Database server load balancing with NetScaler DataStream technology. Self-paced Learning Labs exercise guide

Size: px
Start display at page:

Download "Database server load balancing with NetScaler DataStream technology. Self-paced Learning Labs exercise guide"

Transcription

1 Database server load balancing with NetScaler DataStream technology Self-paced Learning Labs exercise guide May 2012

2 Table of Contents Overview... 3 Exercise 1: SQL Rate Limiting... 6 Exercise 2: Database Responder Exercise 3: Token Load Balancing and Audit Log for SQL Exercise 4: SQL Caching Page 2

3 Overview NetScaler DataStream Technology provides native database protocol and SQL intelligence by inspecting real-time traffic and applying protocol aware policies for both Microsoft SQL Server and MySQL databases. By performing native SQL load-balancing, it offers a cost-effective solution to offload database server connections considerably reducing the number of SQL connections to the backend servers, while providing an infrastructure to monitor, optimize, and secure a database deployment. The new NetScaler 10 release extends the power and capabilities of DataStream with token-based load balancing of SQL queries for more flexible scaling strategies, and with advanced caching of SQL responses to improve database server efficiency and increase application responsiveness. NetScaler 10 also adds full AppFlow support for DataStream traffic so that performance monitoring and business intelligence tools now have visibility deep into the application stack for richer monitoring, tracking and troubleshooting of both web and data based traffic. Hands-on Training Module This training module has the following details: Objective This lab provides hands on training on the new DataStream enhancements included in NetScaler 10. Audience Primary: Sales engineers, consultants, and support Lab Environment Details Machine AD.training.lab NSVPX_nCore_10_node0 Windows 7 Apache_MySQL_1 Apache_MySQL_2 Apache_MySQL_2 Details Domain controller, DHCP, and DNS Virtual instance of a NetScaler appliance Administrative workstation Linux server with Apache, PHP, MySQL Linux server with Apache, PHP, MySQL Linux server with Apache, PHP, MySQL NOTE: If prompted with a dialog to restart on any virtual machine, always select Restart Later. Page 3

4 Required Lab Credentials Below are the login credentials required to connect to the workshop system and complete the lab exercises. Machine IP Address Username Password AD.training.lab TRAINING\Administrator Citrix123 Windows TRAINING\Administrator Citrix123 Apache_MySQL_ root c!tr!x (GENTOO_1) Apache_MySQL_ root c!tr!x (GENTOO_2) Apache_MySQL_3_splunk root c!tr!x (GENTOO_3) NSVPX_nCore_10_node0 NSIP: SNIP: nsroot nsroot Page 4

5 How to log into the lab environment The self-paced lab environment is hosted on a cloud-based Citrix XenServer. Connecting to your server from the portal page is as easy as Step-by-step login instructions Step Action 1. Once logged in at the self-paced portal, click the Start lab button to launch a connection to published XenCenter. 2. When XenCenter loads, right-click the XenCenter node and select Add 3. On the Add New Server screen enter the XenServer IP address provided on the portal and in the Password field enter the password provided on the portal. The user name will always be root. Page 5

6 Exercise 1: SQL Rate Limiting Overview NetScaler 10 enforces limits depending on the license platform installed on the system by measuring the rate of requests per second. If the data rate exceeds the pre-configured limit, the NetScaler will send an error message to the connecting client indicating the system limit has been reached. Additionally, the administrator can configure an SNMP trap in order to have visibility when this condition occurs. In this exercise we will attempt to install a web application that populates a database with sample data using a MYSQL virtual server to provide access to the database tier. Since many SQL requests will be sent to the virtual server, the rate limiting mechanism is triggered and the operation will fail. To complete the exercise, we will upgrade the platform license on the NetScaler VPX appliance which lifts the rate limit restriction and attempt the install operation once again. Step-by-step guidance The lab environment required for this exercise is as follows: 1. Linux Server 1 : Apache_MySQL_1 - (GENTOO_1) 2. NetScaler VPX: (NSVPX_nCore_10_node0) 3. Windows 7 Workstation: (WIN_7) Estimated time to complete this lab: 30 minutes. Step Action 1. Logon to the NetScaler VM NS10_nCore_10_node0 and verify the following features > enable ns feature LB are enabled on the NetScaler appliance: - Load balancing 2. Verify the license installed on the appliance. Since a VPX_1000 license is installed, it should read Model Number ID: 1000 > show license grep Model Model Number ID: 1000 > Exercise 1: SQL Rate Limiting Page 6

7 3. Add a Subnet IP (SNIP) > add ns ip type SNIP 4. Create server objects for all Linux servers: Apache_MySQL_1 (GENTOO_1) Apache_MySQL_2 (GENTOO_2) Apache_MySQL_3 (GENTOO_3) 5. Create service objects for the MYSQL service running on all three servers (TCP port 3306). > add server GENTOO_ > add server GENTOO_ > add server GENTOO_ > add service GENTOO_1_MYSQL_TCP_3306 GENTOO_1 MYSQL 3306 > add service GENTOO_2_MYSQL_TCP_3306 GENTOO_2 MYSQL 3306 > add service GENTOO_3_MYSQL_TCP_3306 GENTOO_3 MYSQL Create a MYSQL vserver and bind the MYSQL service for Apache_MySQL_1 (GENTOO_1) 7. Verify that the vserver and services created are in an UP state. 8. > bind lb monitor TCP GENTOO_1_MYSQL_TCP_3306 > bind lb monitor TCP GENTOO_2_MYSQL_TCP_3306 > bind lb monitor TCP GENTOO_3_MYSQL_TCP_3306 > add lb vserver MYSQL_vserver MYSQL > bind lb vserver MYSQL_vserver GENTOO_1_MYSQL_TCP_3306 > show lb vserver MYSQL_vserver > stat lb vserver MYSQL_vserver All 3 MYSQL servers in the lab already have a set of sample databases loaded. The user netscalersql has been granted all privileges. The password for this user is netscaler. 9. Before we can connect to the database, we define the account the NetScaler will use to connect to the SQL backend. Create the NetScaler DB user. > add db user netscalersql -password netscaler Exercise 1: SQL Rate Limiting Page 7

8 10. From Apache_MySQL_3 (GENTOO_3), attempt to connect to the MYSQL virtual server using the following credentials: gentoo_3 ~ # mysql -h u netscalersql -p Enter password: netscaler mysql> U: netscalersql P: netscaler Note: Use the h, u, and p flags to specify the hostname, username, and prompt for a password. You should be able to login through the VIP. 11. List the databases to verify you have access to the DB server. 12. Execute a simple query to verify access to one of the databases: mysql> show databases; Database information_schema imdb mysql test rows in set (0.07 sec) mysql> mysql> use imdb; mysql> select * from actors where actors.first_name = "Al" and actors.last_name = "Pacino"; id first_name last_name gender Al Pacino M row in set (0.11 sec) mysql> Exercise 1: SQL Rate Limiting Page 8

9 13. Since we will be installing a web application, create an HTTP virtual server and corresponding services 14. On the NetScaler, create HTTP services for all Linux servers > add service GENTOO_1_HTTP_TCP_80 GENTOO_1 HTTP 80 > add service GENTOO_2_HTTP_TCP_80 GENTOO_2 HTTP 80 > add service GENTOO_3_HTTP_TCP_80 GENTOO_3 HTTP Create the HTTP vserver and bind the Apache_MySQL_1 service (GENTOO_1) to it 16. The web application used in this exercise is an open source CRM application (SugarCRM). The necessary files to complete the install are located in the apache web server root. Connect to the Windows 7 workstation (WIN_7) and point Internet Explorer to the HTTP virtual server previously created: 17. Browse to the sugarcrm directory to begin the install: > bind lb monitor tcp GENTOO_1_HTTP_TCP_80 > bind lb monitor tcp GENTOO_2_HTTP_TCP_80 > bind lb monitor tcp GENTOO_3_HTTP_TCP_80 > add lb vserver HTTP_vserver HTTP > bind lb vserver HTTP_vserver GENTOO_1_HTTP_TCP_80 m/install.php Exercise 1: SQL Rate Limiting Page 9

10 18. NOTE: If you receive an error message indicating that the installer is locked, please run the following command on Apache_MySQL_1 server and refresh the install page : gentoo_1 ~ # cp /var/sugarcrm_config/config.php /var/www/localhost/htdocs/sugarcrm/ 19. Go through the initial system check and accept the license agreement. Perform a typical install and accept the defaults. Exercise 1: SQL Rate Limiting Page 10

