Wednesday, December 20, 2023

What’s new with Citrix – CVAD 2311 and Cloud updates

Is there a better present than new features and a new Citrix release? Citrix continues to deliver on our commitment to hybrid environments quarter after quarter with releases for both Citrix Virtual Apps and Desktops and our Citrix cloud platform. We’re excited to wrap up this holiday season with more releases to help improve your efficiency, security, and end user experience. 

With all that being said, we’re thrilled to announce the general availability of Citrix Virtual Apps and Desktops 7 2311 to our customers! This release comes with site management improvements, SPA on-prem plug-in, new StoreFront UI, and more! As we promised at the beginning of the year with the launch of Destination: Hybrid, we have continued to deliver feature after feature to help drive parity between our on-premises and cloud platforms.

Citrix has been focusing our innovation efforts over four main categories, and we are aligning our feature announcements along these four groups:

  • Operational and IT Efficiency
  • Workload and Device Flexibility 
  • Security and Compliance
  • Employee Experience Technology

Let’s dive into the features and capabilities we have introduced in all four categories for this quarter across cloud and on premises!

Operational and IT Efficiency

Tech Preview – PVS Switching to MCS Provisioning

Historically, PVS has used its own separate wizard for creating VMs in both on-premises and cloud environments. To streamline the provisioning process for administrators, we have introduced a feature enabling customers to use Studio for PVS VM creation. This marks a significant advancement in bridging the functionality gaps between PVS and MCS, leading to faster feature development. By utilizing MCS capabilities, customers can now access features previously exclusive to on-prem hypervisors and public clouds for creating VMs with PVS. This includes support for Hybrid Azure AD, Azure AD, Intune, on-demand provisioning, and the ability to update machine profiles after their creation. Administrators can now manage PVS provisioning from Studio with a unified UI and workflow, greatly improving PVS’s supportability by employing the same API as MCS.

VDA Upgrade Service

The VDA upgrade service is a new feature we rolled out earlier this year to aid customers in keeping their Citrix Virtual Delivery Agents (VDAs) up to date with the latest features, functionalities, and fixes. With the VDA Upgrade service, administrators can improve operational efficiency by shifting VDA updates from manual or complex processes to automated processes that Citrix manages. We are continuing to deliver improvements to this service with our new releases. Proxy support enables customers to use this service when the VDAs are behind internet proxies. Local file share support enables customers that have air-gapped environments to direct their VDAs to a local file share and pull the latest VDA installer locally – no need for internet access. Lastly, new upgrade fail-safe capabilities allow administrators to configure an exit strategy during upgrade issues by setting concurrency levels and failure thresholds. With these updates, we are introducing even more flexibility and control to administrators within their Citrix Cloud environment.

Monitor Improvements

Admins are a core user group here at Citrix, and we’re making strides to make it even easier to troubleshoot issues from our consoles. This quarter, we have rolled out a new logon breakdown UI, which comprehensively breaks down the individual services, and stages are broken down in detail. This view empowers admins to gain a deeper understanding of possible causes when needed. To further drill down into end-user issues, session performance metrics such as ICA RTT, latency, and consumed bandwidth offer more insight for faster triaging and understanding root causes. We are bringing these endpoint network statistics to Linux Workspace app uses, allowing for data from thin client vendors.  

The screenshot below showcases logon duration phases over time to easily view all details over time from a single view. 

Tech Preview – Autoscale updates

Cost savings has been one of the core focuses for development over the past year here at Citrix. Earlier this year we introduced Autoscale for on-premises with 2308, and we are continuing to drive further cost improvements. A lot of these updates are focused on persistent machines, which drive a lot of expense in public clouds. Several features such as shutdown if not in use, end user hibernation (Azure Tech Preview), and reclamation service have all been released to target persistent machines. Additionally, to help with public cloud costs, vertical load balancing is now configured at the delivery group level. This enables administrators to configure their cloud Delivery Groups with vertical load balancing to save on costs but maintain on-premises Delivery Groups with horizontal load balancing for the end user experience. 

One of our biggest releases of the past quarter is Autoscale Insights,  which is currently in public Tech Preview. You can toggle the tech preview on by going to DaaS within the cloud console, scrolling to Preview Features and toggling Autoscale Insights on. Customers want to make “data-driven” decisions to ensure their Autoscale settings align with actual capacity usage, striking a balance between cost savings and user experience. Administrators can compare “actual historical usage of their capacity” with “Autoscale settings” and infer three aspects – cost effectiveness, poor end user experience or a good balance between them.

