Duration 45:00
16+
Play
Video

Citrix Synergy TV - SYN234 - Geek's guide to the workspace (part 9): designing the right workspace..

Matt Brooks
Senior Technical Product Marketing Manager at Citrix
+ 1 speaker
  • Video
  • Table of contents
  • Video
Citrix Synergy Atlanta 2019
May 23, 2019, Atlanta, GA, United States
Citrix Synergy Atlanta 2019
Video
Citrix Synergy TV - SYN234 - Geek's guide to the workspace (part 9): designing the right workspace..
Available
In cart
Free
Free
Free
Free
Free
Free
Add to favorites
293
I like 0
I dislike 0
Available
In cart
Free
Free
Free
Free
Free
Free
  • Description
  • Transcript
  • Discussion

About speakers

Matt Brooks
Senior Technical Product Marketing Manager at Citrix
Jesse Wilson
Customer Success Global Delivery Lead at Citrix

About the talk

Just as the workforce has expanded beyond the office to include users from remote locations, applications no longer are contained within the confines of the datacenter. In order to provide an optimal workspace architecture for users, IT must create an underlying network infrastructure that is able to integrate on-premises resources with cloud-hosted instances and identify and optimize traffic based on destination. In this session, learn how to integrate a Citrix Workspace experience that spans on-premises and multi-cloud environments, allowing you to optimize virtual channels, provide optimal routing and avoid hairpinning connections.Note: This session will be live-streamed during the event and available for on-demand viewing post-event on Citrix Synergy TV.

Share

Okay, let's get started. Welcome to work space networking 9th in the temperate Sirius in the sky to work space. My name is Matt Brooks architect with the Citrus technical marketing team. I've been with lyrics about eight years. I've been in different roles customer-facing and product in it good amount of the time. I spent working at networking products. I'm hoping to impart some of my knowledge with you today and I are going to be sharing the stage with my colleague Jesse here everybody. My name is Jesse Wilson. I'm a networking architect

with the customer success Services side. So ideal a lot with the education SV wehen Citrix ADC / netscaler and really excited to be here in part 9 of a 10-part series. So we're not the conclusion. We're not the finale. You can't be angry at us if it doesn't in the right way, and we're not the beginning so we're not the really exciting one and unfortunately just put snacks out so you might have a few extra chairs if you want to spread out. We know it's Thursday. We know it towards the end of the week and really thank you for giving up a little bit of

your time to sit here and here a little bit more about how we can help engage your workspace. Now for those of you just that the last session, you know what Mass going to recap but Matt you mind walking us through if we did not get here prior to the snack break through Section 8 what we just covered by session. We talked about intelligent workspace in communication. We talked about how we can optimize that in the most companies say that their people are the most important asset. So we're trying to improve optimize improve communication. That's an important thing. We do that through

workflows with content collaboration facilitating getting those files to people where they need them keeping safe and Route using slack integrating with endpoint management of Philip ate those things away from your email and then using Microsoft integration with Microsoft teams using virtual apps and desktops. Our session we're going to dig into to the conductivity aspect of Works workspace, which obviously if you have your apps every day to you need to wait for them to get together. I'm going to break it down into four sections. So first I'm going to get into the foundations of s u win if

you're not familiar with it will give you a overview and Stephanie not going to be deep dive, but will let you know how it works. There were going to talk about Bridge collapsing desktops, which is obviously a really important technology. Is it written by mention mean if you were involved in that it will talk to you about how we can expedite and optimize those connections. They will switch to SAS connections. I was going to call Darius ask Technologies becoming Q's most most companies predictor using a majority of their apps will be sassed in the next few years. So we'll talk about how

we can expedite and facilitate access to those SAS apps and internet and finally, we'll talk about Branch communication there still a lot of Communications in application needs between branches and we'll talk about how we can facilitate that. The first Jesse if you could let's let's start off with the introduction to S to win. So for those of you who have not seen Citrix sd-wan and yet it means you haven't been paying attention for about the last year as we really started roll inside a lot left to its energy Citrix sd-wan is

meant to be our our way and solution Branch to Branch Branch to Data Center and gives you wait to optimize control an influence the way you as an administrator to sign how you're going to send each packet notice. I'm not saying each communication or each conversation each individual packet from each end of the conversation. This is huge when we look at stuff like availability. Now your server blows up. Yes. We need to have redundancy and back up when we're talkin about losing connectivity between our branch office or Data Center branch to Branch Branch to our cloud or

