CNS-420-1I-en-StudentManual-v04.pdf - N ot Education al es...

  • No School
  • AA 1
  • AgentRose7400
  • 617
  • 100% (4) 4 out of 4 people found this document helpful

This preview shows page 1 out of 617 pages.

You've reached the end of your free preview.

Want to read all 617 pages?

Unformatted text preview: N ot Education al es rr fo e CNS-420-1I: Citrix Networking Assessment, Design, and Advanced Configuration or n tio bu ri st di Table Of Contents ot N Module 0 - Course Overview..........................................................................................................1 Module 1 - Methodology & Assessment.......................................................................................28 Methodology.....................................................................................................................30 Business Drivers...............................................................................................................38 Capabilities Assessment...................................................................................................46 Appendix- Lab Details.......................................................................................................62 Module 2 - Deployment Architecture and Topology.....................................................................71 NetScaler Platforms..........................................................................................................73 Access Matrix...................................................................................................................82 NetScaler Deployment Topology......................................................................................90 Deploying NetScaler in the Cloud...................................................................................104 NetScaler High Availability..............................................................................................114 NetScaler in a Double-Hop deployment.........................................................................129 NetScaler Secure Web Gateway....................................................................................150 Module 3 - Advanced AAA Configuration...................................................................................173 An Architect's view of AAA.............................................................................................175 Configuration components for AAA................................................................................179 Authentication.................................................................................................................190 AAA Session Management.............................................................................................229 Multi-factor Authentication..............................................................................................233 Appendix- Lab Details.....................................................................................................247 Module 4 - Security.....................................................................................................................259 Authorization...................................................................................................................261 Appendix- Lab Details.....................................................................................................281 Preauthentication and Endpoint Analysis Scans............................................................287 Protection against Layer 4-7 attacks..............................................................................294 Module 5 - NetScaler Gateway Configuration Considerations...................................................304 NetScaler Gateway Configuration Considerations........................................................306 NetScaler Gateway ICA Proxy Configuration.................................................................321 VPN Access....................................................................................................................329 Clientless Access............................................................................................................340 Split Tunneling................................................................................................................347 RDP Proxy - Introduction................................................................................................354 RDP Proxy - Deployment................................................................................................358 RDP Proxy - Configuration.............................................................................................367 Appendix- Lab Details.....................................................................................................378 Module 6 - Advanced Load Distribution and Link Load Balancing.............................................387 e al es rr fo or n tio bu ri st di ot N NetScaler Load