From 2008 to 2009 – Nick Rintalan, Hector Lima, Scott Thompson and Mike Schaeffer all contributed to an excellent whitepaper detailing the top 10 risks Citrix Consultants typically encounter during an assessment project. As this whitepaper mentions –

“While each assessment is unique, Citrix Consulting has found that certain issues persist from customer to customer.”

And this is still true five years later. We always provide tailored advice for each client; however we still regularly see issues repeated across customers. What’s changed is the type and frequency of the risks that we see. This is an industry that has gone through an exciting period of change over the last five years and as such a new set of common issues and challenges have emerged over time. Many of the old issues from 2008-2009 don’t even make the top-10 anymore. That’s because Citrix continually monitors challenges within the industry and works very hard to address them

Daniel Feller, Doug Demskis, Tarkan Koçoglu and Nick Rintalan published a top-10 mistakes whitepaper in 2010, but the list wasn’t necessarily ordered based on frequency.

It’s worth noting that the risks highlighted in this blog are based on frequency of findings and are not ranked by criticality to your project’s success. Therefore, I highly recommend that you also check out Nick Rintalan’s presentation from Synergy 2013 where Nick highlights the top-10 issues as seen through the lens of a super-experienced Citrix Lead Architect. Nick has kindly allowed me to share his Synergy presentation and you can find it here.

First of all, what is a Citrix Consulting Assessment?

During a Citrix Consulting assessment project, we perform a thorough review of an existing Citrix deployment. Areas covered include:

  • Business Layer – Executive sponsorship and whether the environment meets key business drivers.
  • User Layer – User segmentation, endpoints, peripherals and Citrix Receiver.
  • Access Layer – Access infrastructure, session policies and session profiles.
  • Desktop Layer – Personalization, applications and image design.
  • Control Layer – Integration with Active Directory, SQL server configuration, provisioning and farm & site design.
  • Hardware Layer – Virtualization servers, hardware sizing, storage and networking.
  • Operations Layer – Support structure, testing, change control, configuration management, backups and monitoring.

In my experience, there are two main reasons why we’re asked to review an existing environment:

1. There are no issues to investigate, but our client wants to ensure that they are following Citrix leading practices. Many customers schedule yearly reviews to ensure that their environment is regularly aligned with current best practices or request a “health check before they go live with a non-Citrix Consulting design.

2. There is an issue or issues that need to be resolved and we need to review the environment to ensure that we identify the root cause. For example, users might be experiencing intermittent connection failures because they sometimes connect to an incorrectly configured StoreFront server. We could easily fix the configuration issue but the root cause of the problem is configuration management.

How did you determine what the top 10 risks are?

Kevin Nardone, from Worldwide Consulting, reviewed assessment deliverables from all over the world, across a variety of different industries (Education to Finance) and for companies of all different sizes (400 to 300,000 employees). Each risk identified was recorded and categorized in a spreadsheet so that I could run a variety of reports and analyze the data in detail.

How do the 2004-2008 risks compare to the 2013-2014 risks?

So without further delay, here is the new top-10 (10 to 1 with 1 being the most common risk):

Blue = dropped out of the top-10 in 2013

Red = New entries in 2013

Gone from the top-10, but not forgotten. I found it really interesting how some of the top issues in 2004-2008 don’t even make it to the top-10 anymore. Let’s take a look at these risks in more detail –

1. Printer Drivers (1st place in 2009  => 26th place in 2013) – Managing printer drivers has long been a major headache. I definitely don’t miss seeing the blue screens from type-2 kernel mode printer drivers. The impact from the introduction of the EMF based Universal Print Driver in Presentation Server 4.0 (2005), the XPS based Universal Print Driver in XenApp 5 (2008) and the Universal Print Server in XenApp 6.5 (2011) has been nothing short of extraordinary.

