Citrix Application Delivery Management (ADM) is a centralized management solution. It simplifies operations by providing administrators with enterprise-wide visibility and automating management jobs that are getting ran across multiple instances. You can manage and monitor Citrix application networking products including Citrix Application Delivery Controllers (ADC) MPX, VPX, SDX, CPX, BLX, Citrix Gateway, Citrix Web Application Firewall (WAF). You can use ADM to manage, monitor, and troubleshoot the entire global application delivery infrastructure from a single, unified console.
ADM also addresses the application visibility challenge by collecting detailed information about web-application and virtual-desktop traffic including application flow, security events, user-session-level information, webpage performance data, and database information flowing through the managed Citrix Appliances, and providing actionable reports. This approach enables administrators to troubleshoot and proactively monitor customer issues in a matter of minutes.
Citrix ADM Software virtual appliances can be deployed in several deployment modes and provide the flexibility to integrate within your existing Citrix networking design. The following are some of the deployment scenarios implemented by using ADM Software appliances.
This ADM Reference document defines a set of architectural building blocks for delivering Citrix Application Delivery Management (Citrix ADM). The target audiences are technical professionals and architects seeking knowledge on how to key components to support the following objectives.
The Citrix Application Delivery Management (ADM) software uses a built-in data store to provide integration with the server, and the server manages all the key processes, such as data collection, NITRO API calls. In its data store, the server stores an inventory of instance details, such as host name, software version, running, and saved the configuration, certificate details, entities configured on the instance. Single server deployment is suitable if you want to process small amounts of traffic or store data for a limited time.
The following image shows the different internal and external subsystem components of a Citrix ADM appliance and the communication flow between the internal ADM server components and externally managed networking appliances and instances.
The Citrix ADM NITRO Service acts as a web server handling HTTP requests and responses sent to other subsystems within the appliance from the management GUI or APIs/SDKs, using ports 80 and 443. These requests travel via the Message Bus (message processing system) by using the inter-process communication (IPC) mechanism. Initially, the HTTP requests sent to the Control subsystem, which either processes the information or sends it to another, more appropriate subsystem. Each of the other subsystems including Inventory, StyleBooks, Data Collector, Configuration, AppFlow Decoder, AppFlow Analytics, Performance, Events, Entities, SLA Manager, Provisioner, Journal, and daemons (aaad/snmpd/ntpd/syslogd/monit/sshd/pitboss), have specific roles.
Citrix ADM is a centralized management solution that simplifies operations by providing administrators with enterprise-wide visibility and automating management jobs that are getting ran across multiple instances.
To manage and monitor applications and the network infrastructure, you must first install Citrix ADM on one of the hypervisors. You can deploy Citrix ADM either as a single server or in a high availability mode. When using Citrix ADC Insight Center, you can migrate to Citrix ADM and avail of the management, monitoring, orchestration, and application management features in addition to the analytics features.
The following diagram depicts the high-level ADM HA appliance deployment.
Before importing a Citrix ADM appliance to your current platform (that is, Hypervisors), understanding the critical system licensing, hypervisor requirements, appliance image requirements, and ADC Build Integration limitations is a must.
Citrix ADM requires a verified Citrix ADC license to manage and monitor the Citrix ADC instances.
You can manage and monitor any number of supported instances and entities without a license. However, you can select and configure Analytics for an initial 30 discovered applications on the App Dashboard and view analytics data for 30 virtual servers without applying for extra licenses. To collect Analytics for more than 30 discovered applications (30 virtual servers), you must purchase and apply the desired licenses.
Full information on licensing is available in the Citrix ADM product documentation about licensing.
An ADM appliance deployed on-premises as virtual appliances can run on Citrix Hypervisor, VMware ESXi, Microsoft Hyper-V, and Linux KVM.
The following table lists the hypervisors supported by Citrix ADM.
