Citrix en Nutanix: de kracht van de combinatie

Uw werkplek- en datacenterspecialistOntwerpen • Implementeren • Optimaliseren

Citrix & Nutanix: ‘de kracht van de combinatie’

Simple, Secure & Scalable

Agenda

• 12.00 - 13.00 uur Lunch• 13.00 - 13.10 uur Opening & welkom• 13.10 - 13.50 uur Nutanix• 14.00 - 14.45 uur Citrix & AppSense• 14.45 - 15.00 uur Koffiepauze• 15.00 - 15.30 uur Werkplektransformatie• 15.30 - … uur Afsluiting & borrel

Even voorstellen

Arjen VisserDirecteur Sales

Over ICT-Partners

• 80 experts

• Meer dan 15 jaar ervaring• Drie vestigingen

Focus ICT-Partners

• Transities van werkplek- en datacenter infrastructuur

• Architectuur / Roadmapping• Security

• Cloud (services, azure, office 365)• Automation

Partners

Haal meer uit uw werkplek met Citrix & Nutanix!

Door Mahil el Khatib, Nutanix

The Enterprise Cloud CompanyMahil el Khatib, Sr. Systems Engineer

The Best IT Infrastructure IsYou Can’t See

Just Works

Invisible …

Web-Scale: Design Point for Invisible

Design Principles••Unbranded x86 servers: fail-fast systems••No special purpose appliances••All intelligence and services in software••Extensive automation and rich analytics••Distributed everything

Benefits••Linear, predictable scale-out••Always-on systems••Fast innovation in software••Operational simplicity••Lower TCO

You needed VMware.You want Amazon Web Services.

YOU’LL LOVENUTANIX.

The Cloud Era Is Well Underway

“I deployed my applicationin five minutes.”

Rapid Time to Market

“No more time spent on low-level infrastructure

management.”

One-Click Simplicity

“I use and pay for just what I need only when I need it.”

Fractional IT Consumption

“New capabilities are available on a regular basis.”

Continuous Innovation

Why Not AWS For All Workloads?

Predictable Workloads

Elastic Workloads25%

75%

Balance Owning and Renting For Today’s Enterprise Workloads

Spin up and down resources on the public cloud

Lower costs with private cloud infrastructure

Bringing The Cloud To The Enterprise Datacenter

Fractional Consumption

Invisible Operations

Instant Delivery

Frictionless

Tailored SLAs for Every App

Balance Owning and Renting

Data Access and Governance

Choice and Freedom from Lock-in

Control

Continuous Innovation

Complexity with Legacy Infrastructure

x Lifecycle complexityx Resource silosx Support challengesx High costs

++ Automated operations++ Self-service provisioning++ Monitoring and analytics

Network

Virtualization

Compute

Storage Network

Storage

Virtualization

App App

Re-Platforming the Enterprise Datacenter

Integrated, scale-out compute and storage

Virtualization

App App

Storage Controller

Storage Controller

Storage Controller

Storage Controller

Server Server

Storage Controller

Storage Controller

with built-in virtualization and management

Scalable Distributed System Design

VM VM VM CVM

Hypervisor

VM VM VM CVM

Hypervisor

Tier 1 Workloads(running on all nodes)

Nutanix Controller VM(one per node)

VM VM VM CVM

Hypervisor

Distributed Storage Fabric

ü Snapshots ü Clones ü Compression ü Deduplicationü Locality ü Tiering ü Erasure Coding ü Resilience

Node 1 Node 2 Node N

X86 X86 X86

Extensible Storage Fabric

20

CVM


NFS/SMB/iSCSI SMB File Shares

FSVM FSVMFSVM

iSCSI Volume Groups

Bare Metal Apps

FSVM

VM

VM VMVM

CVM CVM CVM

HYPERVISOR HYPERVISOR HYPERVISORHYPERVISOR

Seamless Application and Data Mobility

ü Sizer ü One-click Hypervisor Conversion ü Cross-Hypervisor DR

ü Foundation ü Backup to Public Cloud ü Cross-Hypervisor Backup

App Mobility Fabric

VM VM VM CVM VM VM VM CVM

ESXi

VM VM VM CVM

ESXi

Node 1 Node 2 Node N


X86 X86 X86

ESXiESXiESXi ESXiESXi

AHV AHV AHV

Eliminate Complexity…

Integrated Consumer-Grade Management

IntuitiveBeautifulInsightful

Security-First Design

Full-Stack Security Development Lifecycle

Micro-Segmentation

Encryption

Anti-VirusAnti-MalwareFirewall

KeyManagement

EcosystemSecurity Certifications

Automated Validation and Self-healing

Repeat

Update

Asses

Test

Measure

Report

Hyperconverged >> Enterprise Cloud

Integrated Compute & Storage

Backup & DR Services

VM Storage

Hyperconverged Infrastructure

2012

File Services

Native Virtualization

Multi-hypervisor Support

Hybrid-cloud Services

Machine Intelligence

Systems & Ops Mgmt.