multi hybrid cloud or are SAS application. Ask Dewayne gives us that ability to have fall back to have almost instantaneous decision-making on Natalie. What is the best path but which is has less least lost least Jitter and ensure that we have always available applications before the technology always on that. You were like two straps in the Cloud area. You need technology Against the Wind to bring that to you to provide that visibility. Yeah, the performance pieces huge. I think we've all been in that term of idea of

watching paint dry where you're clicking and waiting and clicking and waiting and and the virtual app and virtual desktop world in the remote application and SAS world that can exacerbate your end user experience to just ridiculous levels again, ensuring not just which path is active. But which path is best for whatever particular type of traffic that you're sending is huge and completely capable with the SD went. When your applications are depends on the network latency is everything so you need to minimize that as much as possible. The security piece is a big one for us. We want to

make sure that your intellectual property stays your intellectual property on ensuring that as we're pushing out this software to find when with phenomenal enhancements like the stateless firewall. We're making sure that when you push these out to the edge of your configuration instead of just using an edge router you put an SD land of ice and now we can extend that firewall protection. We can ensure that we're not only optimizing the data in traffic but keeping it secure end-to-end Branch to Branch for hints to to Cloud environment all the way through that and use your transaction

always rely on application to provide the network provides an extra layer of security to make something clear. If you're sending data to the cloud that it's secure and Transit the visibility one is a huge one for me. I'm a big believer in that proactive monitoring. Proactive meaning before and unusual calls you and tell you something is broken your systems able to tell you that the visibility down to the packet level is we do the Deep packet inspection. When we start trying to send to the Citrix analytics peace and really utilizing the data were able to get and collect through sdn. And it

is it is literally giving us visibility to each packet that's being sent across the connection because that's how we determine. We're not sending things were not adding packets, but for us to know which connection is best for actually attaching something to each packet that sent and ensuring that we know exactly how that's performing at each moment in that and user to whatever it would be conversation going on in real-time Cloud. I mean the hybrid multi-cloud SAS applications in the cloud of your company hasn't moved to the Cloudy yet. That's kind of

the sense that you're hearing. It's haven't moved there yet. During that were able to manage those SAS applications interact with those Cloud applications as though they were sitting in the room next to us as they were five years ago is critical and St. Went help to optimize a connection to do that. Finally cost, of course, I mean sounds marketing and you know where we're going to save your money. You got to save it to spend it to save it type no longer. Do you have to replace those or keep updating your Edge routers were able to take away some of the appliance needs that you have when

you add this in so that's huge and minimizing your infrastructure the other big pieces how many be like buying more bandwidth cheap right go to the accountant. I need 10K egg and a 50 gauge and they cut you a check right there on the spot. I'm not going to save you money on the bandwidth. You've already purchased. What we're going to do is we're going to use all of it. So instead of having back up lines that are never utilize instead of having failover. The never gets touched having S T O N means that we're going to use those back and connections know Matt just

brought up another drawing here really simple. So taking a look what I see. When does we see those two big blue bubbles on either side of what's going to be our way in connection. We've got our data center to On your left the remote office there on your rights that took me way too long to figure out which direction we were looking but I'm going to stay with it. So data center on the left remote office on the right and what we're doing is SV wehen is able to see all your connections. We've got cable DSL active mpls. Now I've got to say usually are mpls connection is probably going to

be better than our cable DSL for your sake. I'm hoping it is or you have a phenomenal cable connection and that's great for you very good streaming, but usually or mpls is going to be the best connection SC when is going to check per packet and decide how I want to send this across it'll also do this based on how you've ranked that packet via that application is this boy, is it bulk printing? Okay. Is it is it a basic word application? Does it need to be real time or right? Can it handle any latency? Well, if it's VoIP, I don't know if you've ever Do you have any

any type of Skype or or face-to-face conversation that it's going to be a little too difficult. So we're going to optimize at Jitter option optimize a connection by keeping an eye on the Jitter keep denying The Lost and the latency by being able to select all those individual connections. Ratio into International routing Network sissy avoid asynchronous communication, but it's the wind takes advantage of that to reset wearing caps letting all this traffic in a UDP 4980 session that goes across all possible paths and it's reassemble at the other end. So that's how we were able to send those

packets over different links and reassemble them and then points are unaware of what's Happening. We're just optimizing that blows blows between the Branson the Datacenter and we do it between both directions, which is a huge piece. So we're not just looking data center to Branch were looking Branch today the center it may go over one way and come back another depending on what the best man was at that moment that is available. Now looking at how it does delivery across the best path we go through we ever to is bandwidth control. So are we looking at real time connectivity? Are we