Hypervisor | Versions | Product Documentation |
---|---|---|
Citrix Hypervisor | 7.1 and 7.4 | Citrix ADM with Citrix Hypervisor |
VMware ESXi | 6.0 and 6.5 | Citrix ADM with VMware ESXi |
Microsoft Hyper-V | 2012 R2 and 2016 | Citrix ADM with Microsoft Hyper-V |
Generic KVM | RHEL 7.4 and Ubuntu 16.04 | Citrix ADM with Linux KVM server |
Citrix ADC instances deployed in remote data centers can be managed and monitored from Citrix ADM running in a primary data center. Citrix ADC instances sent data directly to the primary Citrix ADM that resulted in the consumption of WAN bandwidth. Also, the processing of analytics data utilizes CPU and memory resources of primary Citrix ADM.
Customers have their data centers located across the globe. Agents play a vital role in following scenarios where the customers can choose:
Component | Requirement |
---|---|
RAM | 32 GB required |
Virtual CPU | Eight vCPUs required |
Storage space | Citrix recommends using solid-state drive (SSD) technology for Citrix ADM deployments. The default value is 120 GB. Actual storage requirement depends on Citrix ADM sizing estimation. If your Citrix ADM storage requirement exceeds 120 GB, you to have to attach an extra disk. You can add only one extra disk. Citrix recommends you estimate storage and attach the extra disk at the time of initial deployment. Use the sizing calculator to do the exact sizing estimation for your Citrix ADM deployment, and for more information, see How to Attach an Additional Disk to Citrix ADM. |
Virtual network interfaces | 1 |
Throughput | 1 Gbps or 100 Mbps |
Agents work as an intermediary between the primary Citrix ADM and the discovered instances across different data centers. Following are the benefits of installing agents:
The following is the minimum requirements for Citrix ADM on-prem agent:
Component | Requirement |
---|---|
RAM | 8 GB required Note: The default value is 32 GB. Citrix recommends that you increase the default value to 32 GB for better performance. |
Virtual CPU | Two vCPUs required |
Storage space | 30 GB |
Virtual network interfaces | 1 |
Throughput | 1 Gbps |
The following figure shows Citrix ADC instances in two data centers and Citrix ADM high availability deployment using multisite agent-based architecture.
The primary site has the Citrix ADM nodes deployed in a high availability configuration. The Citrix ADC instances in the primary site directly registered with the Citrix ADM.
In the secondary site, agents are deployed and registered with the Citrix ADM server in the primary site. These agents work in a cluster handling a continuous flow of traffic in case an agent failover — the Citrix ADC instances at the secondary site registered with the primary Citrix ADM server through agents. The instances send data directly to agents instead of primary Citrix ADM. The agents process the data received from the instances and send it to the primary Citrix ADM in a compressed format. Agents communicate with the Citrix ADM server over a secure channel, and the data sent over the channel compressed for bandwidth efficiency.
Diverse Citrix ADM features supported on different Citrix ADC software versions. Review the following table to make sure you have upgraded your Citrix ADC instances to the correct version.
Citrix ADM Features | Citrix ADC Software Version |
---|---|
StyleBooks | 10.5 and later |
OpenStack/CloudStack Support | 11.0 and later: If a partition is required 11.1 and later: If partition on shared virtual LAN is required. |
NSX Support | 11.1 Build 47.14 and later (VPX) |
Mesos/Marathon Support | 10.5 and later |
Backup/Restore | 10.1 and later OR for SDX 11.0 and later |
Monitoring/Reporting & Configuration using Jobs | 10.1 and later |
Citrix Analytics Features | Citrix ADC Software Version |
Web Insight | 10.5 and later |
HDX Insight | 10.1 and later |
Security Insight | 11.0.65.31 and later |
Gateway Insight | 11.0.65.31 and later |
Cache Insight | 10.5 and later* |
SSL Insight | 12.0 and later |
Important Note: Integrated Cache Metrics are not supported in Citrix ADM with Citrix instances running version 11.0 build 66.x.
Citrix Application Delivery Management (ADM) storage requirement is determined based on your Citrix ADM sizing estimation. By default, Citrix ADM provides you a storage capacity of 120 GB. If you need more than 120 GB for storing your data, you can attach an extra disk (Max extra disk per ADM is 3 TB).
