On Demand Citrix Nerds consulting services 24 hours a day!
Affordably priced professional services...
Disaster Recovery Emergency Backup Site in Amazon AWS
Mandatory evacuation due to wildfires by corporate headquarters made having a disaster recovery emergency backup site in Amazon AWS an immediate business requirement. Active Directory was deployed on a Windows 2016 server in Amazon and a powershell script was run to quickly create user accounts based on a CSV export from a domain controller at corporate filtered for essential users based on security group membership. Citrix XenDesktop Controllers were built and connected to newly created application servers and a front-end Netscaler. Data was synchronized to AWS and the entire environment was operational in less than 6 hours. While the cloud system was coming online employees were directed to an emergency location 30 miles away where folding tables were set up and network cables were plugged in to two 24 port switches and quickly run on the floor and plugged in to previously prepared 27 inch LCD monitors that came with a Wyse Thin Client device, keyboard, mouse and USB based VoIP phone system access. A DHCP server was deployed which provided FTP server information for the Wyse thin clients to quickly download a configuration and get them online in less than 30 seconds. Cable modem Internet access with 100mbps speed worked perfectly to support several dozen call center, sales and support agents. This was a we hope it never happens scenario, but fortunately things turned out ok. Once employees were permitted to return to the corporate headquarters office everything was boxed up and put away in hopes it never happens again. To be on the safe side a daily data sync with Amazon is peformed. Citrix components are powered off so that only storage costs need to be paid for, but are kept avaialble and can be operational in less than 30 minutes.
Labor: 50 hours
Netscaler Multi-factor authentation (MFA) Security Appliance
Small software development firm with 20 users wanted multi-factor authentication but didn't want to have to pay monthly recurring fees. Ubuntu based virtual security appliance was deployed which ties in with Active Directory to provide token based authentication for select users. MFA eliminates 99.99% (four nines) of password breaches and using an open source security appliance saved money. DUO charges $3 per user per month or $720 annually for 20 users and Microsoft charges $6 monthly per user or $1440 annually for 20 users. Open source MFA works great with Google Authenticator, Microsoft Authenticator and Authy. Other than labor to deploy it and get users set up there is no ongoing cost. As an added benefit MFA could now also be used with their on-premise Exchange 2016 server and Outlook Web Access by deploying AD FS and running powershell scripts to ensure perfect configuration.
Labor: 4 hours
Onsite Security Audit for Bank
A senior engineer spent three days onsite working with the IT department gathering information for a security accessment of their Citrix environment. Another three days were spent writing up a detailed report on the findings to present to management and thoroughly discuss. Weaknesses which were discovered on the Netscaler included TLS1.0 and TLS1.1, several weak ciphers and a firmware version with a known critical SSL flaw. GPO's locking down Windows were lacking and permitted command prompt access via Internet Explorer, powershell, regedit and outbound FTP server access which could be used to copy senstive data offsite. Most revealing was a Dark Web scan showing compromised corporate passwords. Users had used the same passwords or minor variations of them along with their corporate email account to access outside web services that had been hacked. Unknown to them their passwords had been sold on the Dark Web and were being used to infiltrate banking systems. Several corporate officers passwords had been hacked because even though they may have passed password complexity requirements they were still easy to crack. User logons were in the common format of initial of first name and last name, so doing a Who Is lookup for the domain made it easy to guess IT administrator accounts. The security audit was eye opening and prompted them to take immediate action so they wouldn't be the next company in the news with a major hack.
Labor: 50 hours
Hospital upgrade from XenApp 6.5 to 7.11
For the last three years EPIC Hyperspace ran flawlessly on a Citrix XenApp 6.5 server farm, yet it was time to upgrade the infrastructure to the most current version. The core infrastructure would be based on XenApp 7.11 with two delivery controllers running on Windows 2012 R2, two load balanced Storefront 3.7 servers and two Provisioning Servers. The basic build of the environment was easy and straight forward, except there were 200 policies in XenApp that needed to be transferred to the new environment. Doing so by hand would take a very long time and might cause errors because of typo's. A PowerShell script was written to export the policy settings from XenApp and another script was used to import them in to the new environment. They worked perfectly! A master server was built with all the required applications and stored on PVS. XenDesktop ties in beautifully with VMware and PVS ties in beautifully with the XenDesktop controller making the process of spinning up as many machines as you want simple. For disaster recovery and business continuity purposes an independant site was built at an offsite location which is a duplicate build of the main production site.
