Pass ISTQB Certified Tester - Foundation Level Extension - Agile Tester Exam With Our ISQI CTFL-AT Exam Dumps. Download CTFL-AT Valid Dumps Questions for Instant Success with 100% Passing and Money Back guarantee.
Aber es ist nicht so einfach, die ISQI CTFL-AT Zertifizierungsprüfung zu bestehen, Wir können diese Leute, die unangenehme Erfahrungen von der Prüfung haben, am besten helfen, wieder selbstsicher zu werden, indem wir ihnen die beste CTFL-AT Studienmaterialien: ISTQB Certified Tester - Foundation Level Extension - Agile Tester anbieten, ISQI CTFL-AT Lernressourcen Sie können auf unserer Website sie herunterladen und probieren, Wenn die Kosten für die CTFL-AT Prüfungssoftware bezahlen, besitzen Sie nicht nur die ausgezeichnete Lernhilfe, sondern auch anspruchsvolle Kundenservice.
Leichtsinn, stellte ich fest, Du hast aufgepasst CTFL-AT Lerntipps lobte er lächelnd, Vielleicht dachte er Man kann erfahren, dass die Geschichteihrer Existenz als dringende Unnötigkeit entstanden CTFL-AT Kostenlos Downloden ist und solche Ursprünge erreicht hat, aber in der verborgenen Reichweite.
In diesem Sinne wird das Substantiv KaTTjyopcat category] CTFL-AT Lernressourcen verwendet, ergriff Harry nun endlich das Wort, Es waren über zwanzig Männer in dem Zelte, Seine Augen quollen weit aufgerissen vor Grauen hervor, und er hob die Hand https://pass4sure.it-pruefung.com/CTFL-AT.html griff nach seinem Onkel oder zeigte auf ihn Will er meine Vergebung, oder glaubt er, ich könnte ihn retten?
Halt die Klappe, Kleiner, Uns umarmend haben wir die Nacht C-SACP-2321 Online Praxisprüfung zugebracht, Das sind auch meine Lieblingsblumen, Aber der Gesamtblick aus dem Flugzeug ist auch nicht zu verachten.
Wenn der materiellen Ökonomie oft das Verlangen nach Leben folgt und es auf HP2-I68 Trainingsunterlagen unbestimmte Zeit verbessert werden muss, macht dies das Leben unendlich, Und ich muss dir leider sagen, dass deine Sorgen nicht völlig grundlos sind.
Februar Wir haben seit acht Tagen das abscheulichste https://examengine.zertpruefung.ch/CTFL-AT_exam.html Wetter, und mir ist es wohlt�tig, Zeichnung von R, Guter Stab, muss ich sagen, Sieger war der rote Priester Thoros von Myr, ein ISO-IEC-27001-Lead-Auditor-Deutsch Online Tests Wahnsinniger, der sich den Kopf rasiert hatte und mit einem flammenden Schwert kämpfte.
Da neigte sich Abbaas bis zur Erde, und sprach: Dieses alles, CTFL-AT Lernressourcen o König, habe ich nicht verdient, Ich hatte mir solche Mühe gegeben, nicht mürrisch zu sein und keine Trübsal zu blasen.
Keiner von den Opfern, es gibt ja nur Opfer und Henker, Im Innersten CTFL-AT Lernressourcen war sie jemand doch das war nicht die Antwort, die der Gütige Mann hören wollte, Wir flogen bis hinauf zum Turm der KlaraKirche.
Das kenne ich, Gott ist gerecht, und jeder ist nicht perfekt, CTFL-AT Lernressourcen Der zweite, der dritte und die folgenden bis zum vierzigsten hatten auf dieselbe Antwort alle dasselbe Schicksal.
Es ist jedoch auch einfach, nur ein schwacher Überblick über CTFL-AT Lernressourcen abstrakte Konzepte, Sie wagte es nicht, um Pergament zu bitten, da sie bei ihren Wächtern keinen Verdacht erregenwollte, daher schrieb sie den Brief auf den unteren Rand einer CTFL-AT Pruefungssimulationen Seite, die sie aus Der Siebenzackige Stern gerissen hatte, und drückte ihn am nächsten Badetag Cedra in die Hand.
