CNS-221: Citrix NetScaler Unified Gateway

Course Description

Learn the skills required to configure and manage NetScaler Gateway and Unified Gateway features, including how to implement Gateway components including NetScaler Gateway and Unified Gateway.

Target Audience

Students interested in learning how to implement and manage NetScaler Gateway and Unified Gateway features using leading practices. Specifically: • Administrators • Implementers / Engineers • Architects


CNS-220 Citrix NetScaler Essentials and Traffic Management


Online Live
2 Days

Course Outline

1 – Getting Started

Introduction to the NetScaler System
NetScaler Use Cases
NetScaler Functionality
NetScaler Overview
Product Features
NetScaler Operating System Overview
nCore Configuration Architecture
NetScaler File system
Deployment Scenarios
Logging in to the NetScaler System
NetScaler Licenses

1 – Unified Gateway

Configure Unified Gateway.
Understand the challenges of remote access.
Understand the Unified Gateway feature and its role for application delivery.

2 – AppExpert Expressions and Policies

Identify policy expression structure and components of AppExpert.
Distinguish between classic and default policies.
Explain the types of policies available with NetScaler Gateway.
Describe policy bind points.

2 – Basic Networking

OSI Networking Model
NetScaler Architecture Overview
NetScaler-Owned IP Addresses
Network Topology
NetScaler Network Interfaces
Virtual Local Area Networks (VLANs)
IP Routing
Determining the Source IP Address
Packet Forwarding
Use Source IP Mode
Client-IP HTTP Header Insertion
Path MTU Discovery
Link Aggregation
Access Control Lists
Network Address Translation (NAT)

3 – Authentication and Authorization

Understand Authentication to establish identity.
Understand Authorization to provide access to resources.
Customize multi-factor authentication.
Deploy Authentication and Authorization policies.

3 – NetScaler Platforms

Architecture and General Concepts
Hardware Platforms
Hardware Components
MPX Overview
VPX Overview
CPX Overview
SDX Overview
Identify the unique capabilities and functionality of the NetScaler SDX platform
Identify the networking characteristics of the NetScaler SDX platform
Explain the process of provisioning and administration of NetScaler VPX instances on a NetScaler SDX appliance

4 – High Availability

High Availability Functionality
High Availability Node Configuration
Propagation and Synchronization
Failover, Route Monitors, Fail Safe
Propagation, Synchronization
High Availability Management
Performing an Upgrade
Upgrading HA pair

4 – Managing Client Connections

Configure NetScaler Gateway plug-in with Citrix Receiver to establish VPN.
Configure the access level and which applications users are allowed to access in the secure network.
Configure pre-authentication policies and profiles to check for client-side security before end users are authenticated.
Deploy NetScaler Gateway to allow end-user connections, including logon options.
Explain how endpoint analysis is used to verify that the end-user device meets your requirements before allowing it to connect to your network or remain connected after end users log on.

5 – Integrating NetScaler with XenApp and XenDesktop

Understand NetScaler Gateway Integration with XenApp/XenDesktop
Integrate with Web Interface and StoreFront Explain WebFront
Enable Clientless Access and Receiver for ICA Proxy
Utilize Smart Control
Configure Smart Access

5 – Load Balancing

Local Load Balancing concepts
Naming conventions
Persistence Service Types
LB Methods
Disabling Entities
L4 vs L7 for TCP services
UDP ping vs L7
Monitor attributes
Built in L7 monitors
Monitors from Scripts
EAV Monitors
ECV Monitors

6 – SSL Offload

SSL Session Process
SSL Administration
SSL Offload Overview
SSL Attacks Overview
SSL Troubleshooting
Cipher Suites
Certificate Management
Feature and Benefits
Offload Performance
Deployment Scenarios
Citrix Recommendations for SSL

6 – Unified Gateway

Describe AppFlow Functionality
Discuss Components of NetScaler Insight
Configure NetScaler Insight
Explain NetScaler Insight Application Performance Generate Performance Reports

7 – Securing the NetScaler

NetScaler Communication Ports
Overview of AAA
Authentication on the NetScaler
NetScaler Users
Command Policies
Admin Partitions

8 – Monitoring, Management, and Troubleshooting

Monitoring Needs
NetScaler Log Management
Simple Network Management Protocol
AppFlow on the NetScaler System
NetScaler Insight Overview
NetScaler Command Center Overview
Network Traffic Capture using NSTRACE
Troubleshooting with Filter Expressions
Decoding SSL Traffic with Wireshark
Display NetScaler System Information
NetScaler Command Line Tools

9 – Authentication and Authorization

System and AAA Users Groups
External Authentication
Authentication Actions and Policies
Authentication Configuration
Supported Authentication Types

10 – Access Policies

Endpoint Analysis
Policy, Profiles, and Expressions
Pre-Authentication Policies and Profiles
Post-Authentication Policies
Endpoint Analysis Troubleshooting

11 – End-User Access and Experience

Connection Methods
Endpoint Session Policies Settings
Timeout Settings
RDP Proxy
Clientless Access VLAN Options

12 – Gateway Services Load Balancing

SSL Offload Overview
Traffic Types
Ldap, HDX, StoreFront Load Balancing
Extended Content Verification (ECV) Monitoring

13 – Integrating NetScaler with XenApp and XenDesktop

Required Firewall Rules
Web Interface or StoreFront Integration with NetScaler Gateway
WebFront Overview and Configuration
Session Policies

14 – Unified Gateway

NetScaler Unified Gateway Overview
NetScaler Unified Gateway Reference Architecture Review
Unified Gateway Key Features
Unified Gateway Topologies