Citrix updates in 2023
Citrix continues to deliver on their commitment to hybrid environments with Citrix updates to Virtual Apps and Desktops and Citrix cloud platform. Here is a wrap up with more releases to help improve your organisations efficiency, security, and end user experience.
To kick us off, Citrix have announced the general availability of Citrix Virtual Apps and Desktops 7 2311 to their customers! This release comes with site management improvements, SPA on-prem plug-in, new StoreFront UI, and more! As Citrix promised at the beginning of 2023 with the launch of Destination: Hybrid, Citrix have continued to deliver feature after feature to help drive parity between their on-premises and cloud platforms.
Citrix has been focusing their innovation efforts over four main categories, and aligned their feature announcements along these four groups:
- Operational and IT Efficiency
- Workload and Device Flexibility
- Security and Compliance
- Employee Experience Technology
Let’s dive into the features and capabilities of some of these Citrix updates in all four categories from the last year across cloud and on premises!
Operational and IT Efficiency
Tech Preview – PVS Switching to MCS Provisioning
Historically, PVS has used its own separate wizard for creating VMs in both on-premises and cloud environments. To streamline the provisioning process for administrators, Citrix has introduced a feature enabling customers to use Studio for PVS VM creation. This marks a significant advancement in bridging the functionality gaps between PVS and MCS, leading to faster feature development. By utilising MCS capabilities, customers can now access features previously exclusive to on-prem hypervisors and public clouds for creating VMs with PVS. This includes support for Hybrid Azure AD, Azure AD, Intune, on-demand provisioning, and the ability to update machine profiles after their creation. Administrators can now manage PVS provisioning from Studio with a unified UI and workflow, greatly improving PVS’s supportability by employing the same API as MCS.
VDA Upgrade Service
The VDA upgrade service is a new feature Citrix rolled out earlier this year to aid their customers in keeping their Citrix Virtual Delivery Agents (VDAs) up to date with the latest features, functionalities, and fixes. With the VDA Upgrade service, administrators can improve operational efficiency by shifting VDA updates from manual or complex processes to automated processes that Citrix manages. Citrix are continuing to deliver improvements to this service with their new releases. Proxy support enables customers to use this service when the VDAs are behind internet proxies. Local file share support enables customers that have air-gapped environments to direct their VDAs to a local file share and pull the latest VDA installer locally – no need for internet access. Lastly, new upgrade fail-safe capabilities allow administrators to configure an exit strategy during upgrade issues by setting concurrency levels and failure thresholds. These features are being released to Citrix DaaS. The VDA Upgrade service is currently only available for DaaS customers. With these updates, Citrix are introducing even more flexibility and control to administrators within their Citrix Cloud environment.
Admins are a core user group in Citrix, and Citrix are making improvements to make it even easier to troubleshoot issues from consoles. Citrix have rolled out a new logon breakdown UI, which comprehensively breaks down the individual services, and stages are broken down in detail. This view empowers admins to gain a deeper understanding of possible causes when needed. To further drill down into end-user issues, session performance metrics such as ICA RTT, latency, and consumed bandwidth offer more insight for faster triaging and understanding root causes. Citrix are bringing these endpoint network statistics to Linux Workspace app uses, allowing for data from thin client vendors.
The screenshot below showcases logon duration phases over time to easily view all details over time from a single view.
Tech Preview – Autoscale updates
Cost savings has been one of the core focuses for Citrix development over the past year. Earlier this year, Citrix introduced Autoscale for on-premises with 2308, and they are continuing to drive further cost improvements. A lot of these updates are focused on persistent machines, which drive a lot of expense in public clouds. Several features such as shutdown if not in use, end user hibernation (Azure Tech Preview), and reclamation service have all been released to target persistent machines. Additionally, to help with public cloud costs, vertical load balancing is now configured at the delivery group level. This enables administrators to configure their cloud Delivery Groups with vertical load balancing to save on costs but maintain on-premises Delivery Groups with horizontal load balancing for the end user experience.
One of their biggest releases of the past year is Autoscale Insights, which is currently in public Tech Preview. You can toggle the tech preview on by going to DaaS within the cloud console, scrolling to Preview Features and toggling Autoscale Insights on. Customers want to make “data-driven” decisions to ensure their Autoscale settings align with actual capacity usage, striking a balance between cost savings and user experience. Administrators can compare “actual historical usage of their capacity” with “Autoscale settings” and infer three aspects – cost effectiveness, poor end user experience or a good balance between them.
