Dutch CUGC: April 2024 Meeting Recap

NOTE: Usually I post these recaps on MyCUGC.org. But with the move from MyCUGC to the new Citrix Community (link) only technical blogs are posted.

Spring is here and along with it another edition of the bi-annual meetup of the Dutch Citrix User Group (DuCUG). And what an edition it was. Great sessions with lots of Citrix-related updates, know-how and experiences. As with earlier recaps, I wrote this blog to share what this event is like and what each session was about. Maybe I can convince some of you to attend. 😉

At 9:05 AM Niek Boevink took the stage and welcomed all of us to ‘De Oude Duikenburg’ in Echteld.
He went through the evaluation of last time, the agenda and all the sponsors. New in this sponsor line-up are  Unicon, UltrArmor and deviceTrust while Ivanti is back once again.In the evaluation (filled out by the attendees of the edition in October) Rody Kossen and Eltjo van Gulik’s session ‘HDX Innovations, Tips & Tricks’ was chosen as the best one.
Niek also mentioned that the Citrix Community transition from MyCUGC to Citrix Community will not impact the DuCUG and they will continue hosting these events like they have been doing for the past 12 years.

The session kick-off was done by my invaluable colleague and senior certified principal mouse-clicking professional Gerjon Kunst with his session: ‘The impact of AI on EUC’.
He first went through what AI actually is (by asking ChatGPT) and showing some examples (shout out to Clippy). He also went through the history of AI (The Turing test, John McCarthy, the Kasparov vs IBM Deep Blue chess matches and Siri) and showed some more examples and ending up at the foundation of OpenAI.

I was planning to insert an image of Gerjon here that was created by fooocus in Pinokio using the face swap feature, but that didn’t give decent (enough) results. So here is the result from the Bing image generator when asked: ‘a Microsoft mouse clicking professional giving a presentation about AI to a large audience’.

After a quick explanation of what Large Language Models (LLMs) are (‘machine learning models that can comprehend and generate human language text’) Gerjon mentioned a report from the Swiss company Vischer in which they looked into AI from a security perspective. He focussed on an interesting but also slightly concerning quote: ‘Only the user of Copilot for Microsoft 365 or Azure OpenAI Service offers contractual protection in terms of data protection and confidentiality for companies.’ What happens to the data you put into ChatGPT for example? Think twice if you use any of these solutions for anything other than testing.
The European Union is working on the ‘EU AI act’ that is proposing some regulations regarding AI that should protect the users in certain ways. But it will take some years before it is enforced.
It was definitely a good session that gives some inspiration and food for thought (although I would put these kinds of sessions at the end of the day rather than at the beginning).

Next was the first sponsor session of the day UltrArmor. UltrArmor is a thin client manufacturer from Taiwan and a subsidiary of Clientron. After a brief history of the company (and Clientron) they showed all the thin client models in their current line-up. This was more of a sales session then a technical one and it focussed mainly on how their machines reduce your carbon footprint. While UltrArmor seems like a viable option, I didn’t hear anything about why you should choose them over IGEL for example. Especially when UltrArmor thin clients also run IGEL OS.

After a short coffee break with a ‘Bossche bol’ for everyone (for which my wife keeps asking me to bring one home for her every time I attend), Patrick van den Born started his session ‘Battle of the Desktops’. He shared his experiences working with Azure Virtual Desktop and compares it to Citrix Virtual Apps and Desktops. While I have seen a lot of sessions about AVD and played around with it in a lab setting, I haven’t had the chance to really work with it in a production environment, so this was a really useful and interesting session.
AVD was a really hot topic a few years back, Patrick shows us that the amount of features and improvements have been few the last couple of months. Some of the product managers have moved to other products and it seems Microsoft if focussing more on Windows 365. This is not good news for anyone running AVD since it’s still a fairly new product.
He went through some of the issues he encountered running AVD at various customers like:

  • VMs with GPUs not available (users have to wait during login for one to become available)
  • Teams offloading (audio issues, flickering green screens, video overlay not working correctly
  • Feature inconsistency between the client apps (RDP client & AVD store app) on different platforms
  • AVD Insights is not actual real-time monitoring, you will need an extra solution for that
  • Publication of applications is all or nothing

While AVD has received a lot of the features that Citrix VAD already has, it isn’t as refined. For example: Clipboard redirection can just be enabled or disabled. But in CVAD you can specify which formats are allowed as well as the possibility to set a size limit for the clipboard.
It was a very informative session, but that is to be expected from an EUC rockstar like Patrick.