To limit the amount of reporting data stored in your Citrix ADM server’s database, you can prune it. You can specify the interval for which you want Citrix ADM to retain network reporting data, events, audit logs, and task logs. By default, this data is pruned every 24 hours (at 00.00 hours). More details can found here.
Citrix devices can be backed up automatically to the Citrix ADM server. Also, those backed-up data forwarded to an external server for historical trending and auditing. Refer to the link for more details.
In a Citrix ADM single server deployment, the database is deployed and integrated with the server, and a single server processes all the traffic. You can use Citrix ADM with Citrix Hypervisor, VMware ESXi, Microsoft Hyper-V, and Linux KVM.
An HA deployment of two Citrix ADM servers provides uninterrupted operations. In a high availability setup, both the Citrix ADM nodes must be deployed in active-passive mode, on the same subnet using the same software version and build and must have identical configurations. With HA deployment, the ability to configure the floating IP address on the Citrix ADM primary node eliminates the need for a separate Citrix ADC load balancer.
The following are the benefits of a high availability deployment with Citrix ADM:
The following diagram depicts the ADM HA deployment.
In high availability deployment, one of the Citrix ADM nodes configured as the primary node (ADM HA Node 1) and the other as the secondary node (ADM HA Node 2). If the primary node goes down due to any reason, the secondary node takes over as the new primary node.
Disaster is a sudden disruption of business functions caused by natural calamities or human-caused events. Disasters affect data center operations, after which resources and the data loss at the disaster site must be fully rebuilt and restored. The loss of data or downtime in the data center is critical and collapses the business continuity.
The Citrix ADM disaster recovery (DR) feature provides full system backup and recovery capabilities for Citrix ADM deployed in high availability mode. At the time of recovery, certificates, configuration files, and a complete backup of the database are available in the recovery site.
The following table describes the terms used while configuring disaster recovery in Citric ADM
Terms | Description |
---|---|
Primary site (Data Center A) | The primary site has Citrix ADM nodes deployed in high availability mode. |
Recovery site (Data Center B) | The recovery site has a disaster recovery node deployed in standalone mode. This node is in read-only mode and is not operational until the primary site is down. |
Disaster recovery node | The recovery node is a standalone node deployed in the recovery site. This node is made operational (to the new primary) in case a disaster select the primary site, and it is non-functional. |
Note: The primary site and DR site communicate with each other through ports 5454 and 22, which are enabled by default.
The following image shows the disaster recovery workflow, the initial setup before the disaster, and the workflow after the disaster.
The image shows the disaster recovery setup before the disaster.
The primary site has Citrix ADM nodes deployed in the high availability mode, as shown in the previous section.
The recovery site has a standalone Citrix ADM disaster recovery node deployed remotely. The disaster recovery node is in read-only mode and receives data from the primary node to create data backup. Citrix ADC instances in the recovery site are also discovered, but they do not have any traffic flowing through them. During the backup process, all data, files, and configurations are sent and replicated on the disaster recovery node from the primary node.
After the initiation of the script at the DR site, the DR site now becomes the new primary site. You can also access the DR user interface.
Full information about the disaster recovery (DR) feature is available in the Citrix ADM product documentation article Configure disaster recovery for high availability.
You can install and configure the agent, to enable communication between the primary Citrix ADM and the managed Citrix ADC instances in another data center.
You can install an agent on the following hypervisors in your enterprise data center:
The number of agents installed per site depends on the traffic being processed. Currently, Citrix has validated two agents per site for an agent failover scenario. Citrix recommends that you install at least two agents per site so that the traffic flows to another agent in case of an agent failover.
For communication purposes, the following ports must be open between the agent and Citrix ADM on-prem server.
Type | Port | Details |
---|---|---|
TCP | 8443,7443,443 | For outbound and inbound communication between the agent and the Citrix ADM on-prem server |
The following ports must be open between the agent and Citrix ADC Instances.
