Last update: 2018/03/27 Sometimes we have to schedule commands in a Citrix NetScaler. A good example would be: force HA failover It’s obvious, we don’t want to fail over during day time to not disconnect TCP connections, to not interrupt users. The best time would be something like 3:30 AM. It’s obvious, we don’t want to set an alarm for 3:00 to get up, take a shower...
last update: 2018/04/12 I recently had to protect a website using IP reputation feature. There is some good information about this feature, however I decided to glean information here. Facts about this feature IP reputation is a platinum feature. It is included in web application firewall (there are extra licenses for the WAF available, they also contain IP-reputation). IP-reputation feature...
last updated: December 2020 Creating a Citrix NetScaler Test environment New since February 2020: Instead of downloading, you may just use my environment, hosted at my private data centre. Being a Citrix Certified Instructor I am very much aware of the Red/Green/Blue website used during official Citrix NetScaler training (CNS-220, CNS-222). I created my own test website. I usually use it during...
Last update: January 11th 2022 This one is outdated, as the Citrix ADC Version and MAS (former name of ADM) it refers to, is available no more. However, I wrote a new blog on how to enlarge disk space on a Citrix ADC / NetScaler VPX. My NetScaler VPX ran out of disk space. I did several tricks like adding a second disk and mounting ít into the update directors, to be able to upgrade my NetScaler...
last update: October 22nd 2021 Citrix NetScaler Logging and policy troubleshooting Some times it’s quite hard to understand what’s going on. There is a lot of mystics about policies. And it’s even harder to understand what went on (past tense). “Johannes, there had been several problems connecting to <any blabla application here>” “I’m sorry, I...
Why do I love HDX on UDP in Citrix XenDesktop and XenApp? (HDX Enlightened Data Transport EDT) Well, I’m mainly a network guy. So I’ll take a look at this brand new feature from networking perspective.I’ll start from scratch, so I don’t assume you understand network protocols. But let me tell you a joke about UDP first: I got a short joke about UDP, and I don’t care...
Yesterday I published a blog about DDOS- protection. I used the Citrix NetScaler AppQoE feature to do so. That’s nice, but not enough. I still could beat my server to a pulp easily. Just 10 clients launching a DDOS attack using HULK had been enough. I can’t throttle down the number of users to just 10! WTF? Basically AppQoE will just limit the number of users (actually it’s the...
last update: February 21st 2018 How to protect a website using Citrix NetScaler? Well it seems to be easy. A nonsense question. We may use AppQoE (Application level Quality of Experience), a feature introduced with NetScaler version 10, so it’s quite an old feature. Let’s start. AppQoE is enterprise edition My first starting point was E-Docs. Let’s be honest: the guy in charge...
This article is a very first answer to a question I recently received. The question was: You’re talking about web application firewalls. I’d like to know how to use the WAF for reverse proxying. … I also might use a firewall as it also contains functions like SQL injection prevention. So what’s in a web application firewall? A web application firewall, also known as WAF...
I recently was hired to create a web application firewall (WAF) using Citrix NetScaler to protect a SAP Hybris based e-shop. This shop has content for several languages, so we had to select the right home page. The base URL of the website was like that: . SSL was optional. I wanted to set the default language based on browser settings. I based it on HTTP- Header Accept-Language. There are...