11 20. During the database configuration, use sugarcrm as the database name and select the virtual server IP as the hostname. For the database administrator username and password, use the NetScaler DB user configured before: User: netscalersql Password: netscaler Select the option to populate the database with demo data in order to trigger the SQL rate limiting mechanism 21. Pick a password for the sugarcrm admin user. For consistency you can use netscaler as your password. 22. Accept the warning and select install Exercise 1: SQL Rate Limiting Page 11

12 23. The install operation will fail due to a database error. 24. Inspecting the installation log file on the Apache_MySQL_1 server webroot (GENTOO_1), we can see that the rate limiting mechanism was triggered: gentoo_1 ~ # tail /var/www/localhost/htdocs/sugarcrm/sugarcrm.log Fri Mar 16 19:00: [17401][-none-][FATAL] Query Failed: INSERT into relationships (id,relationship_name,lhs_module,lhs_table,lhs_key,rhs_module,rhs_table,rhs_key,rela tionship_type) values ('5a4ff bf6-59d6-4f638d8f997f','projects_modified_user','Users','users','id','Project','project','mod ified_user_id','one-to-many'): MySQL error 6002: NetScaler DataStream rate limits hit gentoo_1 ~ # 25. Go back to the NetScaler NSVPX_nCore_10_node0 CLI. To verify the logging capabilities for DataStream, set up the SNMP alarm for the DataStream rate limit hit. In order for the trap to be sent (and appear in syslog), define a generic and specific trap destination. > set alarm DATASTREAM-RATE-LIMIT-HIT - logging ENABLED -state ENABLED -severity Informational > add snmp trap generic communityname public -srcip > add snmp trap specific communityname "\"public\"" -srcip severity Informational > save ns config Save your configuration. Exercise 1: SQL Rate Limiting Page 12

13 26. From the Windows 7 workstation, close any browser instances and run the web application installer again. (http:// /sugarcrm/install.php). Refer to steps IMPORTANT: Before you can run the installer again, the config.php file needs to be modified to allow the installer process to run. To avoid making manual changes to the configuration file, an already modified copy is stored in: /var/sugarcrm_config/config.php On Apache_MySQL_1 (GENTOO_1), copy this file to the Apache webroot sugarcrm directory with the command provided: gentoo_1 ~ # cp /var/sugarcrm_config/config.php /var/www/localhost/htdocs/sugarcrm/ NOTE: If you receive any warnings to remove the existing tables and populate the data, click on the accept button. 27. Switch to NSVPX_nCore_10_node0 and inspect the NetScaler syslog to verify the trap was sent. > shell tail -n 10 /var/log/ns.log Mar 21 19:45:09 <local0.info> /21/2012:19:45:09 GMT NS10_node0 0-PPE-0 : DB Message : "MYSQL_CS_CONN_CLOSED: QUIT_CMD_RECEIVED ConnID:14572" Mar 21 19:45:10 <local0.info> /21/2012:19:45:10 GMT NS10_node0 0-PPE-0 : SNMP TRAP_SENT : DataStreamRateLimitHit (alarmhighthreshold = 200, sysipaddress = ) Mar 21 19:45:24 <local0.info> /21/2012:19:45:24 GMT NS10_node0 0-PPE-0 : UI CMD_EXECUTED : User nsroot - Remote_ip Command "shell" - Status "Success" Exercise 1: SQL Rate Limiting Page 13

14 28. The SQL rate limits per platform are as follows: Up to VPX RPS VPX No limit MPX RPS MPX/SDX and higher No limit In order to avoid the limit imposed to our VPX 1000, upgrade the license. A new VPX_3000 license is located in /var/license_backup. Copy the new license file to the /nsconfig/license directory: # cp /var/license_backup/vpx_3000.lic /nsconfig/license/ # exit 29. Before rebooting, save your configuration and reboot. NOTE: You can safely ignore any warnings regarding the configuration not being changed. 30. When the NetScaler comes back online, verify the correct license was applied. > save ns config > reboot -warm > show license grep Model Model Number ID: 3000 > Exercise 1: SQL Rate Limiting Page 14

15 31. From the windows 7 workstation, run the web-app installer again. The installation will now complete successfully. IMPORTANT: Remember to overwrite the config.php for the installer to run again. Please refer to step 26. Exercise 1: SQL Rate Limiting Page 15

16 32. After completing the install, skip the registration process and test the web-app. Remember to use the Admin credentials supplied before: U: admin P: netscaler END OF EXERCISE Exercise 1: SQL Rate Limiting Page 16

17 Summary Key Takeaways The key takeaways for this exercise are: Depending on the platform license installed on the system, different SQL rate limits will apply to DataStream connections. The following table summarizes the different limits applied: Up to VPX1000 VPX3000 VPX8000 MPX5500 MPX 9500 MPX/SDX and higher 200 RPS No limit 1000 RPS No limit The system log will include additional information when this error condition occurs. Additionally, SNMP alerts can be configured to notify the administrator when the limit is reached. Exercise 1: SQL Rate Limiting Page 17

18 Exercise 2: Database Responder Overview DataStream is a new feature introduced in NetScaler version 9.3. It allows the NetScaler to operate as a proxy between the application and database servers to provide load balancing and content switching functionality. In this exercise, we will cover the new database responder configuration. The student will learn how to leverage this feature to provide an additional layer of control for SQL server deployments. Using database responder, the NetScaler can act on certain conditions and generate a custom response to the connecting client. These responses can be user defined (OK packet, Error packet) or a connection reset. Step-by-step guidance The lab environment required for this exercise is as follows: 1. Apache_MySQL_1: (GENTOO_1) 2. NetScaler VPX appliance: (NS10_nCore_10_node0) 3. Windows 7 Workstation: (WIN_7) Estimated time to complete this lab: 15 minutes. Step Action 4. Logon to the NetScaler VM NS10_nCore_10_node0 and verify the following features are enabled on the NetScaler > enable ns feature Responder appliance: - Responder 5. Create a responder action and policy to prevent someone from deleting a database. > add responder action prevent_drop_database sqlresponse_error "This is a destructive operation. Database was NOT modified" > add responder policy prevent_drop_database_pol "MYSQL.REQ.QUERY.COMMAND.CONTAINS(\"drop\")" prevent_drop_database 6. Bind it to the virtual server > bind lb vserver MYSQL_vserver -policyname prevent_drop_database_pol -priority Save your configuration > save ns config Exercise 2: Database Responder Page 18

19 8. OPTIONAL: If an existing connection to MySQL is present, please make sure that you exit. 9. From Apache_MySQL_3 (GENTOO_3), connect to the MYSQL virtual server and attempt to drop a database: Reminder: The NetScaler db user credentials are: U: netscalersql P: netscaler 10. Since no direct access to the database server is allowed, dropping a database is not permitted. Attempting to connect to the backend MYSQL server (GENTOO_1) directly will fail as only the SNIP has access. Reminder: The NetScaler db user credentials are: U: netscalersql P: netscaler mysql> exit Bye gentoo_3 ~ # gentoo_3 ~ # mysql -h u netscalersql -p Enter password: mysql> show databases; Database information_schema imdb mysql sugarcrm test rows in set (0.00 sec) mysql> drop database test; ERROR 6001 (RESAC): This is a destructive operation. Database was NOT modified mysql> mysql> exit Bye gentoo_3 ~ # mysql -h u netscalersql -p Enter password: ERROR 1130 (HY000): Host is not allowed to connect to this MySQL server gentoo_3 ~ # END OF EXERCISE Exercise 2: Database Responder Page 19

20 Summary Key Takeaways NOTES The key takeaways for this exercise are: Database responder can be used to enforce certain database operations OK/Error packets or connection resets are the possible actions that can be configured DB responder policies can also be used in conjunction with SQL auditing or Stream Analytics to collect information about the operations or traffic flows traversing the NetScaler. We will look at SQL auditing and Stream Analytics for SQL in a later exercise. Exercise 2: Database Responder Page 20