I know what you’re thinking – If there was an XPS based UPD in 2008, why was printing still the number 1 issue in 2009? I think it comes down to adoption. It can take a while until the majority of customers upgrade and even longer until they fully adopt a new technology such as the XPS based UPD.
2. Load Management (2nd place in 2009 => 15th place in 2013) – We used to see a lot of incorrectly configured and inconsistently applied load evaluators. Prior to XenApp 6, it wasn’t an easy process to assign a load evaluator. You’d need to remember to assign the appropriate load evaluator to each server added to the farm. Lots of admins forgot to do this and we’d see a mix of default, advanced and custom load evaluators within the same worker group. This made load management very inconsistent and users could be overloaded on some servers and under loaded on others.

With the introduction of XenApp 6 (2010), it became possible to implement load evaluators as policies and assign them at the worker group level. When new servers are added to a worker group they automatically pick-up the right policy. With XenDesktop and XenApp 7.x policies are assigned to a desktop group rather than a worker group, but it’s a similar idea.
3. Profile Design (3rd place in 2009 => 16th place in 2013) – We used to see a lot of profile issues, including – slow logon times due to large profile size, lost settings due to “last write wins”, inconsistent settings between concurrent sessions and of course – profile corruption. With the wide-spread adoption of hybrid profile solutions, such as Citrix Profile Management, we’re now seeing far less profile issues. Profile streaming dramatically improves logon times and active write back ensures that settings are consistent between multiple concurrent user sessions.
4. Monitoring (5th place in 2009 => 14th place in 2013) – Five years ago, I spent a lot of time helping customers troubleshoot performance and stability issues because they didn’t have the tools they needed to identify the root cause. The Citrix environment was a black box and customers didn’t know whether the issue was with the hardware, storage, network, applications, operating system, Citrix software, etc. I can’t tell you how many times Citrix got the blame when it ended up being another component in the stack. With the introduction of EdgeSight, Desktop Director and NetScaler Insight Center customers now have a powerful toolset from which to identify and troubleshoot issues within their environment.
5. XML Traffic (8th place in 2009 => 32nd place in 2013) – The XML traffic between Web Interface / StoreFront servers and the XenApp / XenDesktop Controllers uses clear text to exchange data, with the exception of passwords which are transmitted using obfuscation. We flag this up as a security risk because an intruder on the datacenter LAN could steal usernames and passwords. I don’t think that we see this risk so frequently now because customers are much more security conscious and can configure SSL encryption in their sleep with their arms tied behind their back. I also think that we’ve done a good job highlighting the risk in blogs, whitepapers, eDocs and the Virtual Desktop Handbook.

So, what about the new entries on the 2013 list? To me, these risks are all associated with Citrix deployments transforming from tactical deployments into strategic ones. They all center on providing a consistent, high performance experience for users that is always available –

  • Single Point of Failure
  • Infrastructure Sizing
  • Load Balancing
  • Citrix Receiver
  • End of Life

I’m not going to go into detail about them now, I’m going to save that for my next blog where I’ll provide guidance on how to address the top-10 issues in 2013. The good news is though that most of these risks are relatively easy and quick to address.

Personally, I think we’ve focused too much on the top 10 and need to expand the list to include a broader look at the common risks. That’s why I’m planning  to provide a third blog post where I’ll share guidance on the remaining issues in the top-20.

Do the risks change based on the size of the organization?

Yes! The following table compares the top-10 risks based on the size of the organization:

  • SMB/Midmarket – Less than 5,000 employees
  • Enterprise – More than 5,000 employees but less than 10,000 employees
  • Global Enterprise – More than 10,000 employees

I hope that you found this blog interesting. I’m always interested to read your comments and I’ll make sure that I fill in the blanks in my next couple of post.

  • Common Risks During Consulting Assessments (2013) – 1 to 10
  • Common Risks During Consulting Assessments (2013) – 11 to 20

Andy Baker – Senior Architect
Worldwide Consulting
Desktop & Apps Team
Virtual Desktop Handbook
Project Accelerator