Book Image

Mastering NetScaler VPX

By : Marius Sandbu, Andy Paul
Book Image

Mastering NetScaler VPX

By: Marius Sandbu, Andy Paul

Overview of this book

Citrix NetScaler is one of the best Application Delivery Controller products in the world. The Application Delivery Controllers are commonly used for load balancing purposes, to optimize traffic, and to perform extra security settings. This book will give you an insight into all the available features that the Citrix NetScaler appliance has to offer. The book will start with the commonly used NetScaler VPX features, such as load balancing and NetScaler Gateway functionality. Next, we cover features such as Responder, Rewrite, and the AppExpert templates, and how to configure these features. After that, you will learn more about the other available Citrix technologies that can interact with Citrix NetScaler. We also cover troubleshooting, optimizing traffic, caching, performing protection using Application Firewall, and denying HTTP DDoS attacks for web services. Finally, we will demonstrate the different configuration principles real-world Citrix NetScaler deployment scenarios.

Related Content you might be interested in

Current Title:

Small book image
Mastering NetScaler VPX
Marius Sandbu | Andy Paul
Nov, 2015 | 218 pages
No titles found
Table of Contents (15 chapters)
Mastering NetScaler VPX™
Mastering NetScaler VPX™
Notice
Notice
Credits
Credits
About the Authors
About the Authors
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Configuring the Standard Features of NetScaler
Configuring the Standard Features of NetScaler
The basic features
Load balancing
Configuring authentication
Configuring NetScaler AAA
Citrix Receiver™ authentication
NetScaler Gateway™
Summary
2
Using the Features of NetScaler AppExpert
Using the Features of NetScaler AppExpert
AppExpert applications and templates
HTTP Callouts
Rate limiting
Policies and expressions
Rewrite
Responder
Rewrite versus responder
Summary
3
Integration with Citrix Components
Integration with Citrix Components
NetScaler Insight Center
Authentication
Troubleshooting
CloudBridge™
Installation
The Citrix Command Center
Summary
4
Traffic Management
Traffic Management
Content switching
DNS
Global Server Load Balancing
DataStream
AppQoE
Summary
5
Tuning and Monitoring NetScaler Performances
Tuning and Monitoring NetScaler Performances
Tuning the network and virtual environment
TCP and SSL profiles
HTTP/2 and SPDY
Monitoring network traffic
Analyzing network trace files using Wireshark
Analyzing network traffic using Citrix NetScaler Insight
Summary
6
Security Features and Troubleshooting
Security Features and Troubleshooting
Management best practices for security
Security features in NetScaler
HTTP DoS protection
Access-lists
SSL settings
Admin partitions
Analyzing issues using Citrix Insight Services
Setting up AAA – authentication and authorization
Summary
7
Real-World Deployment Scenarios
Real-World Deployment Scenarios
A small PoC VDI environment
An enterprise VDI multisite environment
An enterprise VDI active-passive environment
A global web services environment
An active-active data center for application hosting
An active-passive data center for disaster recovery
Reverse proxy
Summary
Index
Index

Access-lists

NetScaler also has support for the traditional access-list where we can define four types of lists. All of them have the option to define protocol, but simple ACLs only support TCP/UDP while extended ACLs have a long list of different protocols such as EGP, ICMP, GRE, and so on:

  • Simple ACL, which defines only DENY rules for source IP addresses.

  • Simple ACL6, which defines only DENY rules for source IPv6 addresses.

  • Extended ACL, which allow us to define DENY/ALLOW/BRIDGE rules for source ip, source-range and destination ip, and destination ip-range. It also allows us to configure the source MAC and destination MAC.

  • Extended ACL6, which allows us to define DENY/ALLOW/BRIDGE rules for source IPv6, source-range and destination IPv6, and destination IPv6-range. It also allows us to configure the source MAC and destination MAC.

Simple ACLs are only stored in memory and cannot be seen in the running configuration; so, when we define a simple ACL, it has a TTL of eight seconds and therefore...

Previous Section
End of Section 5
Next Section