Balancing..............................................................................................389 Link Load Balancing.......................................................................................................397 Firewall Load Balancing..................................................................................................402 Appendix- Lab Details.....................................................................................................415 Microsoft Exchange 2016 Load Balancing.....................................................................420 Appendix- Lab Details.....................................................................................................441 Global Server Load balancing........................................................................................447 GSLB Deployment Methods...........................................................................................451 GSLB Persistence..........................................................................................................465 DNS Policies, Expressions, Actions, and Views.............................................................468 GSLB Monitoring............................................................................................................471 GSLB Configuration consideration.................................................................................475 Appendix- Lab Details.....................................................................................................484 Module 7 - NMAS Automation and Orchestration......................................................................493 NetScaler Management and Analytics System...............................................................495 Outbound Traffic Dashboard Use Cases........................................................................507 Appendix- Lab Details.....................................................................................................519 MAS Automation.............................................................................................................525 MAS Orchestration.........................................................................................................532 Configuration Jobs..........................................................................................................542 Configuration Job Use Cases.........................................................................................546 Configuration Audit.........................................................................................................559 Nitro SDK for NetScaler..................................................................................................567 Stylebooks......................................................................................................................577 Appendix- Lab Details.....................................................................................................608 e al es rr fo or n tio bu ri st di • CITRIX • Citrix Networking Assessment, Design, and Advanced Configuration Course Overview t xa:@d Centi! e al es rr fo ,_ .Le C11J ot ModuleO N CNS-420-11:vl.1 10.15.2018 or n tio bu ri st di 1 © 2018 Citrix Authorized Content • Review the Citrix methodology and the different assessments used by Citrix. • Identify the configuration and deployment options. between single and multi Tennant • Distinguish infrastructure deployments. • Explore Cloud. Learning Objectives deploying Citrix ADC, Gateway, and N MAS in the • Describe the available Authorization and discuss use case scenarios. and Access policy's • Discuss and configure nfactor authentication with clients certificate authentication. and ot N • Examine the options for secondary authentications username certificate extraction. fo e al es rr CiTR!X or n tio bu ri st di 2 © 2018 Citrix Authorized Content • Distinguish between the Citrix Gateway options and discuss EPA use cases and deployment scenarios. • Discuss the VPN configuration and implementation. • Evaluate the Global override settings and the split tunneling configuration. • Discuss Load Balancing Load Balancing Learning Objectives • Evaluate multi concerns. • Configure configuration data center deployment and implement Link and GSLB and DNS MAS automation and orchestration features. • Utilize NITRO for advanced MAS configuration. ot N • Create Net New StyleBooks options and distinguish fo CiTR!X e al es rr or n tio bu ri st di 3 © 2018 Citrix Authorized Content configuration Introduce yourself to the class. Include the following information: • Name and company Learning Objectives • Job title • Job responsibility • Networking and virtualization experience • Citrix hardware and software experience • Class expectations ot N fo e al es rr CiTR!X or n tio bu ri st di 4 © 2018 Citrix Authorized Content Review: Student • Parking and transportation information • Classpolicies Introductions • Break and lunch schedules • Emergency contact information ot N fo e al es rr CiTRJX or n tio bu ri st di 5 © 2018 