• The Citrix Cloud Connector and the Network

    April 5, 2019

    Blog

    This article was posted originally at https//mycugc.com/…

    Let’s talk Citrix Cloud. More specifically, the Citrix Cloud Connector and its relationship with your network.

    So, what is the Cloud Connector?
    Docs.citrix.com tells us:

    “Citrix Cloud Connector: Provides communication between the resources in the resource location and the Citrix Cloud.”

    In other words, it’s a vital component. It’s the bridge between the resources your users do their work on, and the management plane for you as an admin, in the (Citrix) cloud.

    Citrix recommends deploying two Cloud Connectors per resource location to provide high availability. What is a resource location you may ask?
    Again, docs.citrix.com tells us:

    “Resource locations contain the resources required to deliver cloud services to your subscribers.”
    “Your resource location is wherever your resources reside, whether that’s a public or private cloud, a branch office, or a data center. “

    So, let’s say you have a “classic” two datacenter setup, with actively used resources in both of them. They are interconnected and share a common Active Directory. Should you deploy this as one resource location or create a resource location for each datacenter? The latter would look something like this:

    Source: docs.citrix.com

    As with any Cloud-based service, don’t forget about the network. What if the Cloud Connector in datacenter A uses the Internet connection in datacenter B to connect to Citrix Cloud instead of the “local” connection? This would obviously add some latency to the connection.

    Remember that the Cloud Connector can also be used as an HDX Proxy for your user sessions. To make matters more complicated, let’s assume that the same Cloud Connector in datacenter A connects the user with his workload in datacenter B. It will work, authentication will be just fine, and the session will connect.

    As I was reminded of on Twitter (by Martyn Dews, @Yorkie71), starting with (CVADS and) VDA 7.18, there’s an option for a Direct connection from the VDA -> Citrix Cloud. In that scenario, it’s every single VDA that will need a path to the Citrix Cloud. Not just the Cloud Connectors anymore.  It’s using the Rendezvous protocol, as described in more detail in this blogpost on Citrix.Com: https://www.citrix.com/blogs/2019/03/25/ica-and-the-gateway-service-have-a-new-rendezvous/

    It will all work, authentication will be just fine, and the sessions will connect. But is it ideal? Probably not, would be my guess. Why? It’s a working path, but not the ideal path. Take into consideration that Citrix manages the Cloud Connector. Which means that Citrix has the technological means to optimize the connection all the way to the Cloud Connector. After that, it’s basically just ICA/HDX traffic on your own network to your VDA endpoint. Deploy your Cloud Connectors and their connectivity to Citrix Cloud accordingly.

    So, to wrap this up, what’s the key takeaway? In every Cloud deployment, Citrix Cloud or otherwise, always consider your network.

    Thanks

    Bart Jacobs
    Citrix CTA

    About Bart Jacobs

    Bart Jacobs is a Senior System Engineer/Consultant based in Belgium. He started his career back in 1998. One of the first projects he worked on in those days was Citrix Metaframe 1.8 on Microsoft Windows NT 4 Terminal Server codename "Hydra". Over the years, Citrix technology has always been a major theme in his professional career, resulting in becoming a true technical expert in the matter. In the last few years, he has also become an expert in virtualization technology, with a special interest in a real challenger in this business: Citrix XenServer. Bart has founded his own company BJ IT back in 2007 and is mainly working as a (Citrix) consultant now. In 2019, Bart received his Citrix CTA award.

    View all posts by Bart Jacobs

    One Response to “The Citrix Cloud Connector and the Network”

    1. Renu Says:

      A really interesting article on the critix cloud. I just was wondering how secure are these connectors. Is there any data breach possible when information is being transferred.

      Reply

    Leave a Reply