Community

Keep Your Sanity: 5 Ways to Slow Down

Theresa Miller - Tue, 12/05/2017 - 22:37

We are going through yet another time of intense change in the IT industry. Since it is the end of the year, the pundits will start pontificating their view of how the world will look once we get through this transition period. The data center is dead! If you’re not on the public cloud your […]

The post Keep Your Sanity: 5 Ways to Slow Down appeared first on 24x7ITConnection.

Browser Video: Codecs, Formats & Hardware Acceleration

Helge Klein - Mon, 12/04/2017 - 14:13
Contents

Web video is ubiquitous. We take it for granted that browsers play video in high resolution, over any connection, on any device. Behind the scenes, a complex machinery of video formats, codecs, and GPU acceleration techniques is at work to make it all happen. This post explains what is what.

Video Container Formats

Video containers store audio and video tracks, which may be encoded in a variety of codecs. Two video container formats are being used on the web today: MP4 and WebM.

MP4

MP4 contains audio encoded in AAC or MP3 and video encoded in H.264 (AVC) or H.265 (HEVC). The MP4 format is not royalty-free.

MP4 containers with H.264 video are supported in basically any browser:

MP4 containers with H.265 video (HEVC), on the other hand, are only supported in Edge and Internet Explorer, and only on devices that can decode H.265 in hardware. The reason is simple: Edge and IE do not decode H.265 by themselves, so Microsoft does not have to pay licensing fees. Edge/IE pass the video stream for decoding to the OS which in turn sends it to the GPU. Licensing costs are paid by the GPU vendor.

WebM

WebM contains audio encoded in Ogg Vorbis and video encoded in VP8 or VP9. The WebM format is royalty-free.

WebM containers are supported in Chrome and newer versions of Edge and Firefox only. Internet Explorer does not support WebM.

Hardware-Accelerated Video Decoding

GPUs have dedicated units that are much more efficient at decoding video than general-purpose CPUs which lack similar capabilities. However, for hardware decoding to work, all the components involved need to work hand-in-hand:

  • The GPU’s decoder needs to support the video properties (codec, 4K resolution, HDR)
  • The graphics driver needs to make the GPU’s capabilities available to the OS
  • The operating system needs an abstraction layer so that applications do not have to deal with individual vendor driver APIs
  • The application (the browser) needs to make use of the OS’ decoding API
DirectX Video Acceleration API 2.0

The Windows API of choice for accessing the machine’s hardware video decoding units is called DirectX Video Acceleration 2.0. DXVA is a little-known API; not many tools exist for exploring it. One of the few is DXVA Checker. It shows the video capabilities reported by the graphics drivers.

The screenshot below depicts the capabilities of the integrated Intel HD Graphics 620, built into the Kaby Lake i7-7500 CPU. Video decoding is supported for H.264, H.265 (HEVC) and VP9 (all at least up to 4K).

H.264 Hardware Acceleration

Hardware-accelerated decoding of H.264 (AVC) video is available on all CPUs/GPUs sold in the past 4+ years. 4K resolution, however, is only supported by newer hardware sold in the past 2+ years, approximately.

H.265 Hardware Acceleration

Hardware-accelerated decoding of H.265 (HEVC) video is available only on newer CPUs/GPUs. More specifically, at least the following are required:

  • Intel Skylake
  • Nvidia Maxwell (later models) or Pascal
  • AMD Fiji or Polaris
VP9 Hardware Acceleration

Hardware-accelerated decoding of VP9 video is available only on the newest generations of CPUs/GPUs. At least:

  • Intel Kaby Lake
  • Nvidia Maxwell (later models) or Pascal
  • AMD Polaris
Checking the Browser’s Acceleration Status

Chrome reveals which video codecs are hardware-accelerated on the current platform at the special URL chrome://gpu.

The screenshot above was taken on a device with the Intel Kaby Lake CPU i7-7500U. Hardware decode support for VP9 is available (shown as VPx).

Firefox provides some information at about:support, but does not show which codecs are accelerated. There is no known way to determine the acceleration status for Edge or IE.