HCI++

2014+

Enterprise Cloud

Cloud Automation

Self Service

Network Segmentation

Object Storage

Application Ecosystem

Container Services

2016+

Hyperconverged Infrastructure

IntegratedCompute & StorageBackup & DR Services

VM Storage

VxRailCisco HyperFlexHewlett Packard Enterprise

Block Services

Network Visualization

Application Mobility

Hyper-VPrism

Deduplication

Innovating at the Speed of The Cloud

vSphere supportScale-out storage

KVM Support

Multi-cluster Management

Backup to AWSBuilt-in Virtualization

VM High AvailabilityBackup to AzureVM Flash ModeErasure Coding

Product Launch

2.53.0

3.54.0

4.14.5

4.6Major New Features in the Nutanix Enterprise Cloud Platform

2011 2012 2013 2014 2015

VM-centric Backup + DRNon-disruptive Upgrades

Compression

4.7

4x Faster PerformanceIntegrated File Services

AMF Hypervisor ConversionPrism Pro with X-Fit

2016

Block ServicesContainer SupportWhat-If Planning &

more..

Broad Ecosystem Support

Guest Operating Systems

Windows Server

Applications and

Technology

Hardware Platforms

Powering All Workloads and Use Cases

VDI

Branch Office

Data Protection & Disaster

Recovery

Big Data

Private & Hybrid Clouds

Collaboration and UC

Enterprise Applications

Thank You

&One more thing……………

TAC CentersNBD Depots

Durham

Amsterdam

24x7x365“Follow the Sun”

Support

97%Customer

Satisfaction

+90Net Promoter

Score

70+Countries

Languages

7WW Support

Centers

Global Support Overview

San Jose

Sydney

Bangalore

TokyoBeijing

Haal meer uit uw werkplek met Citrix & Nutanix!

Door Bert Jansema, ICT-Partners

Bert Jansema

Introductie

Werkplek 2.0

Werkplek 2.0• Technische realisatie (SBC, VDI, virtualisatie)

• Informatie altijd beschikbaar door internet en massacommunicatie• Mobiliteit: werkplek op kantoor, thuis en onderweg

• Security is een vakgebied

• Virtuele teams• Voice command & response• Nieuwe projectietechnieken (glas, holo)• Artificial Intelligence • Virtual Reality• Augmented Reality• Instant data analyse• Volledige persoonlijke afstemming

Werkplek 2020

Gas los!! Terug naar…

ICT ondersteunend, flexibel en onzichtbaar

• Bereiken:• Access anywhere anytime anyway• Consistente user experience

• Rekening houdend met:• Vraagfluctuatie, onvoorspelbare groei• Snel evoluerende bedreigingen

• In de greep houden van:• Kosten!• technische complexiteit

SIMPLESCALABLE SECURE

W2K12

Citrix Flexcast Management Architecture (FMA)

Applicaties&Desktop

XenApp Server(Controller&Delivery)

W2K12

Applicaties&Desktop


W2K12

Applicaties&Desktop


DeliveryController

W2K12

Applicaties&Desktop

DeliveryAgent

W2K16

Applicaties&Desktop

DeliveryAgent

Win10

Applicaties&Desktop

DeliveryAgent

XenApp IMA XenDesktop FMA

SimpleScalable

Citrix Studio

Simple

MachineCatalogsDeliveryGroupsPolicyLoggingAdministratorsControllersHostingLicensingStoreFrontApp-VPublishing

Citrix Director

Simple

HDX Protocol• Intelligente redirection• Adaptive compression• Data de-duplication

SimpleScalable Secure

• Any Cloud Hybrid Cloud Provisioning• Amazon Web Services• Windows Azure• Citrix CloudPlatform

• Any Device• Citrix Receiver voor Windows, IOS, Android, Linux

• Any App• Published Apps (XenApp)• VDI (XenDesktop)• Remote PC

SimpleScalable

Long Term Service Release

• Lagere TCO door hoge kwaliteit van de releases en voorspelbare onderhoudsintervallen

