Citrix NetScaler Key Feature Overview

Citrix NetScaler Key Feature Overview

In view of the complete absence in the RU segment of any more or less general description of this product, and also at the request of Habr users, I will try, without using complex technical terms, to tell you what NetScaler functions will be useful to you.
In brief, NetScaler is a huge Lego. In which you can activate and use only the desired functions. Provided that with this constructor you can build an “empire state building”.

In my opinion, NS comes to use in 2 ways:
1. You have Citrix products (XenApp / Desktop) and you had to reduce the load, use balancing, or safely publish applications
2. You are the owner of large WEB resources / services and you need to provide powerful caching, content compression, server upload, etc.
My experience led me on the first path.
')
Consider the basic functions:

Optimization

At one time, I had a Xendesktop farm for 100 users. Channeling equipment - Cisco 2801. According to TTH, it supported processing up to 90.000 packets / sec. At peaks, the load was up to 120,000 bags and she slowly died (
As a solution, you could buy a new powerful tsiska. But then they decided to go the other way and turned their attention to the Netscaler. Since ICA is a closed protocol, who can optimize it better than a developer. I will not go into the choice of the model, who will be interested to tell separately. I'll only tell you the result - now 500 XD clients generate only 40,000 packages / s
Balancing (balancing L4-L7)
Naturally, the balancing function is available for Citrix-based services. At NS, I created a balancer for XenDesktop / App applications as well as all possible web services with accessibility and load balancing. In addition, NS allows you to configure balancing on the database

service monitoring

Monitoring not only on the availability and load of the service, but also on the parameters of the protocol, ICA session, statistics on the volume of transmitted data on virtual channels, events on virtual channels. Allows very flexible configuration of monitoring services and services.

Caching compression

NetScaler allows you to efficiently use server and network resources and increase the speed of web application delivery more than 5 times.
• Multiplexing, buffering, connection maintenance, Windows scaling, selective acknowledgment, Fast Ramp

Secure access

In NS, the SSL-VPN technology is implemented to provide secure access over the ssl protocol by organizing an encapsulated VPN. I organized SSL-VPN, included 2-factor verification and verification of client certificate authentication, included client connection analysis
• Embedded Citrix Access Gateway Enterprise SSL VPN Version
• Endpoint analysis
• Two-factor verification and verification of client certificate authenticity
• Client cache flush
• Safety certificates
• Content filtering, level 7
• AAA traffic management
• SAML2 and NTLMv1 / 2. Support for configuring NetScaler from single sign-on (SSO)
• Active Directory, LDAP, RADIUS, TACACS, OCSP caching, compression

Integrated DoS Protection

I did not deploy this component, so I’ll not tell you yet.
• Long-term service to legitimize users, with one-time protection against attacks such as: SYN Flood, HTTP DoS and Ping of Death
• ICMP and UDP speed control

High availability

NS can be clustered in various ways as active / passive, active, mirroring. He himself will say that officially clustering is supported only on identical devices (2 MPX or 2 VPX). In practice, you can put NS MPX (hardware) and VPX (virtual application) in a cluster

NetScaler Application Firewall

This is not just a firewall — it is a firewall at the traffic signature level. It can cut SQL injections, restrict information transmitted, hidden manipulation, force viewing, cookies or sessions, and prevents leakage of credit card data and other confidential information

These are basic functions that can be useful in everyday IT infrastructure.

PS Thank you for your attention, if you have any questions, comments, please ask. At the current time in Russia, NetScaler is too underestimated.
According to Gartner analysts: Citrix NetScaler is the leader in the Gartner Magic Quadrant among Application Delivery Controllers.

In the article, I mentioned the edge about the clustering of MPX and VPX versions of NS, if anyone is interested, write, tell you how it is implemented, maybe someone will help.

Original article here