Codecs Used by Video Sites

Almost all video websites use the H.264 codec, and for a very simple reason: H.264 ist most broadly supported in browsers and on mobile devices.

There is just one exception: YouTube, when accessed from Chrome or Firefox, serves VP9 encoded video.

That brings us to an important caveat: YouTube videos in Chrome or Firefox are inefficiently decoded in software unless the playback device is equipped with one of the newer GPU models.

The post Browser Video: Codecs, Formats & Hardware Acceleration appeared first on Helge Klein.

Improving Ivanti Application Control Message Boxes

Aaron Parker's stealthpuppy - Sat, 12/02/2017 - 12:37

Ivanti Application Control (previously AppSense Application Manager) is an application whitelisting and privilege management solution; however, I think you’re likely aware of that since you’re reading this article. Application Control has a number of customisable message boxes that are displayed to the end-user for Windows application whitelisting or privilege elevation scenarios. In this article, I’ll discuss improving the end-user experience with some visual flair and text.

Default Message Boxes

Let’s take a look at a typical message box. Below is the default Access Denied message displayed to users on Windows 10 when attempting to start an application that hasn’t been white-listed.

Ivanti Application Control default access denied message box

With apologies to Guy Leech (the original developer of AppSense Application Manager), this message box doesn’t fit with Microsoft’s recommended Windows 7 or Windows 10 desktop UI guidelines nor display anything useful to the end user that is useful or actionable. Side note – on Windows 10, I’d love to see this particular message as a notification instead because there’s no immediate action the user can take.

Here’s another message box – this one is shown for privilege escalation. Similar in a sense to a UAC dialogue box, but this forces the user to complete the action for elevating an application with a reason for taking that action that can be audited.

Ivanti Application Control default self-elevation message box

There are several scenarios where Application Control may display a message to the end user:

  • Access Denied – execution of an application is denied
  • Application Limits Exceeded – the end-user is prevented from running multiple instances of an application
  • Self-Elevation – an end-user can elevate an application via Application Control instead of being granted administrative rights
  • System Controls – the user can be prevented from uninstalling an application, clearing specific event logs or stopping services
  • Time Limits – time limits can be put on application execution
  • Self-Authorization – end-user can be given the ability to whitelist an application themselves
  • Network Connections – controls can be placed on network destinations, paths or ports

So, potentially a reasonable level of interaction with the end-user and thus Application Control can have some impact on the perception of a user’s everyday experience. Fortunately, each of these message boxes is almost fully customisable – Ivanti provides the administrator with the ability to control both the appearance and text in the message to something that may suit a specific requirement or the environment into which it is deployed.

Creating “Good” Message Boxes

Dialog boxes suck (or at least a good chunk of them do). To understand why here’s an excellent article I recommend reading – The Magic of Flow and Why Dialogs Frustrate People. The dialogs interrupt user workflow and it’s safe to assume a user is typically seeing multiple messages in a single session (not just our Application Control messages).

Application Control supports customising the messages as well as the UI with HTML and CSS. With customisable notifications, the Application Control administrator effectively becomes a UX designer; therefore to provide users with the best experience possible and balance security needs of the organisation, we should consider carefully that experience both visually and narratively in the text displayed to the user.

When customising these I recommend paying careful attention to the language and tone of the text. Empowering a user to take the right, or no, action without generating unnecessary service desk calls is important. Here are my 3 recommendations for customising these messages boxes for an environment:

  • Ensure the message boxes fit with Microsoft UX guidelines for Windows – apart from not visually assaulting the senses, fitting in with the standard Windows visual style will provide users with a sense that these messages are a part of the normal Windows desktop workflow
  • Don’t overwhelm the user with explanatory text that they aren’t going to read anyway – avoid dialogue box fatigue. If you can, provide a link to more information, so that the user can choose to read up on why the system has been implemented
  • Don’t assume the user is doing the wrong thing. Taking a default hostile stance via the language or wording used in the messages won’t foster a sense of trust. Yes, insider threats are often the main cause of security breaches, but IT can do its part in building team trust

I believe these to be reasonable principles to consider, but of course, some environments may have specific requirements.

