410 likes | 452 Views
Citrix MetaFrame Presentation Server 3.0. Codename – “Hudson” Release Date – April 27, 2004 Douglas A. Brown Senior Systems Engineer Citrix Systems, Inc. New Features. Lots of new and useful features Lots of new Presentation Server Features Lots of new Web Interface Features
E N D
Citrix MetaFrame Presentation Server 3.0 Codename – “Hudson” Release Date – April 27, 2004 Douglas A. Brown Senior Systems Engineer Citrix Systems, Inc.
New Features • Lots of new and useful features • Lots of new Presentation Server Features • Lots of new Web Interface Features • Lots of new Client Features • A few new Secure Gateway Features • A few new RM, IM, and NM Features • Not as big an architectural change as 1.8 -> XP • License Server is the only architectural change • Several architecture components have been enhanced
New Architecture / Administrative Features • Enhanced Farm Scalability • Access Suite Management Console • Enhanced Delegated Administration • Enhanced Policies • Zone Preference and Failover
Enhanced Farm Scalability • Validated up to 1000 servers in a farm • Zones of 1000+ servers (with dedicated ZDC)
Access Suite Management Console • Does not replace the existing Management Console • First Generation of Suite-wide management tool
Enhanced Policies • Can throttle any virtual channel bandwidth (not just printing) • Client Drives • Client Devices • Custom Virtual Channels (i.e. Tricerat Screwdrivers) • Network printer behavior • Client printer via ICA, or • Network printer via RPC • MetaFrame Password Manager settings • Disable Password Manager • Central Credential Store location
Enhanced Policies - Filtering • Additional filtering options: • Client IP Address • Client Name • Servers • Users
Enhanced Policies - Filtering • Can use wildcards in filters • i.e. Filter by Client Name: use WI_* as filter for users coming from Workspace Control-enabled WI site • Filter can allow or deny policy • Can mix allow and deny policies within same policy • i.e. disable client drive mapping for “domain users” and deny policies to specific users within the “domain users” group • Supports anonymous and/or explicit user filtering • IP Addresses evaluated is the actual client IP address • Not the Secure Gateway IP or NAT firewall IP
Zone Preference and Failover • Implemented as a Presentation Server policy • Good for distributed farms and ASPs • Forces users to preferred zone for applications • Lowest loaded server within that zone is used • Also useful for Disaster Recovery • Backup zones (up to 10) can be specified • Works for PN Agent and WI connections • Connections via PN and Conferencing Manager may be directed to other zones
MPS Certifications and Standards Microsoft Certifications • Certified for Microsoft Windows • Windows Server 2003 (Standard, Enterprise, and Datacenter) • Windows 2000 Server (Server, Advanced, and Datacenter) • Designed for Windows XP Gold • Windows XP, 2000, ME, 98, NT • Designed for Windows Mobile • Windows Pocket PC, Windows CE RSA Security Certifications • RSA SecurID Ready Industry Regulations • FIPS 140-1 • U.S. Rehabilitation Act Section 508 • HIPAA • Common Criteria EAL2 (MF XP FR3 submitted in security target)
Workspace Control Web Interface Enhancements RDP Support Enhanced PN Agent Enhanced Logon Feedback Bi-directional Audio SpeedScreen Improvements Session Reliability Enhanced Tablet PC Support Enhanced Java Client Secure Computing SafeWord Support Section 508 Conformance Secure Gateway and Port Address Translation New End User / Access Features
Workspace Control • “Follow me roaming” with WI or PN Agent • Requires latest versions of: • Presentation Server Client • Web Interface • Presentation Server • Reconnects printers and client drives from new client • Can reconnect to a session, even if screen resolution has changed • Greatly reduces need for custom solutions
Workspace Control • 1 • 2 • 3
Web Interface Improvements • Can install to Non-default web site • WI Ticketing done via IMA, not RPC/XML • Icons are generated on the fly, not stored on disk • Should alleviate missing icons syndrome • Able to Hide disabled applications • Asian Language Web Server Support • Unicode format of ICA files • Supported by 8.x clients only
Web Interface Improvements • More extensive browser support
RDP Client Support from WI • More limited features than ICA • May be useful as a “client of last resort” for Windows XP clients • Uses a Presentation Server License
Enhanced Logon Feedback • Better feedback to user on logon process • Steady stream of notification boxes
Bi-Directional Audio • Full stereo sound can travel from client to server • Support for: • Headset microphones • Philips SpeechMike (i.e. Medical Transcription) • Serial port and USB versions supported • Does not work with Workspace Control • Requires latest client and server • Recommended on LAN environments
SpeedScreen Improvements • SpeedScreen Flash Acceleration • Improves rendering of Macromedia Flash content on published browsers by setting player to “low quality” playback by default. • SpeedScreen Multimedia Acceleration • Streaming of video and audio data to the local device to leverage local content player resources. • SpeedScreen Image Acceleration • Allows tradeoff of image quality for lower bandwidth • Implemented via policy
SpeedScreen Multimedia Acceleration Requires media app on server, and proper CODEC on client. Tested with Windows 98/2000/XP.
