Professional Documents
Culture Documents
Cns 203 3i Idg PDF
Cns 203 3i Idg PDF
Definitions
Exercises provide students with hands-on practice using the product. Each
exercise includes a scenario and step-by-step instructions for
completing the exercise. For the best learning experience, students
should attempt to complete the exercises using the information in
the scenario. Students should only use the step-by-step instructions
is they need additional help.
Overview
It is strongly recommended that you place exercises and reviews in the proper perspective before
students attempt them. Allow students to attempt the exercises on their own before relying on the
step-by-step instructions.
Instructor Slides
The instructor PowerPoint slides are available for download on MyCitrix.com. Review these notes
prior to teaching the class.
Overview
This module provides students with background information about an environment containing
Citrix NetScaler 9.2.
Before proceeding with the topics in this module, make sure the students understand the objectives
for Module 2.
Key Points
Do not spend too much time reviewing the components. Additional information will be
presented for many components later in the course.
Emphasize the references to materials outside the course as they are a good source of detailed
information for the student.
Overview
This module provides students with information about Citrix NetScaler 9.2. The module discusses
how Citrix NetScaler optimizes the delivery of internal- and external-facing web applications,
accelerating performance, improving availability and increasing security. This approach ensures the
best total cost of ownership, security, availability and performance for web applications.
Before proceeding with the topics in this module, make sure the students understand the objectives
for Module 2.
Key Points
Introduce the Citrix NetScaler, including content switching and load-balancing.
Identify network placement options for the NetScaler system when planning a deployment:
one-arm, two-arm and in-line mode
Discuss the deployment scenarios for deployment: Flex-tenancy, displacement and new
technology.
Describe the key feature sets of the NetScaler system:
Lower cost of ownership
Application acceleration
Application security
Application availability
Simple manageability
Web 2.0
Discuss NetScaler product editions, hardware platforms and hardware components. Reference
the Instructor PowerPoint slides for hardware platform specifications.
Discuss the NetScaler architecture. Reference the Instructor PowerPoint Slides for graphical
representation of the NetScaler architecture.
Overview
This module discusses how networking works on the NetScaler system, as well as how the NetScaler
system is fundamentally different from other devices.
Before proceeding with the topics in this module, make sure the students understand the objectives
for Module 4.
Key Points
Introduce NetScaler networking including:
Connection separation
Basic NetScaler system networking rules
Multiplexing
Describe the difference between the following IP address types:
NetScaler IP address
Subnet IP address
Mapped IP address
Virtual IP address
Discuss the different type of NetScaler modes and how to some of the different modes.
Describe inbound network translation and reverse network address translation. Refer to the
courseware manual and PowerPoint slides for an example RNAT example.
Discuss virtual local area networks and tagging, the functionality of VLANs with NetScaler
VPX and how to configure VLANs in the Configuration Utility and command-line interface.
Discuss how to configure LACP manually, and how to configure Link aggregation with LACP
Mention dynamic routing support and Route Health Injection (RHI)
Explain internet control message protocol (ICMP) and PathMTU. Refer to the PowerPoint
slide for an animation which provides an overview of PathMTU.
Common Issues
Later exercises call for rebooting the NetScaler system. Doing so will reset the system to the last
saved state. If the student did not save his or her configuration, the NetScaler system will be reset to
the original state (prior to this lab) and will have lost basic connectivity to back-end resources.
It is recommended to save the configuration after having successfully completed this lab.
Overview
This module discusses the deployment of two NetScaler systems in an environment as a high
availability pair. A high availability pair ensures that the NetScaler-provided services are always
available even if one system fails.
Before proceeding with the topics in this module, make sure the students understand the objectives
for Module 5.
Key Points
Describe high availability functionality.
Describe the process for configuring a high availability node:
Pre-configuration checklist
Virtual media access control address
Primary and secondary nodes configuration procedure
High availability status verification
Master status verification on the NetScaler system
Discuss propagation and synchronization including:
Command propagation verification in the Configuration Utility and the command-line
interface
Command propagation disablement
Automatic configuration synchronization
Forced synchronization using the Configuration Utility and the command-line interface
File synchronization
Forced failover using the Configuration Utility and the command-line interface
Describe how to enable management access in the command-line interface.
Describe secure system communication
Explain how to upgrade a high availability pair
Common Issues
If students do not undo their HA configuration, they will proceed into later labs as a high
availability pair and will likely encounter problems.
Overview
This module provides students with background information about Securing NetScaler
communications with ACLs.
Before proceeding with the topics in this module, make sure the students understand the objectives
for Module 5.
Key Points
Do not spend too much time reviewing the components. Additional information will be
presented for many components later in the course.
Emphasize the references to materials outside the course as they are a good source of detailed
information for the student.