Microsoft has published user interface guidelines for Windows for many years, with what I would call “mixed results” from the developer community. While good design isn’t easy, Microsoft has guidelines on FontsStyle and Tone, and User Interface Principles that are applicable to the Application Control administrator.

Looking for Inspiration

Microsoft has specific message boxes in User Account Control that I’ve used as the basis for improving the messages boxes from Application Control; both visually and in the language/text. Here’s a typical UAC message box on Windows 10 – it provides some immediate visual feedback with colour and simple language for the user to act upon:

Windows User Account Control message box

UAC (and SmartScreen) displays various message boxes depending on the action taken that have different colours to better provide the user with an immediate visual feedback. 

From top to bottom: blocked app, app with unknown publisher, app with a known/trusted publisher

Sticking with an established visual style, we can use these colours in our Application Control message boxes. I haven’t found documentation on the colours from Microsoft, so the hex values below might not be 100% accurate.

Blue (#85b8e8 ) background is from the message box used to identify Windows components or software that is signed and trusted Yellow (#f8d470) background is from the message box that identifies components or applications that are untrusted or not signed Red (#8e000b) background denotes an application that has been blocked by Windows SmartScreen I’ve used a softer red (#bf3235) background from the Ivanti Application Control console instead of UAC

In addition to the visual style, we can use these as examples of the language to use in our customised Application Control message boxes. 

Updating Ivanti Application Control Message Boxes

These message boxes are customisable via HTML and CSS, so we have the ability to exert a certain level of control on the look and feel. To enable the full level of customisation, you’ll need to be running Application Control 10.1 FR3, as the limit on the number of characters in some of the messages has been removed.

Here are the default Message Settings properties:

Ivanti Application Control message settings

Under that advanced button, is the CSS used to customise the visuals. So the first thing we’re going to do is customise that CSS to align the visuals with Windows 10. I am maintaining an updated CSS file to completely replace the default CSS on GitHub, which means that anyone can fork the file, improve it and contribute.

There are a few things that the CSS does and provides customisation for:

  1. Changes the default font to Segoe UI, the default Windows font (instead of Microsoft San Serif). The font used in the user input box in self-elevation message boxes is changed to Consolas instead of Courier New
  2. Hides the red and white X graphic. By default, this image is shown on all message boxes and doesn’t actually fit in with the intention of all messages boxes
  3. Enables a header in the 3 colours shown above
  4. Gives buttons a Windows 10 look
  5. Prevents scrollbars from showing inside the message boxes – because the messages can only be set to a fixed height and width, some scrolling occurs even in the default messages shown in the images at the beginning of this article

At the moment, this CSS isn’t perfect and requires updates to fix the cutting off text on the right-hand side of the dialog box, but I think it’s a huge improvement over what’s provided by default. 

Access Denied

Let’s look again at the default Access Denied message box. This doesn’t fit into the Windows UI, doesn’t necessarily tell the user what’s occurred or tell them whether any further action is required.

Ivanti Application Control default access denied dialog box

With our new CSS in place, we can modify the HTML behind this message to reflect what’s going on, as well as provide the user with a link to a page with more information. Note that because my CSS isn’t currently perfect, I’m cheating a bit by putting a carriage return after “Running this app might put”, so that the text isn’t cut off on the righ-hand side of the message box.

<div class="header red">An app has been prevented from running to protect this PC.</div> <div class="description">An unrecognised or unauthorised app was prevented from starting. Running this app might put your PC at risk. Blocked app: %ExecutableName% Location: %DirectoryName% Description: %AC_FileDescription% Publisher: %AC_CompanyName% Please view the <a href="https://servicedesk.stealthpuppy.com">Information Security Corner</a> for details on why this app was blocked. To install an app, you may need to raise a service request. </div>

Because we have a fixed height and width for the box, I’ve set the height to 690 pixels and the width to 440. Our new Access Denied message box now looks like this:

Ivanti Application Control access denied message box with improved styling

In this example, we are now providing the user with some immediate visual feedback, some reason as to why the application was blocked, some details on what was blocked and finally a link to more information (i.e. the action that the user can take). An external page can provide the user with a framework for understanding what’s going on and whether they should pick up the phone for the service desk (or not), with better detail and interaction than a message box could provide.