looking at both data transfer? Are we looking at it in a standard down application on the middle? We're going to evaluate per packet. Remember? We're not sending a ping. We're not sending an empty packet. We're not trying to Add to your load that's already on your way and we're not trying to raise what's going across in your bandwidth. We're trying to optimize and utilize it correctly which means all my voice connectivity may go right through that mpls cuz that's the best best case scenario and then I've got a huge book printing job that has to go across well if I slam mpls with that that

may slow it down, but you know what my internet connection is good. Okay, there's there's a little bit of latency but it's both printing. So we're fine. It's not going to hurt anything if it's one of the few seconds behind so we can push it right across that internet connection cuz that's the next best path without hurting the current mpls connection that's going from SD to SD went across that can that connection will talk more about this but it is it taking this together something at both ends picking the appropriate past. If u s number real quick, just see

we're talkin about mostly standard edition features here, right? If you when we have kind of three flavors of SD, when we we have our way up Edition, which is just what it sounds like. It's all your optimizations different ways to control how the how the package were looked at how the traffic is utilized. We have our standard edition, which gets into much more the actual delivery doing more of the the load distribution is we're not going to call it load balancing cuz it's not balanced but picking up the actual connection that we want and then we

have our Premium Edition Platinum Edition is used to be called that goes in both together. So you get went up with that standard edition together. They give you both the way an optimization as well as the actual application detail controls and you can decide again where you want the book date of the go where you want the void to go which connection is best and ensure that all your connections are being monitored and being evaluated as you look through this. We have similar diagram that we

looked at before we're going to break out these the sessions board talking about with these different flows is going to be multi-stream. I see a session, right? So there's different types of traffic that are going to be involved there and I guess I'll just die bring it to the user experience of what we're talking about. Who starred with the launching of virtual desktop on the user's endpoint once a user opens? The desktop will see we have the Explorer open. We're going to start a file. This is going to run a video who Rebel racing

the red bull racing car that Civic sponsors doing donuts on the roof of a tall building in Miami and the video and audio quality is okay. This is like a low latency link. We haven't been constrained a bit. Now. I'm going to go ahead and copy a very large file from the data center and it from a virtual directory to a local directory on the endpoint. It will notice as with some see some glitches from the interactive model scrap in Pinellas copy that file and then the band with you start the ramp-up will see it affects

the quality. See these kind of blocks with pink in the back. So this is what we're trying to avoid right now. We're sending all of that traffic over a single. I see a stream. So it's you and can can prioritize that is best as possible. But the the file transfer traffic is is fighting for a Ford van with with the the video traffic in here. We see in the monitoring tab a a single stream is singled flow. Now if we go back and we've already set out of here West will show how to do that in a minute. We'll go back to that virtual desktop session will start the video

again. It's so now we had we have S to win at the heads looking breaking out that traffic into classes. So we'll talk more about this four classes of a service and now we're going to be able to prioritize this video over the file traffic and will see that we won't have the same interruption in quality over and take that large file copy it from the data center virtual directory to a local directory on the endpoint. They will then again, we will see that as we start the replacement in the network man with ramps up will no longer getting that granularity in the

video the video quality remains good. So understanding, we're not buying more bandwidth here. For those of you that are getting frustrated that you cannot watch Netflix while you do your job at the Windsor answer now, what does it mean we're doing it means we're taking those different connections that you're already paying for. And instead of pushing out this bulk transfer over where we're watching video over. We're we're we're we're watching our Synergy TV or or whatever else it would be where we're utilizing another connection that you already have that can handle that book

transfer so we can leave that video alone. We're not again buying more bandwidth. We're not asking for more money on the throughput. We're just utilizing what you already have available. By deciding in those classes of service where each individual file should be going based upon what the available bandwidth is for that connection again lost latency Jitter all those other things, but also how it's going to affect. Okay, how it's going to affect what's already going across that connection in this case the Red Bull Racing video that we're saying.

