Blogs

Citrix NetScaler Management & Analytics System

 

Citrix NetScaler Management & Analytics System

This year at Citrix Synergy in Las Vegas. Citrix introduced there new product NetScaler Management & Analytics Systemà NetScaler MAS for short.

So what is NetScaler MAS.

NetScaler MAS is a solution to bring Operational Efficiency, Visibility & DevOps through Management & Analytics. NetScaler MAS is a centralized network management, analytics, and orchestration solution that can support applications deployed across bimodal IT infrastructures. From a single platform, administrators can view, automate, and manage network services for applications deployed on-premise, in the cloud or in containers.

So you may think why NetScaler MAS…

Here are some of the features.

  • Unifies all source of information into a single device;
  • Intergrated. Single touch point for managing inventory, analysing traffic and integrating with orchestration or SDN solutions;
  • Time. Saves time and efforts of administrators by not having to login different consoles to gather the right information for troubleshooting or problem solving;
  • Summarized. Summarized dashboard based theme makes it easy to find the data you want;
  • Automate. Helps IT Staff to automate operational tasks for better efficiency;
  • Isolate. Enables isolation of Application & Network Admin Roles;
  • Consolidate. Provides ways to consolidate your application network functions;
  • Simplifies ways to configure application network functions;
  • Anomalies. Identify configuration anomalies and suggest associated actions;
  • Weak Config. Brings out weak configuration as potential threats for the infrastructure;
  • Trends. Identifies trends over traffic patterns and system events;
  • Granular. Granular HTTP & ICA Analytics
  • Associate. Associate threat exposure to protection deployed.

 

In my opinion this product is a nice step up for Citrix combining NetScaler Insight and Citrix Command Center into 1 product. If you think about it, Enterprises are really looking for way to manage there on premise private/hybrid clouds and off-premise private/hybrid clouds. They need integration with other industry leading cloud orchestration frameworks to make this happen. So with Citrix NetScaler MAS, Citrix has built this up from scratch and is really the way to go to manage an infrastructure with any NetScaler (MPX, SDX, VPX, CPX) across multi/hybrid clouds deployments.  And if have been told that management of other open-source load balancers is part of the roadmap.

Mas1

 

 

 

 

 

 

 

 

What about licensing.

NetScaler MAS is licensed based on the number of vServers. With the free version 30 vServers are allowed.

The following table lines out the limitations for the free version

Management Capabilities Free Subscription required for >30 vServers
Fleet Management – configuration X  
Schedule device upgrades X  
SSL certificate management, policy enforcement X  
Application configuration jobs and Stylebooks X  
Orchestration with third party systems X  
Geo-mapping of instances deployed*   X
Fleet Management – visibility   X
Role based access based on application groups   X
Application specific analytics   X
Advanced analytics for anomaly detection   X

 

So if we compare the differences with Citrix Command Center;

Management Capabilities Command Center NetScaler MAS
Manage device configurations and upgrades X  
Geo-mapping of instances deployed X  
Schedule device upgrades   X
SSL certificate management   X
SSL certificate policy creation and enforcement   X
Role-based access based on application groups   X

 

What about scaling.

NetScaler MAS is designed to scale.  There are 3 ways to scale the NetScaler MAS.

 

  • Single Management Node. This is recommended for small customers, Proof of Concepts or DTAP enviroments (DevOps)
  • HA Pair Management Nodes. This recommended for small customers with the need for redundancy
  • Scale-out Management Infrastructure. This is recommended for medium to large scale customers.

Mas2

 

 

 

 

 

 

 

 

 

 

 

 

A full deployment with a Scale-out Management Infrastructure will look something like this picture;

Mas3

 

 

 

 

 

 

 

 

Let’s take a look at some uses cases for the NetScaler MAS

Automate NetScaler in a Software Defined Datacenter.

A organization wants to migrate their datacentre using Software Defined technology. Provisioning of services on NetScaler needs to be automated. NetScaler MAS leverages an open API to intergrate with OpenStack, NSX etc… therefore admins can continue to use their preffered orchestration platform leveraging NetScaler MAS to broker services.

Multisite Management

Maintaining devices across multiple site, becomes a hell of a job and is complex and time consuming. NetScaler MAS provides centralized management for NetScaler instances.

  • Upgrades can be scheduled in advance.
  • Central dashboard and insights for end-to-end visibility and troubleshooting.

