SysTrack Use Case: Investigating Problem Applications with SysTrack

One of the goals at Lakeside is to make IT systems as transparent as possible so as to reveal the problem areas in the environment that most need to be addressed in order to improve the end-user experience. Some of the most frequent culprits impacting end-user experience are applications with excessive and unexpected resource consumption or continual faults, errors, and hangs. Fortunately, SysTrack provides several tools and various methods with which these problem applications can be addressed. I’ll be giving a quick walkthrough of these, covering the cases in which the problem application is unknown and needs to be identified and then moving into how to go about monitoring a known problem application more closely. In no way will the list of methods I provide be exhaustive but they can serve as a strong starting point.

Let’s begin with the first case, the unknown application that is potentially tanking performance and productivity and just being a general pain for end-users. Assume for a moment that there have been reports of impacted performance on several systems in the environment and a handful of rather unhelpful support tickets have been generated. “My Outlook is slow, my internet is taking forever, my BLANK keeps crashing.” You have a – hopefully short – list of users, systems, and the times at which they were experiencing difficulty; but where do you start the search? The first tool to utilize when given such a specific location and timeframe is SysTrack Resolve. Launch Resolve and change focus to select a system to observe, then navigate to the Overview section to see a list of all recent impacts on end-user experience discovered by SysTrack.

ProblemAppUseCase1

This will provide some context as to with which areas a system may be struggling. If there are a large number of reported application errors or consumption related events visible here, then it should prove much simpler to identify the source of these in the next step due to their frequency. Once we’ve had that cursory look next we’ll dive into the black box and select a timeframe during which users have reported problems with the system. Highlight an area of the chart with high or unexpected resource consumption by clicking there and the applications panel will display the resource consumption of each application that was running at that point in time.

ProblemAppUseCase2

By observing the applications at that given point in time it’s possible to find applications that are impacting the end-user by correlating the system performance with the application’s consumption and begin to address the possible causes. Once some of these problem applications have been found and triaged it may become apparent that several of them should be monitored more closely to limit or prevent future impact. That’s where the next set of tools come in, the ability to create and report on custom alarms. Within SysTrack Deploy, the SysTrack deployment tool, under Alarms and Configuration > Scripting and Response Time it’s possible to create custom SQL scripts for a system configuration that run against the child database at set intervals of time, compare their results to a threshold, and generate custom alarms that make their way up to the master.

ProblemAppUseCase3

Say for example that one of the problem applications in your environment has excessive application load times that are indicative of a poor end-user experience and you need to know when they happen. A series of custom alarms could be implemented that that run every 10 minutes and report the maximum application load time for the past 10 minutes, filtered to only include the problem application. If the returned value is greater than 10 seconds or 20 seconds then a Yellow or Red alarm is generated respectively. Alternatively, the script itself could contain the thresholds and return a count of the number of applications that exceed said threshold in an alarm. Combining these custom alarms in an environment would provide much needed data that allows IT personnel to quickly locate periods of time when the target application was “acting up” and also gauge how common and frequent this behavior is.

Once this monitoring data has been generated you then need a way to readily access it. Since the alarms themselves are already custom, I find that it works best to rely on another custom tool, the SysTrack Dashboard Builder, to filter out unwanted alarms and focus on just the ones we want. Use a simple drag-and-drop interface and a little SQL knowhow to filter the results and you can get an excellent look at the data you want.

ProblemAppUseCase4

There’s no way of knowing exactly which pieces of information will be important for every given application, but with the robustness and flexibility provided by SysTrack it’s possible to identify what you need to know and put systems in place to monitor it.  By familiarizing yourself with your environments problem applications at present you can keep them from being the problem applications of the future.

 

Focus on Personas

One area of particular strength in SysTrack’s suite of value added functions is its ability to provide automated EUC Persona insight, aka “End User Segmentation”.  In their research note, “Segment Users by Workspace to Allocate Physical Devices, Digital Tools, Support and Services,” Gartner analyst Federica Troni states:

IT leaders responsible for end-user computing are challenged with determining the right set of tools to maximize user productivity and engagement without duplicating costs and capabilities.

Such a framework helps IT leaders determine the right choices to accommodate diverse user requirements.

Lakeside’s approach to end user segmentation is consistent with and supportive of the process advocated by Gartner.  The granular End User Computing (EUC) data collected, aggregated, and visualized by SysTrack is exactly the kind of data needed to identify user groups within an enterprise who have common device, application, service, connectivity, and support needs.  No longer must IT rely on outdated questionnaires, anecdotal input, and/or educated guesses.  Using real EUC data, collected from actual systems, with real users; the results are accurate, fast, and non-controversial. Thus “data driven” vs “instinct and intuitive” based decisions can drive EUC provisioning, access, and support choices.