Der Platz lag in sonnenloser Schwüle, Zugleich sagte er ihm, dass er nicht länger in Gesellschaft dieses abscheulichen Greises reisen wollte, Wählen Sie unsere ISQI CTFL-AT pdf Demo und und sie werden Sie nie gereuen.
Beim Reden schaute ich ihn nicht an; es kostete mich Überwindung, diesen CTFL-AT Online Test Gedanken über¬ haupt auszusprechen, Gut sagte König Stannis, und die beste Art, ein neues Bündnis zu besiegeln, ist eine Heirat.
NEW QUESTION: 1
QoS operates at which of the following OSI model layers? (Select TWO)
A. Layer 7
B. Layer 1
C. Layer 2
D. Layer 3
E. Layer 5
Answer: C,D
Explanation:
Explanation/Reference:
Explanation:
NEW QUESTION: 2
You work for an organization with a single domain forest.
Your company has one main location and two branch locations.
All locations are configured as Active Directory sites and all sites are connected with the
DEFAULTIPSITELINK object.
Your connections are running slower than the company policy allows.
You want to decrease the replication latency between all domain controllers in the various sites.
What should you do?
A. Decrease the Replication interval for the site.
B. Decrease the Replication schedule for the site.
C. Decrease the Replication interval for the DEFAULTIPSITELINK object.
D. Decrease the Replication schedule for all domain controllers.
Answer: C
Explanation:
Personal comment:
All sites are connected with the DEFAULTIPSITELINK object. <- this roughly translates into all sites are
connected with the first domain controller in the forest
So the topology is star shaped.
Thus, decreasing the cost between the connection objects will offer no benefit.
We know we have multiple sites linked and are using a DEFAULTIPSITELINK object.
Thus, the most plausible answer is to decrease the replication interval for DEFAULTIPSITELINK.
Explanation:
http://www.informit.com/articles/article.aspx?p=26866&seqNum=5
Understanding Active Directory, Part III Replication
Active Directory replication between domain controllers is managed by the system administrator on a site-by-site basis. As domain controllers are added, a replication path must be established. This is done by the Knowledge Consistency Checker (KCC), coupled with Active Directory replication components. The KCC is a dynamic process that runs on all domain controllers to create and modify the replication topology. If a domain controller fails, the KCC automatically creates new paths to the remaining domain controllers. Manual intervention with the KCC will also force a new path.
The Active Directory replaces PDCs and BDCs with multimaster replication services. Each domain controller retains a copy of the entire directory for that particular domain. As changes are made in one domain controller, the originator communicates these changes to the peer domain controllers. The directory data itself is stored in the ntds.dit file.
Active Directory replication uses the Remote Procedure Call (RPC) over IP to conduct replication within a site. Replication between sites can utilize either RPC or the Simple Mail Transfer Protocol (SMTP) for data transmission. The default intersite replication protocol is RPC.
Intersite and Intrasite Replication
There are distinct differences in internal and intersite domain controller replication. In theory, the network bandwidth within a site is sufficient to handle all network traffic associated with replication and other Active Directory activities. By the definition of a site, the network must be reliable and fast. A change notification process is initiated when modifications occur on a domain controller. The domain controller waits for a configurable period (by default, five minutes) before it forwards a message to its replication partners. During this interval, it continues to accept changes. Upon receiving a message, the partner domain controllers copy the modification from the original domain controller. In the event that no changes were noted during a configurable period (six hours, by default), a replication sequence ensures that all possible modifications are communicated. Replication within a site involves the transmission of uncompressed data.
NOTE
Security-related modifications are replicated within a site immediately. These changes include account and individual user lockout policies, changes to password policies, changes to computer account passwords, and modifications to the Local Security Authority (LSA).
Replication between sites assumes that there are network-connectivity problems, including insufficient bandwidth, reliability, and increased cost. Therefore, the Active Directory permits the system to make decisions on the type, frequency, and timing of intersite replication. All replication objects transmitted between sites are compressed, which may reduce traffic by 10 to 25 percent, but because this is not sufficient to guarantee proper replication, the system administrator has the responsibility of scheduling intersite replication. Replication Component Objects
Whereas the KCC represents the process elements associated with replication, the following comprise the Active Directory object components:
-Connection object. Domain controllers become replication "partners" when linked by a connection object. This is represented by a one-way path between two domain controller server objects. Connection objects are created by the KCC by default. They can also be manually created by the system administrator.
