NetScaler Times newsletter for Week 24 - 2024

Hello Everyone

It’s Andrew again over at Cloud Software Group. This NetScaler Times update aims to provide you with valuable pointers to keep you up-to-date! ??

I would greatly appreciate your continued engagement and feedback, my contact details are at the bottom of this newsletter.

Agenda for this week:

1. Build status and updates
2. Classic policies!
3. Support and Security Bulletins.
4. NetScaler Community & Labs site
5. Feedback on this newsletter

1. Build status and updates

The details for the various builds have been listed below, as this helps plan for new releases in your environment. Starting from 2023 for 14.1 there will be the following:

1. Firmware will have a 3-year upgrade cycle, where new features are added, called the ‘Feature Phase’.
2. The ‘Maintenance Phase’ then starts, and it is then supported for another 3 years with bug fixes and security updates.
3. There will then be 1 year of extended support with security fixes only. The expectation is to use this time to move off before the EOL for the firmware.

As shown below, 13.1 and 13.0 are now in the Maintenance phase.

Typically, the guidance for NetScaler & NetScaler Console(ADM) build releases is that the Management platform needs to be the same or newer than the NetScaler(s) that it manages. I typically, go with the latest for NetScaler Console.

The NetScaler has multiple form factors to support different environments. NetScaler is built on a single operating system with a software-based architecture, so the behaviour will be the same no matter which is used — hardware, virtual machine, bare metal, or container.

Current Build Versions:

Changes and updates

14.1 NetScaler Console Service 14.1-27.49 update

Analytics - Integrate NetScaler Console with Microsoft Sentinel

In Observability Integration, you can now configure the integration of NetScaler Console with Microsoft Sentinel to export and view insights in Microsoft Sentinel. For a successful integration, ensure that the following prerequisites are met:

Platform - Support for OpenSSH version 9.x

The OpenSSH version on NetScaler is now upgraded from 8.x to 9.x.

StyleBooks - Save as draft option in config packs

You can now save the config pack as a draft. The saved drafts appear in the Draft Configurations tab under Pending Configurations.

For more information, see Save a config packs as a draft.

Schedule option in config packs

You can now schedule the deployment of newly created config packs. For deployed config packs, you can schedule when to publish the updates and when to delete the config pack. The scheduling options are available when you edit a deployed config pack.

For more information, see Create a schedule for a config pack.

The release notes with further details are here

Sample Dashboards - Grafana updated

Updated dashboard for Grafana, more available here

2. Classic policies!

Notice of Status Change Announcement for Classic Policy Based Features and Functionalities - link. Citrix Systems, Inc. announces a Notice of Status Change (NSC) for Citrix ADC Classic policy-based features and functionalities. Modified: 05 Jun 2024 | NetScaler.

Part of the migration steps to move from 13.0 to 13.1 and later, is the need to adjust your policy use to have only ‘Advanced’ policies in the NetScaler configuration(instead of ‘Classic’ policies). This can take some time to change, although the upgrade process does have a helper NSPEPI tool.

This is a very handy support document details what policies can be used with which function. I think that the key element, is that there are / will be a number of classic policies that will remain. They are:

• Classic Named (policy) expression?
• Classic Audit SYSLOG policy?
• Classic Audit NSLOG policy
• Classic AAA Pre-authentication policy?
• Classic Authorization policy
• Classic Traffic Management Session policy
• Classic Tunnel Traffic policy
• Classic VPN Traffic policy
• Classic VPN Session policy
• Trace Classic expression
• Client Security expression

3. Support and Security bulletins

These are the latest articles on the support portal knowledgebase, sorted by modified date. Here are the 3 most recent security articles plus 1 recent support doc. The site is located here.

Security updates:

• NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2023-6548 and CVE-2023-6549
• Citrix Secure Access client for Windows Security Bulletin for CVE-2023-24491
• Citrix Secure Access client for Ubuntu Security Bulletin for CVE-2023-24492

Support Docs

• CITRIX-XML-SERVICE NetScaler Monitor Fails after Installing XenApp 6 Hotfix Rollup Pack 02

4. Events & Labs

Events

5 Webinars for June.

5 June: NetScaler Live Demo | Session hijack protection for NetScaler Gateway/AAA deployments

4:00 PM?- 4:30 PM BST

Session hijacking involves an attacker using captured, brute-forced or reverse-engineered session IDs to seize control of a legitimate user’s session while that session is still in progress. Once session ID/Cookie is compromised, an attacker can bypass even multi-factor authentication to impersonate a victim thereby getting elevated or unauthorised access to internal resources. Protecting against session hijacking within NetScaler Gateway/AAA deployments becomes crucial in today's digital era to protect high-value targets and sensitive resources hosted on Citrix infrastructure.

In this live demo, Hemang will demonstrate how to prevent Bad Actors from hijacking Sessions for NetScaler Gateway/AAA deployments through simple Regular Expressions

• How to configure NetScaler policies and apply regular expressions to identify suspicious session activity.
• Showcase of how to create custom regex patterns tailored to specific session hijacking threats.

The event page is here. Including a watch on demand link.

20th June: Automating your network for operational excellence

6:00 PM - 7:00 PM BST

Harnessing the potential of cloud technology can drive innovation and agility within organisations. Getting in the way are cumbersome workflows, manual tasks and human errors.?

Automation emerges as a solution, working to eliminate repetition, reduce errors, streamline workflows, and bolster security measures. From testing to production, enterprise IT teams are embracing automation technologies. NetScaler and Red Hat? Ansible? stand out as key enablers, offering supported solutions that pave the way for future-ready automation, empowering businesses to thrive in the digital landscape.

Join us in this webinar where we will talk to you about:

1. Importance of Network Automation for DevOps & Platform Engineering.
2. Why use NetScaler with Ansible Automation Platform?
3. Benefits of NetScaler and RedHat integrations

The event page is here.

26 June 2024:NetScaler Live Demo : Advanced traffic management using Citrix NetScaler policies

4:00 PM - 4:30 PM BST

This session will provide a comprehensive understanding of how to leverage Citrix NetScaler policies for advanced traffic management. Participants will learn about the policy engine, how to create, test and deploy policies, and the specific features that benefit from policy-based management.?

In this session, the NetScaler experts will cover:

1. Introduction to Policies and Policy Engine
2. Creating and Managing Policies using the Expression Evaluator
3. Features Leveraging Policies (such as Load Balancing, Content Switching, SSL Offloading, etc.)
4. Demonstrate setting up and applying policies for specific use cases

The event page is here

June 27: NetScaler Virtual Connect Monthly Webinar-APJ/EMEA

APJ/EMEA 9:30 AM ???? 10:30 AM BST

Americas 4:00 PM ???? 5:00 PM BST (11.00-12:00 EST)

In this webinar, the NetScaler experts will cover:

1. Tech preview announcements: Nutanix VPX on Nutanix AHV (Acropolis hypervisor) tech preview
2. Public cloud marketplace update
3. NetScaler flexed licensing overview
4. Get the most out of your NetScaler policies: Migrate from Classic to Advanced (13.0 to 13.1)

APJ/EMEA page is here

Americas page is here

Labs

Go here for the hands-on labs. Link

5. Feedback for this newsletter

Naturally, if something you feel should be added/removed or called out, drop me a note; [email protected]. All mistakes are mine.

I would happily get feedback on what you could do with seeing more of or what you find hard to set up. You can get all the previous newsletters plus other articles here:

NetScaler Times Archive portal

Have a great week!