There are lots of NetScaler 10 features and just in NetScaler Application Firewall (AppFW) alone have some very nifty features that it really needs to have its own spotlight to shine, especially with the entire craze about TriScale —which is something everyone is talking about from all regions! 🙂
Here are just some new AppFW feature highlights:
• CEF Logging support – CEF logging support is the ability to log using Common Event Format logs. This is good for interoperability with vendors such as RSA envisions and Arcsight as these vendors support CEF format.
• Click to Rule – Using the CEF logs from the GUI, click on the log and decide if you want to deploy it as a rule by just doing a right click to make a selection. Much easy way to do relaxation rules or when not doing Learning.
• High Availability (HA) Transparency for Learned Data – Learned data in HA is propagated to the secondary appliance for transparent failover. This is cool for customers for more seamless failovers on Learned Data.
• Scan and Enforce – With Qualys partnership, a very exciting capability now available that allows output of Qualys Application vulnerability tool to beconverted to NetScaler rules. Faster and easier deployment to secure applications selectively. A dedicated blog on this will be done soon.
• Sessionless security – A whole blog on this has been done last year for Field Consistency. But what’s added in NetScaler 10 is also sessionless security for URL closure. This is tremendously helpful when customer has the need to scale his/her deployments but does not have enough memory.
• Policy label support – Allows for multiple policies to be invoked at once. This definitely saves customers time when lots of policies to invoke.
• Support of Chunked POST requests – Some applications such as iPhone apps require the server to return large volume of data, hence the need for Chunking. With NetScaler 10, now there is an option to chunk these Post Requests containing large volumes of data. For more info on Chunk, here is a link to wiki.
• Import/Export Profile – The ability to export the profile from one NetScaler to create same configuration on other NetScaler boxes is a blessing for customers that have multiple boxes and/or have staging environments that want to just take the profiles to production seamlessly.
• Signatures – Response side checks – This feature provides flexibility to add more rules in signatures vs. traditional checks. Adding credit cards, comments stripping and safe object in signatures.
Please go through docs at citrix.com Download page for more details on each of the features above and for many more other enhancements and features that are available in NetScaler 10. We did not actually name a feature burger and fries but the metaphor is the same in terms of making sure existing features and new features are adaptable to really work well together for the best customer solutions!