21 Exercise 3: Token Load Balancing and Audit Log for SQL Overview In this exercise we will explore the new load balancing options for SQL traffic. With NetScaler 10, it is now possible to load balance SQL requests based on parameters found in SQL traffic. By introducing the Token LB method, the load balancing decisions can be based on SQL attributes, such as database name, connecting user, query type, character set, and other. In this exercise, we will configure a few example rules for token load balancing. We will verify how traffic flows to backend services depending on SQL traffic attributes included in the request. Additionally, we will use the SQL audit log to understand why certain operations fail and take appropiate corrective actions. Step-by-step guidance The lab environment required for this exercise is as follows: 1. Linux Server 1: Apache_MySQL_1 (GENTOO_1) 2. Linux Server 2: Apache_MySQL_2 (GENTOO_1) 3. NetScaler VPX appliance: (NS10_nCore_10_node 0) 4. Windows 7 Workstation: (WIN_7) Estimated time to complete this lab: 20 minutes. Step Action 1. Connect to the NetScaler VPX and verify the services > show lb vserver MYSQL_vserver bound to the MYSQL virtual server. If you have completed the previous exercises, one service should be bound. Exercise 3: Token Load Balancing and Audit Log for SQL Page 21

22 2. In order to illustrate SQL token load balancing, proceed to bind a second MYSQL service to the virtual server. Make sure the corresponding MYSQL services for Apache_MySQL_1 (GENTOO_1) and Apache_MySQL_2 (GENTOO_2) are bound to the virtual server. > bind lb vserver MYSQL_vserver GENTOO_2_MYSQL_TCP_ Set the load balancing method to TOKEN on the MYSQL virtual server. Specify a rule to load balance on the database name requested by the client. > set lb vserver MYSQL_vserver -lbmethod TOKEN -rule MYSQL.CLIENT.DATABASE Exercise 3: Token Load Balancing and Audit Log for SQL Page 22

23 4. The same databases and sample data have been replicated to Apache_MySQL_1 (GENTOO_1 and Apache_MySQL_2 (GENTOO_2). This is very common in master/slave scale-out deployments where multiple backend servers have the same database set. On Apache_MySQL_1 and Apache_MySQL_2, connect to the localhost using the MYSQL client. Verify that the databases are present on each server. Since only the root account has access locally, use the following credentials for the localhost connection: U: root P: c!tr!x gentoo_1 ~ # mysql -u root -p Enter password: mysql> show databases; Database information_schema imdb mysql sugarcrm test rows in set (0.00 sec) mysql> quit gentoo_1 ~ # gentoo_2 ~ # mysql -u root -p Enter password: mysql> show databases; Database information_schema imdb mysql sugarcrm test rows in set (0.00 sec) mysql> quit gentoo_2 ~ # Exercise 3: Token Load Balancing and Audit Log for SQL Page 23

24 5. Switch to NSVPX_nCore_10_node0 in order to verify if connections are correctly load balanced using the TOKEN (in our example, TOKEN = DB name), before attempting to connect to the MYSQL virtual server, complete the following three items: 1. Record the number of requests serviced by each MYSQL service currently bound to the MYSQL virtual server (see command on the next column). 2. To avoid monitor traffic from being captured, change the bound monitor to each MYSQL service to PING. (see command on the next column) 3. On the NetScaler, start a TCPDUMP capture using a filter where only traffic to Server 1 OR 2 AND TCP port 3306 is displayed. (see command on the next column) 1. > stat lb vserver MYSQL_vserver 2. > bind lb monitor ping GENTOO_1_MYSQL_TCP_3306 > unbind lb monitor TCP GENTOO_1_MYSQL_TCP_3306 > bind lb monitor ping GENTOO_2_MYSQL_TCP_3306 > unbind lb monitor TCP GENTOO_2_MYSQL_TCP_ > shell # nstcpdump.sh "(host or host ) and tcp port 3306" Exercise 3: Token Load Balancing and Audit Log for SQL Page 24

25 6. Using the MYSQL client on Server 3 (GENTOO_3), connect to the MYSQL virtual server and specify IMDB as the initial database on the connection string (use the D flag). Upon connecting, show the tables to generate additional traffic. Reminder: The NetScaler database user credentials are: U: netscalersql P: netscaler 7. Go back to the NetScaler and observe the traffic generated. Record the destination IP the NetScaler selected for this database connection (IMDB). gentoo_3 ~ # mysql -h u netscalersql -p -D imdb Enter password: mysql> show tables; Tables_in_imdb actors directors directors_genres movies movies_directors movies_genres roles rows in set (0.00 sec) mysql>... 15:06: IP > : S : (0) win 8190 <mss 1460> 15:06: IP > : S : (0) ack win <mss 1460> 15:06: IP > :. ack 1 win Exercise 3: Token Load Balancing and Audit Log for SQL Page 25

26 8. Switch to the Windows 7 workstation and open an SSH session using Putty to as nsroot / nsroot. Execute the same STAT command as in step 5.1. > stat lb vserver MYSQL_vserver Record the number of hits. Which counters were incremented? Does it correspond to the service the NetScaler selected as shown in the TCPDUMP? 9. From Server 3 (GENTOO_3), exit the current MYSQL session and attempt a new connection. This time, specify a different database: (Use the D flag to select the test database). In order to generate traffic, execute a show tables command. mysql> quit Bye gentoo_3 ~ # gentoo_3 ~ # mysql -h u netscalersql -p -D test Enter password: mysql> show tables; Empty set (0.00 sec) mysql> Exercise 3: Token Load Balancing and Audit Log for SQL Page 26

27 10. Go back to the running TCPDUMP on the NetScaler. Was a new destination IP selected?... 15:36: IP > : S : (0) win 8190 <mss 1460> 15:36: IP > : S : (0) ack win <mss 1460> 15:36: IP > :. ack 1 win Go back to Server 3 and disconnect and reconnect using the same database.... mysql> quit Bye gentoo_3 ~ # gentoo_3 ~ # mysql -h u netscalersql -p -D test Enter password: mysql> show tables; Empty set (0.00 sec) mysql> 12. Go back to the NetScaler and inspect the TCPDUMP Was the connection sent to the same backend service? 13. Go back to the Windows 7 workstation and execute the same STAT command as in step 5.1. > stat lb vserver MYSQL_vserver Record the number of hits. Which counters where incremented? Does it correspond to the service the NetScaler selected as shown in the TCPDUMP? Exercise 3: Token Load Balancing and Audit Log for SQL Page 27

28 14. On the MYSQL virtual server, change the TOKEN rule to MYSQL.CLIENT.USER 15. Create a new DB user for the root account 16. From Server 3 (GENTOO_3), attempt to connect to the MYSQL virtual server using the root account 17. From the same session on Server 3, attempt to display the tables for the selected database. Why is it failing? > set lb vserver MYSQL_vserver -rule "MYSQL.CLIENT.USER" > add db user root -password c!tr!x gentoo_3 ~ # mysql -h u root -p -D test Enter password: mysql> gentoo_3 ~ # mysql -h u root -p -D imdb Enter password: mysql> show tables; ERROR 2006 (HY000): MySQL server has gone away No connection. Trying to reconnect... Connection id: 99 Current database: test ERROR 2006 (HY000): MySQL server has gone away No connection. Trying to reconnect... Connection id: 100 Current database: test ERROR 2006 (HY000): MySQL server has gone away mysql> Exercise 3: Token Load Balancing and Audit Log for SQL Page 28

29 18. Inspect the NetScaler syslog. Are there any relevant messages for the failed connection? What is likely the problem? 19. On Apache_MySQL_1 (GENTOO_1) and Apache_MySQL_2 (GENTOO_2), grant the root user ALL privileges to login from any host. (Use the query on the next column) NOTE: Perform this operation on Server 1 AND Server 2. > shell NS10_node0 # tail f /var/log/ns.log... Mar 18 16:00:46 <local0.info> /18/2012:16:00:46 GMT NS10_node0 0-PPE-0 : DB Message : "MYSQL_CS_CONN_ESTD: Username:root DBname:test ConnID: Src_ip: Dst_ip: " Mar 18 16:00:46 <local0.info> /18/2012:16:00:46 GMT NS10_node0 0-PPE-0 : DB Message : "MYSQL_SS_LOGIN_REQ_SENT: Username:root DBname:test ConnID: Src_ip: Dst_ip: " Mar 18 16:00:46 <local0.err> /18/2012:16:00:46 GMT NS10_node0 0-PPE-0 : DB Message : "MYSQL_CS_CONN_RESET: SERVERSIDE_LOGIN_FAILED ConnID:258873" Mar 18 16:00:46 <local0.err> /18/2012:16:00:46 GMT NS10_node0 0-PPE-0 : DB Message : "MYSQL_SS_LOGIN_ERR: SERVERSIDE_LOGIN_FAILED ConnID: Src_ip: Dst_ip: "... gentoo_1 ~ # mysql -p Enter password: mysql> GRANT ALL PRIVILEGES ON *.* TO IDENTIFIED BY 'c!tr!x' WITH GRANT OPTION; Query OK, 0 rows affected (0.00 sec) mysql> quit Bye Exercise 3: Token Load Balancing and Audit Log for SQL Page 29

