Many organisations around the world use Citrix ADC (formerly NetScaler) for load balancing web services, making web services highly available, offering secure VPN or ICA access to staff and so on. If your organisation uses Citrix products such as Virtual Apps and Desktops, you probably also make use of an ADC to provide secure ICA proxy to apps and desktops, and load balance Citrix and non-Citrix services. The ADC can do a lot of things, often known as the swiss army knife of networking.
I’ve worked with Citrix ADC for a number of years. Many people who aren’t too familiar with ADC know it as a remote access appliance, and load balancer, but that just touches the surface of what ADC is capable of. I’ve also been certified in ADC for a few years now, holding the “Citrix Certified Professional in Networking” (CCP-N) certification.
This year I made the decision to pursue the Citrix Certified Expert in Networking (CCE-N) certification. I had previously attended the CNS-320 course, which helped me obtain the CCP-N.
The CCE-N certification is newer and was only released around a year or so ago. Previously, CCP-N was the limit for Citrix Networking. To obtain the CCE-N certification, I decided to attend the CNS-420 course.
The CNS-420 course covers Networking Assessment, Design, and Advanced Configuration for Citrix ADC deployments. In my past experience, I’ve come away from Citrix courses not only knowing more about the product, but also things I did not think were possible with ADC, and ideas that I can transfer into my organisation.
The course starts out explaining in advanced form the methodology Citrix Consulting applies to all their new ADC deployment projects with customers, and how you can use the same methodology for your customers to be successful with your ADC deployments. You are taught the different types of ADC platforms available for private and public cloud, the different ways an ADC can be deployed, and the different configurations that can be applied based on business drivers and priorities, with example scenarios included.
Further on in the course, you delve into advanced coverings of security by covering topics such as Authentication, Authorization and Auditing, implementing Endpoint Analysis, Application Firewall to protect your business applications from zero-day attacks, Quarantine Groups and more. This part of the course was very beneficial given how important security is in today’s world.
Load Balancing and Global Server Load Balancing is covered in detail which gives you the knowledge you need to scale web servers for performance and design a multi-datacentre global load balancing solution. Citrix Gateway is also covered, and you will learn how to deploy Gateway to provide users ICA proxy access to their virtual apps and desktops, provide VPN access, deploy RDP Proxy, or Clientless Access. You will also learn how to secure the environment using Smart Access, pre-authentication policies, authentication policies, and more.
As a summary, I’ve listed below some of the items I found most interesting in the course. Those I think would be beneficial to other potential students:
- The Citrix methodology and how to ensure a successful deployment of ADC. You will understand how to identify and work with an organisation’s key stakeholders, discover the key business drivers, analyse the organisation’s existing infrastructure and design an ADC solution that will successfully meet the needs of the organisation, within the time and budget allocated.
- Discovering the different types of ADC, from VPX to MPX, SDX, and CPX. You will discover the benefits of each appliance, and under what conditions one variant will make more sense over another. Understanding the public cloud offerings for ADC is also beneficial as many organisations are considering making a move to cloud for services such as the ADC.
- The security features on offer from ADC. How to deploy Secure Web Proxy to protect your users from browsing to malicious websites or non-productive websites, Application Firewall to protect against SYN flood attacks, DDoS attacks, zero-day attacks and more, and AAA virtual servers’ capabilities that can provide multiple factors of authentication before users are allowed to access backend systems. These are just some of the way’s ADC can protect your business applications.
- Advanced Gateway configurations. Deploying and configuring RDP Proxy, which allows RDP traffic from internet locations to be securely proxied to corporate servers. Clientless Access, Smart Access policies, VPN access including split tunnelling and more.
Hopefully this review is helpful for you, and I encourage those who work with ADCs daily and who already hold the CCP-N qualification, to begin pursuing the CCE-N certification.
You can also view the Exam prep guide here: https://training.citrix.com/#/learning/exam?id=1944
Good luck!
Pingback: Citrix CCE-N certification - Hybrid Cloud Blog 1Y0-440