This data driven methodology for Persona discovery can pay big dividends.  Proper matches between end users, the devices, applications, and services they use, typically result in:

    • Productivity improvements – Having the “right tool for the job” is an age old adage and is as important in IT as in any other form of work.
      • An over/under provisioned workstation represents waste. Either too much was spent on an over provisioned system or an end user of an under provisioned system can’t effectively do their job.
      • Mismatched application suites to job requirements represent waste. Providing more applications than end users need results in unused licenses, increased support costs, increased workload demands, and an increased risk of application or system conflicts.  Failing to provide appropriate applications to do the job, results in lower end user output.
      • Mobile and BYOD (Bring Your Own Device) initiatives require proper orchestration. Opening an enterprises’ infrastructure to any/all devices the EUC community chooses to use can be a security risk, support nightmare, and connectivity challenge.  A better approach is to understand the work behaviour of all end users and identify where mobile and BYOD adoption is appropriate.

 

  • Asset optimization – Rather than a “one size fits all’ approach, a proper understanding of the personas within an enterprise can lead to the distribution of end user devices which are appropriate for the job.

In a recent SysTrack assessment at a large auto manufacturer it was determined only 10% of the enterprises’ 25,000 laptops were observed to have been moved from their office location.   This while the average cost of a laptop was $150 more than a desktop and the average failure rate on the laptops were about 10% higher.

In another assessment it was observed that more than 80% of the enterprises’ users were not taking advantage of several of the applications within a suite of applications.  A lower license cost was negotiated with the application suite’s manufacturer based on the historical SysTrack data, this resulted in over $15M in savings for the company.

  • Service Desk Support Optimization – By reviewing “day in the life” data for various personas, an enterprises’ service desk resources can be staffed with appropriate skill sets for the times when needed. Frequently, a “one size fits all” service desk with 7 x 24 coverage is provided for the entire EUC community.  One recent study revealed a client had fewer than 5% of their EUC users accessing any resources after 8pm on Fridays and before 6am on Mondays.  The decision was made to curtail the service desk staffing on weekends and increasing the coverage during normal business hours, resulting in significant cost savings and improved EUC satisfaction, as the response time was improved during the time the service was actually needed.
  • EUC on-boarding optimization – Proper persona and job role identification, documentation, and definitions, provide a very efficient method for on-boarding new employees or changing employee job assignments. An enterprise with fully defined personas and job roles can quickly assign the proper resources (end user device, applications, services, connectivity, etc.) based on the job description of the end user at any point in time.

One customer reported the on-boarding time for new employees was reduced from 8 days to 1 day by properly identifying the various personas and job roles within the organization and automating the on-boarding process to take advantage of the persona insights.

  • Cloud Affinity – Significant savings are being realized by enterprises through adoption of “Cloud” services. SysTrack can identify which enterprise workloads are suited for “The Cloud” and who among the end users are ready to utilize cloud based services.

 

 

SysTrack Skype for Business Assessment

The modern enterprise has many pillars upon which it is established and which are necessary for it to function. None of them however, are quite as crucial as the enterprises need for collaboration and communication. Every organization from the one-man freelance team to the multinational corporation has people who need to communicate with other people to complete the daily tasks required of them. As technology continues to develop and diffuse throughout every facet of business, the ways in which these organizations are required to communicate change as well. Small teams who routinely work with one another are no longer housed within the same physical workspace while the meetings and presentations that occur between companies require far fewer in person encounters. Currently leading the way for and promoting this digital-centric communication is Skype for Business, a unified platform for real-time chat, voice, video, and screen sharing. Unfortunately, every technology is bound to experience some growing pains. We here at Lakeside Software are offering a SysTrack Citrix Skype for Business Assessment that will help alleviate some these pains and is described below.

The traditional method of deploying the Skype for Business client is to locally deploy it to each of the hundreds if not thousands of endpoints that require it and ensure that it is correctly configured for each user. Not only is this approach exceedingly difficult to manage but it also lacks the control, security, and visibility required by the same enterprises that need the features provided by Skype for Business the most. Citrix has stepped up and chosen to address these concerns with their HDX RealTime Optimization Pack (RTOP). Developed with and endorsed by Microsoft, the HDX RealTime Optimization Pack allows Skype for Business to be published as a virtualized application or within a virtual desktop with the same performance as a local installation.