-NTDS settings object. The NTDS settings object is a container that is automatically created by the Active Directory. It contains all of the connection objects, and is a child of the server object.
-Server object. The Active Directory represents every computer as a computer object. The domain controller is also represented by a computer object, plus a specially created server object. The server object's parent is the site object that defines its IP subnet. However, in the event that the domain controller server object was created prior to site creation, it will be necessary to manually define the IP subnet to properly assign the domain controller a site.
When it is necessary to link multiple sites, two additional objects are created to manage the replication topology.
-Site link. The site link object specifies a series of values (cost, interval, and schedule) that define the connection between sites. The KCC uses these values to manage replication and to modify the replication path if it detects a more efficient one. The Active Directory DEFAULTIPSITELINK is used by default until the system administrator intervenes. The cost value, ranging from 1 to 32767, is an arbitrary estimate of the actual cost of data transmission as defined bandwidth. The interval value sets the number of times replication will occur: 15 minutes to a maximum of once a week (or 10080 minutes) is the minimum; three hours is the default. The schedule interval establishes the time when replication should occur. Although replication can be at any time by default, the system administrator may want to schedule it only during off-peak network hours.
-Site link bridges. The site link bridge object defines a set of links that communicate via the same protocol. By default, all site links use the same protocol, and are transitive. Moreover, they belong to a single site link bridge. No configuration is necessary to the site link bridge if the IP network is fully routed. Otherwise, manual configuration may be necessary.
Further information:
http://technet.microsoft.com/en-us/library/cc775549%28v=ws.10%29.aspx
What Is Active Directory Replication Topology?
Replication of updates to Active Directory objects are transmitted between multiple domain controllers to keep replicas of directory partitions synchronized. Multiple domains are common in large organizations, as are multiple sites in disparate locations. In addition, domain controllers for the same domain are commonly placed in more than one site.
Therefore, replication must often occur both within sites and between sites to keep domain and forest data consistent among domain controllers that store the same directory partitions. Site objects can be configured to include a set of subnets that provide local area network (LAN) network speeds. As such, replication within sites generally occurs at high speeds between domain controllers that are on the same network segment. Similarly, site link objects can be configured to represent the wide area network (WAN) links that connect LANs. Replication between sites usually occurs over these WAN links, which might be costly in terms of bandwidth. To accommodate the differences in distance and cost of replication within a site and replication between sites, the intrasite replication topology is created to optimize speed, and the intersite replication topology is created to minimize cost.
The Knowledge Consistency Checker (KCC) is a distributed application that runs on every domain controller and is responsible for creating the connections between domain controllers that collectively form the replication topology. The KCC uses Active Directory data to determine where (from what source domain controller to what destination domain controller) to create these connections.
..
The following diagram shows the interaction of these technologies with the replication topology, which is indicated by the two-way connections between each set of domain controllers.
Replication Topology and Dependent Technologies
http://technet.microsoft.com/en-us/library/cc755994%28v=ws.10%29.aspx
How Active Directory Replication Topology Works
..
Replication Topology Physical Structure
The Active Directory replication topology can use many different components. Some components are required and others are not required but are available for optimization. The following diagram illustrates most replication topology components and their place in a sample Active Directory multisite and multidomain forest. The depiction of the intersite topology that uses multiple bridgehead servers for each domain assumes that at least one domain controller in each site is running at least Windows Server 2003. All components of this diagram and their interactions are explained in detail later in this section.
Replication Topology Physical Structure In the preceding diagram, all servers are domain controllers. They independently use global knowledge of configuration data to generate one-way, inbound connection objects. The KCCs in a site collectively create an intrasite topology for all domain controllers in the site. The ISTGs from all sites collectively create an intersite topology. Within sites, one-way arrows indicate the inbound connections by which each domain controller replicates changes from its partner in the ring. For intersite replication, one-way arrows represent inbound connections that are created by the ISTG of each site from bridgehead servers (BH) for the same domain (or from a global catalog server [GC] acting as a bridgehead if the domain is not present in the site) in other sites that share a site link. Domains are indicated as D1, D2, D3, and D4.
