Monitoring Citrix StoreFront
Citrix StoreFront, which is the successor to Citrix Web Interface, authenticates users to XenDesktop sites, XenApp farms, App Controller (SaaS Apps), and VDI-in-a-Box enumerating and aggregating available desktops and applications into stores that users access through Citrix Workspace App for Android, iOS, Linux, Windows, Win8/RT or Receiver for Web sites. StoreFront enables next generation features such as:
- Unified StoreFront for XenApp and XenDesktop resources that can also deliver SaaS & Native Mobile applications (through App Controller).
- Simplified Account Provisioning, which enables users to connect to assigned desktops and applications by simply entering their email or server address, or by opening a Provisioning File in Receiver.
- Access from any Receiver with a consistent user experience, including automatic fallback to Receiver for HTML5 on Receiver for Web sites if a native client isn’t available locally and can’t be installed.
- Synchronization of resource subscriptions across all platforms and devices (Follow-me Apps & Data).
- Cross-farm aggregation and de-duplication, that aggregates and delivers a unique set of applications from multiple farms across different sites.
- Farm-Based Optimal HDX Connection Routing, which enables the use of the nearest NetScaler Gateway for HDX traffic routing independent of the NetScaler Gateway used for initial authentication.
The architecture of the Citrix StoreFront is explained in Figure 1.
StoreFront consists of the following components:
- Authentication service: This service, which is an integral part of StoreFront, authenticates users to XenDesktop sites, XenApp farms, and App Controller (for SaaS apps). The authentication service ensures that users only need to log on to StoreFront/Receiver once.
- Store: The store retrieves user credentials from the authentication service to authenticate users to the components providing the resources. The store also enumerates and aggregates the resources currently available from XenDesktop sites, XenApp farms, and App Controller (SaaS Apps). Users access the store through Citrix Workspace App or a Receiver for Web site.
- Application Subscription Store (Data Store): This store saves and indexes the application or desktop subscriptions of the users on a per-StoreFront Store basis. In contrast to older versions of StoreFront, where an external Microsoft SQL database was required, the new Application Subscription Store uses the built-in Microsoft Windows Extensible Storage Engine to store details of users’ app subscriptions locally on StoreFront servers. When joining a StoreFront server to a Server Group the replication of data between all members is configured automatically.
- Receiver for Web site: This site enables users to access stores through a webpage. Furthermore, this site can verify the version of Receiver installed locally on the endpoint and guide the user through an upgrade or installation procedure if required. In scenarios where Receiver cannot be locally Receiver for HTML5 can be enabled for the Receiver for Web sites so that users can access resources directly within HTML5-compatible web browsers.
- Desktop Appliance site: Desktop Appliance sites provide users of non-domain desktops with an experience similar to that of users with domain-joined desktops. The web browsers on desktop appliances are configured to start in full-screen mode displaying the logon screen for a Desktop Appliance site. When a user logs on to a site, by default, the first desktop (in alphabetical order) available to the user in the store for which the site is configured starts automatically. Desktop Appliance sites are only created by default when StoreFront is installed and configured as part of a XenDesktop installation.
- XenApp Services site: Users with older Citrix clients that cannot be upgraded can access stores by configuring their clients with the XenApp Services URL for a store. This site can also be used from domain-joined desktop appliances and repurposed PCs running the Citrix Desktop Lock.
- NetScaler Gateway: Citrix NetScaler Gateway is a physical or virtual appliance, which provides secure remote access to internal resources. The appliance is typically located within the DMZ and exposed to the Internet. When a user connects to NetScaler Gateway they will need to authenticate before any access to internal resources is granted. The access can be controlled by the admin by means of granular application-level policies and action controls.
As already mentioned, the Citrix StoreFront model of eG Enterprise monitors the health of the StoreFront and the user authentication.
Each layer of Figure 2 above is mapped to a series of tests that periodically monitors the Citrix StoreFront server and checks on the following:
- How well the resources were accessed?
- The time taken to access the resources;
- How well the resources were accessed using the ICA protocol?;
- How well the resources were accessed using the RADE (Rapid Application Delivery) process?;
- The rate at which the users were authenticated based on their chosen language preference;
- The time taken to authenticate the users;
- The rate at which the password change requests from the users were processed?
- The time taken to change the password upon user requests;
- How well the authentication store stores the user information, retrieves the information and deletes the user information?;
- How well the resources and sessions were accessed using the Citrix Dazzle?;
- What is the rate at which the user subscriptions were added, deleted, modified, enabled etc?;
- The time taken to retrieve the user subscriptions from the authentication store;
- How well the users are authenticated to access the controller through the Web Application Delivery service?
- How well the Citrix StoreFront is accessed through the XML service?
The Operating System, Network, TCP, Application Processes and Windows Service layers of Citrix StoreFront server are similar to that of a Windows server model. The tests mapped to these layers have been dealt with in the Monitoring Unix and Windows Servers document. The tests pertaining to the .NET Framework, Application Pools and Web Server layers have been dealt with in the Monitoring Microsoft IIS Web Server document.