30 20. From Apache_MySQL_3 (GENTOO_3), exit from the previous MySQL session and establish a new connection to the MYSQL virtual server using the root account and the database IMDB 21. Inspect the NetScaler syslog. Are there any messages relevant to the new connection request? Was it successful? mysql> quit Bye gentoo_3 ~ # mysql -h u root -p -D imdb Enter password: mysql> show tables; Tables_in_imdb actors directors directors_genres movies movies_directors movies_genres roles rows in set (0.00 sec) mysql>... 03/18/2012:16:09:33 GMT NS10_node0 0-PPE-0 : DB Message : "MYSQL_CS_CONN_ESTD: Username:root DBname:imdb ConnID: Src_ip: Dst_ip: " Mar 18 16:09:33 <local0.info> /18/2012:16:09:33 GMT NS10_node0 0-PPE-0 : DB Message : "MYSQL_SS_LOGIN_REQ_SENT: Username:root DBname:imdb ConnID: Src_ip: Dst_ip: " Mar 18 16:09:33 <local0.info> /18/2012:16:09:33 GMT NS10_node0 0-PPE-0 : DB Message : "MYSQL_SS_CONN_ESTD: Username:root DBname:imdb ConnID: Src_ip: Dst_ip: "... Exercise 3: Token Load Balancing and Audit Log for SQL Page 30

31 22. Stop any existing TCPDUMP process with CTRL + C. Refer to step 5.3. In order to verify the new TOKEN load balancing rule, start a TCPDUMP capture on the NetScaler using the previously used filter (see next column for command) 23. From Apache_MySQL_3, quit any MySQL session and reconnect to the MYSQL virtual server using the root user. U: root P: c!tr!x 24. On the NetScaler record the destination IP for the service selected. # nstcpdump.sh "(host or host ) and tcp port 3306" mysql> quit Bye gentoo_3 ~ # mysql -h u root -p Enter password: mysql> show databases; Database information_schema imdb mysql test rows in set (0.00 sec) mysql>... 16:52: IP > : P : (37) ack win :52: IP > : P 1:97(96) ack 37 win :53: IP > :. ack 97 win Exercise 3: Token Load Balancing and Audit Log for SQL Page 31

32 25. On Apache_MySQL_3 (GENTOO_3) quit the existing connection. Start a new one using the netscalersql user. U: netscalersql P: netscaler 26. On the same server (GENTOO_3), start a new connection to the MYSQL virtual server using the root user. Compare the destination IP on the TCPDUMP output for both connections. 27. Inspect the ns.log for the relevant entries generated by the two previous connections. Does the information correlates to what was observed in the TCPDUMP output? mysql> quit gentoo_3 ~ # mysql -h u netscalersql -p mysql> quit gentoo_3 ~ # mysql -h u root -p Mar 18 17:25:28 <local0.info> /18/2012:17:25:28 GMT NS10_node0 0-PPE-0 : DB Message : "MYSQL_SS_LOGIN_REQ_SENT: Username:netscalersql DBname:test ConnID:12579 Src_ip: Dst_ip: " Mar 18 17:25:28 <local0.info> /18/2012:17:25:28 GMT NS10_node0 0-PPE-0 : DB Message : "MYSQL_SS_CONN_ESTD: Username:netscalersql DBname:test ConnID:12579 Src_ip: Dst_ip: "... Mar 18 17:30:45 <local0.info> /18/2012:17:30:45 GMT NS10_node0 0-PPE-0 : DB Message : "MYSQL_SS_LOGIN_REQ_SENT: Username:root DBname:test ConnID:13049 Src_ip: Dst_ip: " Mar 18 17:30:45 <local0.info> /18/2012:17:30:45 GMT NS10_node0 0-PPE-0 : DB Message : "MYSQL_SS_CONN_ESTD: Username:root DBname:test ConnID:13049 Src_ip: Dst_ip: " END OF EXERCISE Exercise 3: Token Load Balancing and Audit Log for SQL Page 32

33 Exercise 3: Token Load Balancing and Audit Log for SQL Page 33

34 Summary Key Takeaways NOTES The key takeaways for this exercise are: NetScaler 10 offers a new TOKEN load balancing method for MYSQL virtual servers. Multiple rules can be used to distribute the load between bound services depending on certain connection attributes. The audit log can be used to troubleshoot SQL connectivity issues. Leveraging TOKEN load balancing for SQL traffic, the administrator can now tailor the load balancing rules to closely resemble the traffic type carried by the virtual server. Using more specific connection attributes for the SQL connections, the administrator has now more control on the traffic distribution. Exercise 3: Token Load Balancing and Audit Log for SQL Page 34

35 Exercise 4: SQL Caching Overview NetScaler 10 extends the integrated caching feature set to include support for SQL traffic. In conjunction with the new DataStream capabilities included in NetScaler 9.3, the integrated caching engine now has the ability to cache result sets and served from memory instantly. Similar to HTTP caching, SQL caching provides mechanisms to cache or invalidate result sets depending on certain conditions. In this exercise, we will explore the different options for caching common SQL queries. We will measure the before and after effects of caching result sets for these CPU intensive operations and visually observe the improvement of the SQL tier when using web applications that rely on such data. Additionally, we will explore common methods for invalidating existing cached objects if the result set is modified, ensuring data integrity at all times. Step-by-step guidance The lab environment required for this exercise is as follows: 1. Linux Server 1: Apache_MySQL_1 (GENTOO_1) 2. NetScaler VPX appliance: NSVPX_nCore_10_node0 3. Windows 7 Workstation: (WIN_7) Estimated time to complete this lab: 20 minutes. Step Action 1. From the Windows 7 workstation, connect via SSH (Putty) to the NetScaler (NSVPX_nCore_10_node0). > sh lb vserver MYSQL_vserver > unbind lb vserver MYSQL_vserver GENTOO_2_MYSQL_TCP_3306 To simplify the configuration, verify that only 1 service is bound to the MYSQL virtual server. If more than 1 service is bound, please proceed to unbind the necessary services so that only the binding is present: GENTOO_1_MYSQL_TCP_3306 Exercise 3: SQL Caching Page 35

36 2. From the same workstation (Windows 7), open another SSH (Putty) session to Apache_MySQL_3 (GENTOO_3). Connect to the MYSQL virtual server using the following credentials: U: netscalersql P: netscaler Display the tables in the IMDB database to verify connectivity. 3. Execute a CPU intensive query. You can use the following example: The IMDB database contains a SQL dump of the information available in the International Movie database. As an exercise, write a query to find the movies where the director also played an acting role. Use the query provided in the next column. gentoo_3 ~ # mysql -h u netscalersql -p -D imdb Enter password: mysql> show tables; Tables_in_imdb actors directors directors_genres movies movies_directors movies_genres roles rows in set (0.00 sec) mysql> mysql> select distinct a.first_name, a.last_name, m.name FROM actors AS a INNER JOIN roles AS r ON a.id = r.actor_id INNER JOIN movies AS m ON r.movie_id = m.id INNER JOIN movies_directors AS md ON m.id = md.movie_id INNER JOIN directors AS d ON md.director_id = d.id WHERE CONCAT(a.first_name,a.last_name) = CONCAT(d.first_name,d.last_name); This step will take a long time to execute. Please continue to step 3. Exercise 3: SQL Caching Page 36

37 4. While the query executes, logon to Apache_MySQL_1 (GENTOO_1) and inspect the CPU utilization. Note the value for the MYSQL daemon. You can use the command top to display this information. 5. On the SSH session to Apache_MySQL_3, inspect the amount of time the query took to execute: 6. In our example, SELECT queries are perfect candidates for caching as they only display information contained in the database. We will configure the NetScaler to cache all responses for SELECT queries. > enable ns feature IC First enable the Integrated Caching feature. 7. Then create a MYSQL content > add cache contentgroup MYSQL -relexpiry group and define the minimum and 500 -minressize 500 -maxressize maximum response size to 500 and type MYSQL 1024 KB respectively. 8. Create a cache policy for SELECT statements with a CACHE action. > add cache policy cache_select_queries -rule "MYSQL.REQ.QUERY.COMMAND.CONTAINS(\"select\")" -action CACHE - storeingroup MYSQL Exercise 3: SQL Caching Page 37