This optimization technology is the only Microsoft-endorsed solution for delivering Skype for Business in a virtual environment as the architecture of the HDX RTOP ensures integration with other Microsoft office products is maintained. The audio-video quality continues to be “local-like” while the accessories and interfaces to which user have grown accustomed to are as they would be on a locally installed client. Any solution, no matter how powerful or simple still needs ample consideration before it can be to be implemented and utilized.

The SysTrack Citrix Skype for Business Usage Assessment can be used to explore the current environment and summarize the data that is most relevant for determining the benefits of adopting the HDX RTOP. Such areas include the number of different versions present in the environment as well as the how many of them are actually being used. Supporting multiple versions, many of which are no longer current, puts undue strain on a company’s helpdesk and other support resources. It’s also worth observing the usage patterns of the users. Heavy and moderate users of Skype for Business will drive most of the resource demands associated with supporting it while the light users must still be provisioned properly to fill their roles. Finally, one of the most significant motivating factors for centrally delivering and managing Skype for Business for users is the ability to more closely control potentially problematic end user behaviors, like caching conversations locally in an insecure way. Each of these areas of importance can be examined with the SysTrack Skype for Business Usage Assessment.

Skype1

These new products from Citrix are excellent and continue to provide remote application and desktop experiences to end users, but it’s essential to maintain visibility into consumption and user service quality to understand how best to develop a robust IT environment while also satisfying the needs of the users. Some of the tools granted by the SysTrack Cloud Edition have been used to create a snapshot of that performance but no environment is static. Be prepared to tackle this inevitable change with SysTrack and leverage the data in your favor.

Citrix Secure Browser Assessment with SysTrack Cloud Edition

The web browser has come into its own as an indispensable part of the enterprise software portfolio. With web based apps an amazing amount of flexibility can be achieved, but paradoxically one of the ubiquitous and useful applications can also be the most frustrating. For an end user that has to interact with potentially dozens of web portals with numerous plugin dependencies they can often find themselves moving experiencing browser hangs or crashes with great frequency or having to switch between different browsers to just complete different business functions. More critically IT has to support any number of different browser types with any combination of required plugins, user added extra components, and possibly dozens (or hundreds) of different versions. The reality of the situation is that the component that’s supposed to be “platform independent” or give a uniform user experience can create headaches for everyone involved.

There’s another side to this problem, too: how do you make sure that users get the most straightforward pathway to their applications? With internal web apps especially there’s frequently a need for a user to either be connected directly to the network or use a VPN to broker a connection. This introduces yet another component that can fail or make basic user interaction a hassle. Worse, in some scenarios, especially when users are highly mobile, this also potentially exposes data to loss.

That means there are really two problems: making sure that users get access to a browser that always works and making sure they can connect securely and minimize breach potential. This is where Citrix Secure Browser introduces a really interesting resolution. By publishing a known good browser that can be embedded into any modern browser seamlessly existing XenApp customers can provide their end users with a great experience and minimize their support needs.

The SysTrack Citrix Secure Browser Analysis assesses the current state of browser usage in the environment to try and articulate the net advantage of moving to Secure Browser. How many different web applications are currently used? How many internal web applications are interacted with? How frequently do browsers hang or crash? What plugins are the most common in the enterprise?

SecureBrowserSummary

The lead in summary from the Citrix Secure Browser Analysis establishes the massive number of different browsers in active usage in most environments, and the numerous plugins that are employed. From there we break out more interesting pieces of information like the monumental number of application faults associated with browsing apps that users interact with daily. Throughout the report we expand on all of the details that are critical in determining what kind of impact implementation of Secure Browser may have in an enterprise. Brett Waldman covers some of the key details on Secure Browser in a blog entry, but essentially imagine taking all of the aforementioned concerns and eliminating by publishing a browser that always works with business critical web applications and is, by nature, secure.
The SysTrack Cloud Edition for Citrix is a free service that allows you to assess your environment for Citrix solution fit, including another report focused on Skype for Business and how Citrix can optimize delivery of Microsoft collaboration tools. Check it out here.

Introducing the Citrix Health Assessment

We’re seeing a never ending IT scenario – the landscape of how applications and workstations are delivered – continue to play itself out right before our eyes. BYOD and mobile workstyles are becoming more and more common as we march towards web based applications, published apps, and fully featured virtual desktops rapidly displacing more traditional IT infrastructure. Administrators are relying heavily on Citrix XenApp and XenDesktop, among other Citrix products, to meet their user’s needs and deliver the performance they expect. Of course, actually delivering the performance they expect can be easier said than done, in most cases. Tracking down problems with published apps, without the right data, is like trying to put together a puzzle in the dark. That’s why so many of our customers who manage Citrix environments rely on SysTrack – it provides the insight they need to make smart, data-driven decisions and keep their users happy and productive.

