@NStipster: NetScaler Insight Center – Part 1 – Preparing for your implementation

So you’ve heard great things about monitoring your virtualized applications and desktops using NetScaler Insight Center. However perhaps you don’t know how or where to get started. In this first blog post I will try to give you enough information in one place to lay the groundwork for your implementation.

Software versions and builds

One of the most important facets of Insight Center is making sure you have the correct versions of the various components to allow you achieve a successful implementation. There are details below what NetScaler version and the supported Citrix Receiver versions you need if interested in using Web Insight or which XenApp and XenDesktop versions required for HDX Insight.

Web Insight

NetScaler 9.3 build 61.2 or later; NetScaler 10.0 build 73.5 or later and NetScaler 10.1 build 112.15 or later. If you are not sure on the exact version or build number of NetScaler please navigate to the Web UI and check the banner:

NetScaler Build Number

Or from the command line:

> show version
NetScaler NS10.1: Build 120.13.nc, Date: Sep 12 2013, 07:00:12

HDX Insight

XenApp 6.5 HRP01 (build 6682 or higher); XenDesktop 5.6 build 56060 or higher and XenDesktop 7.0 build 3018 or higher.

How to check the XenDesktop build number:

[Run the get-brokercontroller cmdlet in PowerShell on the Desktop Delivery Controller]

How to check the XenApp build number: Open up the Registry Editor and navigate to


There should be a key called ‘ProductBuild’ which in my example is 6682 which is the minimum on XenApp 6.5 to support HDX Insight.

Windows Services for HDX Insight

The ‘Citrix End User Experience Monitoring’ service needs to be enabled, set to Automatic and started on XenApp. The same applies for XenDesktop where the same service needs to be enabled and started on each individual VDI.


Citrix CloudBridge is supported from CloudBridge version 7.3 or higher.

Citrix Receivers

Windows 7 = Receiver 3.4 Enterprise Edition / 4.0 Standard Edition

Windows 8 = Receiver 3.4 Enterprise Edition / 4.0 Standard Edition

Mac OS X = Receiver 11.8 (build 23801 or higher)

Linux = Receiver for Linux 13.0 or higher

Licensing is important dependent on how much historical data visibility you require. The good news is if you have a Platinum license on your NetScaler there are no restrictions on functionality or limits on historical data.

If you want to avail of the HDX Insight functionality, an Enterprise License is minimum and this affords up to one hour of reports. For Web Insight, when running a Standard or Enterprise license the NetScaler Insight Center does not report the details for response time, load time, render time, server processing time and the waterfall chart options.

Check your license on the NetScaler CLI:

> show license

NetScaler UI:

NetScaler > System > Licenses

More on this below in ‘NetScaler Features’.

Prepare your hypervisor for NetScaler Insight Center

NetScaler Insight Center is a FreeBSD based virtual machine that will run on your hypervisor. The requirements are the same regardless of whether XenServer or VMware is your hypervisor. Each NetScaler Insight Center virtual machine supports up to four NetScaler appliances.   The full requirements for the virtual machine are as per the table below:


2 Virtual CPUs (vCPU) or more

120Gb storage space, 240Gb or higher recommended

1Gbps Throughput


If there’s a firewall in between the NetScaler(s) and NetScaler Insight Center then the following ports need to be open:

TCP ports 80 and 443 for Nitro communication between NetScaler Insight Center and NetScaler(s)

TCP port 22 for SSH communication between NetScaler Insight Center and NetScaler(s)

UDP port 4739 for AppFlow communication between NetScaler Insight Center and NetScaler(s)

ICMP for ping reachability between NetScaler Insight Center and NetScaler(s)

Note NITRO is the API used by the NetScaler and uses HTTP/HTTPS. Port UDP 4739 is used by AppFlow which is the analytics reporting technology on the NetScaler based on the IPFIX protocol. AppFlow is used exclusively for reporting data into NetScaler Insight Center.

Plan your traffic management

What traffic do you want to monitor? Do you want to monitor particular Load Balanced or Content Switched virtual servers? Just ICA/HDX traffic? The Web Insight module will allow you to leverage the Policy Infrastructure (PI) abilities of the NetScaler to create a policy that will match on certain criteria, some examples would be based on Source IP address, based on Hostname, based on URL and so on. This will allow you to narrow the focus on the traffic you want to monitor. Specific example: HTTP.REQ.HOSTNAME.CONTAINS(“xyz.com”) This example will look at the HTTP requests and matches when the hostname is ‘xyz.com’. Upon match an AppFlow record is sent from the NetScaler to NetScaler Insight Center.

NetScaler Features

Once you have the appropriate NetScaler license in place, you do not have to worry about activating the features needed to support NetScaler Insight. These are the basic feature Rewrite and advanced features AppFlow and EdgeSight Monitoring (HTML Injection). EdgeSight Monitoring (HTML Injection) is only required if you want to see the render time of a web page i.e. how long the page takes to load. This is achieved injecting some JavaScript before and after the body of HTML pages. HTML Injection is optional.


So that’s should lay enough ground work to get the ball rolling for the implementation. Check out Part 2 of this series to actually get started with data in and out of NetScaler Insight Center, Part 3 covers tips, troubleshooting and how to get your installation upgraded!