38 9. Bind to the MYSQL virtual server. Did it succeed? What is likely the problem? 10. Since SQL cache policies require a HIT selector to successfully cache objects, define a HIT selector that looks for the SQL query text. 11. Select this cache selector in the MYSQL content group hit selector list. 12. Then bind the cache policy previously created. 13. Verify there are no objects cached in the content group. Nothing should be displayed. 14. On the SSH session to Apache_MySQL_3 (GENTOO_3), run the same query as in step Go back to the NSVPX_nCore_10_node0. Since this is the first time we execute this query after creating the IC configuration, the amount of time for this query to execute should be similar as before. Display the cached objects to verify the result set has been cached. > bind lb vserver MYSQL_vserver - policyname cache_select_queries -priority 100 -type REQUEST > add cache selector cache_selector1 MYSQL.REQ.QUERY.TEXT > set contentgroup MYSQL -hitselector cache_selector1 > bind lb vserver MYSQL_vserver - policyname cache_select_queries -priority 100 -type REQUEST > show cacheobjects mysql> select distinct a.first_name, a.last_name, m.name FROM actors AS a INNER JOIN roles AS r ON a.id = r.actor_id INNER JOIN movies AS m ON r.movie_id = m.id INNER JOIN movies_directors AS md ON m.id = md.movie_id INNER JOIN directors AS d ON md.director_id = d.id WHERE CONCAT(a.first_name,a.last_name) = CONCAT(d.first_name,d.last_name); > show cacheobjects 0x bb MYSQL SQL?_1=select distinct a.first_name, a.last_name, m.name FROM actors AS a INNER JOIN roles AS r ON a.id = r.actor_id INNER JOIN movies AS m ON r.movie_id = m.id INNER JOIN movies_directors AS md ON m.id = md.movie_id INNER JOIN directors AS d ON md.director_id = Done NS10_node0> Exercise 3: SQL Caching Page 38

39 16. Note the time it took to execute. 17. Now run the query again. The results should start appearing instantly. Note the execution time. 18. There is one problem with this configuration: The content group has been defined to cache objects for 500 seconds. If the data is modified, the cached result set is incorrect. > show contentgroup MYSQL Name: MYSQL Type: MYSQL Relative expiry time: 500 secs 19. To illustrate this, we will alter one of the tables in the database. First, modify the minimum response size to 0 KB (to cache ALL responses). In practice, avoid setting the content group to 0 as this caches empty result sets. 20. On Apache_MySQL_3, execute a simple select statement for it to be cached. > set contentgroup MYSQL -minressize 0 mysql> select * from actors where actors.last_name = "Stooge"; Empty set (0.00 sec) mysql> Exercise 3: SQL Caching Page 39

Citrix Virtual Classroom. Database server load balancing with NetScaler DataStream technology. Self-paced exercise guide

Citrix Virtual Classroom. Database server load balancing with NetScaler DataStream technology. Self-paced exercise guide Database server load balancing with NetScaler DataStream technology Self-paced exercise guide Table of Contents Table Citrix of Contents Virtual... Classroom 2 Overview... 3 Exercise 1: SQL Rate Limiting...

More information

Virtual desktops made easy with Citrix VDI-in-a-Box. Self-paced Learning Labs exercise guide. May 2012

Virtual desktops made easy with Citrix VDI-in-a-Box. Self-paced Learning Labs exercise guide. May 2012 Virtual desktops made easy with Citrix VDI-in-a-Box Self-paced Learning Labs exercise guide May 2012 Table of Contents Overview... 3 Exercise 1: Configuring VDI-in-a-Box... 6 Exercise 2: Importing Images...

More information

603: Enhancing mobile device experience with NetScaler MobileStream Hands-on Lab Exercise Guide

603: Enhancing mobile device experience with NetScaler MobileStream Hands-on Lab Exercise Guide 603: Enhancing mobile device experience with NetScaler MobileStream Hands-on Lab Exercise Guide Christopher Rudolph January 2015 1 Table of Contents Contents... 2 Overview... 3 Scenario... 6 Lab Preparation...

More information

609: Front-ending and load balancing XenDesktop and XenApp with NetScaler

609: Front-ending and load balancing XenDesktop and XenApp with NetScaler 609: Front-ending and load balancing XenDesktop and XenApp with NetScaler Hands-on Lab Exercise Guide This session is offered as both an instructor led training and a self-paced online lab. Contents Overview...

More information

Improving Microsoft Exchange 2013 performance with NetScaler Hands-on Lab Exercise Guide. Johnathan Campos

Improving Microsoft Exchange 2013 performance with NetScaler Hands-on Lab Exercise Guide. Johnathan Campos Improving Microsoft Exchange 2013 performance with NetScaler Hands-on Lab Exercise Guide Johnathan Campos Contents Contents... 1 Overview... 2 Scenario... 6 Exercise 1 - Initial Configuration... 7 Exercise

More information

Citrix Virtual Classroom. Deliver file sharing and synchronization services using Citrix ShareFile. Self-paced exercise guide

Citrix Virtual Classroom. Deliver file sharing and synchronization services using Citrix ShareFile. Self-paced exercise guide Deliver file sharing and synchronization services using Citrix ShareFile Self-paced exercise guide Table of Contents Table of Contents... 2 Overview... 3 Exercise 1: Setting up a ShareFile Account... 6

More information

Deployment Guide for Microsoft Lync 2010

Deployment Guide for Microsoft Lync 2010 Deployment Guide for Microsoft Lync 2010 Securing and Accelerating Microsoft Lync with Palo Alto Networks Next-Generation Firewall and Citrix NetScaler Joint Solution Table of Contents 1. Overview...3

More information

1Y0-250 Implementing Citrix NetScaler 10 for App and Desktop Solutions Practice Exam

1Y0-250 Implementing Citrix NetScaler 10 for App and Desktop Solutions Practice Exam 1Y0-250 Implementing Citrix NetScaler 10 for App and Desktop Solutions Practice Exam Section 1: Assessing infrastructure needs for the NetScaler implementation 1.1 Task Description: Verify the objectives

More information

Hands-on Lab Exercise Guide

Hands-on Lab Exercise Guide 614: Monitoring Your Entire Citrix Environment with Microsoft System Center Operations Manager and Comtrade Hands-on Lab Exercise Guide Comtrade: John Lee Bogdan Viher Citrix: Evin Safdia May 2015 1 Table

More information

High Availability for Desktop Virtualization

High Availability for Desktop Virtualization WHITE PAPER Citrix XenDesktop High Availability for Desktop Virtualization How to provide a comprehensive, end-to-end highavailability strategy for desktop virtualization. www.citrix.com Contents Contents...

More information

F-SECURE MESSAGING SECURITY GATEWAY

F-SECURE MESSAGING SECURITY GATEWAY F-SECURE MESSAGING SECURITY GATEWAY DEFAULT SETUP GUIDE This guide describes how to set up and configure the F-Secure Messaging Security Gateway appliance in a basic e-mail server environment. AN EXAMPLE

More information

Command Center 5.0 2015-05-15 13:29:23 UTC. 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

Command Center 5.0 2015-05-15 13:29:23 UTC. 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Command Center 5.0 2015-05-15 13:29:23 UTC 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents Command Center 5.0... 11 Command Center 5.0... 13 Release Notes...

More information

Citrix Virtual Classroom. Virtual desktops made easy with Citrix VDI-in-a-Box. Self-paced exercise guide

Citrix Virtual Classroom. Virtual desktops made easy with Citrix VDI-in-a-Box. Self-paced exercise guide Virtual desktops made easy with Citrix VDI-in-a-Box Self-paced exercise guide Table of Contents Table of Contents... 2 Overview... 2 How to log into the lab environment... Error! Bookmark not defined.

More information

How to Configure NetScaler Gateway 10.5 to use with StoreFront 2.6 and XenDesktop 7.6.

How to Configure NetScaler Gateway 10.5 to use with StoreFront 2.6 and XenDesktop 7.6. How to Configure NetScaler Gateway 10.5 to use with StoreFront 2.6 and XenDesktop 7.6. Introduction The purpose of this document is to record the steps required to configure a NetScaler Gateway for use

More information

Citrix Lab Manager 3.6 SP 2 Quick Start Guide

Citrix Lab Manager 3.6 SP 2 Quick Start Guide WHITE PAPER Citrix Essentials for Microsoft Hyper-V Citrix Lab Manager 3.6 SP 2 Quick Start Guide www.citrix.com Contents Document Summary... 3 Preparation... 3 Architectural Review of Lab Manager... 3

More information

Deployment Guide for Citrix XenDesktop

Deployment Guide for Citrix XenDesktop Deployment Guide for Citrix XenDesktop Securing and Accelerating Citrix XenDesktop with Palo Alto Networks Next-Generation Firewall and Citrix NetScaler Joint Solution Table of Contents 1. Overview...

