Why choose NetScaler for delivering all your applications?

NetScaler provides seamless application delivery and secure remote access for both internal- and external-facing applications. Not only can you use NetScaler for delivering Citrix virtual desktop infrastructure and enterprise applications to your workforce, but you can also use NetScaler for delivering customer-facing monolithic and microservices applications.

The NetScaler advantage

By using NetScaler to deliver all your applications, you gain operational consistency, cost efficiency, and so much more:

Operational consistency

  • NetScaler uses a single code base and a software-based architecture across all form factors, so no matter how you choose to deploy your applications — on-premises, in public cloud, or across both — the features and behavior will be exactly the same
  • NetScaler’s single management plane, NetScaler Console, gives you one place for orchestrating and managing NetScaler application delivery controllers (ADCs), implementing security policies, and accessing analytics and observability capabilities to ensure consistent application delivery across hybrid and multi-cloud environments
  • NetScaler provides feature parity — including configuration management — across its ADC form factors that allows for portability of services when migrating deployments between environments

Comprehensive security

NetScaler comes with built-in enterprise-grade security features so you can consolidate and simplify your infrastructure, eliminating the need to purchase multiple point solutions:

  • Uniform protection for applications across environments with no compromise on performance
  • Web application firewall and volumetric bot protection at massive scale
  • Zero trust network access (ZTNA) access to internal applications
  • Native and integrated authentication and single sign-on experience to protect corporate data
  • API endpoint protection for securing microservices applications

Cost efficiency

  • NetScaler offloads SSL/TLS encryption and decryption from application servers, reducing the computational expense of server processing while also improving application performance and security
  • NetScaler is included in the Citrix platform, making it simple to reallocate throughput to NetScaler ADC instances across application environments as your business requirements and deployment models change — so you always get the most out of your investment in NetScaler

High-performance application delivery

Designed from inception to be software focused and hardware agnostic, NetScaler uses x86 commodity hardware to allow for cost-effective performance and scaling:

  • NetScaler’s proprietary one-pass architecture for load balancing processes security and other ADC functions in a single pass for the lowest latency — as well as the reduced costs that come with optimal CPU utilization
  • NetScaler enables dynamic scaling of internet traffic for hybrid and multi-cloud workloads to achieve clustering of up to 8 Tbps of L7 throughput for traffic destined for a single IP and port on up to 32 nodes
  • Superior proxy performance for TLS processing results in an average latency advantage of ~100ms (Source: Tolly Group performance benchmarking test report)

End-to-end observability

NetScaler observability goes beyond simple monitoring to not only alert you that something is wrong but to also tell you exactly where to find the issue — the client, the server, or the internet connection in between —  so you can fix it faster:

  • The most granular real-time insights for application and API traffic, application and API security, and network and infrastructure performance
  • Integrations with with popular data visualization tools, including Splunk, Prometheus, Grafana, and more
  • NetScaler surfaces only the most valuable telemetry data — including metrics, events, logs, and traces — to significantly reduce your ingress and data storage costs

Did you know?

NetScaler provides high-performance and secure application delivery for many types of workloads, not just Citrix deployments: Some of the world’s largest e-commerce websites rely on NetScaler to ensure that their customers can transact reliably and securely.


Key NetScaler features for Citrix deployments

NetScaler is the only ADC that is fully interoperable with Citrix and that provides the most capabilities —  including optimal performance and enterprise-grade security —  for delivering Citrix virtual desktop infrastructure and enterprise applications to your workforce.

