IT Techy Minds -- We run and explore the IT

How to Mitigate Pass-the-Hash and Other Forms of Credential Theft

Hi visitors

Here is a very good presentation from MS cybersecurity team for how to mitigate Hash breaches in your organization.

its important to view the whole video.

 

 Very userful case studies on hash attack and case studies.

 

https://technet.microsoft.com/en-us/security/dn785092

Thanks

Amit Kumar Gupta

CCA in XenApp/XenDesktop/XenServer,Google Cloud Architect, MCSE, ITIL, Vmware Certified.

https://www.linkedin.com/in/amit-kumar-gupta-5321a527/

Start Learning Citrix NetScaler - Part 2- Introduction Topology

Hello Visitors

As we have the better understanding on Basic stuff and time to learn about kind of network topology can be used with NS Solutions.

 

 undefined

1. Physical:-  its depends on network interface connected to NetScale.

One ARM: - it uses the one network interface to connect to client and Server. it has more dependency on one network interface and can cause traffic chock up depends on network connection speed settings.

 undefined

Two Arm:- 2 network interfaces are used to handle the connection.

1 network interface connects to the client and another interface connects to backend Servers. netscaler is placed between both interface connectivity. its also called as inline topology.

undefined

so the decision can be made between one arm and two arm based on below factors.

1. Number of the interface on NS

2. is your company policy allowed to NetScaler network to expose backend Server network and internet facing network ?

3. Two arm is more secured and used one.

4. Two arm provide more bandwidth as a separate network for both network 

5. One ARM is one network bandwidth limitation.

 

Logical:-  

Single Subnet:- Here VIP and SNIP or MIP are from the same subnet if the client can connect to VIP then it can directly connect to backend Server if there are no additional firewall rules in the middle.

Below is an example of one arm Single Subnet Topology;

undefined

Two Arm - Single Subnet Topology - In this VIP is not used and netscaler plays a bridge role between Client and backend Server for connectivity.

undefined

Multi-Subnet Topology:-

One Arm-Multi Subnet Topology:-

One network card is connecting to multiple subnets. Clients are connecting to VIP and SNIP is connecting to backend Server but both are from the different network and did not expose the backend Server network to client network.

undefined

Two Arm - Multi Subnet Topology:- its mostly used Topology and more secure from the compliance point of view.

The different network interface for client and backend server connections same as two ARM but with different subnets for both interfaces.

undefined

 

So it's up to your environment and ip network design to choose which topology best fit for your organization.

Thanks

Amit Kumar Gupta

CCA in XenApp/XenDesktop/XenServer,Google Cloud Architect, MCSE, ITIL, Vmware Certified.

https://www.linkedin.com/in/amit-kumar-gupta-5321a527/

 

 

Start Learning Citrix NetScaler - Part 2- Introduction Basics

Hello Visitors

There are few basic facts which should be clarified in starting for the better understanding of NS.

  1. What is Service?
  2. What is Vserver?
  3. What is SNIP?
  4. What is VIP?
  5. What is MIP?
  6. What is NSIP?

Lets Start 

1.Service: - Service term is used in NS to configure the integration between NetScaler & backend Server for application delivery. Service is consist of Application or Web Server which runs outside NetScaler. It includes Name, IP Address, Protocol and ports

  • Service get bound with VServer.

Name - Name of backend server (for identification so could be different but better to keep same)

Ip Address - Ip address of backend Server

Protocol:- HTTP or HTTPS or TFTP or others

Ports:- TCP or UDP

undefined

2. VServer:- VServer is used to handle the direct connection coming to VIP between client machines and Backend load-balanced Service. VIP is mapped with VServer and consist of Name, IP Address, Protocol, and port. VServer is hosted on NetScaler itself and can perform compression, Traffic redirection tasks. 

  • VIP is owned by NetScaler.
  • The client connects to VIP
  • VServer performs load balancing via Service mapped with VServer.

undefined

undefined

3. SNIP:- SNIP is called as subnet IP which is assigned to NetScaler and used for connecting to backend service from particular subnets.

it helps in avoiding IP routing at the network side and each service subnet should have SNIP assigned to Netscaler to connect the incoming traffic.

example: you should have 5 SNIP assigned to NS if you have service from 5 different subents.

4. MIP:- MIP is called as mapped ip address and used for traffic routing for any service subnet if SNIP is not defined in NS. or in other words default IP address for connecting to backend server when SNIP is not defined.

SNIP / MIP:- it originates connection to backend Server and don't listen for a new connection.

VIP and SNIP or MIP are opposite to each other.

5. NSIP:- Its called as NetScaler IP and used for connecting to NetScaler Interface for mgmt purpose.

Keep visiting for next article -- coming soon

Thanks

Amit Kumar Gupta

CCA in XenApp/XenDesktop/XenServer,Google Cloud Architect, MCSE, ITIL, Vmware Certified.

https://www.linkedin.com/in/amit-kumar-gupta-5321a527/

 

How to boost monitoring & analysis using desktop director and NMAS

Hi Citrix Admins

Many of us will be using desktop director, XenDesktop or XenApp and NetScaler devices.

The biggest challenge for IT Admins is to how to get network analysis for Citrix Users.

its possible to integrate all the tools together to get the ICA Traffic report for the Citrix environment.

undefined

The image is taken from the Citrix site and some of the content.

