Those that have followed my posts here and on LinkedIn, may remember that lately I’ve been spending some time getting to know Netscaler a bit more.
Recently I finished setting up a High Availability solution based on two Netscaler 9.2 virtual appliances. This now forms the foundation for a sturdy delivery platform for this customers remote access solution for XenApp for all of their users. They do however also provide DirectAccess for other uses from company laptops etc.
Next item on my agenda here is to enable load balancing and HA for their internal Web Inteface portal. Currently it is directed to a single Windows server via a simple DNS record (i.e login.domain.com) pointing to that server IP-adress. That will hopefully soon change.
When the Netscaler was first set up, a virtual server for Web Interface was setup to be used for directing external users to a site on the WI server. Originally only one WI server was operational, but later on a second WI server has been setup and and the virtual server configuration on the Netscaler has been changed to include this second server.
The nice thing with a virtual server on Netscaler, is that it is given its own unique IP adress which is independant of the IP-adresses used by the actual server(s) which it points to. Traffic that is sent to this IP-adress is forwarded to one of the actual servers based on load balancing rules set on the Netscaler. This makes it perfect also for internal use for securing stable access to WI. Well, as you probably have found out by now, the solution is simple. Point the DNS record login.domain.com used internally to the IP-adress for the virtual WI server on the Netscaler.
Make sure that it is accessible via HTTP or HTTPS from the client network, and let Netscaler do the rest. One added benifit here, is that it makes moving, doing maintenance work or other things on the actual WI server very simple, since you can controll access to each WI server on the Netscaler. If you need to take down one of them, simply disable it on the Netscaler, and you’re good to go.
When this work is completed, I plan to look into load balancing the customers App-V management servers via Netscaler as well. It kan of course also be used as a High Availability solution. This means that we can avoid using Microsoft NLB for this, since NLB isn’t always that simple to setup, and also may create som extra work to get up and running. Using Netscaler for App-V load balancing requires a few more extra steps, but I will cover that in a later post.
There are also other services that may be good candidates for access via Netscaler. Exchange OWA/OMA is one typical web based service that pops up in my mind, and Sharepoint access for external users, of course. Take into accound that Netscaler also provides VPN access via SSL, and you will easily see that it is a very good product for giving access to almost any company resource that you wish to enable for external use.