Labor: 100 hours
Bank upgrade for 75 branch locations with 10 second logon time
Slow logons was initially why this banking customer wanted to redesign their Citrix environment and in the process decided to upgrade to the most current version of XenApp. Logon times were taking 60-90 seconds and tellers hated using Citrix. Some tools were deployed to figure out why and once the problems were corrected, tellers could logon and launch the banking application in 10 seconds. For regulatory purposes each branch was assigned a pool of servers, yet the IP based access filter which existed in XenApp 6.5 no longer existed in 7.9 and a very sophisticated PowerShell script had to be written to customize the configuration for Delivery Groups.
Labor: 250 hours
Accounting firm implements Citrix to grow business
An accounting firm with very promininent customers was struggling to keep up with the workload and CPA's were getting burned out working long hours. Citrix techology was implemented to help grow their business by hiring dozens of CPA's to work from a newly established Midwest office where labor rates and housing costs were much more affordable versus major cities. Due to the prestige of this firm and their reputation, they didn't want to use an offshore service where English wasn't the native spoken language. Revenue has increased dramatically and so has profitablity. XenApp 7.9 with an entire suite of accounting applications hosted on Windows Server 2012 R2 VM's was the initial build, which has recently been upgraded to 7.11. Cisco B200 blade servers with lots of RAM and CPU's attached to plenty of fast disk storage run VMware and Machine Creation Services (MCS) is used for image management. Dual Netscaler's running the 11.1 firmware are in a high availability (HA) configuration on a 100mbps fiber connection at their main office building in a major city. With easy access to client information from the office, home and mobile devices being more responsive to customer inquires makes their VIP customers feel especially well taken care of.
Labor: 50 hours
School District 1000 Student Google Chrome Thin Clients
Design, build and support Citrix XenApp 6.5 environment for 1000 student school district. Cisco UCS hardware running VMware 5.5, Citrix XenApp 6.5 running on Windows 2008 R2 delivered via PVS to Thin client devices using Published Google Chrome application for K-12 day to day activities and State testing. Remote work except for one week onsite labor to install servers in racks and do initial VMware installation plus train IT staff in how to configure Thin Client devices for future deployment to classrooms and labs. Created large database containing MAC addresses of all thin client devices and their locations for application delivery management purposes. Customer had originally been sold Windows 7 Desktop's from other vendor but XenApp 6.5 was used on Windows 2008 R2 because of substantial savings in hardware resources, such as disk, vCPU and RAM. XenApp 6.5 being a server based VDI solution can economically deliver Citrix resources using less than 30% of hardware versus Windows 7 desktop operating system.
Labor: 500 hours
Major Insurance company 500 user call center
Contracted to upgrade legacy Citrix Presentation Server 4.5 Windows 2003 R2 x86 32bit environment running Facets application from Trizetto to x64 bit running on Windows 2008 R2 with XenApp 6.5. Large project that'd already been one year behind schedule when we came onboard due to in house IT staff not being able to assign a dedicated resource to it. First two months were spent figuring out how their current production environment was built using severly outdated documentation. Weekly status meetings were held with IT department mangers and directors as design strategy was developed over 6 week timeframe. Master application server image was built and extensively tested with key users from existing call center. Additional hardware resources were purchased, deployed and prepped for OS installation. Plans to use an offshore call center in the Philippines were scrapped after cost benefits analysis concluded a US based call center would be more economically viable and provide better customer service. Two call centers with 250 employees each were opened, with one being in Nevada and the other being in Missouri. Additional MPLS data circuits with 10mbps each were added to connect call centers to main company datacenter. Printing was extensively tested as main printer has over a dozen paper trays with different letterhead for various types of customer response mailings. Training for the new version of Facets was conducted by internal application staff educators. Major advances in application includes using CallerID to pull up customer information before agent comes online to assist customer. Budget had been set for $1 million for entire project and upper management saw this as a major success by only going over by $20,000.