Site Management Improvements
Alongside cost savings, Citrix are always looking for ways to make their product more streamlined for their users. Citrix are bringing improvements to Web Studio Backup to make it even easier to backup and restore configurations, for both on-premises and DaaS Web Studio. Administrators will be able to easily schedule and restore backups on demand, with notifications and logs to track changes. Citrix are also introducing centralised site management with the ability to assign additional sites to a primary site. End users will be able to log on to one Citrix Workspace URL and access all their resources regardless of site, and administrators will easily be able to switch between the sites in their organisation and view metrics through a unified Monitor console.
The screenshot below depicts the Backup + Restore tab in the Citrix DaaS console with a configuration backup in progress.
Workload and Device Flexibility
Tech Preview – Multi-IDP Support
Citrix are all about giving you choices. Citrix latest feature: multi-IdP support within the Citrix cloud console, continues to deliver on this goal. With multi-IdP support, you can now have multiple IdPs of the same type within one Cloud tenant. Exceptions to multiple IdP are Citrix Identity, Active Directory, and Active Directory + Token. An important note is that currently, you can still point to one IdP at a time in the Workspace configuration. Alongside this capability, Citrix are also introducing the ability to clone SAML IdPs. You now can clone a SAML IdP, give it a new nickname, and edit the configurations to create an additional SAML IdP.
The screenshot below shows that you now have the option to add identity providers to your existing IdPs inside of the Identity and Access Management console.
Tech Preview – Linux Secure VDA
The Linux VDA Secure HDX now offers an enhanced security framework without the need for deploying certificates to the VDAs, a process that previously complicated setup and administration. This advancement includes Secure ICA 2.0, which simplifies configuration and management while utilising contemporary security algorithms and providing immunity to Man-in-the-Middle (MITM) attacks. Users can experience true End-to-End Encryption (E2EE), ensuring seamless security between the Citrix Workspace app and VDA, with effortless deployment and management.
Security and Compliance
Session Recording – Audio Recording
Citrix is bringing the power of Session Recording to in-session audio! This has been a long-awaited ask from organisations that need to have recordings of both the screen and audio that occur within user sessions. Organisations are now able to record audio and video to secure and troubleshoot user sessions seamlessly. A top use case for this feature is for call centre calls to be recorded in tandem with screen recordings. This will ensure better quality, compliance, and troubleshooting. For information on how to configure audio recording, look at their product documentation.
Device Posture Service Updates
Device Posture service is used to classify devices as compliant or non-compliant. This information is then used as a condition to apply contextual access to DaaS or SPA resources. Late last year, Citrix announced the global availability of Microsoft Intune integration. Citrix continued their effort and have CrowdStrike Falcon as another 3rd party integration. But one of the most essential things for their roadmap is feedback from the field. Citrix listened carefully and are happy to have Citrix Workspace app version check for iOS, Device Certificate check on macOS and Windows, network and geolocation check and IGEL OS file check generally available.
The screenshot below shows the new options for device policies admins can add.
Citrix Endpoint Management Improvements
Citrix Endpoint Management (CEM) is a product that customers love. Citrix continue to work closely with organizations to deliver the requested features and state-of-the-art security to make them successful. Citrix are happy to announce Day 0 support for Android 14 and iOS 17. Additionally, Citrix Launcher for Android, which is designed for restricted devices to allow only certain apps to be started at kiosks, is now supported. Dark mode support for Secure Web and Domino 12 support for Secure Mail are also both now generally available.
Starting in 2023, Citrix announced the support of Citrix Endpoint Management with NetScaler advanced authentication policies (nFactor). This enhancement elevates the user experience for single sign-on. Today, once the device is enrolled, the end user is prompted again for User Credentials to get authenticated against the NetScaler. With this enhancement, single sign-on will be seamless. User credentials are provided once during the enrollment process.
Citrix Enterprise Browser Innovations
Citrix have invested in continuously developing features to suit customer needs. Based on customer requirements around Browser security and extensibility, Citrix added the support for custom extensions, decoupled the Enterprise Browser update process from the Citrix Workspace app, and now reflect the current Chromium user agent header. Citrix also updated their guide to restrict Okta and NetScaler only to allow Enterprise Browser for logon. Another significant enhancement is simple single-sign-on for on-prem use cases, but please be aware that Global App Configuration Service (GACS) is needed to turn on this feature.
SPA Service Enhancements
Several enhancements have come to their SPA Service last year. Looking at the Citrix Cloud licensing dashboard, all active SPA users accessing client-server-based, or web/SaaS apps are now included in licensing counts. Also, the SPA diagnostic dashboard logging was enhanced, and the user interface has been updated to expand event details with a simple click on the event entry.
During their customer conversations, Citrix discovered that customers have a different security understanding of accessing unsanctioned websites. Some want to block access by default, and others want to allow access. With this enhancement, Citrix will give the customer flexibility and choice on what should happen by default, allow or deny access. Speaking of flexibility, Citrix now provides options to configure agent timeouts and specify an IP range to spoof DNS responses on internal server queries not to expose internal IP addresses to the client.