Self-Elevation

Now let’s do the same with the Self-Elevation action. Here’s the HTML:

<div class="header yellow">Do you want to allow this app to make changes to your device?</div> <div class="description">App name: %ExecutableName% <br/>This action will run this app with elevated privileges. Please provide the reason for taking this action. This information will be logged and audited. Improper use of elevated applications are in violation of the <a href="https://servicedesk.stealthpuppy.com">Acceptable Use Policy</a>.</div>

I’ve set the height to 770 pixels and the width to 460. Here’s the result:

Ivanti Application Control self-elevation message box with improved styling

In this example, we aren’t bombarding the end-user with text nor assuming what they’re doing is a hostile action. If you’re an IT Pro or a developer, there’s a good chance you’ll need to elevate an application several times during a single session, so this could be something you see multiple times a day.

System Controls

For a simple example, let’s update the System Controls message.

<div class="header blue">Uninstall of %ApplicationName% is not permitted.</div> <div class="description">Removal of this application has been denied to protect the integrity of this PC.</div>

Which then looks like this:

Ivanti Application Control system controls message box with improved styling

Here we’ve used blue to differentiate this from the previous two messages.

Be aware of High DPI Displays

Note that today Application Control doesn’t support high DPI displays or scaling above 100% very well. Because those dialog boxes are a fixed size and the contents don’t scale, you get something like this:

Ivanti Application Control Access Denied Dialog at 200% scaling

Ivanti is, of course, aware of the issue and I assume there’ll be a fix in a future update. Until then, at least on Windows 10, you can override the high DPI scaling behaviour. The Application Control Agent folder has a number of executables that run each of the messages. For example, to fix the scaling on the Access Denied message box, set compatibility of AMMessage.exe that the high DPI scaling behaviour is set to System (Enhanced).

Setting Application Control High DPI Scaling Compatibility

Once set, the message box will be set to its correct size and scaled up on high DPI displays, thus the box may look fuzzy depending on resolution and scaling. To avoid setting this on each executable individually on each end-point, use Group Policy or the Application Compatibility Toolkit to set these properties.

Conclusion

In this article, I’ve discussed how to improve the Ivanti Application Control message boxes for both visuals and text. With some effort, we’ve updated the style to better fit in with Windows 10, but these look right at home on Windows 7 as well. Additionally, the text has been improved to provide users with (hopefully) just the right amount of explanation, enabling them to take effective action if needed.

The custom CSS streamlines the visuals and better aligns the message boxes with UI guidelines from Microsoft. While I’ve made the CSS available on GitHub, it could do with some improvement. Opening this up to the community will enable feedback and updates.

This article by Aaron Parker, Improving Ivanti Application Control Message Boxes appeared first on Aaron Parker.

Categories: Community, Virtualisation

Your Guide to AWS re:Invent Announcements for 2017

Theresa Miller - Thu, 11/30/2017 - 06:30

AWS re:Invent 2017 is one of the most anticipated conferences of the year, since it usually falls towards the end of November. One thing that we all can count on is a slew of announcements during re:Invent 2017.  Luckily for us, AWS makes it easy to keep track of these re:Invent announcements. Let’s take a […]

The post Your Guide to AWS re:Invent Announcements for 2017 appeared first on 24x7ITConnection.

Microsoft Tech Summit – Sydney wrap-up

Theresa Miller - Tue, 11/21/2017 - 06:30

Microsoft kicked off their free, global Tech Summit event in Sydney on 16 & 17 November. This is their first attempt at this event format which is travelling to 13 countries around the world, with a US series also planned. So, what was different and did it work? Sessions, but not as you know them […]

The post Microsoft Tech Summit – Sydney wrap-up appeared first on 24x7ITConnection.

Getting Ready for AWS re:Invent 2017

Theresa Miller - Tue, 11/14/2017 - 06:30

The time is upon us again, and soon we will prepare to descend on Las Vegas. It is time to begin getting ready for AWS re:Invent. This year’s event begins on November 27th and runs through December 1st.  There are pre-event activities on Sunday December 26th as well, but let’s concentrate on what you’ll want […]

The post Getting Ready for AWS re:Invent 2017 appeared first on 24x7ITConnection.