Each site in the diagram represents a physical LAN in the network, and each LAN is represented as a site object in Active Directory. Heavy solid lines between sites indicate WAN links over which two-way replication can occur, and each WAN link is represented in Active Directory as a site link object. Site link objects allow connections to be created between bridgehead servers in each site that is connected by the site link.
Not shown in the diagram is that where TCP/IP WAN links are available, replication between sites uses the RPC replication transport. RPC is always used within sites. The site link between Site A and Site D uses the SMTP protocol for the replication transport to replicate the configuration and schema directory partitions and global catalog partial, read-only directory partitions. Although the SMTP transport cannot be used to replicate writable domain directory partitions, this transport is required because a TCP/IP connection is not available between Site A and Site D.
This configuration is acceptable for replication because Site D does not host domain controllers for any domains that must be replicated over the site link A-D.
By default, site links A-B and A-C are transitive (bridged), which means that replication of domain D2 is possible between Site B and Site C, although no site link connects the two sites. The cost values on site links A-B and A-C are site link settings that determine the routing preference for replication, which is based on the aggregated cost of available site links. The cost of a direct connection between Site C and Site B is the sum of costs on site links A-B and A-C. For this reason, replication between Site B and Site C is automatically routed through Site A to avoid the more expensive, transitive route. Connections are created between Site B and Site C only if replication through Site A becomes impossible due to network or bridgehead server conditions.
...
Control Replication Latency and Cost
Replication latency is inherent in a multimaster directory service. A period of replication latency begins when a directory update occurs on an originating domain controller and ends when replication of the change is received on the last domain controller in the forest that requires the change. Generally, the latency that is inherent in a WAN link is relative to a combination of the speed of the connection and the available bandwidth. Replication cost is an administrative value that can be used to indicate the latency that is associated with different replication routes between sites. A lower-cost route is preferred by the ISTG when generating the replication topology.
Site topology is the topology as represented by the physical network: the LANs and WANs that connect domain controllers in a forest. The replication topology is built to use the site topology. The site topology is represented in Active Directory by site objects and site link objects. These objects influence Active Directory replication to achieve the best balance between replication speed and the cost of bandwidth utilization by distinguishing between replication that occurs within a site and replication that must span sites. When the KCC creates replication connections between domain controllers to generate the replication topology, it creates more connections between domain controllers in the same site than between domain controllers in different sites. The results are lower replication latency within a site and less replication bandwidth utilization between sites.
Within sites, replication is optimized for speed as follows:
-Connections between domain controllers in the same site are always arranged in a ring, with possible
additional connections to reduce latency.
-Replication within a site is triggered by a change notification mechanism when an update occurs,
moderated by a short, configurable delay (because groups of updates frequently occur together).
-Data is sent uncompressed, and thus without the processing overhead of data compression.
Between sites, replication is optimized for minimal bandwidth usage (cost) as follows:
-Replication data is compressed to minimize bandwidth consumption over WAN links.
-Store-and-forward replication makes efficient use of WAN links - each update crosses an expensive link only once.
-Replication occurs at intervals that you can schedule so that use of expensive WAN links is
managed.
-The intersite topology is a layering of spanning trees (one intersite connection between any two sites for each directory partition) and generally does not contain redundant connections.
...
Topology-Related Objects in Active Directory
Active Directory stores replication topology information in the configuration directory partition. Several configuration objects define the components that are required by the KCC to establish and implement the replication topology:
..
Site Link Objects
For a connection object to be created on a destination domain controller in one site that specifies a source domain controller in another site, you must manually create a site link object (class siteLink ) that connects the two sites. Site link objects identify the transport protocol and scheduling required to replicate between two or more sites. You can use Active Directory Sites and Services to create the site links. The KCC uses the information stored in the properties of these site links to create the intersite topology connections.
A site link is associated with a network transport by creating the site link object in the appropriate transport container (either IP or SMTP). All intersite domain replication must use IP site links. The Simple Mail Transfer Protocol (SMTP) transport can be used for replication between sites that contain domain
controllers that do not host any common domain directory partition replicas.