Exercise Notes
The exercise for this module covers external authentication to the NetScaler. Not ACLs.
This exercise may be treated as optional.
For more information, see the Classroom Setup Guide
Common Issues
Students sometimes encounter problems with the LDAP configuration. All required information is
provided for them in the Before You Begin section of the exercise workbook.
Overview
This module provides students with information on how load balancing allows the NetScacler
system to distribute client requests across multiple servers to optimize resource utilization. Load
balancing improves server fault tolerance and user response times.
Key Points
Describe the following entities and how to add each in the Configuration Utility and
command-line interface:
Servers
Services
Virtual servers
monitors
Discuss load-balancing traffic types
Describe service monitoring
Point out the type of monitors
Describe default monitors
Describe the PING-default monitor
Identify service dependency monitors
Identify monitor parameters
Describe the HTTP monitoring process and monitor parameters
Describe the load balancing process
Explain how to configure service weights in the Configuration Utility and command-line
interface
Describe the different types of session persistence
Describe load balancing options: spillover, connection-based and bandwidth-based,
dynamic spillover
Exercise Notes
New to 9.2: Exercise 6-3 (RADIUS Load Balancing).
Exercise 6-4 (RTSP Load Balancing) is optional.
For more information, see the Classroom Setup Guide
Common Issues
Exercise 6-3 uses various similar credentials that may confuse students.
Authentication to the RADIUS server is based on request IP and pass phrase. In this case, the IP is
the SNIP assigned to the student (the request originates from the front-end workstation, but is
proxied through the NetScaler system. The RADIUS server sees the connection coming from the
NetScaler's back-end IP).
Therefore, the username used in the request is irrelevant to the RADIUS server. In fact, the
username is only used by the NetScaler system for determining Load Balancing persistence.
Overview
This module contains information about how the SSL Offload feature of the NetScaler system
transparently handles the CPU-intensive SSL encryption and decryption process, allowing the web
servers to dedicate more processing power to content requests. The SSL Offload feature increases
the performance of web sites that carry out SSL transactions.
Before proceeding with the topics in this module, make sure the students understand the objectives
for Module 7.
Key Points
Describe SSL and important SSL concepts
Describe SSL Offload and how it is configured
Describe the SSL session process
Describe SSL keys, certificate signing requests, certificates
Explain how to create a certkey pair on the NetScaler system
Define SSL deployment scenarios
Explain how to configure SSL Offload
Exercise Notes
For more information, see the Classroom Setup Guide
Overview
This module discusses how the Global Server Load Balancing feature ensures that client requests
are directed to the best performing site available in a global enterprise or Internet environment.
GSLB enables the NetScaler system to make intelligent traffic decisions based on server availability,
and prevents client requests from being directed to sites which are not available.
Before proceeding with the topics in this module, make sure the students understand the objectives
for Module 8.
Key Points
Describe GSLB architecture and explain the GSLB conversation process.
Describe Metric Exchange Protocol (MEP) and how to disable it from the command-line
interface.
Discuss GSLB monitoring
Describe how the NetScaler system can be configured to respond to DNS queries
Discuss DNS proxy configuration
Discuss GSLB DNS methods
Describe GSLB configurations: Traditional GSLB and Proximity-based GSLB
Describe how to implement GSLB failover for disaster recovery
Describe the GSLB entity relationship
Exercise Notes
This exercise requires students to partner up.
The configurations done during this exercises must be undone to proceed to later labs.
For more information, see the Classroom Setup Guide
Overview
This module provides an overview of the classic policy expression engine and syntax, as well as how
to configure classic policy expressions for content filtering and compression.
Before proceeding with the topics in this module, make sure the students understand the objectives
for Module 9.
Key Points
Describe classic policies
Identify basic policy components
Discuss policy bindings and policy priorities
Describe HTTP request and response headers
Define expressions, and explain how to view expressions in the Configuration Utility and in the
command-line interface
Identify and define available qualifiers for HTTP and non-HTTP traffic
Identify and define available operators
Define a simple and compound expression
Go over examples of simple and compound expressions
Describe content filtering actions and rules
Define compressions
Discuss the compression process and considerations
Discuss compression responses, parameters, policies and actions
Exercise Notes
For more information, see the Classroom Setup Guide
Overview
This module discusses how the Rewrite feature, often called URL rewrite, modifies the header
section of an HTTP request or response. The responder feature, which is used to generate responses
from the NetScaler system to the client, eliminates the need to send some responses to the server
for processing. the URL Transformation feature identifies URL patterns in HTML pages and
modifies them to a different form by translating URLs from their external appearance to an internal
resource.
Before proceeding with the topics in this module, make sure the students understand the objectives
for Module 10.