Virtualize deep learning environments – is it possible?

Theresa Miller - Tue, 11/07/2017 - 19:24

As an industry, we have years of experience virtualization applications, but can we virtualize deep learning? In my last post, I mentioned HPC applications are architected in several ways. But how can we architect a virtual environments if we don’t understand the applications we’ll run on them? In this post, I’ll describe deep learning applications, and […]

The post Virtualize deep learning environments – is it possible? appeared first on 24x7ITConnection.

What Powered HashiCorp’s Latest Funding Round

Theresa Miller - Thu, 10/26/2017 - 05:30

The team at HashiCorp have been extremely busy lately, which has been further evidenced by HashiCorp’s latest funding round.  Many of HashiCorp’s products have also been updated around the time of the funding announcement.  HashiCorp is known among virtualization admins, cloud admins, and developers for the variety of provisioning products as well as other ecosystem […]

The post What Powered HashiCorp’s Latest Funding Round appeared first on 24x7ITConnection.

Microsoft’s strong SMB story with Microsoft 365 Business

Theresa Miller - Tue, 10/17/2017 - 05:30

When Microsoft announced the Microsoft 365 solution set, a lot of people scratched their heads and wondered what they were thinking. Did this replace Office 365? Was it just a marketing wrapper bundle of existing products? Microsoft staff still get hassled about the naming choice (out of the control of most of them). But now […]

The post Microsoft’s strong SMB story with Microsoft 365 Business appeared first on 24x7ITConnection.

UK Citrix User Group 2017, Winter Meeting – London

Citrix UK User Group - Sat, 10/14/2017 - 13:44

Our 23rd event will take place in London on 30th of November. Venue Wellcome Collection 183 Euston Road London NW1 2BE Transport Nearest Tubes: Euston Square (Circle, Metropolitan, Hammersmith & City), Warren Street (Northern and Victoria Line) Nearest station: Euston …

Read more »

The post UK Citrix User Group 2017, Winter Meeting – London appeared first on UK Citrix User Group.

Join Theresa Miller and Phoummala Schmitt at VMWorld 2017 on The Cube

Theresa Miller - Thu, 10/12/2017 - 05:30

The tech ‘fit’ debate: Universal tech in a couture IT world At VMworld Phoummala Schmitt and Theresa Miller were interviewed on The Cube.  We discussed where our careers started, our goals, what we do, and some of our thoughts on VMWorld 2017.  You won’t want to miss the write-up and discussion! Technology advancements may be […]

The post Join Theresa Miller and Phoummala Schmitt at VMWorld 2017 on The Cube appeared first on 24x7ITConnection.

Interactive Learning on AWS by Finding flAWS

Theresa Miller - Tue, 10/10/2017 - 05:30

Learning about security is something that is, or should be, on everyone’s todo list. As we look to the public cloud for new ways to deploy and manage infrastructure, we also have to look at how new security models and procedures have to come along with it. An interesting way to make this easier and […]

The post Interactive Learning on AWS by Finding flAWS appeared first on 24x7ITConnection.

Join me on Datanauts to discuss Migrating Exchange to Office 365

Theresa Miller - Thu, 10/05/2017 - 16:52

Are you thinking about migrating to Office 365 Exchange Online, but  not sure what you should be thinking about for getting started?  Have you started your Exchange Migration, but still finding you have some questions to be answered.  Join me for Datanauts episode where we discuss migrating Exchange to Office 365.  What you should be […]

The post Join me on Datanauts to discuss Migrating Exchange to Office 365 appeared first on 24x7ITConnection.

Melbourne CUGC IV – It’s LTSR in the Spotlight!