It's not what's waffle pause the file transfer and pause the video will back to our rui forested land on the MTN how to change we have those four different classes of traffic. It's being Matic also being broken out in prioritize what was monitored on the Sun? And then if we go up to statistics and application to West we can see the four different classes and then the top here don't start the video back up. Don't notice. It will see any permits in Priority One traffic. This is the the class 1 traffic which includes the video. It's incrementing because

that's being passed across the net worth right now. It will go ahead and pause this and will resume the the file transfer. And I will notice the party to traffic is implementing. This is the class to traffic in. This is the I see a stream is being broken out it into class 2 because it's filed traffic. So you can see it in a pretty easy. It's easy to set up for that will sit with Santa minutes freeze. You can figure novice e good user experience. It really is it it can really change again not how much bandwidth you need really?

Just how what you have is being used now looking at that initial connection that you can you walk us through what the virtual desktop to look like without that multi-stream ICA without the multi stream connection not breaking it out. It can't send a video on a different path than the other file traffic. So we have the ice and we said we have four classes of traffic. The first a real time is is for audio. That has to have like a expedited forwarding, you know, in terms of quality service the private party 1 classes for

graphics. Mostly the video Content Party to is foremost invoke virtual animals such as file transfer and then 3 is low Priority Printing it can happen whenever it happens. And again, these are default classes but these are things that if you've been doing this for a while and I hate the date myself or anyone else sitting in this room on this is not brand new stuff. Okay the idea of picking a class of service for a packet that you want to send across your way in. This is not a Citrix Novation of the last 2 weeks know this is something has been around for a while. But the way that we used to

do it was so labor-intensive from an administrative standpoint is ridiculous. We're talking about changing ports. Okay. We're talking about segregating the data going in for each packet having to label as we going to do 0 1 2 3 is this real time? Is it not whatever it is, so Sing it how we can do class of service utilized in EST when Matt what's changing what's different what's easier for me is an administrator before I had the ability to do this, you know controller the virtual desktops controller. We could actually configure with a spa service on a different TCP Port. So what are

we seeing on the network firewalls and switches routers, they can have priority to use that you don't match that and then sit on its way is it is a different screen, you know that we also came out with another version or we could tag those those screams 1494 2598 portswood a different tag in was prioritized differently toward doing now with this feature on SD. When is that through the same uniport 1494 the NL single-stream when it hits the S2 winbox, we're breaking out automatically. So there's no configuration required on the

controllers and no changes on your network equipment which you know it. Be very attentive and take a lot of change controls. Firewalls Security Department. There is no Monday afternoon meetings because security decided to close a particular Port that wasn't in use although it wasn't used because you change a priority. Okay. We're allowing to ask Dewayne with a couple of checkboxes to give you as administrators the ability to designate this should be real time. Okay. This is a bulk transfer and here's how I want these to go across not adding tags not changing ports not having to have

change Windows again multiple meetings different teams involved you are getting the control over the traffic without having to make all these on call him old school, but out without having to make all these old school adjustments that leave the door open for for security issues with additional ports. They leave the door open for connectivity issues because we have security that's doing their job going through clothes in Port that may or may not be open and we still have a lot of chances of getting lost ports getting close. Four different connections that are that are just not working

correctly. So what this looks like with multi-stream i c multi-port. The flow is going to come out for example the audio from the controller and it's going to hit that has to win and be different streams and reassembled and then there's going to be a separate stream on a separate part for the party 142 and then priority 3 traffic. And then simile on the similar to Pepper set up. We're doing multi-stream ICA Singapore tag, we're sending that traffic out and multiple flows from the controller that's already tagged and it's in his acting on it promises with Jesse

said there's definitely overhead to implement this until what we're doing here with the multi-screen. I say single-port you as if you were, you know, virtual app and desktop administrative don't have to do anything that's coming out as a single stream the party 0 / 31 and 32 traffic same stream coming out of controller when it hits the SD. When is this that's breaking it out automatically picking the appropriate channels for it's based on his Quality Service needs then reassembling at the other end now if you noticed right there at broke the real time to And that was weird it went top and

bottom right? Guess what you can do. If you are so concerned about the ability for you to do live video real-time everything else. You can have asked you and take your single packet duplicated and send it across to pass whichever package gets here first. That's what it uses other when it drops. Yes, it will use double the bandwidth on your way and we're sending it both ways, but we're going to pick two different methods to get it there. And that way you ensure not only is your packet always going to get there for getting it there as fast as I possibly can by sending it over to different wraps.

So there's so many options in this configuration. Could you walk us through that the demo here on the admin experience for this one is going to look like Going to start in a MCN here here. We're back to the monching tablet or just verifying. This is before implementing. We have a single stream here. Okay. So this is kind of a standard configuration channel in s t o n on the MCN we go to the configuration tab will open Virtual when will navigate to configuration editor. There will see we have rmcn site which represents the data center in

the branch. We have a couple of ethernet interfaces. This is where the controller resides and in the branch couple of Ethan and faces. This is where the endpoint we both have when links to the respective when channels the internet mpls or LT. What have you to go to the global tab applications will see here. We have are the package Spectrum labeled EP. I will talk about that more and we just have to enable that for I see applications. There's a single checkbox. I'm going to go ahead and apply that and then once it's applied we follow our standard implementation process

will save that off. And then I will push it out to our change management in box black export that and then this is our standard it's due in change management process. If you're not familiar with it when you go it's going to be structured. Will you go ahead and do you know what your active configure is in the stage can say that we just save will when pushed it out these the boxes. So obviously this is done centrally you could have to or you can have a hundred sites. It's the same process. What does push the Box we go ahead and activate this is where were actually applying

it to the boxes and it's kind of a pretty structured changing it and process you have plenty of chances the bailout or revert if needed send that's it. Once you're done you're active. It's breaking out those pretty those classes of service. Again, there there still configurations, but beyond the skip ahead of a couple of 30 seconds over waiting for it to load your excuse me, you're literally checking a box to allow it to do this. Again. You're not going in re-signing ports. For those of you that have done the multi-threading in the past and down these additional configurations and screwed it

up as many times as I have. This is so much easier using the master control mode. You're making your change on one device and then pushing up the config to all your other appliances. Okay, that that are marrying that configuration. It's a real set-it-and-forget-it type of configuration and it just ensures that as you're kind of doing this for the first time or as you're doing this throughout your process. It is really really quick and simple going through the Dewey there on the SC went. All right. This is not talk about such connections to do it separately from the branch, right? So

at the branch, obviously we talked about getting back to the data center. But there's a lot of reasons why you would want to go directly to the internet at the branch right. Now. You may have a Apple laptops or applications that are closer to you than here putting back through Datacenter. You may want to get go to a web gateway to have some filtering done. You may have its ass application that you want to get too. And I was going to save a lot of time in Layton reduce your late and see if not in fact calling through the data center. And of course you may want to go to the data centers AC

when can do this in the branch and we do this through a deep packet inspection this one of her big Technologies thousands of applications. We can we can identify automatically and along with that, you know to set up a branch to do this soon as there's a few other things, you know, we need to provide a firewall would provide anus we basically move the edge to the branch. So it's a good lot of good use cases for doing this it's huge and and the days of taking your truck load of cash. And dumping all of it into your data center because the old school Hub and spoke of all

your branch offices have to connect to the data center to go anywhere else, even though it may be going from you know, California to Florida just to get to an internet application has hosted somewhere Missouri is just crazy that we no longer have to just keep building up those Mainstay data centers because we're extending that software to find Wayne and we're extending your ability to decide should this branch office back hall back to the Datacenter should have go to the internet web Gateway SAS, whatever it would be and how do you want to control and interact with all of those hybrid

multi cloud or SAS applications? Not everything has to route back through that main main box. We can allow our other pieces without breaching security without having to risk because we're extending the firewall. Okay, we can extend the VPN Communications whatever else we need to without having those additional risks. By not routing everything back to the Datacenter. So there's some Financial benefits to this year you breakfast elevation right. Now, you're being put in your you can get rid of your Edge router and any other point Solutions, you can. You put estimated place in those and once

it's in place and there's additional benefits. So now you can take sass connections and Route them directly to the Internet so it and in the case of Office 365. We have a special way to do this Microsoft eye disease network connectivity principles that allow us to download these these images basically that this describe different types of applications in the routes and they allow us to determine whether it's beneficial to ride it out directly or back holler. It's so by doing that weave weave weave identify them significant improvements in the performance about much faster

download and upload speeds and better call Quality for using Skype or things like that. Our partnership with Microsoft has been huge and not Reinventing the wheel here, but utilizing the measurements. They have utilizing the work Microsoft has already done this a look. If you push this app directly if connect to it directly, here's a savings at you're going to have is critical. Can we look on your mind walking through hell with the Office 365 optimization looks like So here we are different flows in biscuit. If we're going to connect to Office 365 in a call center of this is

what's going to happen. If you're going to be optimized across your you know, your Winery, but you can have hair up into the data center. And obviously that's going to be more latency. So here's a quick look at what's what's going to happen if we do that. So here's the Microsoft network assessment tool we can see this is going to measure a call qualities. If we're doing a Skype call. You can see in this scenario. What were being back halls Jitter lot of loss as you'd expect you're the further the distance the more the worst quality the lynx