More information

Hands-on Lab Exercise Guide

Hands-on Lab Exercise Guide XenApp & XenDesktop 7.6 Partner Workshop Hands-on Lab Exercise Guide Worldwide Technical Enablement & Readiness January 2015 Contents Contents... 1 Overview... 2 Scenario... 5 Lab Setup... 6 Connecting

More information

NetScaler and XenMobile Solution for Enterprise Mobility

NetScaler and XenMobile Solution for Enterprise Mobility NetScaler and XenMobile Solution for Enterprise Mobility Deployment Guide - Load balancing XDMs - ActiveSync Filtering www.citrix.com 1. 1 Contents Introduction... 3 About This Guide... 3 Prerequisites...

More information

ACS 5.x and later: Integration with Microsoft Active Directory Configuration Example

ACS 5.x and later: Integration with Microsoft Active Directory Configuration Example ACS 5.x and later: Integration with Microsoft Active Directory Configuration Example Document ID: 113571 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information

More information

McAfee SMC Installation Guide 5.7. Security Management Center

McAfee SMC Installation Guide 5.7. Security Management Center McAfee SMC Installation Guide 5.7 Security Management Center Legal Information The use of the products described in these materials is subject to the then current end-user license agreement, which can

More information

DC Agent Troubleshooting

DC Agent Troubleshooting DC Agent Troubleshooting Topic 50320 DC Agent Troubleshooting Web Security Solutions v7.7.x, 7.8.x 27-Mar-2013 This collection includes the following articles to help you troubleshoot DC Agent installation

More information

SevOne NMS Download Installation and Implementation Guide

SevOne NMS Download Installation and Implementation Guide SevOne NMS Download Installation and Implementation Guide 5.3.X 530 V0002 Contents 1. Get Started... 3 2. SevOne Download Installation... 6 3. Appliance Network Configuration... 9 4. Install License and

More information

Websense Support Webinar: Questions and Answers

Websense Support Webinar: Questions and Answers Websense Support Webinar: Questions and Answers Configuring Websense Web Security v7 with Your Directory Service Can updating to Native Mode from Active Directory (AD) Mixed Mode affect transparent user

More information

Configuring Citrix NetScaler for IBM WebSphere Application Services

Configuring Citrix NetScaler for IBM WebSphere Application Services White Paper Configuring Citrix NetScaler for IBM WebSphere Application Services A deployment guide for configuring NetScaler load balancing and content switching When deploying IBM WebSphere Application

More information

WHITE PAPER Citrix XenDesktop XenDesktop Planning Guide: Load Balancing Web Interface with NetScaler

WHITE PAPER Citrix XenDesktop XenDesktop Planning Guide: Load Balancing Web Interface with NetScaler WHITE PAPER Citrix XenDesktop XenDesktop Planning Guide: Load Balancing Web Interface with NetScaler www.citrix.com Overview Citrix Web Interface is a common method of connecting to both XenApp and XenDesktop.

More information

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions The objective of Implementing Citrix NetScaler 10.5 for App and Desktop Solutions is to provide the foundational concepts and skills

More information

Set Up a VM-Series Firewall on the Citrix SDX Server

Set Up a VM-Series Firewall on the Citrix SDX Server Set Up a VM-Series Firewall on the Citrix SDX Server Palo Alto Networks VM-Series Deployment Guide PAN-OS 6.1 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa

More information

XenDesktop Implementation Guide

XenDesktop Implementation Guide Consulting Solutions WHITE PAPER Citrix XenDesktop XenDesktop Implementation Guide Pooled Desktops (Local and Remote) www.citrix.com Contents Contents... 2 Overview... 4 Initial Architecture... 5 Installation

More information

Using Protection Engine for Cloud Services for URL Filtering, Malware Protection and Proxy Integration Hands-On Lab

Using Protection Engine for Cloud Services for URL Filtering, Malware Protection and Proxy Integration Hands-On Lab Using Protection Engine for Cloud Services for URL Filtering, Malware Protection and Proxy Integration Hands-On Lab Description In this hands-on session, you will learn how to turn your proxy into a security

More information

627: Simplify lifecycle management of desktop images with latest version of provisioning services

627: Simplify lifecycle management of desktop images with latest version of provisioning services 627: Simplify lifecycle management of desktop images with latest version of provisioning services Hands-on lab exercise guide Exercise 1: Integrated vdisk Versioning Page 1 Table of Contents Overview...

More information

Using DC Agent for Transparent User Identification

Using DC Agent for Transparent User Identification Using DC Agent for Transparent User Identification Using DC Agent Web Security Solutions v7.7, 7.8 If your organization uses Microsoft Windows Active Directory, you can use Websense DC Agent to identify

More information

Installing Management Applications on VNX for File

Installing Management Applications on VNX for File EMC VNX Series Release 8.1 Installing Management Applications on VNX for File P/N 300-015-111 Rev 01 EMC Corporation Corporate Headquarters: Hopkinton, MA 01748-9103 1-508-435-1000 www.emc.com Copyright

More information

Barracuda Link Balancer Administrator s Guide

Barracuda Link Balancer Administrator s Guide Barracuda Link Balancer Administrator s Guide Version 1.0 Barracuda Networks Inc. 3175 S. Winchester Blvd. Campbell, CA 95008 http://www.barracuda.com Copyright Notice Copyright 2008, Barracuda Networks

More information

Configuring Auto Policy-Based Routing

Configuring Auto Policy-Based Routing This chapter describes how to configure the Auto Policy-Based Routing (PBR) feature on the Citrix NetScaler Application Delivery Controller (ADC) appliance to ensure that return traffic from the real server

More information

CNS-200-1I Basic Administration for Citrix NetScaler 9.0

CNS-200-1I Basic Administration for Citrix NetScaler 9.0 CNS-200-1I Basic Administration for Citrix NetScaler 9.0 This course covers the initial configuration and administration of Citrix NetScaler 9.0. Learners gain an understanding of NetScaler features such

More information

Basic & Advanced Administration for Citrix NetScaler 9.2

Basic & Advanced Administration for Citrix NetScaler 9.2 Basic & Advanced Administration for Citrix NetScaler 9.2 Day One Introducing and deploying Citrix NetScaler Key - Brief Introduction to the NetScaler system Planning a NetScaler deployment Deployment scenarios

More information

Web Sites, Virtual Machines, Service Management Portal and Service Management API Beta Installation Guide

Web Sites, Virtual Machines, Service Management Portal and Service Management API Beta Installation Guide Web Sites, Virtual Machines, Service Management Portal and Service Management API Beta Installation Guide Contents Introduction... 2 Environment Topology... 2 Virtual Machines / System Requirements...

More information

XenApp 7.7 Deployment ISO. 5 th January 2016

XenApp 7.7 Deployment ISO. 5 th January 2016 5 th January 2016 Document Details Document Name Author DG Version 1.0 Date 5th January 2016 Status Released Document History Date Modification Details 5/01/2016 N/A First Release Contents 1. Introduction...

