Citrix vs. Windows Terminal Services: Learn More

You've read "Decisions, Decisions," now find out more about Citrix and Windows Terminal Services so you can make an informed decision.

Read the entire article, "Decisions, Decisions."

Latest Citrix MetaFrame Version Seeks to Improve the User Experience
Earlier this year, Citrix released MetaFrame Presentation Server v3.0. A whole number version increase to their flagship MetaFrame product, this update provides numerous improvements to the user experience, including:

  • Session Disconnection/Reconnection: New to MPS is the ability to disconnect a session from one machine and reconnect to the same session from another computer, all without logging off. With Windows logons requiring 30 seconds to multiple minutes to complete, the feature can save considerable time, such as for office workers moving between conference rooms or doctors switching from one patient room to another.
  • Improved Multimedia Acceleration: In previous versions, multimedia came down to the client as part of the ICA stream, which resulted in choppiness and user complaints. Now, the client device decompresses and renders multimedia content, freeing up server CPU utilization, reducing bandwidth consumption, and improving playback to nearly as smooth as local playback.
  • SmoothRoaming: In previous versions, if the client experienced an interruption in network connectivity, the Citrix connection would disconnect until the connection was re-established. With SmoothRoaming, ICA sessions stay active and frozen on the user's screen during periods of network disruption, and resume when the network connection returns. This feature is especially useful for users on networks with high latency or unreliable wireless networks.

How the Citrix Secure Gateway Works
Used, with permission and minor edits, from Citrix MetaFrame Access Suite for Windows Server 2003: The Official Guide

This image taken, with permission, from the Administrator's Guide for Citrix Secure Gateway
This image taken, with permission, from the Administrator's Guide for Citrix Secure Gateway. (Click for larger image)
  1. A user accesses the Web Interface URL with the Web browser over port 80, similar to any other Web site.
  2. The IIS-based Web service where the Web Interface resides has a default page to redirect the user automatically to an HTTPS/SSL URL that then passes through the Secure Gateway service on the same server to secure the traffic over port 443.
  3. The user is now interacting securely with the Web Interface/Secure Gateway environment and is presented with the login page.
  4. The user enters his credentials and submits the authentication request, which is passed encrypted over SSL to the Secure Gateway service (thus preventing the user credentials from being passed in plain text).
  5. Once the Secure Gateway service obtains the user credentials, it opens a state ticket with the STA server and then passes the credentials to the MetaFrame farm over the defined XML service port. The default is port 80.
  6. The user credentials are checked via the Citrix XML service and verified by Microsoft Active Directory or other directory services such as Novell e-Dir.
  7. Based on a successful authentication, the XML service communicates back to the Web Interface service and dynamically renders an access page for the user with the appropriate applications. If any problems occur, they're displayed on this page within the MetaFrame Message Center.
  8. When a user clicks an ICA-published application, the Web Interface service sends the IP address and port for the requested MetaFrame server to the Secure Ticketing Authority Server (STA) and requests a session ticket for the user. The user-installed ICA client then securely establishes an ICA connection over SSL using port 443.
  9. The Secure Gateway service receives the session ticket over port 443 from the client and contacts the STA for ticket validation. If the ticket is valid, the STA returns the IP address of the MetaFrame server on which the requested application resides. If the session ticket is invalid or has expired, the STA informs the Secure Gateway service and an error message appears on the client device.
  10. On receipt of the IP address for the MetaFrame server, the Secure Gateway server establishes an ICA connection to the MetaFrame server over port 1494 in a proxy-like manner. When the ICA connection is established, the Secure Gateway server encrypts and decrypts the data flowing through the connection.

Web Portals With No Muss and No Fuss
Microsoft provides easy-to-administrate Web portal access through Windows Sharepoint Services, a collection of services that enable users to create Web sites where they can share information and collaborate on documents.

What Sharepoint Services lacks is integration with Windows Terminal Services. It may be possible to integrate the file-sharing and document collaboration pieces of Sharepoint Services with the Terminal Services Web Connection Web site, but it will take some development effort.

Citrix has developed a comprehensive collaboration and application-delivery portal using a proprietary technology it calls MetaFrame Secure Access Manager (MSAM). Citrix's MSAM operates as a vendor-agnostic Web framework, with which applets called Content Delivery Agents (CDA) can be added and removed from the user interface with a few mouse clicks.

CDAs allow Citrix to integrate with MSAM with other vendor's collaboration technologies. In addition to integration with Sharepoint Services, Citrix provides CDAs for products such as Documentum's eRoom and IBM's Lotus Notes. Additional CDAs are available to integrate with legacy and mainframe-type systems. With MSAM, you can store documents in a collaboration-friendly format, while leveraging MetaFrame and ICA to give users access to the document editing capabilities inherent in Microsoft Office applications.

"MSAM is used mostly by the medical industry and some in the manufacturing industry," says Tim Reeser, chairman and CFO of Engineering Computer Consultants, a Citrix Platinum Reseller in Ft. Collins, Colo. Medical workers often use multiple different computers throughout the day and access lots of disparate legacy applications. "You might need to access a patient record on an AS/400 box, or look up a blood type on a mainframe system," he says. "MSAM allows you to aggregate these applications and, more importantly, the 'content' into a single, easy-to-use interface."

A Microsoft-Citrix History Lesson
If you've ever been in the Citrix community, perhaps you've heard the story of how Citrix got involved with Microsoft. Back in 1997, Citrix partnered with Microsoft in a deal where Citrix would license its Multiple Windows technology to Microsoft. In return, Citrix got the rights to Windows Server source code, a partnering agreement with Microsoft that allowed for joint product deployments, a number of cubes in Microsoft's Redmond facility to house engineers on-site, and around $185 million.

Citrix provided WinFrame, its multi-user technology originally used in NT v3.51, which opens up the Windows kernel for multiple sessions per system. Microsoft eventually incorporated WinFrame into Windows NT as Terminal Services Edition, and later in Windows 2000 Server and Windows Server 2003 as Terminal Services and Remote Desktop.

Microsoft got the multi-user kernel updates, but Citrix retained all rights to developing any multi-user clients on non-Microsoft operating systems. So Citrix ensured its server technology would be tightly integrated with Microsoft's OS, but only by purchasing the add-on Citrix application could a user get to that server from Macintosh, UNIX, and DOS clients.

That agreement is still in force today. "In May of 2002, another agreement was signed for three years, continuing our access to the (Windows Server) source code," says David Jones, Citrix senior vice president of Corporate Development. "The agreement permitted a timely release of MetaFrame Presentation Server Feature Release 3, which was released on the same day as Windows 2003.

"That agreement ends in May of 2005, however it is fully expected that Microsoft and Citrix will renew the agreement in 2005," he says.

To provide some perspective into the relationship between the two companies, in October 2003 Citrix was named Microsoft Global Independent Software Vendor of the Year.

About the Author

Greg Shields is Author Evangelist with PluralSight, and is a globally-recognized expert on systems management, virtualization, and cloud technologies. A multiple-year recipient of the Microsoft MVP, VMware vExpert, and Citrix CTP awards, Greg is a contributing editor for Redmond Magazine and Virtualization Review Magazine, and is a frequent speaker at IT conferences worldwide. Reach him on Twitter at @concentratedgreg.


comments powered by Disqus

Subscribe on YouTube