Besides Citrix NetScaler, Citrix also has a lot of other components that can interact with Citrix NetScaler. The components can be used separately from each other. The different components will be described in this chapter.
Citrix NetScaler Insight Center will be used to monitor and report on Citrix NetScaler and Citrix CloudBridge appliances. Citrix NetScaler Insight Center can be used for Web Insight, HDX Insight, and for WAN Insight. Web Insight will be used for HTTP analytics, HDX Insight will be used for monitoring ICA traffic and WAN Insight will give us information about the efficiency of the optimized traffic. Also Citrix NetScaler Insight Center will be used to monitor, diagnose, and subsequently improve the performance of business-critical applications and is essential to ensuring a positive user experience and maintaining the highest levels of employee productivity and customer satisfaction.
Depending on the configured Citrix NetScaler license, Insight Center will save the information.
The following table describes Web Insight license/version information. As you can see, Web Insight is free and doesn't require a special license to get information from HTTP traffic. The other table will describe the license structure for HDX Insight. To collect information from ICA traffic, we need at least a Citrix NetScaler Enterprise license. The limitation of the Enterprise license is a maximum duration of 1 hour, which means that we only can see ICA traffic monitoring from 1 hour ago.
WAN Insight doesn't require any additional license.
To gather information, we need to enable data collection to follow traffic through the Citrix NetScaler or Citrix CloudBridge appliances. Insight Center is capable of gathering information from load balancing virtual servers, content switching virtual servers, NetScaler Gateway virtual servers, and from the cache redirection feature.
This section will describe the different report functionalities available in the Citrix Insight Center.
Web Insight will be used to gather information about the HTTP traffic that's passing through Citrix NetScaler. The information will be visible in reports. These reports are created automatically in Insight Center. These reports for Web Insight contains information about the several entities:
- Devices: Show information about the number of requests received by Citrix NetScaler appliances based on the client device
- Applications: Show information about the contacted application for all the configured Citrix NetScaler appliances accessed by the client
- Domains: Display information about all the contacted domains accessed by the client
To gather all the information it's necessary to use the cache redirection feature in Citrix NetScaler. By enabling this feature, Insight Center can build relationships between the different information.
In the following URL all Web Insight metrics are displayed with the different license information. http://docs.citrix.com/en-us/netscaler-insight/11-0/viewing-reports/ni-viewing-web-insight-reports-ref.html.
HDX Insight will be used for analyzing ICA traffic through Citrix NetScaler. HDX Insight gives the Citrix XenApp/XenDesktop engineer a good view about the traffic used by the ICA protocol. Besides the information, it's very easy to indicate traffic problems, for example a slow response for remote users. One of the metrics is WAN latency. This metric will show the average latency caused on the client device network. Of course HDX Insight provides a lot more information that can be used for troubleshooting. NetScaler Insight Center subsequently compiles and presents HDX Insight data obtained from NetScaler, providing IT administrators with unparalleled visibility into their virtual desktop/application environment. The metrics that HDX Insight features will report can be found here: http://docs.citrix.com/en-us/netscaler-insight/11-0/viewing-reports/ni-viewing-hdx-reports-ref.html and https://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/hdx-insight-powered-by-citrix-netscaler-insight-center.pdf.
WAN Insight will be used to gather information about the traffic through Citrix CloudBridge. This information could be very useful to get information about the traffic flowing through Citrix CloudBridge. WAN Insight metrics can be find in the following table:
Installation of the Citrix Insight Center is very easy, because Citrix delivers ready implementation templates that are available for Microsoft Hyper-V, Citrix XenServer, or VMware ESX. The requirements for all the hypervisors are shown in the next table.
|
Component |
Requirement |
|---|---|
|
RAM |
3 GB or more |
|
Virtual CPU |
2 or more |
|
Storage space |
120 GB required |
|
Virtual Network Interfaces |
1 |
|
Throughput |
1 Gbps or 100 Mbps |
The prerequisites for Citrix NetScaler are:
- NSIP: Add NS using NSIP not SNIP
- NetScaler State: The state of NetScaler has to be UP before adding it to Insight
- nCore: Only nCore NetScaler appliances
- Standalone NetScaler Gateway: You cannot add and get reports over the Standalone NetScaler Gateway™ appliance on Insight
- HA: For NetScaler HA deployment, add both NetScaler appliances on Insight to get reports across both the nodes
- Cluster: You can't monitor NetScaler cluster deployment on Insight
- HTTP/HTTPS: Make sure that both the NetScaler appliance and the NetScaler Insight Center appliance have either HTTP access or HTTPS access enabled
- NS user: The user added while adding NetScaler on Insight should have write-level access to NetScaler
- NTP: If you want to use NTP server time on the NetScaler Insight Center, make sure that you configure NTP before enabling AppFlow on the virtual servers
- ICA: Set the ICA session time-out value on Insight
- HDX Insight: Double hop and session reliability is supported from NetScaler Release 10.5 build 10.5 onwards
After the first boot, we need to follow some steps to configure the Citrix Insight Center with an IP address, default gateway, and so on. After hitting the Save and Quit menu item we need to select a deployment type. There are four different options:
- NetScaler Insight Server: This will be the actual NetScaler Insight Server. This option will be used when this node is the first NetScaler Insight Center in your network.