Site Link Properties
A site link specifies the following:
-Two or more sites that are permitted to replicate with each other.
-An administrator-defined cost value associated with that replication path. The cost value controls the route that replication takes, and thus the remote sites that are used as sources of replication information.
-A schedule during which replication is permitted to occur.
-An interval that determines how frequently replication occurs over this site link during the times when the schedule allows replication.
Default Site Link
When you install Active Directory on the first domain controller in the forest, an object named
DEFAULTIPSITELINK is created in the Sites container (in the IP container within the Inter-Site
Transports container). This site link contains only one site, Default-First-Site-Name.
NEW QUESTION: 3
Which three modules would you recommend deploying in ePBCS (Enterprise Planning and Budgeting Cloud)? (Choose three.)
A. Capital Expense Planning
B. Balance Sheet Planning
C. Project Planning
D. Workforce Planning
E. Statistical Planning
Answer: A,C,D
Explanation:
Oracle Enterprise Planning and Budgeting Cloud provides four complete, planning and budgeting solutions for Financials, Workforce, Capital, and Projects. These business processes include built-in best practice predefined content including forms, calculations, dashboards, drivers, and key performance indicators (KPIs). You can get up and running quickly by enabling only the features you need, and later enable additional features to enhance your application.
References: Oracle Cloud, Administering Planning for Oracle Enterprise Planning and Budgeting Cloud, page 1-1
NEW QUESTION: 4
A. Option D
B. Option E
C. Option A
D. Option B
E. Option C
Answer: B,C
Explanation:
Topic 3, Analyzing the Current EnvironmentExecutive SummaryProject OverviewCGE is a global, diversified, upstream (exploration and production) oil and gas company headquartered in North America. CGE's three main operating areas are North America, Europe, and Southeast Asia. CGE also has a portfolio of international exploration opportunities.
CGE began in North America as a small, upstream oil and gas company. Through acquisitions, CGE grew quickly and acquired companies globally. This led to a decentralized IT model, both from systems and personnel perspectives.
CGE currently utilizes several Citrix technologies to provide application virtualization to a global end-user base spread across several continents. Its current IT model for application virtualization is based on regional locations; each region hosts its own Citrix environment to support its local end-user base. CGE is moving toward a global IT model in which the entire application and desktop virtualization environment will be hosted in three data centers, each with a highly available NetScaler pair. CGE would like to provide dedicated desktops to some end-user groups to alleviate past issues with applications and performance. In addition, an Internet upgrade project is underway to eliminate slow connections at all sites. This will improve latency and bandwidth issues throughout the environments.
CGE engaged Citrix Consulting to determine whether best practices are being followed in its existing Citrix environments; to provide a design document for a new, consolidated Citrixenvironment; and to point out risks that should be resolved before moving to this new environment. This deliverable represents the output of the requirements gathering phase and will be used as an input during the architectural design phase of this engagement.
Through interactive meetings, Citrix Consulting obtained information regarding CGE's existing Citrix XenApp environments and strategic goals. By reviewing this information, CGE can understand and methodically address those areas that represent the most profound risks, improve various facets of its current environments, and prepare for the future design phase of a consolidated environment.
Project GoalsDuring the course of the project, CGE and Citrix Consulting identified a number of project goals. The following summarizes these goals:
Perform a detailed assessment of the Citrix components supporting the existing Citrix environments, which include XenApp 6.x, XenServer, and NetScaler Gateway.
Review relevant peripheral components that support the existing Citrix environments (for example, Active Directory, storage, SQL, networking) to determine if each can support current production workloads and a new Citrix environment.
Identify operational and environmental improvements to better account for the environments' growth.
OverviewCGE has locations spread across three primary regions-North America, Europe, and Southeast Asia-with its primary headquarters located in Houston. Sub regions exist within each region, each with its own Citrix infrastructure. Once power and cooling upgrades are complee, Houston will be the primary datacenter and London will be the secondary datacenter.
The following diagram details the locations and network connection types.
Business Layer OverviewSince CGE expanded quickly through acquisitions, corporate IT left infrastructure management up to the acquired companies. As a result, some regions have well-run Citrix environments, while others experience critical outages that simultaneously affect hundreds of end users.