look online, you know, it's it's very poor user experience. So it's not a good thing. I'll have to look at it, you know simply if we set up our SD win in our Branch to break out traffic. So we have direct access to the internet going to be able to find the closest Office 365 Papa to improve the quality significantly for the user experience. Cinepolis in the common the right first, we're running out of my network assessment tool and it is greatly improve reduce latency here. This is Dina

being that that Branch connecting directly to Office 365 pop so very good good fremitus for the call Quality there. Then the download looks like we're going to take it 3 minutes an order of magnitude difference and then obviously the Outlook search is fast. So this is you know, a really a nutshell avoid you get by doing. This is very beneficial to your end user experience. And again, the numbers are great. Just the idea that that I passed directly to wear Office 365 is being hosted versus going back to your data center then back across that way and connection. I mean

pretty self-explanatory. We're going to get a better connection. You're also going to not use as much bandwidth across your when you're also not going to be utilized in the sty on the data centers to meet you at the Espy win. And you're the connection message on the data center side. So we're limiting the amount of resources that are going to be used. By not doing that back hall. It's big now Office 365 already has endpoint categories that they give you that ability review the optimize the allow the default. And again, this stuff is already pre-configured by Microsoft already sorted by

them. I said it before but not Reinventing the wheel we're utilizing work that are Partners have done to help out and help optimize applications that you and your team are using everyday. Yeah. This is just to look at this is directly from Microsoft description of their kind of committee principles. They break it out in the three types of classes and you can enable one or all three in a can of a it's going to let you try and see if if you if you have some performance issues with one you can that you can undo undo it and that is identified by the definition to you have the the app the specific

IP addresses and I think what it comes down to is not all apps in the same popsicle believe the less the less than the Spurs probably less pain after you would get So let's take a look at configuring this in the SD win console from administrator perspective throwback of Eren Eren CNN in the same spot. We were just at the configure the DPI for IC applications. We're going to go to Global applications. And then there's a drop-down for Office 365 breakout nutraceuticals three categories. Okay. So we're going to have them checked by the fall and then Lino obviously if

you have issues you can start with D full and check it and it move your way up. Animal keep a table here. We'll look at my desk by selecting those were going to automatically do some things for you. So first this way to configure an application object. This is needed by the Deep packet inspection machine next weekend. I create a firewall template for a we mention. Obviously, if you're connecting to the internet directly have to have a firewall just going to give you is faithful connection out to there and block other traffic that you don't do it allowed to the for a while. So we said that we

have hundreds of branches is going to fight all those but if we go back to our connections here will see that globally we don't we don't set that by the Fall. Do you have the ability to override that? I'm here. We can see our routes. This is for underlay Network. So this is going to be set beforehand. This isn't something you Nable. We do add the application routes. These are needed to breastfeed when to know that they need to Rob this type of traffic and identifies in the DPI engine in or out to the internet directly. Unless of course is DNS. We have B & S transport for door entry

Sonos to needs to resolve those sites as well for the the domain names. And then of course before hand we can figure Tina services. This is not configured to automatically so you'll have this and you'll have your your winning linwen links configured as well which we showed. Those are just basics for whatever use case you have with s t o n 3 seater, you know, very straightforward a few checkboxes to configure and not a bad deal if we can drop into the mon trim tab we look at the far wall section will see that look real individual entries for each of those flows. Right as it

identifies the different types of traffic. I should point out. Look who I have you so good perspective there to be able to monitor that traffic. And also if we drop into the statistics section, we can pull up bar application routes and we'll see the there's hits. This is how we can tell those all those 3 connectivity pretzels are being hit and how often Just look at the underside pretty straightforward and let's we talked about the back hall in Office 365. Let's take a peek at the branch connections. Peace and how we can kind of mimic not having to

do that are additional jump back. So again RR hub-and-spoke model of our data center being the end-all-be-all center of our networking environment and end of all our connectivity. What were able to do with a do you win is do the branch to Branch connection? Okay in this case were talking the u.s. Branch and the European branch and Matt you get to be Europe cuz you say as year and I say Azure is so we we have yes, it's ratchet completely French. I just americanize it so we have these Branch offices that are separated by by an ocean at least one and yet we may be

connecting to them by hitting a Datacenter. That's completely somewhere else. So we have to ensure that we are utilizing these direct connections whenever possible depending on if we're hosting things a different branch offices for oh where we're making our connections the same traffic steering we talked about when going directly to the SAS apps directly to those other pieces, we can do that Branch to Branch once we talked about integrating it with Microsoft V went. Yeah, the side benefit of you can do brunch to Branford. Also, you get a fast route into the Observer. So if you have

applications hosted their you're benefiting as well. So you don't get it look at our standard architecture. And this one's a little bit hard to explain just for architecture pictures. So this is without integration with his or her obviously if you have asked you win in your branch locations, they can benefit from traversing the internet access to it. You don't pay for getting all the way across it. So there's something so there's some challenges that right. You may Starlin on a fat fight, but then you may hit some Daytona