NetScaler Gateway

NetScaler functions as a gateway to provide a single, externally available log-in portal to allow different levels of user access to Citrix Virtual Apps and Desktops (on-premises) and Citrix DaaS (cloud):

  • You can use the same log-in portal to identify and provide network-level access to corporate devices using device certificates, and you can allow third parties external to your organization to access sanctioned applications
  • NetScaler Gateway combines multi-factor authentication, policy control, and single sign-on with SAML 2.0 for streamlined user access
  • NetScaler also provides clientless SSL VPN access, supports Microsoft Intune integration, and offers a customizable web portal
  • Additionally, NetScaler Gateway includes specialized proxies for ICA and RDP traffic to ensure secure and stateless connections, along with traffic monitoring

Application acceleration

NetScaler optimizes application performance of applications by leveraging TCP optimization, which fine-tunes the TCP stack to enhance data flow efficiency over the network:

  • TCP optimization reduces latency, minimizes packet loss, and improves the speed of content delivery, ensuring a faster and more reliable application end-user experience
  • By optimizing the TCP protocol, which is fundamental for most internet communication, NetScaler ensures that applications are not only accelerated but also consistently available and responsive to user requests

Access control

When using NetScaler Gateway for Citrix Virtual Apps and Desktops, you gain granular control over your users’ access:

  • SmartControl enables you to manage user-access policies from a single location rather than at each application delivery controller (ADC) instance for every server
  • SmartAccess knows each user's identity, location, device, and authentication mechanism and uses this information to give you control over the user's actions, such as disabling access and preventing downloading, printing, and screen capturing
  • SmartAccess allows you to provide differentiated access to your users based on their needs

L4-7 traffic management

NetScaler includes advanced Layer 4-7 traffic management for optimal network performance and reliability:

  • NetScaler Global Server Load Balancing (GSLB) distributes traffic across geographic locations, resulting in improved application responsiveness and reduced latency
  • NetScaler clustering capabilities allow for scalability and high availability
  • NetScaler connection multiplexing reuses connections to avoid the overhead on a server when establishing new connections for each request, ensuring that server connections are efficiently reused. This results in dramatically reduced SSL/TLS load on backend servers

Application security

Only NetScaler uses a one-pass architecture to process security and other ADC functions in a single pass to reduce latency and provide optimal CPU utilization for super-fast application performance:

  • NetScaler comes with advanced security features including an industry-leading web application firewall (WAF), bot mitigation, SSL encryption/decryption, and more
  • NetScaler WAF protects applications and APIs from both known and unknown attacks and is complemented by an IP Reputation Service that proactively blocks threats
  • NetScaler Bot Mitigation detects, blocks, and mitigates bad bot traffic while offering control over good bot access to applications by using geolocation, IP address, bot signatures and device fingerprinting
  • NetScaler seamlessly integrates with Citrix Endpoint Management (MDM) for mobile device security

Application insights and observability

Because NetScaler collates telemetry from every user session, you can quickly detect whether an issue originates with the client, the network, or the data center:

  • Only NetScaler can parse high-definition experience (HDX) traffic and provide details via NetScaler HDX Insight reports on individual streams within each session
  • NetScaler Gateway Insight reports provide instant visibility into authentication failures as well as granular details on end points, single sign-on, session launch and termination, and more
  • NetScaler provides end-to-end observability capabilities to assess the health, performance, and behavior of applications so you can quickly identify and resolve application performance and security issues, which in turn improves the application end-user experience


Key NetScaler features for monolithic and microservices deployments

NetScaler abstracts the complexities of networking configuration for monolithic and microservices application delivery and works the same across hybrid and multi-cloud environments, empowering your team to move faster to deliver new products and services.

High-performance load balancing

NetScaler provides the lowest latency to ensure an optimal application end-user experience:

  • Only NetScaler uses a one-pass architecture for traffic processing that enables it to perform many functions simultaneously to reduce latency and improve performance
  • NetScaler global server load balancing (GSLB) optimizes resource utilization, you can make the most of your existing infrastructure and reduce the need to invest in additional hardware or resources
  • Independent benchmarking confirms that NetScaler outperforms its competitors in every test for latency, throughput, and CPU utilization

High availability

Unlike other solutions, NetScaler doesn’t sacrifice high availability for scale — you get both:

  • By deploying two NetScaler ADC nodes in active-passive mode with the same configurations, you can prevent interruptions to your operations
  • NetScaler uses dynamic traffic routing rather than static routing only to automatically route client requests to the location that is best for a particular user at the time of the request
  • With NetScaler priority load balancing, ADC instances across all redundancy levels are associated with a single load-balancing virtual server, so you can easily see the state of the application via a single command or the NetScaler Console
  • With NetScaler, you can configure the same zone in AWS and in Azure with IPv6 addresses for failover