Our traditional SysTrack setup requires an on-premises server to act as the master system. And while this works perfectly well for long term deployments, it can be a bit burdensome for short term assessments. Some of the admins we speak to want a quick look at the state of their Citrix environment, or to get an idea of how they might benefit from investing in XenApp and XenDesktop. In order to make sure those needs were met we streamlined the process of setting up SysTrack and moved the main infrastructure to the cloud, enabling customers to simply register, download and the deploy the data collection agent, and then login to our assessment website to get immediate access to dashboards, data visualizers, and SSRS style reports telling them exactly what’s going on in their environment.

The Citrix Health Assessment is a free, cloud based service that delivers SysTrack’s unparalleled data to help admins manage and plan for Citrix environments. Utilizing SysTrack’s patented distributed database architecture and SSL connections for data transfer, users get the data they’ve come to expect from SysTrack with the security to make sure it’s kept safe. The assessment was designed, in part, to answer specific questions like what quality of service the users have, what level of demand exists, and what are the best delivery options, while also providing the platforms for doing ad-hoc investigations and deep dives into the data to discover a variety of other insights.

Outside of XenApp and XenDesktop, which are standard virtualization solutions, Citrix has introduced Secure Browser and the HDX RealTime Optimization Pack, which allows for Skype for Business to be delivered as a virtualized application or within a virtual desktop. These new products fit well with the philosophy of XenApp and XenDesktop – centralize the management of the application or desktop to reduce costs and overhead. Before investing in new products it’s always a good idea to look at some data in order to get an idea of what type of benefit you’ll see from that investment. We’ve developed reports as a part of the Citrix Health Assessment that analyze the data collected by SysTrack and present detailed analysis of the browser and Skype usage in the environment so you’ll know exactly how Secure Browser or the HDX RealTime Optimization Pack would fit into your enterprise.

Don’t make guess work a part of your IT planning or management strategy. If you’re already utilizing Citrix solutions, or if you’re planning on them, check out our Citrix Health Assessment. This free, cloud based service lets you know things like the health of the environment, detailed session information, XenDesktop readiness, latency summaries, software usage, and a variety of other useful data. It’s simple to setup and use, and you’ll never have to make an IT decision that isn’t data driven and fit for your environment.

Lakeside Software Excites At Microsoft’s “Ignite Your Business With Windows 10 And Office 2016” Events

The months of November and early December 2015 offered an incredible learning opportunity for Microsoft customers that took advantage of the US Microsoft hosted 12x city event series, ‘Ignite Your Business with Windows 10 and Office 2016’. This Windows 10 and Office 2016 launch tour was targeted at current Enterprise and Midmarket Microsoft customers and those soon exploring Windows 10 and Office 2016 migration initiatives. The event series was highly attended with hundreds of attendees at each event and was well delivered with keynotes, breakout sessions for IT Pros and Developers alike, and great opportunities for customers to speak with Microsoft’s “Go-To” Launch Partners.

20151118_151724_b

Lakeside Software is excited to be selected by Microsoft as a Platinum Windows 10 & Office 2016 Launch Partner, validating the investment existing and future customers make to achieve operational excellence by choosing SysTrack as their tool of choice for essential IT telemetry. Lakeside Software was in the esteemed company of industry giants like Intel, Dell, HP, Toshiba, CDW, Citrix, and VMware: partners that showcased exciting solutions and Windows 10 enabled devices to help reach new levels of end-user productivity and security.

Windows10LaunchEvents2

The Ignite Your Business event series were well dispersed in key cities throughout the US, offering customers regional opportunities to meet with and discuss Windows and Office migration options.

SF_booth_3b

Crowded Booth Shot

Lakeside Software was a hit at the events with a great presence, receiving high interest in the enablement of customers needing to assess their readiness for Windows 10 and ongoing desktop initiatives.

20151201_130144b

Also as part of the events, customers enjoyed great snacks during breaks, a delicious lunch and a full bar Happy Hour. Customer truly enjoyed the experience and commented repeatedly on the food and drinks.