Key Points
Describe rewrite, responder and URL transformation
Describe the processes for rewrite, responder and URL transformation
Explain how to configure and write rewrite and responder policies
Explain how to:
Insert and replace HTTP headers
Delete HTTP headers
Delete request content
Replace response content
Explain how to add a rewrite policy, and how to bind the policy in the Configuration Utility
and command-line interface
Identify arguments when adding a responder action
Describe responder redirect action
Explain how to add a responder action
Describe RespondWith and how to add this responder in the command-line interface
Describe built in responder actions
Exercise Notes
There are many exercices in this module. You may want to break up the module lecture with
exercises.
For more information, see the Classroom Setup Guide
Overview
This module discusses how content switching provides the ability to direct traffic.
This module discusses how content switching provides the ability to direct traffic and client
requests to back-end services based on an aspect of the request beyond the IP/port pair. Content
switching allows the design of a complex internal system to appear to the public behind a single IP
address. As clients connect to and request data from a single address, the NetScaler system
examines the type of connection and sends it to the appropriate back-end service.
The NetScaler system diverts the application requests transparently to the client and the application,
allowing the application to be managed separately from the hosting site.
Content switching allows the NetScaler system to direct traffic to servers on the basis of the content
that the user is attempting to access. Content switching involves configuring load-balancing servers,
services, virtual servers and content-switching policies.
Before proceeding with the topics in this module, make sure students understand the objectives for
Module 10.
Key Points
Describe content switching.
Explain how to configure content switching
Describe content-switching virtual servers
Explain how to configure content-switching virtual servers in the Configuration Utility and in
the command-line interface.
Walk through rule-based policy examples
Describe unmatched traffic handling
Overview
This module discusses how the Integrated Caching feature of the NetScaler system helps optimize
the delivery of web content and application, as well as how the NetScaler compression feature
provides a transparent way to increase the performance of web sites with compressible content.
By default, integrated caching is HTTP/1.1 and HTTP/1.0 compliant. It can store a variety of static
and dynamic content and serve content instantly to a large number of users.
Caching of content reduces the number of web server transactions. Caching of dynamic content
reduces the latency and the computation cost associated with the dynamic page generation process.
In addition, caching at the edge of a network deployment results in the significant reduction of
page download time and bandwidth usage.
The NetScaler system compresses HTTP responses for browsers that are compression aware, thus
improving the performance of web sites with compressible content. By implementing lossless
compression, the NetScaler system reduces the number of packets of data transmitted, thus
reducing both download time and bandwidth usage for users. In lossless compression, the exact
original data is reconstructed from the compressed data.
Before proceeding with the topics in this module, make sure the students understand the objectives
for Module 12.
Key Points
Define compression policies
Identify and define compression actions.
Enable compression and add a compression policy
Go over the offerings of integrated caching
Describe a reverse proxy cache configuration
Describe content groups and cache selectors
Describe static and dynamic content
Exercise Notes
For more information, see the Classroom Setup Guide
Overview
This module discusses how the NetScaler system can be monitored with Simple Network
Management Protocol (SNMP), the Dashboard and the Monitoring tool, and how the NetScaler
system supports syslog and nslog auditing, log access and management.
Before proceeding with the topics in this module, make sure the students understand the objectives
for Module 13.
Key Points
Review Simple Network Management Protocol (SNMP)
Describe the following SNMPv1 and SNMPv2 components
Explain the SNMPv1 and SNMPv2 communication process
Explain how to configure SNMP component
Discuss the dashboard, and its components and features
Explain how to navigate the dashboard
Explain how to display a built-in report and custom report
Describe the syslog and nslog logging formats
Explain how to add and configure an auditing server in the Configuration Utility and in the
command-line interface
Explain how to bind and unbind an auditing policy globally in the Configuration Utility and in
the command-line interface
Explain how to replace a high availability node and perform and upgrade
Discuss how to capture network traffic using NSTCPDUMP and NSTRACE
Exercise Notes
For more information, see the Classroom Setup Guide
Overview
This slide deck discusses the new NetScaler 9.3 features.
Key Points
Describe XenApp and XenDesktop enhancements.
Describe the NetScaler SDX platforms.
Explain how AppFlow provides visibility to application behavior, performance, and security.
Describe how to load balance Branch Repeaters, RDP connections, and SQL services.
Explain how OpenCloud Bridge mitigates risk by having an application appear as part of an
enterprise network at the packet level.
Discuss OpenCloud Access as a single sign-on solution.
Describe the security enhancements for Citrix Application Firewall and DNS Security
Extensions.
Mention that more information on the NetScaler 9.3 features and simulations on three of the
features (Branch Repeater load balancing, RDP load balancing, and Database load balancing)
can be found in the CNS-101-1W Citrix NetScaler Overview course.