Site Management Improvements

Alongside cost savings, we are always looking for ways to make our product more streamlined for our users. We are bringing improvements to Web Studio Backup to make it even easier to backup and restore configurations, for both on-premises and DaaS Web Studio. Administrators will be able to easily schedule and restore backups on demand, with notifications and logs to track changes. We are also introducing centralized site management with the ability to assign additional sites to a primary site. End users will be able to log on to one Citrix Workspace URL and access all their resources regardless of site, and administrators will easily be able to switch between the sites in their organization and view metrics through a unified Monitor console.

The screenshot below depicts the Backup + Restore tab in the Citrix DaaS console with a configuration backup in progress.

Workload and Device Flexibility

Tech Preview – Multi-IDP Support

Here at Citrix, we’re all about giving you choices. Our latest feature: multi-IdP support within the Citrix cloud console, continues to deliver on this goal. With multi-IdP support, you can now have multiple IdPs of the same type within one Cloud tenant. Exceptions to multiple IdP are Citrix Identity, Active Directory, and Active Directory + Token. An important note is that currently, you can still point to one IdP at a time in the Workspace configuration. Alongside this capability, we are also introducing the ability to clone SAML IdPs. You now have the ability to clone a SAML IdP, give it a new nickname, and edit the configurations to create an additional SAML IdP. 

The screenshot below shows that you now have the option to add identity providers to your existing IdPs inside of the Identity and Access Management console. 

Tech Preview – Linux Secure VDA

The Linux VDA Secure HDX now offers an enhanced security framework without the need for deploying certificates to the VDAs, a process that previously complicated setup and administration. This advancement includes Secure ICA 2.0, which simplifies configuration and management while utilizing contemporary security algorithms and providing immunity to Man-in-the-Middle (MITM) attacks. Users can experience true End-to-End Encryption (E2EE), ensuring seamless security between the Citrix Workspace app and VDA, with effortless deployment and management. 

Security and Compliance

Session Recording – Audio Recording

Citrix is bringing the power of Session Recording to in-session audio! This has been a long-awaited ask from organizations that need to have recordings of both the screen and audio that occur within user sessions. Organizations are now able to record audio and video to secure and troubleshoot user sessions seamlessly. A top use case for this feature is for call center calls to be recorded in tandem with screen recordings. This will ensure better quality, compliance, and troubleshooting. For information on how to configure audio recording, take a look at our product documentation

Device Posture Service Updates

Device Posture service is used to classify devices as compliant or non-compliant. This information is then used as a condition to apply contextual access to DaaS or SPA resources. Last quarter, we announced the global availability of Microsoft Intune integration. We continued our effort and have CrowdStrike Falcon as another 3rd party integration. But one of the most essential things for our roadmap is feedback from the field. We listened carefully and are happy to have Citrix Workspace app version check for iOS, Device Certificate check on macOS and Windows, network and geolocation check and IGEL OS file check generally available.

The screenshot below shows the new options for device policies admins can add.

Citrix Endpoint Management Improvements

Citrix Endpoint Management (CEM) is a product that our customers love. We continue to work closely with organizations to deliver the requested features and state-of-the-art security to make them successful. We are happy to announce Day 0 support for Android 14 and iOS 17. Additionally, Citrix Launcher for Android, which is designed for restricted devices to allow only certain apps to be started at kiosks, is now supported. Dark mode support for Secure Web and Domino 12 support for Secure Mail are also both now generally available.

Starting in 2023, we announced the support of Citrix Endpoint Management with NetScaler advanced authentication policies (nFactor). This enhancement elevates the user experience for single sign-on. Today, once the device is enrolled, the end user is prompted again for User Credentials to get authenticated against the NetScaler. With this enhancement, single sign-on will be seamless. User credentials are provided once during the enrollment process.

Citrix Enterprise Browser Innovations

Happy birthday Enterprise Browser! It’s been about a year since this product first launched, and we are invested in continuously developing features to suit customer needs. Based on customer requirements around Browser security and extensibility, we added the support for custom extensions, decoupled the Enterprise Browser update process from the Citrix Workspace app, and now reflect the current Chromium user agent header. We also updated our guide to restrict Okta and NetScaler only to allow Enterprise Browser for logon. Another significant enhancement is simple single-sign-on for on-prem use cases, but please be aware that Global App Configuration Service (GACS) is needed to turn on this feature. 

SPA Service Enhancements

Several enhancements have come to our SPA Service this quarter. Looking at the Citrix Cloud licensing dashboard, all active SPA users accessing client-server-based or web/SaaS apps are now included in licensing counts. Also, the SPA diagnostic dashboard logging was enhanced, and the user interface has been updated to expand event details with a simple click on the event entry.

During our customer conversations, we discovered that customers have a different security understanding of accessing unsanctioned websites. Some want to block access by default, and others want to allow access. With this enhancement, we give the customer the flexibility and choice on what should happen by default, allow or deny access. Speaking of flexibility, we now provide options to configure agent timeouts and specify an IP range to spoof DNS responses on internal server queries not to expose internal IP addresses to the client.

SPA on-premises 2311

As our hybrid story continues, we look forward to providing the same feature set we have today in SPA service, for SPA on-prem. We recently announced the global availability of SPA on-prem version 2311 (SPA Plugin) – a milestone in management, dynamic policy evaluation, and authorization. Starting with the CVAD 2311 release, the SPA plugin is now a part of and can be installed along with the Citrix Delivery Controller or using a standalone installer.

The integrated initial configuration wizard makes it easy for customers to implement SPA on-prem on Day 0. Additionally, the SPA on-premises console is now integrated with Web Studio to enable Citrix Virtual Apps and Desktops admins to seamlessly navigate to managing SaaS and Web apps along with the workflows for virtual apps and virtual desktops.

Real-time dashboards with users, apps, and policy monitoring are available in the SPA console for visibility and monitoring.

The screenshot shows the Secure Private Access console that can now be leveraged on-premises. The streamlined look and feel make it easier than ever for admins to secure web and SaaS apps in their hybrid deployments. 

Employee Experience Technology

Tech Preview – HDX Direct

This feature enables clients to establish a secure direct connection to the session host, effectively reducing extra network hops when direct communication is available, and can be easily configured and enabled using a Citrix policy. Known as HDX Direct, it allows direct connections to session hosts whenever possible. If the client can directly reach the VDA over IP, it promptly establishes this secure connection. To enhance security, HDX Direct automatically adds (D)TLS encryption using self-signed certificates and leverages network-level encryption to ensure data safety. As a result, users benefit from improved performance and reduced latency, all while maintaining a high level of security in their connections.

Tech Preview – New StoreFront UI

Starting this year, on-premises StoreFront has begun receiving regular updates in our CR releases. While we brought some smaller changes to 2308, even bigger changes are coming with 2311. StoreFront has been in maintenance mode for a while and not receiving updates, so it looks more outdated and does not look similar to the Citrix Workspace user interface. This can be confusing to end users.To address this, we are introducing the new and improved Citrix Workspace UI view to StoreFront. Now on-premises users and admins can take advantage of Activity Manager, improved search, and more!

The screenshot below depicts the interface that on-premises users are now able to see in Citrix StoreFront. 

Vanity Workspace URL

Previously, all Workspace customers had to use  * URLs for end users to access their resources. We got feedback from customers that they desired the flexibility to use their own domain in their access URLs. A unique domain name makes it easier for end users to remember their access URL, and can also match the company’s branding across their other sites. We’ve recognized the need for those looking to apply their corporate persona more deeply across their Citrix Workspace experience with a customer-owned domain. That’s why we’re excited to share that the custom domain feature is now available! Check out our blog and migration blog to learn more about this new feature.

Tech Preview – Multi-Workspace URL

How users access their resources is a crucial part of the Citrix environment. Enterprises want  to make access as easy as possible while maintaining security and delivering the right resources. This is often done by separating the access layer into different URLs. Previously this capability was not possible natively within Citrix Cloud. Today, we’re happy to announce the public tech preview of multi-Workspace URL! Companies can now use up to 10 different URLs, and leverage different branding, authentication methods, and resource filtering across each URL. Simplify user access with Multi-Workspace URL functionality now available natively within Citrix Cloud! 

The gif showcases where an admin can edit and add multiple Workspace URLs.

Tech Preview – Improved MSIX Staging

MSIX is a Windows app package format that provides a modern packaging experience to all Windows apps. Admins want MSIX applications available to end users on the desktop to have a similar experience to native applications. To address this, MSIX packages are preloaded on a Citrix Virtual Desktop when the user logs on and are published directly on the desktop. DaaS desktop users can quickly and easily launch MSIX apps without accessing the Citrix Workspace app.

Try it today

We are closing out the year strong with even innovations and updates for your Citrix environments. To get even more information, check out our product documentation. You can download the latest Citrix release now to start using the new capabilities within your environment. Be sure to keep an eye on our blogs site for even more news and check out to track the status of cloud releases!

Disclaimer: This publication may include references to the planned testing, release and/or availability of Cloud Software Group, Inc. products and services. The information provided in this publication is for informational purposes only, its contents are subject to change without notice, and it should not be relied on in making a purchasing decision. The information is not a commitment, promise or legal obligation to deliver any material, code, or functionality. The development, release, and timing of any features or functionality described for products remains at the sole discretion of Cloud Software Group, Inc.

from Citrix Blogs

No comments:

Post a Comment