Directly after, Ingmar Verheij took the stage to give an introduction to MSIX. Since MSIX is basically a package format you can compare it to other package formats like IPA for iOS and iPadOS and APK for Android.
Ingmar went through the history of software distribution (on Windows) which include EXE files, MSI packages, AppV packages and the slightly ill-fated AppX packages.
MSIX (Microsoft Installer XML) is the next step in this line-up and is already being used in the Microsoft Store (Teams and Edge are available as MSIX packages for example).
Ingmar defined four ways to get an MSIX package:

  • From the vendor
  • From the Microsoft Store
  • Create a package from installation file (EXE or MSI for example)
  • Create a package from an already installed application

Especially the last option is cool if it works, but to me that should still be a last resort. Getting an MSIX package from a vendor would be the best option, but most vendors are not yet providing them (even though the SDK is available since 2018). The third option will be the most common for most applications.
MSIX deployment is divided into two delivery methods: MSIX and MSIX App Attach. The first one installs the application while app attach mounts the package as a container from a central location during user logon. I will not go into all the technical stuff or this blog would become way too long.

Ingmar went into the various delivery methods (Intune, Azure Portal) and showed us the current success rate for MSIX packages, which is at about 82% (with use of the Packaging Support Framework). This is pretty good, but it shows that it’s not suitable for every application.
A very good and useful session at least for me, since I haven’t really done anything with MSIX yet.

DeviceTRUST was next with their sponsor session. This is a company from Germany that specialises in contextual security. DeviceTRUST sales manager Marc Stieber talked about zero trust and how competing solutions don’t really provide zero trust. Most of them perform an analysis of the endpoint during logon and allows access based on that initial analysis. If you would make your device non-compliant during the session it will not be noticed directly.
DeviceTRUST monitors the endpoint constantly (real-time conditional access) and handles accordingly. For example: if you can only use an application when an antivirus solution is running deviceTRUST will close that application the moment you turn of the antivirus.
Marc gave some quick live demos to show how well this works.

Moving on from conditional access it was time to gain access to nutrition. Lunches are always pretty good at De Oude Duikenburg and gives another opportunity to network with the other attendees.

After an hour of lunch Dominik Britz started his session ‘Expanding Observability: The Next Chapter for uberAgent as Part of the Citrix Platform’. UberAgent has been around since 2011 and is a monitoring and security analysis tool that is very well regarded in the EUC community. I guess Citrix noticed this as well and bought it at the end of 2023.
Of course everyone wants to know how this will be integrated into the Citrix portfolio and how the licensing will work. As Dominik explained it, it will be included in the new Citrix Platform license, but not in the Universal Hybrid Multi-Cloud license. You will still be able to use it for physical endpoints, but it will not be possible to purchase/license uberAgent by itself which is unfortunate. UberAgent was the go-to tool to analyse performance issues regardless of which EUC products are used.
That said it is a great acknowledgement for all the great work Helge Klein and his employees have done for the EUC community to be acquired by a company like Citrix.
Dominik ended with a short demo of the security & compliance inventory as well as the threat detection engine. If you never heard of uberAgent look into it ASAP.

Niek Boevink was next, but this time not to introduce someone or ask us to fill in the evaluation form. He had prepared his own session about the new Citrix licensing.
The previous Citrix licensing was really complex and basically had to many variants so a change was required.
This change comes down to two licenses: Citrix Universal Hybrid Multi-Cloud licenses and Citrix Platform licenses. Niek compared the difference to Microsoft E3 and E5 licenses. Both licenses include NetScaler and virtual applications and desktops. The difference (from what I can gather) is that the Platform licenses also includes Secure Private Access, unlimited NetScaler capacity (Hybrid Multi-Cloud is limited to 1000Gbps) and Security and Performance insights.
While making the licensing less complex, which I like, for some organizations this will make the Citrix licenses more expensive. I hope Citrix will be lenient in these cases. You also cannot mix these licenses. For example: if you use Secure Private Access for only a small group of people you are forced to give everyone in your organization a platform license, rather than just that small group.
But it’s still a welcome change, although the naming could be better (but that’s just my opinion).