Citrix Authorized Content • This course requires extensive experience with Citrix ADC 12.x as well as experience with Citrix Gateway 12.x and supporting infrastructure. • Citrix recommends completion of the following courses or similar experience prior to attending this course: • CNS-220: CitrixADC 12.x Essentials and Traffic Management Facilities • CNS-222: CitrixADC 12.x Essentials and Unified Gateway • CNS-320: Citrix ADC Advanced Topics - Security, Management, and Optimization • Recommended certifications achieved prior to this course: • CCN-Aand CCN-P. ot N fo e al es rr CiTR!X or n tio bu ri st di 6 © 2018 Citrix Authorized Content • Module 0: Course introduction • Module 1: Methodology & Assessment Course Outline • Module 2: Citrix ADC Deployment Architecture and Topology ot N fo e al es rr CiTR!X or n tio bu ri st di 7 © 2018 Citrix Authorized Content • Module 2: Citrix ADC Deployment Topology (Continued) Day Two Architecture and • Module 3: Advanced AAA Configuration Course Outline • Module 4: Citrix ADC Security ot N fo e al es rr CiTR!X or n tio bu ri st di 8 © 2018 Citrix Authorized Content Day Three • Module 4: Citrix ADC Security Course Outline • Module 5: Citrix Gateway Configuration Considerations ot N fo e al es rr CiTR!X or n tio bu ri st di 9 © 2018 Citrix Authorized Content Day Four • Module 6: Advanced Load Balancing (Cont) Course Outline ot N fo e al es rr CiTR!X or n tio bu ri st di 10 © 2018 Citrix Authorized Content Day Five Course • Module Outline 7: MAS Automation and Orchestration ot N fo CiTR!X e al es rr or n tio bu ri st di 11 © 2018 Citrix Authorized Content New Exercise Design • Review if design requirements are met using: • Update detailed design document to match design requirements. • Design requirement document. • Implement the new design in the design validation lab. • Detailed design document. ot N • Design validation lab. tn A. or e-tl 4ltE! fo _ lo e al es rr CiTR!X or n tio bu ri st di 12 © 2018 Citrix Authorized Content 0 a=mJ CXD-410 Exercise Materials Exercises for this course are in the form of both written documents focusing on assessment and design skills and labs to complete the design verification and functionality testing. Lab environments are Exercise Resources available for a set amount of time so please review the exercise details before launching a lab. l1J Student Resources A 2-1 User Layer Design Review 2h OOm • Student Resources A 3-2: Access Layer Design Review 2h OOm • Module based labs A 3-3: Configure Single FQDN 2h OOm Authentication Design Review 2h OOm A 4-1: A 5-1: Image Layer Design Review 2h OOm A 6-1: Application Layer Design Review 2h OOm A 7 -1: Personalization Layer Design Review 2h OOm A 1 O: Configure Multi-Location Deployment 2h OOm ot N tn A. or e-tl 4ltE! fo _ lo e al es rr CiTR!X or n tio bu ri st di 13 © 2018 Citrix Authorized Content • I Exercise 9·2 Student Resources Hom, 0 Shere x G View « Modules > 00 • lab Guide > Module 9 > Exercise 9·2 v C, Search Exercise 9·2 Date modified Type 9-2 M!!!e.ting notes and Design Requirem ... 11/15/2017 1 :49 PM Microsoft Word D ... 70KB 9·2 lob Slides.pptx 11/15/2017 4:24 PM Microsoft PowerP ... 262 KB 9·2 De.tailed Design.doc:x 11/15/20171:34 Microsoft Word 0 ... 20KB Name Size ,t Quick access Zip archive containing: • la One.Drive Design requirements documents • Assessment exercises documents • Design exercises documents • ;;'t. This PC • Dosktop ~ Documents .. Downloads J, Music ii: Pictures PM Videos '.;.. locol Disk((:) ot N Module based lab guides lo tn A. or e-tl 4ltE! fo - e al es rr CiTR!X or n tio bu ri st di 14 © 2018 Citrix Authorized Content Student Desktop • Remote Desktop Connection Manager for general management • Hyper-V Console for VM management and power operations ot N t xa:@d Centi! fo ,_ .Le C11J e al es rr CiTR!X or n tio bu ri st di 15 © 2018 Citrix Authorized Content filt Ed.t Stis.on b ,;ijc,a,.,10 Remote Desktop Connection Manager • Preconfigured for your lab environment • Main access point for lab exercises • Easy to copy/paste View ld NYC-Al>S.001 O NYC.fSR-<X>l O N't'C.f'VS.(X)l O NlC·SOL·\'M1 O N't'C·STF.C01 O NYC-><DC-VM\ ot N tn A. or e-tl 4ltE! fo _ lo e al es rr CiTR!X or n tio bu ri st di 16 © 2018 Citrix Authorized Content f'ile Edit Se:u,on - "'RllCN tdPffl'.:..+m'«II C1i N'l'C-ADS«ll QN'l'C.osGN.QOI O N'l'C-OTP.001 O N'l'C-OTP<MST ONYUSR.001 ONYC.JW.1.001 C,ute sevee (fe.t,rV.iu.l MKtwlt • CrHtit Cloud 0N'l'C..f0Cfle1 O N'l'UVS.001 O N'l'C-RDS.Qll Hyper-V & • VMs(41) ON'l't.sot...001 O NYC-sftV·Oll O N>CSAV-MST ,,.,,., SCVMM ON'l'C·WRK-«11 O O N'IC-WRK-002 IM:·WRK<ol NYC·P.OS-001 Oim:=«>1 • O Manage virtual machines NVC·PVS-001 IM:·XDC= NVC·X0(.(102 0f'VS.OTP-MST II Hypc,·Y Fik Adion ... u~. Complc-ttd w~ M.n•ttr y._ 1-!dp . 6 MMwigfl NVC·HYP-001 V'trtu.lllM.K~ "'1- Power operations I • Configure .. , I_.., VM templates 0.. Compltttd '------l151Hypt,·V 0VDR..-Os.a>1 • ,._ O NYCSTF-<01 O H'l'C·STF.(11)'2 .... I tM:-xDC<>OI ltM:OCDC-002 I VOR...OS<>OI !. ...... O Pf'IC.WRX<>02 ..,. ..... ........ ........ ........ ........ ........ ........ CP °' °' °' °' °' °' Job< [?1- ot N tn A. or e-tl 4ltE! fo _ lo e al es rr CiTR!X or n tio bu ri st di 17 © 2018 Citrix Authorized Content • You can download, save, and print electronic courseware. • Follow these steps to print to a PDF file: - Student Resources> Courseware > Student Manual> Launch ot N fo e al es rr CiTR!X or n tio bu ri st di 18 © 2018 Citrix Authorized Content • • • < ·- ID clTlpr Education Clas!. • ...1oni SIA.-tJOrt .) Classr o , 1111111 1 •1• _ tl\.:Ket? ····~iiiii11111iii•----.-.cs-... __,_..,..._ '"''°"'c c. .wdr ..,._..,..,. -··c:va.,oa,.,~ -"IUl°'9"Dlo,4IPllf'l,C.. ~Win :+ :¥ .-cir .....~ ...... (11<-MltlO( .. l~IU\by ot N 0 () tn A. or e-tl 4ltE! fo _ lo e al es rr CiTR!X or n tio bu ri st di 19 © 2018 Citrix Authorized Content Citrix Rebrand The Unified Citrix Portfolio • Throughout 2018, you will see Citrix unify our portfolio in exciting ways. • Citrix is devoted to making it easier to experience and understand Citrix Digital Workspace, Citrix Networking, and Citrix Analytics solutions. • In some cases, product names will change to fit the Citrix vision of the product roadmap. ot N • As the new portfolio is rolled out, you may notice some inconsistencies in product references across Citrix properties, including software, Citrix websites, and training courses. tn A. or e-tl 4ltE! fo _ lo es rr CiTR!X e al Key Notes: • For more information on these changes and how they impact your experience with Citrix products, feel free to visit the link below. or n tio bu ri st di Additional Resources: • Rebrand Portfolio: 20 © 2018 Citrix Authorized Content Citrix Workspace Citrix Workspace will become one unified, contextual, secure offering. Citrix Workspace offers a user-centric experience where everything you need to work is in one unified app, with access and performance made simple based on user context and IT-designed conditions. Citrix Workspace is composed of the following components depending on your edition and add-ons: Citrix Workspace app Citrix Hypervisor Learn more transitioning from XenServer New mobile, web, and desktop experience bringing together all the apps and files you need to work. Citrix App Layering Learn more Citrix Content Collaboration transitioning from ShareFile Citrix Virtual Apps transitioning from XenApp Citrix Endpoint Management transitioning from XenMobile Citrix Virtual Desktops transitioning from XenDesktop Citrix Secure Browser transitioning from XenApp secure browser • Citrix Secure Mail ot N Citrix Endpoint Management will continue to provide secure access to end-user apps you already use: fo • Citrix Secure Web Learn more Learn more e al es rr CiTR!X or n tio bu ri st di 21 © 2018 Citrix Authorized Content Citrix Networking The extensive Citrix Networking portfolio. pieces of which were formerly called NetScaler and Cedexis. will expand further into software-defined networking. Citrix will now be the primary name in app delivery, with trusted security and visibility through intelligent analytics. The Citrix Networking portfolio includes: CitrixADC Citrix Application transitioning from NetScaler ADC transitioning from NetScaler Management and Analytics System Delivery Management Citrix SD-WAN Citrix Secure Web Gateway transitioning from NetScaler SD-WAN transitioning from NetScaler Secure Web Gateway Citrix Web App Firewall Citrix Intelligent Traffic Management transitioning from NetScaler App Security. NetScaler App Firewall, and NetScaler Web App Security N Citrix Gateway transitioning from Cedexis Platform 0 ot transitioning from NetScaler Unified Gateway and NetScaler Access Gateway tn A. or e-tl 4ltE! fo _ lo e al es rr CiTR!X or n tio bu ri st di 22 © 2018 Citrix Authorized Content Citrix Analytics Citrix Analytics applies machine learning to provide user behavior analytics and proactive security insights. Citrix Analytics collects data across the Citrix portfolio generating actionable insights enabling administrators to proactively handle user and application security threats, improve application performance. and support continuous operations. The Citrix analytics portfolio includes: • Citrix Analytics for Networking • Citrix Analytics for Workspaces Learn more ot N tn A. or e-tl 4ltE! fo _ lo e al es rr CiTR!X or n tio bu ri st di 23 © 2018 Citrix Authorized Content Looking ahead End of Course Survey Your opinion 1'2] Help shape the next course. ... Tell us what you liked! qO What can we do better? matters! ot N fo e al es rr CiTRJX or n tio bu ri st di 24 © 2018 Citrix Authorized Content Citrix Measures your Feedback with NPS How is Net Promoter Score Calculated? Extremely Likely How likely is it you would recommend Citrix Courses to a friend? Promoter Passive Not at all Likely Detractor ot N tn A. or e-tl 4ltE! fo _ lo e al es rr CiTR!X or n tio bu ri st di 25 © 2018 Citrix Authorized Content Connect with Citrix Education Face book Twitter Linked In Follow @citrixservices Become a fan of Citrix Services Join the Citrix Education group ot N Visit to find more information...
View Full Document

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture