Curt Frierson, VP, SouRCe Services
Security | Research | Consulting
Objective: The objective of this Emerging Technology Series article is different from the objectives of previous articles. Normally, this series is designed to assist financial institutions in evaluating the risks associated with new technologies. In this issue, however, I will attempt to more fully explain the capabilities and benefits of an emerging technology – Citrix. Citrix technology has been available for a number of years, but the resistance of vendors to support their products in a Citrix environment has resulted in a slow adoption within the financial institution industry. Recently, many vendors have announced their support for the technology, resulting in an increased interest in its use. This article will highlight some of the key features of Citrix and explain many of the benefits that can be realized through implementing it in your organization.
What It Does: Citrix Presentation Server (known simply as “Citrix”) is the de facto standard in application delivery systems. An application delivery system allows users to access a program without installing any components to the users’ workstations. A server hosts all of the application components, including the server and client programs. Applications are actually run on a server, not the workstation. This configuration is called “thin-client architecture”.
Thin-client architecture provides a few key benefits. First of all, local branch servers are not needed to run applications. This fact can significantly reduce the number of servers required for an organization. Second, application administration is centralized. Since programs are only installed on a few servers, application updates no longer have to be conducted for every workstation that uses that application. Also, new users or workstations can be up and running in minutes because software doesn’t to be installed on the client. Another benefit is that Citrix allows you to more effectively utilize server resources. A small branch may utilize only 10% of the resources of a local server. If branch locations were to utilize servers at a central location, fewer servers would be needed to take full advantage of available hardware resources. Additionally, since no processing is done on the client device, expensive workstations are no longer necessary. Many Citrix users implement thin-client or “dumb terminal” devices. These are significantly less expensive while still providing the same capabilities for using applications in a Citrix environment.
How it Works: Citrix uses a unique process to separate an application’s logic from its user interface. Normally, networked applications contain a portion of the program on a server and a separate component that is installed on a workstation. Each workstation component creates an interface to provide access for one user at a time. Citrix allows both the client and server component to be installed on central servers. This allows many users to access the application at one time, even though there is only one instance of the program installed. This process is referred to as ‘application virtualization”. All processing is performed on the server. The only functions being performed on the client device are keystrokes and mouse actions. Also, the only data returned to the client are screen refreshes to display the application. All of this is done in a manner that is transparent to the user. To access their applications, users double-click the application icon on their desktop or use the start menu exactly as they have always done. In this way, there is no painful transition period for users.
A typical Citrix deployment involves both application servers and Citrix servers. Application server components are installed to an application server. Application client components are then installed to a Citrix server. Once installed, the application is published to make it available for users to access. Client devices require a Citrix client in order to connect to applications published through Citrix. This client is built into most thin-clients today. The Citrix client enables that device to access any published applications for which the user has authorization.
Citrix servers can also be implemented as a “Citrix farm”. By implementing multiple servers as a Citrix farm, server utilization can be more efficiently consumed. When a user connects to an application that has been published through Citrix, the Citrix Suite is able to determine which server has the least amount of “load” placed on it and will connect the user to this server. Also, when one of the Citrix servers in the farm malfunctions, users will still be able to access applications without having to change any settings on the client side. This provides high availability to guard against server failures.
Having multiple Citrix servers in a farm also gives the Systems Administrator centralized management of the Citrix Suite. User and application management can be maintained at one console, and the changes will be enforced on all Citrix servers in the farm. A Citrix server farm with published applications gives organizations flexibility and uptime unattainable through traditional client/server architecture.
Summary: Citrix technology provides several significant enhancements that offer organizations greater flexibility and management capabilities. It allows organizations to more efficiently utilize server processing power and increase application uptime. The ability to provide centralized management significantly reduces administrative overhead. With its thin-client architecture, Citrix gives Administrators and staff the ability to quickly roll-out new workstations and applications without the need to configure every system. This gives overloaded Administrators more time to address critical business needs.