More information

Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010

Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010 Setting Up a Unisphere Management Station for the VNX Series P/N 300-011-796 Revision A01 January 5, 2010 This document describes the different types of Unisphere management stations and tells how to install

More information

F-Secure Messaging Security Gateway. Deployment Guide

F-Secure Messaging Security Gateway. Deployment Guide F-Secure Messaging Security Gateway Deployment Guide TOC F-Secure Messaging Security Gateway Contents Chapter 1: Deploying F-Secure Messaging Security Gateway...3 1.1 The typical product deployment model...4

More information

"Charting the Course... Implementing Citrix NetScaler 11 for App and Desktop Solutions CNS-207 Course Summary

Charting the Course... Implementing Citrix NetScaler 11 for App and Desktop Solutions CNS-207 Course Summary Course Summary Description The objective of this course is to provide the foundational concepts and teach the skills necessary to implement, configure, secure and monitor a Citrix NetScaler system with

More information

1. Begin by opening XenCenter to manage the assigned XenServer.

1. Begin by opening XenCenter to manage the assigned XenServer. Exercise 1 Microsoft Lync Optimization Overview In this exercise, you will see the difference made by the Lync Optimization Pack in the quality and stability of communications through Microsoft s Lync

More information

Tharo Systems, Inc. 2866 Nationwide Parkway P.O. Box 798 Brunswick, OH 44212 USA Tel: 330.273.4408 Fax: 330.225.0099

Tharo Systems, Inc. 2866 Nationwide Parkway P.O. Box 798 Brunswick, OH 44212 USA Tel: 330.273.4408 Fax: 330.225.0099 Introduction EASYLABEL 6 has several new features for saving the history of label formats. This history can include information about when label formats were edited and printed. In order to save this history,

More information

Communication Ports Used by Citrix Technologies. April 2011 Version 1.5

Communication Ports Used by Citrix Technologies. April 2011 Version 1.5 Communication Ports Used by Citrix Technologies April 2011 Version 1.5 Overview Introduction This document provides an overview of ports that are used by Citrix components and must be considered as part

More information

SuperLumin Nemesis. Administration Guide. February 2011

SuperLumin Nemesis. Administration Guide. February 2011 SuperLumin Nemesis Administration Guide February 2011 SuperLumin Nemesis Legal Notices Information contained in this document is believed to be accurate and reliable. However, SuperLumin assumes no responsibility

More information

Administration 2015-04-26 05:15:52 UTC. 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

Administration 2015-04-26 05:15:52 UTC. 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Administration 2015-04-26 05:15:52 UTC 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents Administration... 6 Citirix NetScaler Administration Guide... 7

More information

Understanding Slow Start

Understanding Slow Start Chapter 1 Load Balancing 57 Understanding Slow Start When you configure a NetScaler to use a metric-based LB method such as Least Connections, Least Response Time, Least Bandwidth, Least Packets, or Custom

More information

Deploy XenApp 7.5 and 7.6 and XenDesktop 7.5 and 7.6 with Amazon VPC

Deploy XenApp 7.5 and 7.6 and XenDesktop 7.5 and 7.6 with Amazon VPC XenApp 7.5 and 7.6 and XenDesktop 7.5 and 7.6 Deploy XenApp 7.5 and 7.6 and XenDesktop 7.5 and 7.6 with Amazon VPC Prepared by: Peter Bats Commissioning Editor: Linda Belliveau Version: 5.0 Last Updated:

More information

Packet filtering with Iptables

Packet filtering with Iptables CSC-NETLAB Packet filtering with Iptables Group Nr Name1 Name2 Name3 Date Instructor s Signature Table of Contents 1 Goals...2 2 Introduction...3 3 Getting started...3 4 Connecting to the virtual hosts...3

More information

Networking Best Practices Guide. Version 6.5

Networking Best Practices Guide. Version 6.5 Networking Best Practices Guide Version 6.5 Summer 2010 Copyright: 2010, CCH, a Wolters Kluwer business. All rights reserved. Material in this publication may not be reproduced or transmitted in any form

More information

Using Logon Agent for Transparent User Identification

Using Logon Agent for Transparent User Identification Using Logon Agent for Transparent User Identification Websense Logon Agent (also called Authentication Server) identifies users in real time, as they log on to domains. Logon Agent works with the Websense

More information

Rsync-enabled NAS Hardware Compatibility List

Rsync-enabled NAS Hardware Compatibility List WHITEPAPER BackupAssist Version 5.1 www.backupassist.com Cortex I.T. Labs 2001-2008 2 Contents Introduction... 3 Hardware Setup Instructions... 3 QNAP TS-409... 3 Netgear ReadyNas NV+... 5 Drobo rev1...

More information

PHD Virtual Backup for Hyper-V

PHD Virtual Backup for Hyper-V PHD Virtual Backup for Hyper-V version 7.0 Installation & Getting Started Guide Document Release Date: December 18, 2013 www.phdvirtual.com PHDVB v7 for Hyper-V Legal Notices PHD Virtual Backup for Hyper-V

More information

Backup & Disaster Recovery Appliance User Guide

Backup & Disaster Recovery Appliance User Guide Built on the Intel Hybrid Cloud Platform Backup & Disaster Recovery Appliance User Guide Order Number: G68664-001 Rev 1.0 June 22, 2012 Contents Registering the BDR Appliance... 4 Step 1: Register the

More information

Connection Broker Managing User Connections to Workstations, Blades, VDI, and More. Quick Start with Microsoft Hyper-V

Connection Broker Managing User Connections to Workstations, Blades, VDI, and More. Quick Start with Microsoft Hyper-V Connection Broker Managing User Connections to Workstations, Blades, VDI, and More Quick Start with Microsoft Hyper-V Version 8.1 October 21, 2015 Contacting Leostream Leostream Corporation http://www.leostream.com

More information

NMS300 Network Management System

NMS300 Network Management System NMS300 Network Management System User Manual June 2013 202-11289-01 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing this NETGEAR product. After installing your device, locate

More information

Hands-on Lab Exercise Guide

Hands-on Lab Exercise Guide 609: Implementing WAN optimization and cloud connectivity with CloudBridge 7.3 Hands-on Lab Exercise Guide Johnathan Campos and Richard Schulting January 2015 Contents Contents... 1 Overview... 2 Scenario...

More information

Lab 1: Windows Azure Virtual Machines

Lab 1: Windows Azure Virtual Machines Lab 1: Windows Azure Virtual Machines Overview In this hands-on Lab, you will learn how to deploy a simple web page to a Web server hosted in Windows Azure and configure load balancing. Objectives In this

More information

Communication ports used by Citrix Technologies. July 2011 Version 1.5

Communication ports used by Citrix Technologies. July 2011 Version 1.5 Communication ports used by Citrix Technologies July 2011 Version 1.5 Overview Introduction This document provides an overview of ports that are used by Citrix components and must be considered as part

More information

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream User Manual Onsight Management Suite Version 5.1 Another Innovation by Librestream Doc #: 400075-06 May 2012 Information in this document is subject to change without notice. Reproduction in any manner

More information

In this topic we will cover the security functionality provided with SAP Business One.

In this topic we will cover the security functionality provided with SAP Business One. In this topic we will cover the security functionality provided with SAP Business One. 1 After completing this topic, you will be able to: Describe the security functions provided by the System Landscape

More information

McAfee Content Security Reporter 2.0.0

McAfee Content Security Reporter 2.0.0 Product Guide Revision A McAfee Content Security Reporter 2.0.0 For use with epolicy Orchestrator 4.6.5 Software COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS

More information

Single Sign On for ShareFile with NetScaler. Deployment Guide

Single Sign On for ShareFile with NetScaler. Deployment Guide Single Sign On for ShareFile with NetScaler Deployment Guide This deployment guide focuses on defining the process for enabling Single Sign On into Citrix ShareFile with Citrix NetScaler. Table of Contents

More information

RSA Authentication Manager 7.1 Basic Exercises

RSA Authentication Manager 7.1 Basic Exercises RSA Authentication Manager 7.1 Basic Exercises Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks RSA and the RSA logo

More information

VMware Software Manager - Download Service User's Guide

VMware Software Manager - Download Service User's Guide VMware Software Manager - Download Service User's Guide VMware Software Manager 1.1 This document supports the version of each product listed and supports all subsequent versions until the document is

More information

Deploy the ExtraHop Discover Appliance with Hyper-V

Deploy the ExtraHop Discover Appliance with Hyper-V Deploy the ExtraHop Discover Appliance with Hyper-V 2016 ExtraHop Networks, Inc. All rights reserved. This manual, in whole or in part, may not be reproduced, translated, or reduced to any machine-readable

More information

SHAREPOINT 2013 IN INFRASTRUCTURE AS A SERVICE

SHAREPOINT 2013 IN INFRASTRUCTURE AS A SERVICE SHAREPOINT 2013 IN INFRASTRUCTURE AS A SERVICE Contents Introduction... 3 Step 1 Create Azure Components... 5 Step 1.1 Virtual Network... 5 Step 1.1.1 Virtual Network Details... 6 Step 1.1.2 DNS Servers

More information

XenDesktop 5 with Access Gateway

XenDesktop 5 with Access Gateway XenDesktop 5 with Access Gateway How to set up an Access Gateway Enterprise Edition VPX for use with XenDesktop 5 www.citrix.com Contents Introduction... 2 Example environment... 2 Set up the VPX VM...

More information

Online Help StruxureWare Data Center Expert

Online Help StruxureWare Data Center Expert Online Help StruxureWare Data Center Expert Version 7.2.1 What's New in StruxureWare Data Center Expert 7.2.x Learn more about the new features available in the StruxureWare Data Center Expert 7.2.x release.