PhotoEditor-1446598651608_2

Tal Klein (Lakeside’s VP of Strategy) was interviewed by Stephen Rose (Sr. Product Manager for Windows & Devices at Microsoft), which will be showcased in an upcoming video update.

microsoft-band2

At each event one lucky attendee was fortunate enough to win the Lakeside raffled Microsoft Band 2. The Band 2 is synonymous with SysTrack’s core value. With actionable intelligence derived from ongoing telemetry from your endpoints, much like you gather personal health information from wearing a Microsoft Band 2, SysTrack gives IT the incredibly valuable visibility needed when making IT decisions and taking action that ultimately leads to a healthier experience for the end user, raising the standard of IT delivered services to the organization.

win10assessment

In order to help IT professionals plan for Windows 10 transformation, Lakeside has launched Win10assessment.com to coincide with the Microsoft “Ignite Your Business” launch tour. Win10assessment.com provides a no cost Windows 10 readiness assessment offering, providing organizations large and small with an easy to utilize, yet powerful vehicle for test driving a focused set of SysTrack features. The assessment period is 60 days, while analyzing 30 days of end point data that provides visibility into key Windows migration readiness intelligence through intuitive reports and dashboards.

Win10 portal landing page

SysTrack assists customers at all stages of Windows 10 adoption and use, including readiness planning, during a migration, and even post-migration to assure the quality of the migrated users experience meets company expectations. Also key to post migration success is identifying areas that can be targeted to increase user experience health scores and overall end-user productivity. Register at win10assessment.com today for more details.

photo 2

Lakeside Software would like to thank all the attendees, launch partners and especially Microsoft for such a great event series. With the great attendance and the launch of the SysTrack Cloud Edition, Lakeside Software is proud to be a Windows 10 and Office 2016 Launch partner. Visit us at http://www.lakesidesoftware.com/mswin10migration.aspx and register at win10assessment.com to learn more about how SysTrack can assist your organization today.

SysTrack Use Case: Supporting Office 365

The proliferation of SaaS apps is changing the landscape of both how users do business and how IT supports them. You can find a great discussion about this topic in a post by Tal Klein. The basic gist of the post is that in the dark ages of computing, let’s say pre-2010, IT delivered the app to the user and hosted it within their own infrastructure, controlling all aspects of management and support. But as BYOD and mobile work styles picked up steam so too did the popularity of SaaS apps like Office 365. This movement was great for users, but at the same time has changed the way IT needs to think about its support model. All of a sudden they went from controlling the backend and delivery of the app, which gave them visibility into causes of performance issues, to ceding that portion of management to the app vendor. This benefits IT by simplifying their app portfolio, reducing the number of apps they need to manage from front to back, freeing up infrastructure for other purposes, and shrinking the aspects of support for those apps to only how they impact users. Of course, IT will still be called upon by the user when there’s an issue with a SaaS app, but since the internal infrastructure is no longer hosting the app then what’s left? The user is now the only real place to get valuable information as it relates to supporting SaaS apps.

SysTrack has always put a strong emphasis on end-user computing with features like system health scoring and point-in-time looks at historical data. IT will have the visibility it needs to understand what’s going on with the user’s systems and what the causes are for performance issues. SysTrack’s unique “inside-out” view provides insight into what the end user is experiencing and provides tools to assist with diagnosing issues that may be impacting their performance. With that in mind here’s a few questions SysTrack can help you answer as you’re supporting Office 365 users.

How many Office 365 Users are there?

Even seemingly simple questions like this aren’t as straightforward to answer as you might think. With Office 365 being accessed through a web browser you’ll need data on what users are visiting what URL’s. In the Observations area of Site Visualizer you can open the Popular Web Sites dataset and filter the results to show only Office 365 data. Here you’ll get some great basic data including number of users, number of systems, number of times accessed, first and last access dates, page load time, time page was open, and page focus time. This high-level data illustrates the scope of users and systems you need to support. If you’re interested in which users or systems in particular are included in this data simply right-click on the column you’re interested in, number of users, for example, and select show details. A detailed information box will pop up showing you user accounts, number of times accessed, and first and last use dates.

Office365Users

In addition to web applications you might also use the same method to find information on the Office 2016 Windows client software that gets downloaded to the user’s system. Check out the Applications or Software Packages datasets to find out usage information and aggregate resource consumption.

Is User Experience Impacted by Office 365?

While there are a lot of factors that go into the user’s Health score, 13 categories in fact, it is a very powerful way to gauge the general experience of the user. I find it especially helpful to judge the impact of a big change in the environment. Maybe the user just migrated to Windows 10, or maybe a VDI user was just migrated to a different storage system – take a look at how that system’s Health has trended from before the change to after. In this case, maybe your entire user base just adopted Office 365 for Outlook and Office online. That’s quite a big change since these are such widely used tools in everyday business. Enterprise Visualizer allows you trend the aggregate Health score across the entire environment to give you a quick idea of whether that change has had positive impact or sent your user’s experience in a downward trend.