CGE's CIO, who has been with CGE for slightly less than a year, was hired to be the central point for IT across all regions. The CIO has engaged with the various business units to understand their processes and received various complaints about the stability of the existing Citrix infrastructures.
The CIO feels that the majority of Citrix infrastructure issues are due to a lack of centralized control and common platforms. Some regions have older versions of XenApp, while some are more current. As CGE moves forward, the CIO plans to use a single vendor for the entire solution, and wants to ensure that the new infrastructure is virtualized and fault tolerant.
End-User Layer OverviewCGE has 10,350 employees, approximately 4,700 of which access the Citrix environments daily. Peak logon times are Monday through Friday, from 8:00 a.m. - 10:00 a.m., based on local, regional time zones. Technicians and engineers are shift workers who rotate to accommodate a 24 hours a day, seven days a week schedule.
End user distribution is as follows: The majority of end users connect using CGE-owned HP laptop and desktop devices. Over 90 percent of these devices are Windows 7-based, as CGE is in the process of completing a Windows XP to Windows 7 migration.
CGE has standardized all these devices on Citrix Online Plug-in for Windows12.1, and is in the process of testing Receiver for Windows 4.2. In the past, some end users have complained about slowness when typing, which may indicate issues with latency.
CGE also allows end users to connect using non-corporate-owned devices. Many end users connect from personal computers and mobile devices such as Apple iPads and iPhones. End users are instructed to download Citrix Receiver from either the Citrix website or the Android or Apple app stores.
End users can be grouped into six separate categories:
Executives/Management- Regional upper- and mid-level management staff.
Back Office- End users that provide functions such as accounting, administration, human resources, and finance.
Research- End users focus mainly on discovering new energy fields and sources.
Engineers- End users who work with technicians in a senior lead role for both technical and management functions. There is approximately one engineer for every five technicians.
Technicians- Field workers who service the oil and gas equipment.
Sales- Primary customer-facing group. End-user groups and numbers are as follows:
The engineers, technicians, and research groups access Citrix applications primarily in an office-type environment, but may need to access these applications while in the gas and oilfields. In these scenarios, end users connect to Citrix using local Internet connections, ranging from a wireless access point to a tethered mobile device.
To prevent printer driver issues and sprawl, CGE tries to limit end users to their default printer when accessing Citrix. The IT department at CGE's headquarters has mandated that only the Citrix Universal Print Driver be utilized. As each region manages its own Citrix infrastructure, this has been difficult to enforce.
Each end user's home directory is mapped when accessing a Citrix session; the drive-mapping letter varies based on the end user's region. End-user data is stored on different network device types and shares ranging from a Windows CIFS share to an NAS appliance. Corporate IT is unsure if end-user data is being backed up in all regions. CGE hopes to implement formal, corporate-wide standards in the new Citrix environment.
Access Layer OverviewSince each region has its own Citrix environment, end users are fairly isolated within their specific regions. In each region, NetScaler Gateway and Web Interface provide access for internal and external end users. In some regions, Citrix Secure Gateway is still being utilized for external access. This is primarily due to a past budget constraint, but CGE hopes to provide a redundant and fault-tolerant Citrix access solution for all regions with the new environment. Confusion with the use of the appropriate URL also occurs for end users travelling among regions. A common access point that routes end users to their closest datacenter would most likely reduce this confusion.
As CGE is sensitive to the research that is being conducted toward the development of new energy types and methods, external access to the Citrix environment must be as secure as possible. Currently, internal and external end users employ single-factor authentication; however, the development of a two-factor authentication process is desired.
Access ControllersOverviewThe following table outlines the utilization of Web Interface, StoreFront, NetScaler Gateway, and Citrix Secure Gateway in the various Citrix environments.
Resource LayerPersonalization OverviewThe following table outlines the current overall profile
strategy:
Corporate IT would like to streamline the profile management solution. Numerous end users complain about slow logon and logoff times, and routine profile corruption is also aconcern. It is common for IT to have to reset end-user profiles on a daily basis. CGE hopes to provide a stable end-user profile platform by implementing a standardized set of hardware to host profiles and by employing Citrix Profile Management.
Citrix policies vary from region to region, but corporate IT has tried to enforce the following policy settings (at a minimum):
Technicians and engineers require USB mapping for various field devices such as flow meters and sonar devices. Since the majority of the remaining end-user groups probably do not need USB mapping, this could be disabled for those groups in the new environment.
Corporate IT feels that most end users require only their default printer within a Citrix session. However, other end-user groups (primarily Back Office) need to access multiple printers with advanced printing functionality, such as stapling. In all cases, the need to limit native print drivers is critical.
Applications OverviewThe majority of end users utilize published applications delivered through one of the regional XenApp farms. Some end-user groups require a full desktop instead of published applications. CGE mandates that no new software (agents) may be deployed in the current desktop infrastructure.
The following table provides additional details about the applications and desktops used throughout the Citrix environments.
Image Design OverviewThe following table outlines current application specifics. All servers are Windows 2008 R2 running XenApp 6.5, and all are virtual machines. Applications are delivered based on grouping. For example, Office Suite is installed on a dedicated set of servers.
Control LayerInfrastructure ServicesActive DirectoryAs the solution integrates with Active Directory, resources must be easy to manage and maintain within the directory structure. The following details CGE's typical organizational unit (OU) structure for the XenApp environments.
Overview Databases OverviewCGE manages seven XenApp 6.5 farms-one for each region. A variety of SQL server versions host the farm databases. Some databases are located on a shared SQL cluster, while others are standalone.
The following table provides an overview of each environment, the database location, and the database configuration.
Licensing OverviewAs each region currently manages its own Citrix infrastructure, licensing types vary from region to region. Some regions have more licenses than end users, while others sometimes reach their limit. Each region has its own Citrix and Microsoft license servers.
Corporate IT will be consolidating the Citrix and Microsoft licenses under a common corporate agreement in the new Citrix environment. This will allow for better cost control and appropriate distribution of licenses.
If needed, additional licenses will be procured to support the new Citrix solution. This may involve purchasing additional Microsoft and Citrix licenses to support a disaster recovery model.
The following details the current Citrix and Microsoft license types.
XenApp Controllers OverviewAll regions use virtualized XenApp 6.5 servers. Some regions currently use Provisioning Services 6.1, but CGE wants to simplify management processes by moving to Provisioning Services 7.6 in each region. Although there are no test farms in the current Citrix environments, CGE would like to incorporate dedicated test environments in the new Citrix solution. These new test environments should utilize a minimum of storage. The following table details the XenApp environments for each region.
End users in some regions often complain about slow application enumeration and launch issues. Corporate IT hopes that these issues will be resolved with the new Citrix solution.
Hardware LayerStorage OverviewDepending on the region, the physical hosts that provide hardware virtualization use a variety of local and SAN-based storage. Using local storage has prevented virtual machines from moving to another host in the event of a host failure, creating some regional capacity issues. Corporate IT is unsure if end-user data is being backed up in all regions.
CGE hopes to implement global formal standards in the new Citrix environment. A fault-tolerant solution is required for hardware virtualization and end-user data storage.
The following table describes the different storage types based on region: Networking OverviewCGE utilizes regional private networks. Not all regions connect directly to each other. The network links range in size from 5 Mbps to 10 Mbps. The networks are congested at times among regions, causing large file copies to be scheduled during off hours to minimize disruption.
CGE currently has a project underway to increase the bandwidth among regions and reduce latency for the new Citrix environment. The following diagram details the links among the regions.
Each region has a separate Internet connection of varying capacity and utilizes its own local network connection for Internet traffic. Microsoft and routing policies are in place to direct Internet-bound traffic to use this local Internet connection. The goal was to reduce the amount traffic on the links among regions, saving bandwidth for interregional traffic.
For external Citrix access, each region uses its local Internet connection. The NetScaler Gateways and Citrix Secure Gateways are placed in a demilitarized zone (DMZ). Appropriate firewall ports are configured to allow the Citrix traffic to navigate to the internal resources.
Control Hosts OverviewAs CGE acquired several companies within a short period of time, it did not change any of the acquired companies' infrastructures. This has resulted in regional inconsistency in hypervisor platforms and versions and with hardware vendors.
Corporate IT hopes to streamline the infrastructure to ensure corporate standards are followed. At a minimum, a standard hypervisor platform must be used to allow IT resources to train on a common hypervisor platform and to quickly assist in other regions when needed.
For the new Citrix solution, CGE has budgeted for the replacement of aging infrastructure equipment, where needed, including the hypervisor platform. Procurement of the best infrastructure components within this planned budget must be ensured.
Operations LayerSupport OverviewIn the current configuration, each region is responsible for supporting its end users and infrastructure. This often leads to confusion for end users who travel, as well as the for the help desk members who work with these end users.
Corporate IT hopes to develop a centralized support structure from the end-user layer to the infrastructure layer. The CIO envisions a model that allows an end user to call one number for support. Regional staff will support the help desk 24 hours a day, seven days a week. If first-tier help desk support is unable to resolve the issue in a timely manner, a second-tier support team would be engaged.
In order to facilitate this troubleshooting model, the first-tier help desk and second-tier support teams would require access to the Citrix infrastructure. The CIO would prefer a centralized console for the help desk team, but it is not a requirement.
In the past, some regions had training budgets, while others did not. This has often resulted in lengthy resolution of issues due to improper training. To alleviate this, the CIO has mandated that the first-tier help desk and second-tier support teams be properly trained in the products being implemented in the new Citrix solution.
Testing and Change Control OverviewAn analysis revealed that none of the regions have a proper test environment. At best, some regions have a few test XenApp servers in their production farms that are used for testing. In addition, the procedures for implementing changes to the systems vary from region to region.Some regions have a documented change control process, while others install changes as application owners or end users request them. This has resulted in overall poor performance of the Citrix environments and has caused outages in some regions.
The CIO has mandated that in the new Citrix solution, a change control board must approve changes, and a separate test environment must be deployed.
Operations OverviewCitrix Rollups and hotfixes are applied sporadically throughout the Citrix farms. The following table details the implementation of Citrix Rollups.
Backups of the Aberdeen, Houston, and London SQL databases are conducted daily via SQL. A nightly backup of the Windows server ensures that the local SQL backup is captured. However, the restoration process has not been tested. The remaining locations lack SQL administrators, so it is unclear if SQL backups are being performed.
The CIO recognizes this gap and is taking steps to ensure that all Citrix databases are routinely backed up. For the short term, the SQL administrators in the Houston location will assume responsibility for the SQL backups in the locations that lack SQL administrators.
Since each region has operated independently, no central disaster recovery plan exists. Corporate IT hopes to provide a seamless disaster recovery solution for all locations and believes that it may be possible to utilize regional resources with minimal overhead. Corporate IT feels that it is likely that, in the event of a disaster, only a subset of a region's end users would require a disaster recovery solution, and believes that approximately 50 percent of regional end users would be a good starting point.
Monitoring OverviewThe Houston location is the only location using EdgeSight. Corporate IT uses EdgeSight for license trending and occasional end-user troubleshooting. Interviews with the IT staff using EdgeSight revealed that EdgeSight could probably be better utilized. The help desk staff hastried using EdgeSight, but has felt overwhelmed and would prefer a much simpler interface to troubleshoot end-user issues.
CGE recently purchased Tivoli, an antivirus program, and is in the process of rolling it out to all locations. Corporate IT has requested from Citrix Consulting any specific monitoring metrics and alerts related to the Citrix environment. CGE realizes that effective monitoring will allow them to be proactive in addressing issues before they cause critical outages.
The following is CGE's current antivirus policy:
Periodic scanning of servers must be conducted at 1:00 a.m., local time, each morning.
All workstations and servers must have antivirus software installed, and real-time scanning must be enabled.
Periodic updating of antivirus software is required. Currently, antivirus updates are automatically delivered at 8:00 a.m., 1:00 p.m., 4:00 p.m., and 11:00 p.m., local time.
Only vendor-required exclusions may be used, and all exclusions must be configured for both real-time and periodic scans.
Real-time antivirus scanning must be configured to scan files when they are accessed and written.
All servers must be configured to scan their local drives, and all remote network drive scanning must be disabled.
Corporate IT has shared several Citrix articles relating to Citrix product antivirus exclusions with the regions. It is unclear if the regions have implemented these exclusions.