this:

    Source: docs.citrix.com

    As with any Cloud-based service, don’t forget about the network. What if the Cloud Connector in datacenter A uses the Internet connection in datacenter B to connect to Citrix Cloud instead of the “local” connection? This would obviously add some latency to the connection.

    Remember that the Cloud Connector can also be used as an HDX Proxy for your user sessions. To make matters more complicated, let’s assume that the same Cloud Connector in datacenter A connects the user with his workload in datacenter B. It will work, authentication will be just fine, and the session will connect.

    As I was reminded of on Twitter (by Martyn Dews, @Yorkie71), starting with (CVADS and) VDA 7.18, there’s an option for a Direct connection from the VDA -> Citrix Cloud. In that scenario, it’s every single VDA that will need a path to the Citrix Cloud. Not just the Cloud Connectors anymore.  It’s using the Rendezvous protocol, as described in more detail in this blogpost on Citrix.Com: https://www.citrix.com/blogs/2020/03/10/ica-and-the-gateway-service-have-a-new-rendezvous/

    It will all work, authentication will be just fine, and the sessions will connect. But is it ideal? Probably not, would be my guess. Why? It’s a working path, but not the ideal path. Take into consideration that Citrix manages the Cloud Connector. Which means that Citrix has the technological means to optimize the connection all the way to the Cloud Connector. After that, it’s basically just ICA/HDX traffic on your own network to your VDA endpoint. Deploy your Cloud Connectors and their connectivity to Citrix Cloud accordingly.

    So, to wrap this up, what’s the key takeaway? In every Cloud deployment, Citrix Cloud or otherwise, always consider your network.

    Thanks

    Bart Jacobs
    Citrix CTA







    About Bart Jacobs

    Bart Jacobs is a Senior System Engineer/Consultant based in Belgium. He started his career back in 1998. One of the first projects he worked on in those days was Citrix Metaframe 1.8 on Microsoft Windows NT 4 Terminal Server codename "Hydra". Over the years, Citrix technology has always been a major theme in his professional career, resulting in becoming a true technical expert in the matter. In the last few years, he has also become an expert in virtualization technology, with a special interest in a real challenger in this business: Citrix XenServer. Bart has founded his own company BJ IT back in 2007 and is mainly working as a (Citrix) consultant now. In 2019, Bart received his Citrix CTA award.

    View all posts by Bart Jacobs

    2 Responses to “The Citrix Cloud Connector and the Network”

    1. Renu Says:

      A really interesting article on the critix cloud. I just was wondering how secure are these connectors. Is there any data breach possible when information is being transferred.

      • Bart Jacobs Says:

        Hi,

        these connectors don’t have an attack surface to start with. The connections initiate an outgoing connection to the Citrix POP’s. There is no incoming port to be opened.
        In my opinion, this makes it extremely difficult to breach those connections.