Director can access:

  • Real-time data from the Broker Agent using a unified console integrated with Analytics, Performance Manager, and Network Inspector.
  • Analytics includes performance management for health and capacity assurance, and historical trending and network analysis, powered by NetScaler Insight Center or NetScaler MAS, to identify bottlenecks due to the network in your XenApp or XenDesktop environment.
  • Historical data stored in the Monitor database to access the Configuration Logging database.
  • ICA data from the NetScaler Gateway using NetScaler Insight Center or NetScaler MAS.
  • Gain visibility into end-user experience for virtual applications, desktops, and users for XenApp or XenDesktop.
  • Correlate network data with application data and real-time metrics for effective troubleshooting.
  • Integrate with XenDesktop 7 Director monitoring tool.
  • Personal vDisk data that allows for runtime monitoring showing base allocation and gives help-desk IT the ability to reset the Personal vDisk (to be used only as a last resort

Director uses a troubleshooting dashboard that provides real-time and historical health monitoring of the XenApp or XenDesktop Site.This feature allows administrators to see failures in real time, providing a better idea of what the end users are experiencing.

Director integrates with NetScaler MAS for network analysis and performance management.

  1. Network analysis obtains HDX Insight reports from NetScaler MAS and provides an application and desktop view of the network. With this feature, the Director provides an advanced analytics view of ICA traffic in your deployment.
  2. Performance management provides historical retention and trend reporting. With the historical retention of data versus the real-time assessment, you can create Trend reports, including capacity and health trending.


we would see some more data in Network TAB of Desktop director post implementing the integration.

The Network tab in the Trends page shows latency and bandwidth effects for applications, desktops, and users across your deployment.
The User Details page shows latency and bandwidth information specific to a particular user session.

Limitations

  1. The availability of this feature depends on your organization's license and your administrator permissions.
  2. ICA session Round Trip Time (RTT) shows data correctly for Citrix Receiver for Windows 3.4 or later and for Citrix Receiver for Mac 11.8 or later. For earlier versions of these Receivers, the data does not display correctly.
  3. In the Trends view, HDX connection logon data is not collected for VDAs earlier than version 7. For earlier VDAs, the chart data is displayed as 0.
  4. For deployments that already have an external hard disk with storage space less than 500 GB, you cannot add another hard disk.

How to integrate Desktop director with NMAS.

To enable network analysis, you must install and configure NetScaler Insight Center or NetScaler MAS in Director. Director requires NetScaler MAS Version 11.1 Build 49.16 or later. Insight Center and MAS are Virtual appliances that run on the Citrix XenServer. Using network analysis, Director communicates and gathers the information that is related to your deployment.

For more information, see the NetScaler Insight Center or NetScaler MAS documentation.

  1. On the server where Director is installed, locate the DirectorConfig command line tool in C:\inetpub\wwwroot\Director\tools, and run it with parameter /confignetscaler from a command prompt.
  2. When prompted, enter the NetScaler Insight Center or NetScaler MAS machine name (FQDN or IP address), enter the username, password, HTTP or HTTPS connection type, and choose NetScaler Insight or NetScaler MAS integration.
  3. To verify the changes, log off and log back on.

Keep visiting us.

Thanks

Amit Kumar Gupta

CCA in XenApp / XenDesktop/ XenServer, Google Cloud Architect, MCSE, ITIL, Vmware Certified.

https://www.linkedin.com/in/amit-kumar-gupta-5321a527/

Start Learning Citrix NetScaler - Part 2- Introduction

Hi All

Before we start talking about NetScaler but there is one question comes in mind why NetScaler ? why not F5 or other devices. 

Why NetScaler:-

1. more than 10 million websites uses NetScaler at the moment and even Netscaler holds a strong position in cloud services.

2. biggest brand uses NetScaler in their environment like microsoft, Apple, mastercard, ebay and many more.

3. In cloud netscaler plays a major role in delivering web services and application.

4. Amazone AWS offer NetScaler instances to use with web applications.

 

Whats NetScaler:- In IT networking world  , Netscaler device can do almost everything,  work with IP routing technologies, works with OSPF, BGP and RIP technologies, perfect tool for load balancing services with the intelligence of backend server analysis, Acceleration by using Compression, TCP buffering, Traffic Shaping, SSL (encryption and decryption technologies) and unique product which support ICA Proxy stuff.

 

Type of Edition of NetScaler:- Platinum, Enterprise, and Standard

Each edition enables more features and speed for your environment but all the edition includes some features which are common.

a. Load balancing, SSL offload, High Availability and TCP optimization. 

the small list of features with the edition.

undefined

There are 2 kind of platform Netscaler provides.

1. Virtual - VPX appliance (can run on HyperV, Vmware ESXI XenServer & Linux KVM)

2. Physical - comes with MPX and SDX.

NetScaler VPX:- it cost less and easy to setup in HA or multiple instances but the only problem is the performance which depends on the H/W you are running it. any issue with underline Hypervisor layer will cause the problem for VPX performance.

NetScaler MPX:- its costly solution and comes with special H/W to support SSL traffic, limited to the single instance as it built in and would need another MPX model to configure the HA configuration. it offers better performance due to special H/W builts to handle Traffics. 

NetScaler SDX:- It a cost-effective solution for organization those needed multiple Netscaler instances. it runs XenServer OS which allows running multiple Ns instances.

undefined

so the decision is based on what you need to support your environment so pick wisely :)

Thanks

Amit Gupta

CCA in XenApp / XenDesktop . XenServer, Google Cloud Architect, MCSE ITIL , Vmware Certified.

https://www.linkedin.com/in/amit-kumar-gupta-5321a527/

 

 

Newer posts → Home ← Older posts