I think we are all familiar with the term High Availability, or HA in short. It simply means that if a single machine or system fails we will have another equally configured system, or multiple, in standby mode or actively participating a.k.a. active / active, ready to take over when needed. This way we won’t loose any of the functionality that the failing, or failed, machine was providing us with. Which in the case of the NetScaler could be anything from a Gateway to Load Balancing, SSL offloading, Content Switching and more. Needless to say that the Citrix NetScaler has some nifty build-in HA capabilities as well.
Citrix NetScaler… The basics continued, part two. Static routes, SNIP and MIP!
Before we jump into what a static route actually is and why we would like, or need, to configure one we must first have a basic understanding of the so-called SNIP, or Subnet IP Address, in full. And while we are at it, we will have a quick look at the MIP, Mapped IP Address, as well. Both er important to understand how traffic flows through a NetScaler device.
Citrix XenMobile MDM… To DMZ or not to DMZ? I might need your help one this one!
About four months ago I wrote an article on SSL offloading for the Citrix XenMobile MDM server and talked about how this new feature helps us in placing the MDM server on our more secure corporate LAN as apposed to the DMZ. And although I still feel that this is a valid, robust and decent set up, I must admit that the idea of placing the MDM server in the DMZ doesn’t sound that bad after all, considering all that comes into play. During my last article on XenMobile I gave it a bit more thought and just recently I discussed it with a few community members as well. Let’s just say that, for now, I’m in doubt. Please feel free to share your thoughts on the matter, I might need your help on this one!
NetScaler SSL Offloading for XenMobile MDM… Finally!
Well over a month ago Citrix released the XenMobile Device Manager SSL Offload Server Patch for NetScaler. And although this has been something we’ve been waiting for, although ‘we’ is probably still a relatively small group, for some reason I haven’t read or heard a thing about it. Perhaps XenMobile isn’t as popular as I thought or people just don’t mind putting their MDM machines in their DMZ’s, I know I would. Whichever the case may be, from now on you can securely place your MDM machine on your internal network without having to worry about potential unsecure connections, SSL only! Although I do highlight the XenMobile MDM server patch, the below is applicable to other sorts of (web) services as well.