 

App Centric Lifecycle Management

Application owners have to rely on other teams that manage infrastructure and other systems who have no intimate knowledge of the application to configure NetScaler to support their apps. Application owners lack similar expertise on NetScaler to configure. This often leads to longer deployment cycles. NetScaler MAS provides app focused capabilities to empower app owners.

  • Role-based access based on application groups
  • Stylebooks is an app-developer friendly format for configuring NetScaler functionalities to support apps
  • Application dashboards that provide visibility and insight into app configurations and performance.

 

SSL Certificate Management

SSL certificates have to be individually managed per device, and administrators aren’t able to see which certificates are nearing expiration or not being used. There is no centralized mechanism on NetScaler to view or renew a batch of certs ahead of expiration on multiple devices. Admins only become aware of expired certs once they expire and users encounter authentication issues. NetScaler MAS provides visibility into all certificates deployed across multiple devices.

  • Administrators can select which certificates are expiring and automate cert renewals
  • Policies can be set and enforced around types of certificates and signing authorities that are permitted

 

Installing the product.

First we start to download the from the following URL;

https://www.citrix.com/downloads/netscaler-mas.html

Mas4

 

 

 

 

 

 

 

You can use either the vSphere Web Client or the vSphere Client to deploy the OVF file. At this point in time i am still using the traditional vSphere client.

Start by logging on to your vSphere Client and then select File à Deploy OVF Template.

Mas5

 

 

 

 

 

 

 

 

 

 

Select the previously downloaded package from the Citrix Portal.

Mas6

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Click on Next to Continue.

You can change the name if you want to fulfil your naming standards. I am going to leave this with the default name.

Mas7

 

 

 

 

 

 

 

 

 

 

 

 

Select the appropriate VMware host in which you want to deploy this Virtual Appliance. In my case i only have one ESX host in my home lab. So i don’t have any choice.

Mas8

 

 

 

 

 

 

 

 

 

 

 

 

Next you will get a warning. This is because we are using the vSphere Client to deploy. If you use vSphere Web Client this warning won’t be displayed.

Mas9

 

 

 

 

 

 

 

 

Select the appropiate DataStore and continue

Mas10

 

 

 

 

 

 

 

 

 

 

 

Select the Disk Format you will be using.

Mas11

 

 

 

 

 

 

At this point you will get a overview of all the setting you made during this wizard. Also select the “Power on after deployment” option. So the Virtual Appliance will be powered on after creation.

Mas12

 

 

 

 

 

 

 

 

 

 

 

 

 

Mas13

 

 

 

 

 

 

Mas14

 

 

 

 

Next step is to configure the Virtual Appliance with the correct IP address etc…

Open the console of your virtual machine.

Mas15

 

 

 

 

 

Fill in the correct IP’s

Mas16

 

 

 

 

 

Press 7 when you are done.

The next configuration setting we must do is the “NetScaler MAS Deployment Configuration”

Because this is the first appliance we are going to select “NetScaler MAS Server”

Mas17

 

 

 

 

 

 

 

 

Next question is if we want standalone deployment. If you want to use HA pair of NetScaler MAS Appliances select the option “No”. In my case i am going to select “Standalone Deployment”

Mas18

 

 

Restart à yes

Mas19

 

 

 

After the system has rebooted, we log in with a browser to the NetScaler MAS Ip address. And login with nsroot/nsroot

Mas20

 

 

 

 

 

 

 

 

 

Mas21

 

 

 

 

 

 

 

 

 

You can choose to enable or skip the “ CUXIP, Citrix User Experience Improvement Program”

Mas22

 

 

 

 

 

 

 

 

Select “Get Started

Mas23

 

 

 

 

 

 

 

Select the deployment type

Mas24

 

 

 

 

 

 

 

 

At this point NetScaler MAS needs to discover NetScaler instances in your network before they can be managed.

Mas25

 

 

 

 

 

 

Enter the NSIP address of your NetScaler

Mas26

 

 

 

 

 

 

 

 

 

 

Next click on the “Pencil Button”

Fill in the correct settings and press. You can choose to fill in the SNMP community string. At this point i am using “public”

Mas27

 

 

 

 

 

 

 

 

 

 

 

 

Click on OK..

Instances will be added to the NetScaler MAS.

Mas28

 

 

 

 

 

 

 

 

In my homelab I have to NetScalers configured in HA. So both are applied…

Click on “Finish” to continue

Mas29

 

 

 

 

 

 

 

 

At this point I don’t have any configuration done on my NetScalers. So further integration will be shown in next blog articles.

Mas30