Aaron Parker's stealthpuppy - Wed, 10/04/2017 - 11:20

We’ve been busy planning our next CUGC meet-up for 2017, which will be on the 24th of October at the Telstra Conference Center at 242 Exhibition St. To attend the meet-up, ensure you’ve signed up at the MyCUGC.org site: https://www.mycugc.org/page/melbourne-oct24-2017 

Agenda

We’ve got Christian Lloyd from Citrix to take us through the XenDesktop / XenApp 7.15 LTSR release. This release is not to be underestimated and I’m expecting to see many organisations finally moving off XenApp 6.5 and those still on 7.6 LTSR, upgrade to 7.15 to take advantage of the new features. Because the latest release has so many features, the theme for this meeting will be ‘Doing more with what you have‘; so we’ll also take you through some of the really interesting features (e.g. FAS, App Layering, Workspace Environment Management, etc.) that you can be taking advantage of to improve your XD/XA environments. Plus get your questions about how to migrate answered.

CUGC Community Presentation

We still have space for a community presentation – if you’re interested in presenting on any topic related to Citrix technologies, we would love for you to present. 

Sponsor

This month, we’re really happy to have eG Innovations sponsoring our meet-up and to discuss proactive monitoring, assessment and management of your Citrix XenDesktop and XenApp environments. To get an idea what eG Innovations is doing, check out this recent Citrix blog article: Monitor Logon Performance Seamlessly with eG Innovations. Did you know they have a logon simulator? Check it out: 

eG Enterprise Express-Free-Logon Simulator screenshot

eG Innovations enables us to rent the venue and also provide beer and pizza for XenBeers afterwards, so we’d love to see you there. Even better, they’ll be giving away a Google Home!

Win Google Home at our next CUGC meet-up

Special Announcement

Be sure to come along to this month’s event to hear about our extra special December event. This is not something you’re going to want to miss.

 

This article by Aaron Parker, Melbourne CUGC IV – It’s LTSR in the Spotlight! appeared first on Aaron Parker.

Categories: Community, Virtualisation

Can you virtualize HPC Workloads?

Theresa Miller - Tue, 10/03/2017 - 05:05

You may have heard about high-performance computing (HPC), but have you ever wondered if you can virtualize HPC workloads? It is an interesting question. Data Scientists  build HPC applications to do frame rendering that creates realistic animations, numerical simulation that helps build state-of-the-art jets, even modeling and simulations that create the financial models that our economies […]

The post Can you virtualize HPC Workloads? appeared first on 24x7ITConnection.

Simple Country of Origin Control for NetScaler with Azure AD

Aaron Parker's stealthpuppy - Thu, 09/28/2017 - 06:29

Great news! Microsoft has enabled a number of available conditions and custom controls in Azure AD for use in Conditional Access making these policies even more useful. This includes a simple method to control access to Citrix NetScaler by country of origin.

Back in March of this year, I was working on a project to design a solution for hosting applications in an Azure data centre, with access provided by Citrix XenApp and NetScaler. This particular customer needed to control access to both Office 365 applications and XenApp from specific locations only. 

By configuring Citrix FAS and NetScaler with SAML authentication to Azure AD, we were able to use Named Locations in Azure AD Conditional Access policies to achieve the desired goal. For instance we could allow Office 365 only from compliant or domain-joined PCs and ensure access to XenApp only from specific locations. Thus for a certain group of users, they could only access Office 365 applications from XenApp and then only from a specific physical location.

All was well, until Microsoft pulled the ability to use Named Locations in Conditional Access policies half-way through the project. Lesson learned – never rely on preview features in Azure.

At Ignite 2017 this week, Microsoft announced a number of new conditions that includes the ability again to use Named Locations in conditions. What’s new here is the ability to pick from a list of countries when defining those locations. With the number of new conditions available, including Terms of Use, VPN connectivity and Custom controls, I am hoping that Microsoft will not pull these features in the future and instead get them out of preview as quickly as possible.

SAML All The Things!

In my previous article on integrating Citrix NetScaler with Azure AD and Conditional Access, I’ve described the steps to enable SAML authentication to Azure AD from NetScaler to enable a single authentication experience across remote published apps (or desktops) and Office 365. You could extend this of course to additional applications, provide users with single sign-on across all sorts of applications.