If you’re interested in only a certain group of users or even an individual user you have the ability to trend Health for those scenarios as well. Site Visualizer is great for filtering data to a specific set of users while Resolve allows you to target an individual user. You also have the ability to view the trend over a custom time frame. One last important thing to note about viewing Health score trends is that you can look at the impact from a specific factor – maybe you’re only interested in seeing what the trend has been for Network Impact or Latency Impact as it relates to a surge in browser usage with more users accessing online apps. An increase in network activity would be expected since the backend is no longer on premises.

What’s going on with the User’s System?

Answering questions about what caused slow performance or a system crash can be very tricky, especially when the event happened sometime in the past. SysTrack Resolve is perfect for this as it connects directly to a system of interest and allows you to view any point in time and see which apps were running, what the resource consumption looked like, and much more for that exact time. If a user is telling you that this morning around 9:30 their system was crawling and they weren’t able to access their Office 365 Outlook account you could check out Resolve Black Box to investigate what the culprit was. The screenshot below is a simple illustration of what you might find.

Office365Resolve

There was a local app consuming about half of the available CPU. It is very likely this was the cause of the slow performance that was preventing the user from being able to access their email, the entire system was being slowed due to this app. This kind of insight directly into the user’s system is critical in being able to find out what’s causing performance issues, what events occurred that could be of interest, what the latency has looked like in the past, and all other kinds of extremely relevant data.

The market is rapidly moving more and more towards SaaS and cloud computing in general. This means it’s more important than ever to retain some level of visibility into the environment, but with more and more of the apps a user interacts with coming from outside of IT’s borders, you need the visibility to come directly from the user, an “inside-out” view. SysTrack is evolving right along with this market shift to make sure you can always have the data you need to keep your environment running smooth.

The Citrix Lifecycle Management official launch enables a hands-free installation of Lakeside SysTrack to any Citrix environment

Back in August, Citrix announced the long awaited Citrix Workspace Cloud technology along with the associated Lifecycle Management  tools. The blogs by my friends Kailas Jawadekar and Joe Vaccaro explain these stacks in detail, but here’s the gist the way I see it:

Workspace Cloud adds the ability to manage Citrix environments (XenApp, XenDesktop, XenMobile, etc.) from a cloud-hosted control plane. Gunnar Berger  has a few videos out that explain the concept. The key to this technology is a new cloud connector that allow your environment to communicate with the Citrix hosted consoles. Why would you care, you might ask? Because at some point, you might wish to have multiple Citrix deployments in disjointed networks, or have a portion of your infrastructure or session hosts in a private, public, or hybrid-cloud. Rather than introducing more complexity in the configuration and management, workspace cloud gives you the ability to manage all these otherwise independent environments centrally.

So far so good.

Many of you, who have been managing dynamic datacenters for a while, are pretty familiar with the concepts of virtual machine templates, Provisioning Services golden images, and similar tools that helps you to “build once, and deploy many times”. These approaches, however, are  not entirely without challenges as these templates are often closely bound to the specific hypervisors you wish to use and are not easily re-usable across all instances of hybrid clouds. That’s where Lifecycle Management comes in. Think of it as an automation / scripting engine that allows you to define all software installation and configuration steps that have to be performed to turn an plain  OS image into the workload you desire. This is called a Blueprint in LCM parlance and I have written about the concept in a recent blog.

Well, today is the day that we’re ready to announce that we have developed and published a Citrix Lifecycle Management Blueprint for the SysTrack master server, which is the central component of any SysTrack deployment. It is available for you by logging into manage.citrix.com and selecting the Blue Print Catalog. You will see the Lakeside SysTrack blue print in the partner section and you can simply add it to your library by clicking on the little ‘+’ symbol on the bottom right.

The SysTrack blue print takes your standard Windows Server 2012 base image and then automatically downloads and installs the SysTrack master server along with all its technical pre-requisites. After the blue print has been deployed successfully, all that is left for you to do is to request a SysTrack license from us and deploy the agents to your workloads. These can of course be other Citrix infrastructure or session hosts in your hybrid cloud, but also general server and desktops, including the physical machines that you already have.

The SysTrack Blue Print for LCM simply allows you to add the award winning success platform for end user computing to your environment without having to manually install and configure an additional server.

 

My Personal Security “Best Practices”

First, let me get some disclaimers out of the way: I won’t describe myself as a security expert and what I am about to share is my personal opinion, which is based on my personal experiences. By no means does this article reflect the opinions of my present or past employers and I have no business relationship (or gain from) any of the products or companies I am mentioning here.

With that out of the way, I would like to share a couple of security related practices that I have adopted over the years. I sometimes get asked questions about these topics, so I hope that you find this article informative.

Let me start with passwords:

We need passwords for a ton of things in our professional or personal lives. Password complexity requirements have gone up and there is no way we can remember all of the passwords we need to use on a regular (or not so regular!) basis. There are several vendors that provide single sign-on (SSO) solutions on the web and they basically work by establishing one master password (that you hopefully CAN remember) and then automatically log you into your web applications or let you look up your passwords. So far so good, except that you have to trust the vendor of this kind of solution 100% to keep your information safe and to have safeguards in place that their employees are not helping themselves to your passwords.

Therefore, I dislike all of these types of solutions and prefer the ones where I can personally control the security and encryption of the password file. And apparently I am right given the recent hack of LastPass (http://www.engadget.com/2015/06/15/lastpass-hacked/). I used different apps over the years – first on the iPhone (http://www.apple.com/iphone/). It was eWallet by a vendor called Ilium Software and I liked the fact that it had a Windows companion app that allowed me to sync the files to the PC. These days I am on a windows phone (http://www.windowsphone.com/en-US/) and use a product called SkyWallet (http://skywallet.net/). It works by having a file on share (I am using OneDrive (https://onedrive.live.com)) and it lets you personally generate and specify the crypto key to secure that master file. It also has a desktop companion application so all your passwords stay in sync between devices. It does not provide SSO, but I am actually fine with that and can simply launch the app, look up what I need, and then log in. The important part is that no third party stores my master key and the password file itself is encrypted.

What about files?

There were the days when all your files, photos, and music resided on your PC and you had to make CD-ROMs or DVDs to back up your stuff every once in a while. That was really painful. I later added secondary hard drives to protect myself from disk failure by establishing a RAID configuration, but that didn’t protect me from the total physical failure of my PC in case of hurricanes, home fires, floods,  or other nasty (yet very unlikely) surprises.

I started using a product called HandyBackup (http://www.handybackup.com/), which I liked, because I could simply backup my stuff. I had some $5 per month web hosting service with virtually unlimited storage that I used for the purpose and handybackup allowed me to use my own encryption of the data using the blowfish algorithm (https://en.wikipedia.org/wiki/Blowfish_(cipher)) . This worked reasonably well, but had two major shortcomings: because I chose to encrypt the data, handybackup did not allow me to configure actual file synchronization and I could not simply get to my files from a public terminal or mobile device. Well, it was a backup solution and a fine one at that. I used it for several years, but never had to actually restore anything during that time frame.

I finally got to like online file storage (I happen to use OneDrive, but there many other solutions available as well). My problem here was again that I really don’t trust any company to keep my personal data safe from prying eyes, so encryption is key to me. Initially, I started by just storing photos and personal videos on the service and kept my financials and tax returns between my local machine and the handybackup solution. Then I discovered BoxCryptor (https://www.boxcryptor.com/en), a software solution from a German provider that allows you to automatically encrypt all your stuff in a cloud data solution. What I like about it that it also allows you to create your personal key file, which is never stored on any third party cloud service. This suits me just fine and now all of my personal data is 100% encrypted by BoxCryptor and stored (and sync’ed) on OneDrive. The boxcryptor client is available for all my mobile devices, so now I am enjoying insta-access of all my stuff with a high degree of privacy. Note that there is an option to store the crypto key with the vendor’s cloud service, but I chose to manage it myself. Should I ever lose it, it won’t be recoverable, so there is an added level of personal responsibility involved here.

What about my PC?

Not much to say here. Windows 8.1 / Windows 10 with BitLocker (http://windows.microsoft.com/en-US/windows7/products/features/bitlocker). Enough said. If someone steals the laptop or gets hold of my desktop PC, have fun decrypting that stuff. I have no idea if some has tried to hack BitLocker by using brute force techniques, but I don’t think that there is another alternative that would also be seamless to the user experience. Then again, all the files I have are still encrypted by BoxCryptor, even at rest on the local machine, so I think I am good.

I personally can’t wait until the general availability of Intel’s RealSense and Windows Hello technology to simply use my pretty self as a password 🙂

What about corporate BYO things?

This could very well turn into a soapbox, so I will try to keep it brief. Some companies adopted BYO policies under which employees are allowed to bring their own mobile devices, laptops, and PCs to work. The idea was that employees could simply choose the device they like and in some cases the employer would provide a stipend to help cover the cost. I always thought that this was a terrific idea, and as an employer, I would basically use centralized application hosting with terminal servers, citrix (www.citrix.com), vmware(www.vmware.com), etc. and virtual desktops. I would configure things in a way that none of the corporate data could be copied to the user owned device. These technologies are so mature these days and internet access is so ubiquitous that this can easily be achieved without compromising the end user experience. The old philosophy was that everything inside a building was considered secure (because the building had access controls and physical security. I think that the new philosophy needs to be that anything in an office space is considered not secure and only things inside the actually data center are considered to be secure.)

The reality is sometimes a bit different though. One group I met during my days as a Citrix consultant erred far on the side of user convenience and let employees use any device on the network without any restrictions whatsoever. People could install corporate and personal  applications and also freely download all the corporate data to their personal devices. Trust over draconian security measures was the word! This worked until the day an employee quit and basically took all of her work data with her (no chance for the rest of team to continue her projects.) This is also problematic from the point of view that people sometimes join competitors and having them keep access to critical internal data is just inviting trouble. That group also allowed departing employees to often keep their laptops that the company had paid for (especially if they were 2 years or older as those could not really be given to new employees either). Again with all the data , email archives etc. Interestingly, one day my counterpart there told me that one of his team members resigned and joined a competitor. He did the right thing and turned in his (corporate owned) laptop and was honest and upfront about his move. The manager notified HR and IT, access was revoked and all seemed well until IT started tracking the person’s manager down and demanded a complete forensic analysis (to be performed by the manager, mind you) as to which files may have been copied off the device or emailed to a personal account etc. Insane. Especially given the otherwise wide open policies.

So, security is never really free, but there is always a tradeoff between security and convenience. Luckily, many vendors really make our lives convenient and enterprises have good practices and tools at their disposal to strike the right balance – if they choose to.

Florian

twitter: @florianbecker

 

 

Health Monitoring of PCoIP® Protocol with SDA

Providing the tools necessary to complete an assessment – whether it be for migrating the workforce to a new operating system, adopting a new storage solution, or incorporating virtual infrastructure into the environment – has always been one of SysTrack’s strong suites. As the landscape of IT evolved to the cloud to accommodate for global business and mobile workforces we needed to evolve our assessment capabilities just the same. Streamlining and simplifying the process for getting all the moving parts in place to perform an assessment by moving the SysTrack master system to the cloud was the first step to aligning SysTrack-based assessments with the modern IT narrative: make it simple, make it easy to use, and make managing it available from anywhere.

SysTrack Desktop Assessment is our cloud-based service for performing VMware Horizon assessments. As the service has grown in use we’ve worked to continue enhancing it through the addition of new tools and content. It’s now easier than ever to monitor PCoIP and health data with SysTrack Desktop Assessment. An interactive dashboard was added for each, and as a part of the overall service they add great value and enhance your ability to continuously monitor the state of your environment.

The PCoIP Summary dashboard allows you to trend average latency, average receive packet loss, and average transmit packet pass. The day over day trend line quickly illustrates typical values for the selected item, making it simple to spot an outlier that might warrant further investigation. Selecting a day of interest will display session summary details for that day to give you insight as to what may have caused the spike. Additionally you can see the top 15 users by average bandwidth use as well as session summaries and top ten focus applications for a selected user.

PCoIP1

The PCoIP Summary dashboard is a good way for monitoring specific metrics, but if you’re more interested in the general health of your systems then the Environmental Daily Health Trend dashboard can offer some great insight. Similar to the PCoIP dashboard it provides a trend line that then allows you to select a date to drill down to more detailed data. The logical flow of dashboard is to select a date of interest, select a system of interest based on that system’s health score for that day, and then view the health trend of the selected system. This an easy way to uncover a particular system that may be experiencing issues leading to a poor user experience.

Health1

Once your assessment is underway it’s a good idea to be continuously monitoring and managing the health of the environment. SysTrack is, at the end of the day, all about the user experience. While providing the tools and data for doing a VMWare Horizon assessment we wanted to make sure to also provide the tools and data for looking after the users. A core component of any assessment should be examining user and environmental health to make sure there are no major issues that need to be addressed prior to completing the assessment. The PCoIP and Environmental Health dashboards allow you to do just that.