More information

Citrix XenServer: VM Protection and Recovery Quick Start Guide

Citrix XenServer: VM Protection and Recovery Quick Start Guide Citrix XenServer: VM Protection and Recovery Quick Start Guide www.citrix.com Contents What is XenServer VM Protection and Recovery?... 3 Creating a VM Protection Policy... 3 Page 2 What is XenServer VM

More information

ILTA HANDS ON Securing Windows 7

ILTA HANDS ON Securing Windows 7 Securing Windows 7 8/23/2011 Table of Contents About this lab... 3 About the Laboratory Environment... 4 Lab 1: Restricting Users... 5 Exercise 1. Verify the default rights of users... 5 Exercise 2. Adding

More information

LDAP Implementation AP561x KVM Switches. All content in this presentation is protected 2008 American Power Conversion Corporation

LDAP Implementation AP561x KVM Switches. All content in this presentation is protected 2008 American Power Conversion Corporation LDAP Implementation AP561x KVM Switches All content in this presentation is protected 2008 American Power Conversion Corporation LDAP Implementation Does not require LDAP Schema to be touched! Uses existing

More information

Command Center 5.2 2015-04-28 14:56:41 UTC. 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

Command Center 5.2 2015-04-28 14:56:41 UTC. 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Command Center 5.2 2015-04-28 14:56:41 UTC 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents Command Center 5.2... 12 Command Center 5.2... 14 About Command

More information

Egnyte Storage Sync For NetApp

Egnyte Storage Sync For NetApp Egnyte Storage Sync For NetApp Installation Guide Introduction... 2 Architecture... 2 Key Features... 3 Access Files From Anywhere With Any Device... 3 Easily Share Files Between Offices and Business Partners...

More information

Connection Broker Managing User Connections to Workstations and Blades, OpenStack Clouds, VDI, and more. Security Review

Connection Broker Managing User Connections to Workstations and Blades, OpenStack Clouds, VDI, and more. Security Review Connection Broker Managing User Connections to Workstations and Blades, OpenStack Clouds, VDI, and more Security Review Version 8.1 March 31, 2016 Contacting Leostream Leostream Corporation http://www.leostream.com

More information

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your computer.

More information

NETWRIX ACCOUNT LOCKOUT EXAMINER

NETWRIX ACCOUNT LOCKOUT EXAMINER NETWRIX ACCOUNT LOCKOUT EXAMINER ADMINISTRATOR S GUIDE Product Version: 4.1 July 2014. Legal Notice The information in this publication is furnished for information use only, and does not constitute a

More information

Web Application Firewall

Web Application Firewall Web Application Firewall Getting Started Guide August 3, 2015 Copyright 2014-2015 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks

More information

HELP DOCUMENTATION E-SSOM INSTALLATION GUIDE

HELP DOCUMENTATION E-SSOM INSTALLATION GUIDE HELP DOCUMENTATION E-SSOM INSTALLATION GUIDE Copyright 1998-2013 Tools4ever B.V. All rights reserved. No part of the contents of this user guide may be reproduced or transmitted in any form or by any means

More information

Connection Broker Managing User Connections to Workstations, Blades, VDI, and more. Security Review

Connection Broker Managing User Connections to Workstations, Blades, VDI, and more. Security Review Connection Broker Managing User Connections to Workstations, Blades, VDI, and more Security Review Version 8.1 October 21, 2015 Contacting Leostream Leostream Corporation http://www.leostream.com 465 Waverley

More information

Installing and Using the vnios Trial

Installing and Using the vnios Trial Installing and Using the vnios Trial The vnios Trial is a software package designed for efficient evaluation of the Infoblox vnios appliance platform. Providing the complete suite of DNS, DHCP and IPAM

More information

Synchronizer Installation

Synchronizer Installation Synchronizer Installation Synchronizer Installation Synchronizer Installation This document provides instructions for installing Synchronizer. Synchronizer performs all the administrative tasks for XenClient

More information

Citrix NetScaler 1000V Introduction v1

Citrix NetScaler 1000V Introduction v1 Cisco Demo Cloud (dcloud) Citrix NetScaler 1000V Introduction v1 Last Updated: 18-MAR-2014 dcloud: The Cisco Demo Cloud About This Lab In this self-paced lab, participants will receive hands-on experience

More information

Configure thin client settings locally

Configure thin client settings locally This chapter contains information to help you set up your thin client hardware, look and feel, and system settings using the Control Center. Tip While it is not recommended to use dialog boxes for configuring

More information

IceWarp to IceWarp Server Migration

IceWarp to IceWarp Server Migration IceWarp to IceWarp Server Migration Registered Trademarks iphone, ipad, Mac, OS X are trademarks of Apple Inc., registered in the U.S. and other countries. Microsoft, Windows, Outlook and Windows Phone

More information

Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide. Revised February 28, 2013 2:32 pm Pacific

Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide. Revised February 28, 2013 2:32 pm Pacific Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide Revised February 28, 2013 2:32 pm Pacific Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide

More information

Installing and Configuring vcenter Support Assistant

Installing and Configuring vcenter Support Assistant Installing and Configuring vcenter Support Assistant vcenter Support Assistant 5.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced

More information

Emerald. Network Collector Version 4.0. Emerald Management Suite IEA Software, Inc.

Emerald. Network Collector Version 4.0. Emerald Management Suite IEA Software, Inc. Emerald Network Collector Version 4.0 Emerald Management Suite IEA Software, Inc. Table Of Contents Purpose... 3 Overview... 3 Modules... 3 Installation... 3 Configuration... 3 Filter Definitions... 4

More information

Reference Architecture

Reference Architecture Consulting Solutions WHITE PAPER Citrix XenDesktop Reference Architecture Pooled Desktops (Local and Remote) www.citrix.com Contents Introduction... 3 Desktop Delivery... 4 Application Delivery... 8 Conclusion...

More information

NETWRIX EVENT LOG MANAGER

NETWRIX EVENT LOG MANAGER NETWRIX EVENT LOG MANAGER ADMINISTRATOR S GUIDE Product Version: 4.0 July/2012. Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment

More information

Virtual Appliance for VMware Server. Getting Started Guide. Revision 2.0.2. Warning and Disclaimer

Virtual Appliance for VMware Server. Getting Started Guide. Revision 2.0.2. Warning and Disclaimer Virtual Appliance for VMware Server Getting Started Guide Revision 2.0.2 Warning and Disclaimer This document is designed to provide information about the configuration and installation of the CensorNet

More information

Configuring PA Firewalls for a Layer 3 Deployment

Configuring PA Firewalls for a Layer 3 Deployment Configuring PA Firewalls for a Layer 3 Deployment Configuring PAN Firewalls for a Layer 3 Deployment Configuration Guide January 2009 Introduction The following document provides detailed step-by-step

More information

A Guide to New Features in Propalms OneGate 4.0

A Guide to New Features in Propalms OneGate 4.0 A Guide to New Features in Propalms OneGate 4.0 Propalms Ltd. Published April 2013 Overview This document covers the new features, enhancements and changes introduced in Propalms OneGate 4.0 Server (previously

More information

Deployment Guide. Web Filter. Deployment Guide. A Step-by-Step Technical Guide

Deployment Guide. Web Filter. Deployment Guide. A Step-by-Step Technical Guide Deployment Guide Web Filter Deployment Guide A Step-by-Step Technical Guide Deployment Guide Notice: The information in this publication is subject to change without notice. THIS PUBLICATION IS PROVIDED

More information

PREFACE http://www.okiprintingsolutions.com 07108001 iss.01 -

PREFACE http://www.okiprintingsolutions.com 07108001 iss.01 - Network Guide PREFACE Every effort has been made to ensure that the information in this document is complete, accurate, and up-to-date. The manufacturer assumes no responsibility for the results of errors

More information

www.novell.com/documentation SSL VPN Server Guide Access Manager 3.1 SP5 January 2013

www.novell.com/documentation SSL VPN Server Guide Access Manager 3.1 SP5 January 2013 www.novell.com/documentation SSL VPN Server Guide Access Manager 3.1 SP5 January 2013 Legal Notices Novell, Inc., makes no representations or warranties with respect to the contents or use of this documentation,

More information

CNS-205 Citrix NetScaler 10.5 Essentials and Networking

CNS-205 Citrix NetScaler 10.5 Essentials and Networking CNS-205 Citrix NetScaler 10.5 Essentials and Networking The objective of the Citrix NetScaler 10.5 Essentials and Networking course is to provide the foundational concepts and advanced skills necessary

More information