• Voorspelbaar onderhoud door cumulatieve update packs• 5 jaar “gewoon” support en 5 jaar extended support• Voorwaarde is dat alle Citrix componentversies LTSR compliant zijn

Simple

Gemiddelde Citrix omgeving

Desktop virtualisatie lagen

Compute and Storage (HW)

Hypervisor

Control and Access Layer

Desktop Layer

User Layer

Infrastructure (Studio, file, AD, SQL, License)

Nutanix Acropolis Hypervisor / Vmware ESX / Microsoft Hyper-V

Desktop Delivery (XD) & Image Controllers (MCS)

Access Controllers (StoreFront) and Networking (NetScaler)

Profile management, golden image, and apps

User type and end-points (Receiver)Citrix ShareFile and file services



Hypervisor


Desktop Layer

User Layer







Citrix Provisioning Services

Citrix Provisioning Services

• Stream van ‘image’ (vDisk) naar meerdere machines tegelijkertijd• Maakt gebruik van PXE boot technologie• Sterke afhankelijkheid van goede netwerk-setup, DHCP• Sizing is van groot belang (failover/caching)

Mooie oplossing, maar redelijk complex

Citrix Machine Creation Services

Citrix Machine Creation Services

• Functionaliteit van PVS met……• …..Eenvoud van MCS

• Gebruik bestaande hypervisor functies• Geen afhankelijkheid van PXE en DHCP• Geen additionele componenten• Eenvoudige updates

Numberofvirtualdesktops

SANPerformance

MCS op traditionele SAN?

MCS op Nutanix

Voordelen van MCS op Nutanix?

Verdere vereenvoudiging vandeMCSarchitectuur!

Eenvoudige configuratie in XenDesktop Studio maakt het leven eenvoudiger:

Meerdere kopieënvanimages

Onderhoud vanmeerderedatastores

IOproblemen

Meer voordelen van MCS Nutanix!

GereduceerdeOpstarttijden

Betereschaalbaarheid

VMmigratie



Hypervisor


Desktop Layer

User Layer







HP, Dell, Cisco, Lenovo

Cisco, HP, Arista, Mellanox

Qlogic, Emulex

EMC, NetApp, HP, Dell, HDS

Cisco, Brocade

VMware, Microsoft, XenServer

Cisco, HP, Arista, Mellanox

VMware, Microsoft

Simplifying the XenDesktop Infrastructure Stack

Network

Scale out compute and storage

Virtualization

Network

Virtualization

Compute

SAN Fabric

Storage

AHV

Nutanix

Citrix – Nutanix IntegrationProduction

ReadyforAHVIntegratedManagement FastProvisioning

NovTax torunCitrixonNutanix FullyintegratedwithDesktopStudioUI

Highspeedimageupdatesandoperations

IncludesNutanixstandardbenefits• Shadowclonesandboot-stormhandling• Rapidtroubleshootingandclearopsline-of-sight• Linearscalingandpay-as-you-growconsumptionmodel

Native Citrix Studio Integration

Going distributed simplifies things..Before After

Linearly Scaling Virtual Desktop InfrastructureV

Ms

(Des

ktop

s)

• Scale incrementally one node at a time• Protect infrastructure investment by eliminating forklift upgrades• Scale storage capacity & performance linearly

Pay-as-you-grow

Number of Nodes

Citrix XenDesktop/XenApp on Nutanix AHV

VM VM VM

VM VM VM

VM

VM

VM

VM

AHV

Nutanix AHV is

Citrix XenApp/XenDesktopCitrix NetScaler VPX*Citrix ShareFileCitrix Cloud

CitrixStoreFront

XenDesktop Delivery Controller

AHV

Citrix Sharefile & File services

SQL Server & Infra /network services

Citrix Studio, Director

VM

CitrixNetScaler VPX



Hypervisor


Desktop Layer

User Layer







“SET THE USER FREE” e n d p o i n t s e c u r i t y s i m p l i f i e d

AppSense now part of the LANDESK family

zonder concessies aan veiligheid en beheersbaarheid

IT’S NEVER OR

I.T. MANAGED

USER MANAGED

Mobile

VIRTUALPHYSICAL AND

UNMANAGEDMANAGED AND

BYODCOPE AND

PERSONAL APPSCORPORATE APPS AND

PERSONAL DATACORPORATE DATA AND

ALWAYS AND

I.T. MANAGED

USER MANAGED

Users want to Personalize their workspace and access their Data. IT wants to manage Policy, Privilege, Performance and Analytics for each user. Combined, these elements define User DNA™

Workspace Management

IT Settings

User Settings+

= User DNA™

AppSense unlocks User DNA™

so IT can manage it independently.