Type | Port | Details |
---|---|---|
SNMP | 161,162 | To receive SNMP events from Citrix ADC instance to agent. |
TCP | 5557 | For log stream communication between the agent and Citrix ADC instances. |
Citrix ADC is an application delivery controller that performs application-specific traffic analysis to distribute intelligently, optimize, and secure Layer 4-Layer 7 (L4–L7) network traffic for web applications. For example, a Citrix ADC bases load balancing decisions on individual HTTP requests instead of on long-lived TCP connections, so that the failure or slowdown of a server is managed much more quickly and with less disruption to clients. Its feature set can be broadly consisting of switching features, security and protection features, and server-farm optimization features.
The Citrix ADC VPX is a software-based platform that provides industry-leading delivery of applications over the internet and private networks. This virtual appliance can be deployed on hypervisors on-premises or cloud platforms. The VPX appliance is supported by Citrix Hypervisor, VMware ESXi, Microsoft Hyper-V, Linux KVM, Microsoft Azure, and Amazon Web Services (AWS).
The VPX provides the full functionality of the Citrix Networking product line, with throughput capabilities ranging from 10 Mbps to 100 Gbps. The performance is controlled by the platform license and can be increased on-demand by upgrading the platform license.
Citrix ADC VPX in Azure is deployed in a Virtual Network (VNET) and is available from the Azure Marketplace in subscription-based, check-in/check-out, or Bring Your Own License (BYOL) editions. The recommended configuration includes three NICs: management, client-side, and server-side subnets. All on-premises Citrix Networking features are available in Azure, except for the following: clustering, IPv6, gratuitous ARP (GARP), L2 mode, tagged VLANs, dynamic routing, virtual MAC (VMAC), USIP, and jumbo frames.
More details on Citrix ADC VPX in Azure can be found here.
Citrix ADC VPX in AWS is deployed in a Virtual Private Cloud (VPC) and is available as an Amazon Machine Image (AMI) from the AWS Marketplace in subscription-based or bring you to own license (BYOL) editions. The recommended configuration includes three Elastic Network Interfaces (ENIs): management, client-facing, and back-end subnets. All on-premises Citrix Networking features are available in AWS, except for the following: IPv6, gratuitous ARP (GARP), L2 mode, tagged VLAN, dynamic routing, virtual MAC (VMAC).
More details on Citrix ADC VPX in AWS can be found here.
Citrix ADC MPX is a hardware-based, highly performant platform that provides industry-leading delivery of applications over the Internet and private networks, combining application-level security, optimization, and traffic management into a single, integrated appliance. All MPX appliances support Citrix nCore technology, which enables them to use their multi-core CPU systems for multi-gigabit performance and massive scalability for all application workloads.
An MPX can be integrated into any network as a complement to existing load balancers, servers, caches, and firewalls. It requires no additional client or server-side software and can be configured using the web-based GUI and CLI configuration utilities. Flexible Pay-As-You-Grow licensing helps customers protect their investment, avoid costly hardware upgrades, and reduce overall TCO.
The Citrix ADC SDX platform delivers fully isolated network instances running on a single appliance. Each instance is a full-blown environment, which optimizes the delivery of applications over the internet and private networks. The SDX platform combines application-level security, optimization, and traffic management into a single, integrated appliance. The SDX appliance is architected such that each instance runs as a separate virtual machine with its own dedicated kernel, CPU resources, memory resources, address space, and bandwidth allocation. Network I/O is done in a way that not only maintains aggregate system performance but also enables complete segregation of each tenant’s data and management-plane traffic.
A Citrix ADC can be connected to a network using various of methods such as one arm mode or two-arm mode. Citrix ADC requires multiple IP addresses to function on a network. The most important IP addresses are:
Provides visibility into enterprise web applications allowing IT administrators to monitor all web applications using the Citrix ADC by providing integrated and real-time monitoring of applications. Web Insight provides critical information such as user and server response time, enabling IT organizations to monitor and improve application performance.
Provides end-to-end visibility for ICA traffic passing through Citrix ADC. HDX Insight enables administrators to view real-time client and network latency metrics, historical reports, End-to-end performance data, and troubleshoot performance issues.
It provides visibility into the failures that users encounter when logging on, regardless of the access mode. You can view a list of users logged on at a given time. Also the number of active users, number of active sessions, and bytes and licenses used by all users at any given time.