SPA on-premises 2311
As the Citrix hybrid story continues, Citrix look forward to providing the same feature set they have today in SPA service, for SPA on-prem. Citrix recently announced the global availability of SPA on-prem version 2311 (SPA Plugin) – a milestone in management, dynamic policy evaluation, and authorisation. Starting with the CVAD 2311 release, the SPA plugin is now a part of and can be installed along with the Citrix Delivery Controller or using a standalone installer.
The integrated initial configuration wizard makes it easy for customers to implement SPA on-prem on Day 0. Additionally, the SPA on-premises console is now integrated with Web Studio to enable Citrix Virtual Apps and Desktops admins to seamlessly navigate to managing SaaS and Web apps along with the workflows for virtual apps and virtual desktops.
Real-time dashboards with users, apps, and policy monitoring are available in the SPA console for visibility and monitoring.
The screenshot shows the Secure Private Access console that can now be leveraged on-premises. The streamlined look and feel make it easier than ever for admins to secure web and SaaS apps in their hybrid deployments.
Employee Experience Technology
Tech Preview – HDX Direct
This feature enables clients to establish a secure direct connection to the session host, effectively reducing extra network hops when direct communication is available, and can be easily configured and enabled using a Citrix policy. Known as HDX Direct, it allows direct connections to session hosts whenever possible. If the client can directly reach the VDA over IP, it promptly establishes this secure connection. To enhance security, HDX Direct automatically adds (D)TLS encryption using self-signed certificates and leverages network-level encryption to ensure data safety. As a result, users benefit from improved performance and reduced latency, all while maintaining a high level of security in their connections.
Tech Preview – New StoreFront UI
Starting this year, on-premises StoreFront has begun receiving regular updates in their CR releases. While Citrix brought some smaller changes to 2308, even bigger changes are coming with 2311. StoreFront has been in maintenance mode for a while and not receiving updates, so it looks more outdated and does not look like the Citrix Workspace user interface. This can be confusing to end users. To address this, Citrix are introducing the new and improved Citrix Workspace UI view to StoreFront. Now on-premises users and admins can take advantage of Activity Manager, improved search, and more!
The screenshot below depicts the interface that on-premises users are now able to see in Citrix StoreFront.
Vanity Workspace URL
Previously, all Workspace customers had to use *.cloud.com URLs for end users to access their resources. Citrix got feedback from customers that they desired the flexibility to use their own domain in their access URLs. A unique domain name makes it easier for end users to remember their access URL, and can also match the company’s branding across their other sites. Citrix have recognised the need for those looking to apply their corporate persona more deeply across their Citrix Workspace experience with a customer-owned domain. That’s why Citrix are excited to share that the custom domain feature is now available! Check out their blog and migration blog to learn more about this new feature.
Tech Preview – Multi-Workspace URL
How users access their resources is a crucial part of the Citrix environment. Enterprises want to make access as easy as possible while maintaining security and delivering the right resources. This is often done by separating the access layer into different URLs. Previously this capability was not possible natively within Citrix Cloud. Today, Citrix are happy to announce the public tech preview of multi-Workspace URL! Companies can now use up to 10 different URLs, and leverage different branding, authentication methods, and resource filtering across each URL. Simplify user access with Multi-Workspace URL functionality now available natively within Citrix Cloud!
The gif showcases where an admin can edit and add multiple Workspace URLs.
Tech Preview – Improved MSIX Staging
MSIX is a Windows app package format that provides a modern packaging experience to all Windows apps. Admins want MSIX applications available to end users on the desktop to have a similar experience to native applications. To address this, MSIX packages are preloaded on a Citrix Virtual Desktop when the user logs on and are published directly on the desktop. DaaS desktop users can quickly and easily launch MSIX apps without accessing the Citrix Workspace app.
Get your Citrix updates today
2023 was a very year strong year for Citrix with all of their innovations and updates. To get even more information, check out their product documentation. You can also download the latest Citrix release now to start using the new the capabilities within your environment. Be sure to keep an eye on the Enterprise Solutions website and sign up to our newsletter to keep up to date with all of Citrix’s news, updates and innovations as soon as they are released.
Enterprise Solutions is an award winning trusted advisor for IT solutions and Managed Services, specialising in the End-User Compute space. We are in our 25th year and I’m pleased to say that we have added real business value to our customers in this period. Our aim is to help customers achieve their business goals, but since business goals are ever changing, IT needs to be too; so we assist clients remain as IT agile as they need to be!
User experience is key and we offer workspace solutions to help our clients give their users the work-life balance they crave, using our underlying expertise’s, solutions and services; Citrix, Microsoft and Managed services.