CiscoLive 2016 in the U.S. is a huuuge event! This year brought more than 28,000 attendees, up from 23,000 at the event last year in San Diego.

Cisco’s focus at this year’s event was clear: partners bring value, and if you’ll pardon my bias as one of the best partners, one who’s plutonically aligned, Citrix NetScaler brings the most important component to any network: application delivery. After all, neither the network nor the application are very useful on their own without being able to reach the user.

thinktankAt this year’s event, Citrix shared its vision for application delivery as it aligns to Cisco ACI and the Software Defined Data Center (SD-DC). We were given the opportunity to share our solutions and expertise by speaking at two of the event’s partner theaters in addition to the hourly presentations at our in-booth theater.

The integration between Citrix NetScaler and Cisco ACI is different than every other 3rd party L4-L7 service plugin.  Fully implementing SDN for automation requires a high degree of potential. Our vision since our first integration to the Cisco APIC-DC in 2014 has been to present administrators with every knob and switch available in our product through Cisco’s ACI manager.

Slide02Citrix NetScaler has by far the most comprehensive support of any L4-L7 device in ACI. Our device package is so complete that it’s possible to deploy almost everything natively with the ACI controller in Service Policy mode. Need content rewriting and application acceleration? No problem.

We’ve supported the fully-managed Service Policy model with APIC as the central manager from day 1 in 2014. And, although feedback to us has been terrific in that our implementation far exceeds expectations, many of our customers and partners have asked for an easier model to implement across their existing business structure. To support additional business models, we’ve introducedSlide03 two new versions of our device package.  NetScaler Device Package 11.0 supports the Network Policy mode, where NetScaler is still in the ACI fabric but APIC doesn’t control it. This allows the application and network teams to control policies separately.

Slide04As mentioned above, the second feature soon to be released, includes support for yet a third mode of management – the Services Manager (Hybrid) mode. This mode strikes a balance between the two teams by embracing the concept of SDN with two separate controllers.  Using the Services Manager mode the network and ACI fabric teams own network layers L2 and L3, while the Application and Server teams control application policies at network layers L4 through L7.

We feel hybrid mode strikes the perfect balance between the networking and application teams. Here’s how it works functionally: Network admins provision the VLAN/VXLAN poolsSlide05 in addition to the switching and routing in APIC. A service policy is then pushed to the NetScaler Management and Analytics Server (NetScaler MAS). In concert, the Application development team builds a profile (as a template, also called Stylebooks) in MAS, containing the features, such-as the server IP’s, load balancing method, and session persistence. Stylebook templates make it possible to achieve a high level of automation not possible without a manager. Stylebook features include policy variables and a selectable device model, making it possible to choose the type and form of NetScaler to configure. When the application is ready to be deployed, the App Developer links the ACI policy ID to the Stylebook template in MAS, which then sends the complete L2-L7 configuration to NetScaler.

SDN is about simplifying automation as much as it’s about secure and dynamic multi-tenancy.  If your service level agreement doesn’t need to guarantee specifics like the number of SSL-cores that should be dedicated to a tenant, or you if need to support more than 80 tenants in a single Slide06NetScaler SDX, then Admin Partitions allows you to retain some isolation, like configuration and administration, while allowing the use of shared resources, such-as throughput and processing. With NetScaler Admin Partitions in ACI, expect a cutting edge fully-implemented solution, allowing for the most versatile of highly concentrated services.

Slide07While Admin Partitions sound like an Administrator’s dream, our implementation continues to innovate down to the configuration level. SDN isn’t just about automation, it’s also about simplification. Our implementation of Admin Partitions makes it easier for Network Administrators to troubleshoot by naming partitions and policies in concert with APIC. Thanks to our relevant human-readable naming format, by looking at the policy ID in APIC it’s easy to find the NetScaler that the policy has been deployed to, and within the NetScaler, to find the partition that the policy resides in.

To accelerate the success of Cisco ACI deployments with NetScaler, we’ve Slide08created several tools. The first is an ACI Migration Tool.  The migration tool itself reads a service-function level config from NetScaler and prints XML, which can then be fed to a bespoke or other homegrown tool and provision a NetScaler managed by APIC. If starting a completely new deployment our PoC Starter Kit in GitHub provides all the configuration necessary to provision both ACI and NetScaler and it provides the sample framework to the most common deployments.  We also have tools helpful for deploying Enterprise applications in ACI.  Two deployment guides have been created with relevant config snippets in XML to show how to build a Microsoft SharePoint and Citrix XenApp/XenDesktop environment in a fully automated environment managed by Cisco ACI.

Slide10But don’t take our word for it alone, we wouldn’t be able to do this today without the generous support of our customers and partners.  Woolworths, Du, and Dimension Data have each come forward in support of their ACI deployments with NetScaler, and you can find each of their endorsements directly on YouTube.

If you’re looking to see what NetScaler can do in ACI and if our solution is right for you, then please reach out to your Cisco Partner to access to the Cisco dCloud environment. Not only is NetScaler fully available in a simulated environment in the dCloud, it’s the first that was updated to support the latest production-based APIC 1.2 release. Look to continued innovation and updates for NetScaler in the Cisco dCloud as ACI evolves through the Cisco and Citrix business partnership.  Slide11 Slide12

For more detail using NetScaler in a Cisco ACI environment, there’s a collection of deployment guides on YouTube.  Google “NetScaler ACI Workflow” or visit for more.

It’s only with our continued user and partner support that we’ve been able to create such a thorough set of resources in such a short period.  Our vision and success in networking automation makes it easy to see why NetScaler is great choice for Cisco ACI and SDN environments.

Citrix Mobilize Windows Banner 1_728x90-061715