When you talk about Citrix and graphics you have to mention Rody Kossen. Since moving to Citrix almost every edition of DuCUG has a session from him with some updates about HDX or something related. And of course, this one was no exception.Some of you might have noticed the announcement about the AF1 codec which uses ASCII characters instead of pixels. Some people might also have noticed the date on which that announcement was made and the abbreviation of the name of the codec. Just Citrix having some fun with us (link). But it wasn’t entirely a joke. Rody began his presentation with a demo that showed they actually made this work. Really cool and nice to see that even in an environment which such skilled people, there is still room to play around a bit.But on to more serious stuff: Citrix Virtual Apps and Desktops 2402 LTSR. As the versioning suggests, this should already have been released. But I guess there are still some bugs that they need to iron out. Rody went through all the improvements (on the graphical side) compared to the previous LTSR release. The most important thing (to me) is the availability of the AV1 codec. This should reduce bandwidth consumption up to 40%. Automatic detection for the best codec is included in the latest Workspace App (at the moment of writing/typing:

What’s also included is loss tolerant mode. This will allow your session to remain interactive when packet loss is detected. Based on the thresholds set for packet loss the graphics encoder will switch to a more ‘aggressive’ mode to keep that session functional for the user. This will actually increase bandwidth use, but if you users can keep working it seems like a good trade-off. It currently is only supported on Windows clients and requires the use of EDT.

Rody had a lot more updates regarding the new LTSR, but I’m not going to talk about every one of them but here is a list of some of them:

  • Adaptive refresh rate
  • Enhanced audio management (e.g. audio device choice and volume synchronization)
  • Adaptive audio for iOS
  • Echo cancellation
  • Citrix web studio

He had some other non LTSR related updates too:

  • Autoscale for on premise
  • Secure private access for on premise
  • Terraform provider for Citrix (tech preview)
  • HDX direct (tech preview)
  • Network topology in Director & Monitor
  • USB diagnostics tool for admins
  • Release of XenServer 8

Really a lot of updates in this session and it is really good to see that development is running full steam ahead at Citrix.

After Rody there was another sponsor session. One from Ivanti this time which has been absent from DuCUG for quite a while. Since they bought RES Software, the future was unclear for the much beloved Workspace Control and Automation. These are products that are still quite popular in The Netherlands and are still on use at a lot of companies. After a short resurgence with Dennis van Dam as product manager they finally pulled the plug on Ivanti Workspace Control and set an end-of-life date of December 31st 2026. While that is still pretty far in the future, now is the time to start looking for an alternative from which there are several. But of these alternatives, not a lot are as feature rich as Workspace Control.
You could ask yourself: do you need all that functionality (certainly with a lot of applications being SaaS these days)? If you don’t, then Citrix WEM or Intune are really great options, or you could look into the products from Liquidware or Liquit.

Lara Hellman from Ivanti went about this End-of-Life announcement and what’s next for Workspace Management. They already had User Workspace Manager (previously AppSense) in their line-up and are planning to move forward with this product instead of Workspace Control. Lara announced that there now is a side-by-side transition program that allows you to use both products for a while on your existing contract to migrate without paying for two products at once.This is a pretty decent solution from them to help you migrate on your own time. That being said, I still think you at least need to check the other available workspace management products and pick the one that suits your company/customer the best. If that’s UWM, then go with that. If you are able to do everything with GPOs, then that’s an option also.

The last session of the day was one from DuCUG’s own: Wilco van Bragt. A veteran community member that has been active a long time as a technical architect.
His session was called ‘Real life experiences with Citrix Linux VDA’ which is an interesting topic and something you don’t hear a lot about. You know the Linux VDA exists (since 2015) and we have seen a presentation about it at DuCUG before, but that was a while back. There are some valid use cases for using a Linux VDA (mainly for development), so it’s good to hear about some real-world experiences with it to know what you are getting yourself into.
Wilco talked about a Linux VDI deployment at a customer that ran about 6000+ machines running Red Hat Enterprise Linux. When he started the project the Linux VDA just supported a handful of older Linux distributions, but this has improved the last couple of versions (it now supports up to RHEL 9.3).
The installation of the Linux VDA isn’t as straightforward as the Windows VDA, even with the ‘Easy Install’-GUI. But currently it’s documented well enough to set it all up relatively smoothly. Also, in the latest versions of the VDA XDPing is included, so that should help a bit when you are running into issues.
Other struggles during Wilco’s project where various bugs (some of which are still there), no best practices available from Citrix and monitoring options are scarce (although there are third party solutions from eG Innovations, Liquidware and Lakeside).

This was a very interesting session from Wilco and nice to hear about some experiences from something other than Windows. While I’m typing this I see an announcement for a Citrix VDA for macOS that is now available in Public Tech Preview (link). While I can’t directly think of a use case for it other than Remote PC/Mac, it would be cool to see a session about it on the next DuCUG.

And that’s it for this edition of the Dutch Citrix User Group. Niek thanked us all for attending and of course reminded us to fill out the evaluation (quickly done and massively helpful). We ended the day with a nice dinner and another opportunity to do some networking and catching up.
So to the DuCUG organization once again: Bram, Niek, Remko, Kees, Wilco and Barry, thanks a million for another great event and please, keep ‘em coming!


Leave a Reply

Your email address will not be published. Required fields are marked *