Outlets along the way that traffic make it through a smaller pipe or maybe maybe even be congestion where some packets get through some dump. So, you know, I'm not guaranteed friends that I'm on the Internet. It's not necessarily guaranteed speed and dance and difference. Is that the big benefit once we start looking at V. When we again, we we are not out there laying millions of miles a brand new pipe. What we're going to do as Leverage What are Partners already have and that's looking at the Microsoft Azure Global high-speed Network. Meaning we are going to find those pods. Closest to our

connections and we're going to ensure that those are the ones that were jumping into okay, these miles of fiber. They're already laid. We can leverage them through the SD win and through this View and integration to ensure that we're not getting bad Hops and that we're getting the most erectile possible to go from our us to our European branch. Raceway Like Jesse said no, and you know, we're basically getting a high-speed connection across the user back on those branches are now using the internet just for the last mile that connecting to those as their pops.

But once they're they're connected they're taking the high speed link across to you. Is there a backbone and that's likely going to be a very good connection much better than the general internet. So talk about the admin experience in. This when I finish over there, I'm going to show his kind of threw three sections. I think it's a video and probably looks more convoluted than it is. There's there's three areas we have to set up for this. Okay. So if the first is the the branches this is where we're going to configure your physical interface to the internet. I'll just do

the ask me a place. We're going to figure the wind Lincoln internet service internet services. What's going to be used to set up an ipsec tunnel on the endpoint? The next is going to be with we'll talk about a second is user portion. And then the other CD Citrix SD. When is our virtual machine that glues together we can figure this. There's a look back at the MTN in the connection section. We've created internet service and we map that to a physical you no internet connection. This is a requirement. So when we when we communicate with the Zur, this is going to be uploaded and it's

automatically going to push down the configuration details for the ipsec tunnel. So I know if anybody's ever setup ipsec tunnel mainly with router be very ugly freaking almost automatically you don't you don't have to touch it. Other aspect this is is there a course and you can see some of the same constructs the resource groups virtual networks in the new when you can introduce has a virtual win in a virtual when were going to Mapei vpnhub to that. So here we are in the Missouri portal and we've added a virtual win and we add a VPN

site. That's one of the first configuration steps and week in the VPN site. We can figure the the net worth of its going to be used for this all of these these ipsec tunnel with are going to have a network range that they're going to use and then here's the the the Hub Integrations the virtual Hub is what you actually pay for it. So this is where you need to do some sizing and be clearer because if if you're not you might get charged for more than You're Expecting. And then the last step is with Citrix sd-wan Center. So this is where we're going to integrate with his or we're going to

communicate with all those branches find out the the internet configuration that we did on the MC and we're going to communicate with you. Is there a virtual Lan in its going to magically push down or configuration for as I'd be sick finals? So here's what they looks like. This is running on a virtual machine in the network I used and there's a look at the desert details. So we have to put put in a subscription id10 ID app ID and then the secret key in this is all found that portal Summit under the Ada section. And once this is complete, you know, we're communicating with

Azure and then it takes about twenty-four hours a day. It's not instantaneous. But once it is we'll get the tunnels deployed sign in Monroe that we have connectivity in each of those branches have an ipsec tunnel, you know back to that Hub and then they're able to communicate and route between branches or two applications. You're hosting in Windsor that like we talked about. Now what's up, wrap it up as much as a man. I really appreciate your time. This week is very very valuable 45 minutes with us is not going to get you completely ready to go out and deploy

ASD win use it was seve add your sass in Microsoft View and but understanding what I see when is designed to do Pastors to marketing pages that you see online. Okay starting to realize how it can work for your branch to Branch how it can optimize and make those q-less selections without you as an administrator having to spend our selecting different ports doing tagging. Everything else is huge simplifying those connections to your sass applications allowing you to have that true hybrid multi Cloud environment without losing any of your end user experience is big