Comprehensive application and API security

NetScaler comes with built-in security features so you can consolidate and simplify your infrastructure, eliminating the need to purchase multiple point solutions:

  • NetScaler protects your applications against known and unknown vulnerabilities, including zero-day attacks
  • NetScaler WAF, unlike next-generation firewalls, protects applications against the OWASP Top 10 vulnerabilities, mitigates bots, and protects APIs
  • Use NetScaler WAF to apply signature protections for known vulnerabilities, without having to immediately patch the affected server
  • NetScaler provides map visualization, called service graphs, that make it easy to identify application performance issues that may stem from known or unknown attacks. Quickly determine if an issue originates from the client, the ADC, or your application

Kubernetes ingress control

NetScaler's Kubernetes ingress capabilities enable you to secure and accelerate ingress traffic for one or multiple Kubernetes clusters:

  • NetScaler Ingress Controller exposes Kubernetes services outside the cluster and supports advanced traffic management capabilities such as SSL offload, load balancing, and content switching
  • NetScaler integrates with service mesh technologies such as Istio and Envoy, providing additional traffic management and security capabilities for microservices
  • NetScaler functions as an API gateway to manage and secure API traffic and supports advanced API management features such as rate limiting, authentication, and authorization
  • NetScaler integrates with the Kubernetes horizontal pod auto-scaler to automatically adjust the number of NetScaler ADC instances based on the demand


NetScaler easily processes high traffic throughputs to handle the largest application loads:

  • 32 NetScaler hardware ADCs can be clustered to achieve up to 6.4 Tbps L7 throughput
  • Software ADCs can be clustered to achieve up to 3.2 Tbps L7 throughput
  • A single NetScaler hardware ADC achieves up to 200 Gbps L7 throughput, and a single software ADC achieves up to 100 Gbps L7 throughput

ADC automation

NetScaler’s intent-based application delivery and security capabilities are ideal for full stack engineers and DevOps teams who typically don’t have deep expertise in networking or security:

  • NetScaler automates your decision making for you while you maintain full control over your environment
  • With NetScaler ADC automation, you can easily configure as code many common tasks such as authentication, rate limiting, rewrite/responder policies, content routing, WAF, bot management, Kubernetes CRDs, and more
  • The NetScaler Automation Toolkit contains everything you need for automated ADC and network configuration: SDKs, public cloud deployment templates, NetScaler APIs, and integrations with IaC tools
  • NetScaler comes with declarative templates called StyleBooks that automate the creation and management of NetScaler ADC configurations
  • NetScaler integrates with the most popular infrastructure-as-code (IaC) tools like Terraform, Consul-Terraform-Sync, and Ansible
  • NetScaler uses a common code base for all ADC form factors, making it easy to share and reuse your NetScaler configurations across on-premises and public cloud environments

End-to-end observability

NetScaler helps you pinpoint whether an issue is originating from the application or network:

  • No other application delivery solution offers more granular metrics, events, logs, and traces while surfacing only the relevant insights to help you pinpoint issues faster
  • NetScaler surfaces only the most relevant telemetry data for you to ingest and save, so you can significantly reduce ingress and data storage costs
  • NetScaler gives you the flexibility to access observability insights via command line, through the NetScaler Console, with the NetScaler Next-Gen API, or by exporting NetScaler data into popular observability endpoint tools like Splunk, Prometheus, Grafana, Elasticsearch, New Relic, Kibana, Kafka, and Zipkin

Stateless persistence in microservices environments

The jumptable assisted ring hash (JARH) load balancing algorithm is based on the principle of consistent hashing:

More information

NetScaler vs F5 for Citrix deployments

See the side-by-side comparison of NetScaler and F5 capabilities.

See the comparison

NetScaler Community

Learn from NetScaler experts (including NetScaler engineers and product managers), gain insight from fellow NetScaler users, and contribute your knowledge about using NetScaler.

Explore the NetScaler Community