Session Reliability • Allows sessions to remain viewable when network connectivity is interrupted • Seamless windows can be moved/resized • Uses a configurable TCP port • Noteworthy for some high-security networks • Requires latest version of • Client • Presentation Server
Enhanced Tablet PC Support • Can use “input panel” (soft keyboard) for input • Including login screen on ICA session • Voice input support • Support for display mode switching • Landscape, Portrait display modes
Printer auto detection Support for local root certificates Enhanced UI and seamless windows support New MPS feature support: universal printer driver(mono and 300dpi) SpeedScreen browser acceleration (MF XP FR3) SpeedScreen image and flash acceleration session reliability workspace control dynamic session reconfiguration auto-created printers Java Client 8.0
Secure Access Manager 2.2 Customer Enhancement Requests • Remote employees need offline access to email. • Need to support additional browser beyond Microsoft’s Internet Explorer. • Desire to secure existing Enterprise Information Portal (EIP) or other existing Web based infrastructure. • Challenges displaying Java based internal Web sites and applications. • Challenges accessing internal Web sites with unique verb sets, WebDAV enabled sites, etc…
MetaFrame Secure Access Manager 2.2 delivers… • Alternative User Interface: • Allows MetaFrame Secure Access Manager to direct users to different EIPs or Web based infrastructures (other than the Access Center) immediately after authentication. • New Advanced Gateway Client, providing support for: • Most common PC browsers (IE, Netscape, etc…) • Synchronization of Outlook 2000+ clients • Access to java based Web sites and applications • Access to sites incorporating unique verb sets such as WebDAV enabled sites, Outlook Web Access, etc… • All the capability of existing client
Conferencing Manager Evolution • Guest attendees • Users that are not MetaFrame users or are not employees • Overall enhanced usability • All users launching applications • Attendee moderated mouse and keyboard control • Request mouse/keyboard control • Application whiteboard
Guest Web Login • Friendly Name • Guest ID • unique for each • guest attendee • E.g. email address • Conference ID • conference unique
Adding attendees • Invite users from the domain, internal email or now external users
Usability Improvements • Set Mouse/KeyB Control • Pass Mouse/KeyB Control • Request Mouse/KeyB Control • Send Message to attendee
Sync Push Password Manager Architecture MetaFrame and/or Desktop Deployed Administration Console SSO Agent Directoryor File share
MetaFrame Password Manager 2.5New Features • Novell Authentication • Works with Novell’s version of the Windows GINA • Primary authentication against eDirectory (formerly NDS) • Support for Certificate-based (PKI) Smart Cards • Hot Desktop through compatibility with Workspace Roaming • No Primary Authentication logoff required • Works only with MetaFrame Presentation Server 3.0 • Workstation Lockout for Re-authentication • Inactivity timeout
MetaFrame Password Manager 2.5New Features • Localized Agent • German, French, Spanish and Japanese • Drop-down Logon Menu Support • Windows and Web based applications • E.g.: Domain Drop Downs • Manual Password Change Policy Enforcement • Now includes manual password changes