Your Citrix virtual Afton desktops environment that auto qos feature. Okay, we're talking about thousands of applications already discovered. Okay already understood by SD win the integration with Microsoft Office 365 was optimizations that are already there. This is stuff you could do and it will take you hours of configuration versus the checkbox you saw on our demo. Understand if you can identify. What a pit is give the priority you want in your workplace. Okay. Where does Office 365 rank upon what your working? What about your custom maps? What about your work days your your

contrariar your sap. You can decide what priority you want to give to each of these applications that are Auto discovered 1 CST. You can see what's going across our environment using that DPI and deep packet inspection. We can see what is already there. The SAS applications integrating with a cloud environment understanding how important it is for naught naught as just to have that connectivity but to make sure it's reliable to make sure it's secure make sure end-user experience is the same as if that was in the office next to us without having to do

that backhoe all the way back to our branch office from our branch office to our data center. I ordered you take some time and that s t o n Dewey okay, if you haven't got to play with it, there's lots of resources available. Yeah, text text tone on bendy and the other sessions you heard about this. We have a lot of content out there. We have I know I did text no on SB win and there's plenty more in the words. I probably by the end of the corridor have one on The Office 365 breakout after stop up get stickers cool to put on the back of your mobile devices or laptops

Citrus customer services has a training that citrix.com site. Yes, we do instructor-led training. Did everything else the big push we have now between this week and last week. We just released 350 Nui learning videos come complete with Labs. If you visit the booth in the expo hall, they give you five days and premium access which is free. You can go in and see everything this includes active Labs on SD when active Labs on Citrix abc12 one active Labs on see that all right there and we have the promise of uploading another at least 700 by the end of the year, and I promise I mean my boss

made it a requirement of my job. So I promise you it's going to be But this will continue on the e-learning side as well as understanding. We have a search center where you can take your certification exams. They're open for another 4 hours today, but just lots of other resources again. I told you this is not the last session. Okay, we have the finale where we see who gets the throne or whatever. It is. Gandalf gets the ring there. I'm not sure what happened. But what's happening in Arkansas final episode coming up there going to be a deep dive on machine learning and behavior analysis behind

Citrix analytics and find out a lot of the, you know, the great technology. We've been working on to protect and monitor your workspace environments. With that before you leave, please do the survey. That's how we know what we're doing good. We're not doing well you're on the decisions around a man up on the city of Stockholm today be able to download the presentations by June 3rd. Give a session feedback in the app and play game on and please tweet about it's in to 3/4 Citrix Synergy. Thanks for your time today. Thank you. Everybody. Have a great rest of the week. I appreciate it.

Cackle comments for the website

Buy this talk

Access to the talk “Citrix Synergy TV - SYN234 - Geek's guide to the workspace (part 9): designing the right workspace..”
Available
In cart
Free
Free
Free
Free
Free
Free

Access to all the recordings of the event

Get access to all videos “Citrix Synergy Atlanta 2019”
Available
In cart
Free
Free
Free
Free
Free
Free
Ticket

Interested in topic “Software development”?

You might be interested in videos from this event

September 28, 2018
Moscow
16
157
app store, apps, development, google play, mobile, soft

Similar talks

Mihir Maniar
Vice President, Products (Citrix Networking, Security and Analytics) at Citrix
+ 1 speaker
Chalan Aras
VP/GM, SD-WAN, ITM, CITRIX NETWORKING at Citrix
+ 1 speaker
Available
In cart
Free
Free
Free
Free
Free
Free
Valerie DiMartino
Sr. Product Marketing Manager, SD-WAN at Citrix
+ 1 speaker
David Wertz
Senior Network Architect at Northside Hospital, US
+ 1 speaker
Available
In cart
Free
Free
Free
Free
Free
Free
Derek Thorslund
Senior Director of Product Management, Cloud/SaaS Connectivity (SD-WAN) at Citrix
+ 1 speaker
Wesley Shepherd
Leader - EUC Enterprise Architecture at FIS
+ 1 speaker
Available
In cart
Free
Free
Free
Free
Free
Free

Buy this video

Video

Access to the talk “Citrix Synergy TV - SYN234 - Geek's guide to the workspace (part 9): designing the right workspace..”
Available
In cart
Free
Free
Free
Free
Free
Free

Conference Cast

With ConferenceCast.tv, you get access to our library of the world's best conference talks.

Conference Cast
551 conferences
21656 speakers
8016 hours of content