Efficiency and productivity is achieved when deployment and management of IT services is fast, simple and elegant.

Attendees that joined the October Citrix Workspace Cloud webinar showed a high level of engagement and asked great questions while embarking on a technical tour of the new platform and services. Excited about the journey to cloud, attendees asked questions themed around provisioning technologies, secure credential management, new feature deployment and more.


Let’s review the top 8 questions that were asked during the webinar.

1. Is Citrix Provisioning Services (PVS) integrated with the App and Desktop Service in Citrix Workspace Cloud?

Today, integrated provisioning in the App and Desktop service is supported by Machine Creation Services (MCS). This technology allows administrators to scale app and desktop capacity on compute resources (hypervisors) located in customer datacenters (resource locations) from the cloud based management control plane (XenDesktop Delivery Site). This simplifies capacity management for app and desktop workloads, saving time and easing administration.

A similar integration with PVS is currently under development. Workspace Cloud customers can use machines provisioned by PVS in their App and Desktop service resource location, or use them as part of blueprint automation powered by Citrix Lifecycle Management. However at this time, provisioning must be initiated using PVS. In the future the App and Desktop service will support integrated PVS provisioning from Studio. Integrated PVS support was a popular request at Citrix Synergy 2015 as partners and customers looked to take advantage of provisioning features in PVS. We listened, and development is underway.

2. Will it be possible to host the Workspace Cloud UI and Control Center by ourselves?

No, there are no plans to make the Workspace Cloud interface available for on-premises deployment. Our goal is to provide a cloud service that can evolve quickly and regularly with no effort or upgrade required by customers. To deliver on this vision and continuously add value we must host and operate the control plane and interface as a Citrix operated cloud service.

3. Can we host the App and Desktop Service Controllers in our datacenter?

No. To take full advantage of the hybrid delivery model provided by the App and Desktop service, the Delivery Controllers must be hosted and operated in the Citrix cloud. If your goal is to host both controller and worker components of the Citrix XenDesktop infrastructure, look into how the Lifecycle Management Service in Workspace Cloud can help automate deployment and monitoring of your environment. Hybrid delivery isn’t right for everyone and all use cases, which is why Citrix will continue to invest heavily in our core products and the traditional on-premises use case.

4. Where does end-user authentication take place in the hybrid delivery model? Do my end users need a new username or can they continue to use their Microsoft Active Directory identity?

End users or “subscribers” continue to use their AD based identity and do not need to be issued a new login to access apps and desktops delivered by the App and Desktop service in Workspace Cloud.

Authentication flows are secure, and the routing and “cloud exposure” of credentials depends on where the StoreFront component (where end users authenticate to access apps and desktops) is located. In the scenario where StoreFront is hosted in a Resource Location, user credentials are encrypted before leaving the customer datacenter or cloud. The encryption key is never sent to the cloud, ensuring that credential information is handled securely and can not be compromised even in the event that an attacker was able to intercept the data stream.

In the scenario where a customer is taking advantage of the cloud hosted StoreFront provided by the App and Desktop service (one less piece of Citrix infrastructure for them to deploy, manage and update) credentials will be securely encrypted and passed from the cloud based StoreFront to the Workspace Cloud Connector deployed in the customer’s Active Directory domain. In no scenario are end user credentials ever stored in Workspace Cloud. Learn more

5. Is all communication from the Citrix cloud to the Cloud Connector done over port 443? Are there other port or networking requirements?

All communication between Workspace Cloud and the Connector occurs using SSL over port 443. There are no other networking or port requirements. Using only 443 outbound access, administrators can quickly connect existing enterprise directories, domains and compute resources with the Workspace Cloud platform and services.

This simple requirement makes it easy to get started with Workspace Cloud. It takes just minutes to download, install and register a Workspace Cloud Connector. This design allows customers to avoid the cost and complexity of setting up a direct connections or VPNs to connect their resource locations (datacenters or cloud environments) with Workspace Cloud.

6. Can updates to the control plane be rolled back if they introduce a problem? How’s that going to work?

Of course, but Citrix manages that – not customers. Citrix is taking the responsibility of service availability and functionality very seriously. That include updates and availability of Workspace Cloud platform elements in addition to each service.

First and foremost, we test updates and rollout extensively. Next, we don’t roll a new production update out to every customer at once, we pick an appropriate sample size and only update those customers and control planes. With that additional “in-production confidence”, we’ll continue with rolling out the update to all customers.

In the event that a failure, outage or bug does occur (we’re not perfect), our 24×7 support and operations team is on the case. There are a number of possible resolution paths, rollback or restore being one of them. In other scenarios we may just need to cycle out a problematic server or component. Often these types of resolutions can occur without a service outage. Resolution varies depending on the issue and whether it resides in a platform element or a specific service.

If you suspect an outage has occurred, check our operations dashboard to see if the issue is known and what we’re doing about it.

Workspace Cloud Status

7. What are the basic requirement for getting started with the App and Desktop service in Workspace Cloud?

Check out our official documentation on minimum requirements located here. To take a quick test drive, check out this documentation. To get started with the App and Desktop service, this guide will help you get your first resource location created and workspace delivered.

8. Is Citrix partnering with Microsoft to deliver desktops/apps from Azure?

While Workspace Cloud is committed to an any cloud, we certainly have our sights set on a robust solution for delivering apps and desktops using Windows Azure. Our roadmap and vision includes integrated Azure provisioning in the App and Desktop service. That integration will enable customers and partners to quickly and easily scale capacity in resource locations, saving time and further simplifying administration of Citrix environments. We’re aligned and partnered with Microsoft and look forward to strengthening the Citrix + Microsoft story with a deeper integration between Azure and Workspace Cloud.

Next Steps: Explore Workspace Cloud

Didn’t catch the webinar? Learn more about Workspace Cloud by watching the recording, reading more at citrix.com/workspacecloud, or see for yourself at workspace.cloud.com.