- NetScaler Insight Agent: The NetScaler Insight Agent will be used for processing HTTP traffic from Citrix NetScaler. There could be more than one NetScaler Insight Agent configured.
- Connector Node: The Connector Node will be used to distribute the data to the database nodes that will be received from the NetScaler Insight Agents.
- Database Node: The Database Node will be used to store data from the received NetScaler or CloudBridge appliance. We can install multiple database nodes.
When Citrix Insight Center is started we can connect to it by browsing to the configured IP address in the first step with a Web browser. We can log in with the default username and password on the Citrix Insight Center with username nsroot and password nsroot.
After login, the welcome screen appears. Here we can add Citrix NetScaler or Citrix CloudBridge. We need the IP address of NetScaler or the IP address from Citrix CloudBridge. After the Wizard is completed, it's possible to add more devices if necessary.
In the next step we can select the actual load balancing, content switching, VPN, or the cache redirection virtual server we want to monitor by Citrix Insight Center.
When enabling Enable Geo data collection for Web and HDX Insight, all the client IP addresses will be collected to determine the location of the client. In order to support geo data collection we should upload a geo data collection database; this can be done later in the configuration.
Sending data to the NetScaler Insight Center will be done by the AppFlow feature. AppFlow connects to the NetScaler Insight Server on port UDP 4739. In order to receive data we need AppFlow enabled for the virtual server. In this case we may like to enable HDX Insight. So select in the Application List the VPN view. Select the NetScaler Gateway virtual server and select Enable AppFlow.
The Enable AppFlow dialog will pop up to create an expression. In the most cases this will be the true value, but we can also create a custom expression. For example CLIENT.IP.SRC.IN_SUBNET(192.20.0.0/16) if you want only internal address for analytics.
After pressing OK the NetScaler Gateway virtual server will be monitored and the data will be sent to the Citrix Insight Server when the expression matches.
Adding more Citrix NetScaler or Citrix CloudBridge appliances can be done under the Configuration tab. Click on Inventory to add more appliances if necessary.
Citrix Insight Center can be accessed by HTTP or by HTTPS traffic. When using secure access it's possible to upload your own certificate. If you use the default certificate we always get a warning in the browser that the certificate isn't trusted because it's a self-signed certificate. So it's easier to replace the certificate with a trusted certificate authority.
The communication between the monitored devices and Citrix NetScaler Insight Center will by default be done based on HTTP. It's possible to change this to HTTPS. This can be done under Configuration, Change System Settings and change the drop-down box from http to https. After pressing OK the communication will be done securely.
In the System menu there are a lot of things to configure, as follows:
- Change Time Zone: Here you can modify the time zone from Citrix NetScaler Insight Center. Please make sure that the Citrix NetScaler/Citrix CloudBridge appliance has the same time configured as Citrix NetScaler Insight Center. You can configure a NTP server.
- Change Hostname: Here you can modify the hostname of Citrix NetScaler Insight Center.
- Change System Settings: Here you can modify the security settings as explained earlier.
- Change SSL Settings: Enable or disable specific SSL/TLS protocols. For security reasons it's best practice to disable SSLv3 and also disable SSL renegotiation. For more information see this Citrix article: http://support.citrix.com/article/CTX123359.
- Change ICA Session Timeout: Time period for which an ICA session can remain in the idle state before being terminated.
- Configure Multihop feature: Enable the checkbox when using a multihop Citrix NetScaler environment.
- Change Database Cache Settings: Here it's possible to make database cache adjustments. By default the database will be cached on Citrix NetScaler Insight Server.
- Change Data Record Log Settings: Data record logs provide information about AppFlow records. These logs are useful for troubleshooting but aren't necessary when Citrix NetScaler Insight Center is working. By default the logs for HDX Insight and Citrix CloudBridge are enabled.
- Change URL Parameter Settings: If the URLs captured by Web Insight are very long, we can enable the Trim URL option. URLs will be trimmed for better visibility.
- Change Database Cleanup Settings: When a lot of information is captured, the database size will increase a lot. Enabling the database cleanup option will remove out-of-date data from the database.
- Change Database Index Settings: By default the index setting is enabled. With enabled, index setting database queries are more efficient.
- Change Adaptive Threshold Settings: The adaptive threshold can be enabled to set the threshold value for the maximum number of hits on each URL. If the maximum number of hits on a URL is greater than the threshold value set for the URL, a syslog message will be sent to an external syslog server.
- Change Web Insight Report Settings: Select the entities that need to be visible in the reports on the dashboard.
- Limit Data Duration Persistency: Here we can configure the number of days the generated reports can persist in the database.
- Change URL Data Collection Settings: Disable URL data collection if you don't want to display the URL reports on Web Insight node.
- Change Dashboard Reporting Time Zone Settings: The reports on the dashboard display your local time by default. Select GMT if you want them to display the GMT time zone.