What is our primary use case?
I mainly use it for VPN connections to resources like my physical laptop, which is currently in the office, while I'm working remotely. We use it for all the virtual machines.
The goal is to simply give users the possibility to securely connect to their laptops or virtual machines, in some cases.
It's not a cloud solution. We use Virtual Apps and Desktops with Windows 10 in the same way as servers with, for example, Linux systems. There is no dedicated infrastructure.
I'm not a Citrix administrator, I'm just a regular user.
How has it helped my organization?
From my perspective, when the COVID pandemic occurred, and the whole company had to work remotely, the users who used this solution had a better feeling that the remote system is stable and reliable, in comparison with a regular VPN connection with a VPN client. The difference with Citrix is that only the things you move on your screen, like the mouse and keyboard keys, are transmitted. In a normal VPN connection, the whole connection to the network resources in the company are transmitted and this costs bandwidth. The Citrix solution is much more convenient for the user.
What is most valuable?
The most valuable feature is the gateway to a remote connection, to a physical or a virtual PC. Compared to a normal VPN client and connection, the connection via Citrix is more stable and does not consume as much network bandwidth.
For how long have I used the solution?
I have been using Citrix Virtual Apps and Desktops for about two years, but I am familiar with previous versions like XenServer and XenDesktop. So my overall experience with Citrix goes back about six years.
What do I think about the stability of the solution?
It is a stable solution. But if we don't have a stable network in the user environment, it is very sensitive to things like that. The user experience when using the solution’s technology remotely depends on network stability. When the network is stable the experience is positive, but when there is some fluctuation of the network speed, Citrix can freeze the screen or mouse at that moment, and this is not good for users.
One of the advantages of Citrix is its automatic reconnection. If a connection is broken for a second or two, Citrix tries to reconnect. And if the loss of connection is less than, say, 15 seconds, the user will have the same moment on his screen as before the connection was lost.
What do I think about the scalability of the solution?
As I review the possibilities of adding a second site or more users, or advantages like multi-screen, I believe this is a scalable solution.
Which solution did I use previously and why did I switch?
I am familiar with Check Point's VPN and VMware Horizon. These are comparable technologies to Citrix.
At various times I have used the VPN client from Check Point. This solution is a very stable and secure solution.
Citrix is oriented toward web application access with access to VDIs or regular, physical PCs.
And VMware Horizon is a solution oriented strictly to give access to give to virtual desktops. Citrix is a set of technologies which can be used to access physical and virtual machines, while Horizon is mostly for virtual machines and Check Point is mostly for accessing physical applications and to secure the traffic.
Each vendor, in upcoming versions, adds this or that possibility, so that the products will be similar in terms of their roadmaps.
How was the initial setup?
It's easy. We have a very clear idea of the setup. But from a financial point of view, it's not so easy to deploy it quickly.
This was a kind of PoC, to see what Citirx looks like. After financial considerations and discussions, we decided to stay at this stage for the next year or more.
In terms of our initial setup, from the beginning of COVID pandemic, starting in March of this year, about 50 users have started working with the Citrix connection to their laptops and VDIs, while about 100 users have worked with regular VPN. The Citrix users mainly work with detailed applications which need long connection times. They are IT employees, like me, and a couple of people like the CEO and others from management.
There are two or three technicians who administer it.
What's my experience with pricing, setup cost, and licensing?
Based not only on the cost of Citrix, but additional costs like firewalls, IPS, and other solutions, the total cost of switching users from using normal laptops with VPNs to connection via Citrix were so huge that the CEO of our company decided to postpone the deployment process.
Because we are at the beginning and have started from scratch we are, on the one hand, in a very convenient situation. But on the other hand, we must spend a certain amount of money for infrastructure on things like routers, connections, etc.
Building a real farm of VDIs could improve the work for users, but this is a strategic decision for our company. We are reviewing technologies like VMware Horizon and others. In each case, the cost is high and in the current pandemic/financial situation, our company has decided to postpone plans to move until next year or later.
I would like them to make the licensing easier to understand. Licensing is quite complicated for apps or processors or servers. When you try to adopt a solution, licensing is per bundle. But for a regular user, from a business point of view, there is no strict license: For example, access to VDI will cost X, and that is all. Instead, in each case, there is a license for access costs, while per-server the cost is that, and to another type of server it costs that. No vendor will tell you, "This is the cost per user." In each case, the answer is, "It depends."
What other advice do I have?
My advice would be to be patient. Each solution has its pros and cons.
We use the following in protecting our environment: Citrix Gateway combined with users from Active Directory and RSA tokens, as well as Remote PC Access.
I am able to use the solution from my private laptop, my company laptop, and I don't see any difference. I imagine the behavior should nearly be the same across other devices.
Which deployment model are you using for this solution?