Labor: 1000 hours
Online retail business supply chain optimization
Business was booming and it was time to upgrade product supply system and to improve efficiency. Online orders were coming in by the hundreds every day and the manual approach of cutting and pasting from an order confirmation email to the accounting system was really slowing things down and inventory wasn't always accurate. Realtime XML interface was built to get online web orders in the accounting system without using a manual process and packing slips were printed at one of two warehouses using geographical shipping location proximity so deliveries arrive next day or 2nd day in most instances using regular ground shipping services in same delivery zone or one close by. The remote sales team travels the country and visits stores that sell these products and uses Citrix to manage orders and track shipments. Components used for this build are Windows 7 desktops delivered via XenDesktop 7.11 (previously 7.8) to sales team and management laptops, shipping department PC's and home computers. Machine Creation Services (MCS) is used to manage desktop image versions and accounting application access to database. Netscaler VPX is configured with Full SHA256 SSL and Poodle and TLS vulnerabilities are turned off so A- rating is given using online SSL scanning tools. The customer wanted to use a local CoLocation provider which gave them a full rack with power and Internet for $600 monthly to house their servers. The customer is a Dell shop and wanted to use Dell hardware, so three R720 servers were spec'd out with 128gb RAM each, Dual CPU / Quad Core and connected to a 4TB SAN storage appliance. Microsoft Hyper-V was used as the hypervisor, Windows 2012 R2 for the XenDesktop Controller / Storefront Server and Windows 7 Enterprise VM's were configured with 50gb C: Drive, 2 vCPU's and 4gb RAM. 50 concurrent users are supported with this environment, with a minimum of two physical hosts running and the third being there for fault tolerance.
Labor: 10 hours
ProLaw Cloud Based Hosted Application
An established and profitable law firm with thirty lawyers, paralegals and administrative staff working for it was having challenges staying organized because some older files were still stored in filing cabinets, while others were stored on a file server and still others were on user workstations with no centralized system to manage everything and that's not to mention tying everything in with billable hours. After reading about ProLaw in a trade magazine a decision was made to modernize their practice and make everything available on the Internet. Summary: Dual HP Proliant DL380 G6 servers with 96gb RAM and 4TB RAID5 SSD based storage running VMware 6.5 for the hypervisor and using a VMware essentials license. Physical host #1 used for core infrasturcture with a Windows Server 2012 R2 Domain Controller, Windows Server 2012 R2 SQL Server, Windows Server 2012 R2 XenDesktop 7.11 controller with Storefront, Netscaler VPX 50 and NAKIVO with backup first to local storage and then to Amazon EC2 cloud backup. Physical host #2 used for two Application (APP) Servers running ProLaw and MS-Office 2016 on Windows 2012 R2 servers with 250gb C: Drive, 48gb RAM and 2 vCPU's. Client workstations are typical Windows 7, Windows 10 and MAC Sierra and Yosemite OS. Hardware and software costs with servers located in a coLocation provider were around $20k, plus ProLaw license costs. Some research was conducted prior with consideration of using a service provider, but at monthly costs in excess of $5,000 the decision was made to outright own everything. Work was completed in less than a week and now they wonder how they ever managed to live without it.
Labor: 20 hours
EU Headquarters XenApp 6.5 single Server
This customer wanted a very economical Citrix set up for their European Headquarters office. Netherlands based WorldStream provided a VMware ESXi 6.0 host for €30/monthly with 16gb RAM and 500gb disk storage on a Dell PowerEdge T110. Microsoft Windows 2008 R2 server license cost $700, 10 RDS CAL's cost $1100, 10 Citrix Advanced Licenses cost $2800, RapidSSL 2 year SSL certficate $30 and labor $300 - Total cost $4930. Software: XenApp 6.5, R07 Rollup Hotfix, SQL Express, Web Interface 5.4, CSG 3.3.3, Citrix Receiver 4.5. Windows server was installed as a single server in a workgroup. Approximate per user monthly cost over 2 year period of time is user $25. Math: $4930 divided by 10 users ($493) divided by 24 months ($20.54) plus $35 hosting divided by 10 users ($3.50) is $24.01. Access from Windows based laptops, Macbooks, iPhone, iPad and Android devices. This configuration doesn't necessarily need to be used for EU users as it can be used just as well by users in North America.
Scale up by adding a second VMware ESXi 6.0 host for €30/monthly with 16gb RAM and 500gb disk storage on a Dell PowerEdge T110 to incorporate an Active Directory domain controller ($700 Microsoft license), Netscaler Access Gateway ($1000 Citrix license) and Storefront server ($30 SSL Certificate), plus $250 labor for $1980 more.
Labor: 2 hours