Doing so allows IT to control access to any application, whether that be legacy Win32 apps, or new SaaS applications from a single administrative experience with Conditional Access. Seen in the screenshot below, I have policies providing access to various applications – it’s a beautiful thing.

Azure AD Conditional Access policies

Conditions in Conditional Access Policies

The new conditions and controls should be available now, in preview, for just about everyone. These include:

  • Custom controls – JSON for customised controls from 3rd party claim providers. This should enable just about any type of user or device control in a CA policy
  • Terms of use – require a user to consent to your organisation’s terms of use before they get access to an application
  • VPN connectivity – force device compliance (for Windows 10 devices) before being allowed access to a corporate VPN

New conditions and controls in preview

Enabling Country of Origin

Previously Named Locations allow you to only provide locations via specific subnets to define egress locations, e.g. your corporate office. New in Named Locations is the ability to add specific countries that you could use in allow or block scenarios, effectively enabling a whitelist or blacklist of regions.

Creating a Named Location to define country of origin

Once these Named Locations are defined, it’s possible to mix and match locations depending on your requirements. Within a Conditional Access policy, enable Locations under Conditions, and add the Named Locations. Use either Include or Exclude to whitelist or blacklist respectively.

Allowing access from specific countries

And that’s it! We now have country of origin as a condition that we could use as one condition to ensure access is secure. Allow compliant device, enforce MFA, or a custom control to give you confidence that access to XenApp or XenDesktop applications (or perhaps even web apps) is secure.

Granting access with MFA

If we were to compare setting up NetScaler Gateway with AD integration, 3rd party multi-factor authentication and country of origin access by subscribing to a country database (see How to Use NetScaler to Block Access to a Website Using a Location Database Based on User’s Country), I’m sure you would agree this method is simpler and easier to maintain.

This article by Aaron Parker, Simple Country of Origin Control for NetScaler with Azure AD appeared first on Aaron Parker.

Categories: Community, Virtualisation

Turbonomic 6.0 Is Now Available!

Theresa Miller - Thu, 09/28/2017 - 05:30

Turbonomic has recently released the newest version of their self-managing hybrid cloud management software, Turbonomic 6.0. The focus in this release is enabling cloud adoption for organizations, whether it be a public cloud, private cloud, or hybrid cloud strategy. Enabling the Public Cloud One of the biggest challenges organizations face is right sizing their public […]

The post Turbonomic 6.0 Is Now Available! appeared first on 24x7ITConnection.

WHAT YOU DON’T KNOW WON’T HURT YOU. WHAT I WISH I KNEW WHEN I STARTED IN IT (PART ONE)

Theresa Miller - Tue, 09/26/2017 - 14:58

Recently I wrote a post for Solarwinds Thwack. Its interesting, because I wrote a small series that covered why in a way ignorance is bliss. Sometimes what we don’t know can be our saving grace, that being said I also share some insights into what I wish I had know when I started out in […]

The post WHAT YOU DON’T KNOW WON’T HURT YOU. WHAT I WISH I KNEW WHEN I STARTED IN IT (PART ONE) appeared first on 24x7ITConnection.

Changing your Mindset – Monitoring Solutions are Necessary for Successful IT Digital Transformation

Theresa Miller - Tue, 09/19/2017 - 05:30

The way we consume technology is changing rapidly, and the term digital transformation seems to be used in many ways.  So, what does it mean?  To me it means that organizations have adopted their technology base, and have workflows and processes in place that are successful.  But now with technologic advancements changing and reshaping how […]

The post Changing your Mindset – Monitoring Solutions are Necessary for Successful IT Digital Transformation appeared first on 24x7ITConnection.

Microsoft Teams announces external access, with caveats

Theresa Miller - Mon, 09/18/2017 - 05:30

When Microsoft announced its “Slack-killer” conversation-style Teams product, one piece of functionality was glaringly lacking – access into a team for people outside of your own organization. This week, external access was announced, but only partially. You can now invite guests into your teams IF they already have an Azure AD account (which for most […]

The post Microsoft Teams announces external access, with caveats appeared first on 24x7ITConnection.

Pages

Subscribe to Spellings.net aggregator - Community