It provides a single-pane solution to help you assess your application security status and take corrective actions to secure your applications.
SSL Insight provides visibility into secure web transactions (HTTPS). It allows IT administrators, to monitor all the secure web applications being served by the Citrix ADC by providing integrated and real-time and historical monitoring of secure web transactions.
TCP Insight provides an easy and scalable solution for monitoring the metrics of the optimization techniques and congestion control strategies (or algorithms) used in ADC instances to avoid network congestion in data transmission.
The Video Insight feature provides a secure and scalable solution for monitoring the metrics of the video optimization techniques used by Citrix ADC instances to improve customer experience and operational efficiency.
WAN Insight analytics enables administrators to easily monitor the accelerated and unaccelerated WAN traffic that flows between the data center and branch WAN optimization appliances. WAN Insight also provides visibility into clients, applications, and branches on the network to help troubleshoot network issues effectively.
The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.
DIESER DIENST KANN ÜBERSETZUNGEN ENTHALTEN, DIE VON GOOGLE BEREITGESTELLT WERDEN. GOOGLE LEHNT JEDE AUSDRÜCKLICHE ODER STILLSCHWEIGENDE GEWÄHRLEISTUNG IN BEZUG AUF DIE ÜBERSETZUNGEN AB, EINSCHLIESSLICH JEGLICHER GEWÄHRLEISTUNG DER GENAUIGKEIT, ZUVERLÄSSIGKEIT UND JEGLICHER STILLSCHWEIGENDEN GEWÄHRLEISTUNG DER MARKTGÄNGIGKEIT, DER EIGNUNG FÜR EINEN BESTIMMTEN ZWECK UND DER NICHTVERLETZUNG VON RECHTEN DRITTER.
CE SERVICE PEUT CONTENIR DES TRADUCTIONS FOURNIES PAR GOOGLE. GOOGLE EXCLUT TOUTE GARANTIE RELATIVE AUX TRADUCTIONS, EXPRESSE OU IMPLICITE, Y COMPRIS TOUTE GARANTIE D'EXACTITUDE, DE FIABILITÉ ET TOUTE GARANTIE IMPLICITE DE QUALITÉ MARCHANDE, D'ADÉQUATION À UN USAGE PARTICULIER ET D'ABSENCE DE CONTREFAÇON.
ESTE SERVICIO PUEDE CONTENER TRADUCCIONES CON TECNOLOGÍA DE GOOGLE. GOOGLE RENUNCIA A TODAS LAS GARANTÍAS RELACIONADAS CON LAS TRADUCCIONES, TANTO IMPLÍCITAS COMO EXPLÍCITAS, INCLUIDAS LAS GARANTÍAS DE EXACTITUD, FIABILIDAD Y OTRAS GARANTÍAS IMPLÍCITAS DE COMERCIABILIDAD, IDONEIDAD PARA UN FIN EN PARTICULAR Y AUSENCIA DE INFRACCIÓN DE DERECHOS.
本服务可能包含由 Google 提供技术支持的翻译。Google 对这些翻译内容不做任何明示或暗示的保证,包括对准确性、可靠性的任何保证以及对适销性、特定用途的适用性和非侵权性的任何暗示保证。このサービスには、Google が提供する翻訳が含まれている可能性があります。Google は翻訳について、明示的か黙示的かを問わず、精度と信頼性に関するあらゆる保証、および商品性、特定目的への適合性、第三者の権利を侵害しないことに関するあらゆる黙示的保証を含め、一切保証しません。
ESTE SERVIÇO PODE CONTER TRADUÇÕES FORNECIDAS PELO GOOGLE. O GOOGLE SE EXIME DE TODAS AS GARANTIAS RELACIONADAS COM AS TRADUÇÕES, EXPRESSAS OU IMPLÍCITAS, INCLUINDO QUALQUER GARANTIA DE PRECISÃO, CONFIABILIDADE E QUALQUER GARANTIA IMPLÍCITA DE COMERCIALIZAÇÃO, ADEQUAÇÃO A UM PROPÓSITO ESPECÍFICO E NÃO INFRAÇÃO.