Personalization

Policy

Privileges

Performance

Data Access

Analytics

User DNA™ is stored, managed and distributed from a central AppSense database, leveraging the AppSense platform. IT gets granular, contextual control allowing User DNA™ to follow the user, creating a seamless workspace experience.

AppSenseDatabase

Physical Virtual Cloud

Workspace Management

Creating a Balanced Portfolio

PatchManagement

Endpoint SecurityConfiguration Management

Physical, Virtual& Mobile

ServiceManagement

AssetManagement

User Environment Management

Security

An

alyt

ics

and

Das

hb

oard

s

EnvironmentManagement

PrivilegeManagement

ApplicationControl

File & ProfileMigration

PROTECTProtects against zero-day attacks by preventing malicious software from executing

CONTROL EXECUTIONApply precise control over how authorized applications execute and whether applications can launch other applications to prevent stealth rootkits from infiltrating your enterprise systems.

RANSOMWARE CONTINUOUS TO RISERansomware is not going away any time soon, because the business model offers high reward for minimal effort. Compared to 2015’s 29 ransomware families, 79 new families already emerged this year

PREVENTPrevents malware from running when your host system reboots. Also locks down the registry until rights are approved by the IT administrator

01

02

03

04

Protect Against Ransomware

Source: TrendLabs 2016 Security Roundup

Common Security Weakness

§ Almost all forms of attack use privilege escalation when installing malware that needs administrative privileges.

§ Phishing, which continues to be the most common front end for damaging attacks, is used to obtain user credentials from which to start the escalation, and phishing succeeds because of poor hygiene in application and privilege management.

85% of all Critical vulnerabilities documented in the report can be mitigated by removing admin rights *2015 Microsoft Vulnerabilities Report

99.5% of all vulnerabilities reported in Internet Explorer in 2015 could be mitigated by removing admin rights *2015 Microsoft Vulnerabilities Report

86% of reported vulnerabilities come from 3rd party applications. *National Vulnerability Database

In 2015, Microsoft Windows represented the most targeted software platform, with 42 percent of the top 20 discovered exploits directed at Microsoft platforms and applications. *HP

Cyber Risk Report 2016

Malware Monetization and Application Vulnerabilities

The average ransom discovered to date in 2016 stands at US$679, up from $294 in 2015 *ISTR Ransomware & Business, Symantec

Feb 2016, the Hollywood Presbyterian Medical Center(HPMC) paying the attackers’ demand of US$17,000

Missing Patches

• Third Party• MS Office• Adobe• Java

01Dangerous Applications

• Media• Runtimes• Web browsers

02

Misconfigured User Access

• Admin rights• Least Privilege• Password

Management

03

Unprotected Data

• Sensitive Data• Unencrypted• Multiple

Storage

04

Endpoint Security Threats

Patching

• Clear visibility on all endpoints

• Effective Detection

• Automatic Policy Enforcement

• Single Management Console 01

Unhazardous Applications

• Minimize exposure

• Automatic uninstall

• Application Whitelist/Blacklist

• EPC for remote connections02

Proper User Access

• Remove Admin rights

• Determine Least Privilege

• Automate Elevation

• User self-service Portal

03

Data Protection

• Enable Data Encryption

• Automated Scans

• Protect External

Media• Backup and

Recovery

04

Endpoint Security Best Practices

By AppSense

CATCHPATCHMATCH

Strategic Approach & Benefit

MITIGATES AT LEAST

OF TARGETED CYBER INTRUSIONS• National Security Agency, Information Assurance Guidance, www.nsa.gov/ia/mitigation_guidance/• Australian Government Department of Defence, Strategies to Mitigate Targeted Cyber Intrusions,www.asd.gov.au/infosec/mitigationstrategies.htm

PATCHApplications and Operating System

CATCHMalicious software with

a Whitelist

MATCHThe Right People with

the Right Privileges

Introducing…AppSense Endpoint Security

§ Privilege Management§ Application Control with Trusted Ownership™§ Granular Exceptions§ Prescriptive Security Analytics § Automated Patch Management

Regain Control of ApplicationsRegain control of applications running across the business without locking down your users

Use cases – Security and beyond

• Deploy all users as standard users

• Assign privilege to individual applications based on user roles and needs

• Prevent execution of unauthorized applications

Productivity & Security

Control Panel –uninstall program

Task Manager –kill process

Regedit / Command

Action Example Solution

Install Applications

Change Configurations

Remove Patches & Uninstall Software

Defeat Security Tools

control.exeDenied Application:

Denied Application:

cmd.exeregedit.exe

taskmgr.exeDenied Application:

Application Control:

System Level Visibility

System Level(ActiveX controls, VBscripts, batch files, MSI packages and registry configuration files, .exe,

.dll processes, App launches, binaries created, drivers, etc.)

Intelligence



Application Control by :Trusted Ownership – IT Admin or Service AccountWhite / BlacklistingDigital Signatures

Control



Application Control by: Trusted Ownership – IT Admin or Service AccountWhite / BlacklistingDigital Signatures

Network Access Control - Application TerminationApplication Control - URL Redirection - Rights Management – Self Elevation –

Win Store App Control

Prevent & Awareness



Application Control by means of Trusted Ownership – IT Admin or Service AccountWhite / BlacklistingDigital Signatures

Quarantine Block Warn Dialogue Monitor Educate

Network Access Control - Application TerminationApplication Control - URL Redirection – Privilege Management – Self Elevation –

Granular Exceptions & Contextual Aware - Win Store App Control (Win8/8.1/10)

Response



Application Control by: Trusted Ownership – IT Admin or Service AccountWhite / BlacklistingDigital Signatures

Quarantine Block Warn Dialogue Monitor Educate

Auditing / Monitoring Advanced Reporting Application Admin Rights Discovery Evidentiary Forensics License Management

Network Access Control - Application TerminationApplication Control - URL Redirection - Rights Management – Self Elevation –Granular Exceptions & Contextual Aware - Win Store App Control (Win8/8.1/10)

AppSense Endpoint SecurityAllows desktop and InfoSec teams to protect endpoints and enable regulatory compliance without degrading the user experience.

ProtectionIdentify and block unauthorized applications from runningAutomate Microsoft and third-party application patch assessment and deploymentEnforce software licensing and ensure complianceDetect suspicious endpoint behaviour

User Experience & ProductivityManage user privileges and policies at a highly granular levelAllow user self-elevationMonitor admin rights and self-elevation trends

UserSettings

Apps

UserSettings

Apps

UserSettings

Apps

UserSettings

Apps

UserSettings

Apps

Vragen

Citrix Productportfolio• Citrix XenApp• Citrix XenDesktop• Citrix XenServer• Citrix XenClient• NetScaler• NetScaler Gateway• NetScaler CloudBridge• Provisioning Server• XenMobile• Citrix Receiver• ShareFile• GoToMyPC

Een succesvolle werkplektransformatie

Door Jan van Pijkeren, VPProjects

Handreiking voor een succesvolle transitie

Jan van Pijkeren - Projectmanager

Waar begin ik?

Afbeelding: http://www.huffingtonpost.com

BC

Afbeelding: http://hollandrodendaily.org/business-case-template/

De Business Case staat en nu?

Afbeelding: https://nl.wikipedia.org/wiki/Project

Volgens Prince2:

Afbeelding: http://www.bkkc.nl/nieuws/2013-april/maak-een-concreet-plan-van-je-ideeen-voor-de-impul

Wat staat er in?

WaaromWat is het doel?

WatWelk eindproduct ga je maken?

HoeOp welke manier ga je het doen?

WieWelke mensen gaan meedoen?

Welke middelenWelk materiaal, welk materieel?

WanneerWat is het tijdpad van het project?

Een praktijk voorbeeld

Van methodiek naar aanpak

Afbeelding: http://www.projectcartoon.com/about/

Wat kan Pitz voor u betekenen?

Afbeelding: http://www.topchange.nl/opleiding-project-management/

Afsluiting

Onze oplossingen

ICT-Partners helpt u succesvol te zijn met uw ICT. Wij ontwerpen, implementeren en optimaliseren ICT-omgevingen met de nieuwste

technologieën, die bijdragen aan continuïteit, stabiliteit en kostenbesparing.

Bedankt!

ICT-PartnersVosselmanstraat 27311 CL ApeldoornT 055 528 22 22E [email protected]

Hoofdweg 2909765 CN PaterswoldeT 050 364 31 02E [email protected]