To VPN or not to VPN
What does life after Citrix ShareFile or XenApp 7.0 look like?
You may be waiting for Gartner or Forrester to point you in the right direction on what to do about your enterprise remote access and mobile device management during this turbulent time that has been dubbed the digital transformation for over a decade now, but we have some answers for you to think about regarding the Internet of Things. Are you a ShareFile user? Are you using Citrix VPN? Both? Neither? Well, whether you are using a remote access VPN or a site to site VPN for secure file share access, many companies are facing what to do next regarding VPN options, upgrades, and alternatives to VPN altogether. End of Life and support for XenApp 7.0 expired in June of 2018. XenApp 6.5 support was sunsetted in 2016 so if you are still on it then by this time you are indeed playing Russian roulette with your data security and data leak prevention. Because of Citrix VPN, Citrix ShareFile, and XenApp many CIOs are facing a dilemma: migrate to another cloud storage file sync provider or embark on a completely new trajectory for all enterprise file share remote access and content collaboration requiring complex file migrations. But what cloud platform? There are many providers billing themselves as a VPN alternative but they are still a public cloud storage and/or content collaboration platform requiring complex file migrations. You could have one of your requirements be that you want complete control over your workflow management and email client portal and yet you would still be relying on someone else’s server or proprietary database to store your company files.
Many enterprises haven’t even gotten that far yet and are still at the stage where they are looking for an FTP alternative. Due to the nature of their business (especially if it involves sending big files or providing a virtual data room for remote key stakeholders and decision makers), many enterprises have stuck with their legacy FTP server environment. The time has arrived when deciding between private cloud, hybrid cloud, or public cloud must be made to continue to stay agile, secure and productive. Executives will have to decide what files get migrated and what crown jewels of data must stay on premise. Of course you could decide to migrate all of your critical file share assets but keep in mind that a cloud platform provider is going to own and control your data and lock you in to a contract where some data could get left behind. You could have a Hotel California situation on your hands – you can check your data into a provider any time you like but it can never leave.
Citrix Sharefile as many know is a file sharing and managed file transfer (MFT) service that relies on the cloud. Or rather Citrix users rely on cloud computing technology. One of the pitfalls of Sharefile is that encrypted email is unavailable for lower tier subscribers and you can’t restrict ‘view only’ mode. For certain industries this become problematic especially government, financial, and healthcare sectors. Many firms also rely on Citrix remote desktop services but again, you have to maintain not only your VPN and firewall but a farm of virtual desktops as well which must all be secured and patched creating a huge support burden and expense on the IT budget line each year. You can also enable two-factor authentication with Citrix Sharefile or RDS for an added layer of security but still there remains an open pipe to your data that bad actors can exploit and compromise. You can also combine more layers with Cisco VPN but again, another point of failure for hackers hell bent on going after your network. The daily news is full of stories in the last few years of massive failures including the Sony Pictures hack, the Equifax hack and worse yet, the U.S. Department of Defense coming under attack from cyber criminals. But what to do?
MyWorkDrive allows secure file remote access without VPN, syncing, or migrating to the cloud or new systems. Your files, your data, and your data center become your own private cloud instantly allowing users to remotely edit and share files simply and securely side by side with your existing mapped drive users without migrating files or storing them in the cloud. With MyWorkDrive version 5.1 you can do it faster and even more securely with encrypted view, data leak prevention, duo authentication, and more. With MyWorkDrive support costs are dramatically lower than Citrix products. Support costs per user/year alone make the business case. Sharefile users in organizations using Citrix specifically to access files remotely should strongly check out MyWorkDrive as a viable alternative. MyWorkDrive is known as a VPN alternative where you can cloudify the existing file shares located in your data center, grant users remote access permissions and manage multiple devices easily utilizing existing NTFS permissions and an enterprise’s current IT infrastructure and windows active directory. As previously mentioned, Sharefile announced EOL of their current version this past June and the new version requires Server upgrades from 2008 to 2012 R2 or higher. Anything remaining on old platforms will not be supported at the end of this year. Additionally, Citrix is requiring purchase of a NetScaler Load Balancer and ‘tuning up’ current licensing. This upgrade (which is really a migration) is very costly, and quite an endeavor and very complex. The actual ‘How To Manual’ is a 1000 page PDF!
IT Consultants are very happy to assist in the migration with a labor cost from $10k and up for even the smallest organizations and much higher for larger enterprises. You will also need to factor in costs for hardware and software upgrades to run it all on. MyWorkDrive can provide a better, more secure remote file access set up across your Network Shares at a fraction of the cost per user without costly migrations or new hardware. You also don’t have to allocate precious resources, time, and money towards migration projects. What are the costs? For even the smallest installations consider some of these line items:
Licenses & Support:
Citrix UPG XENAPP Ent from ADV 1U conc conn easy licenses $122
Citrix NetScaler gateway ENT VXP License & Maintenance $921/user
XENAPP Ent 1 conn user easy license $315
CSS Select XENAPP Ent X1 concur US support 1yr $82/yr/user
Citrix NetScaler Gateway ENT VXP License & Maintenance $921 one time
CSS Select NetScaler Gateway ENT VPX Maintenance 1yr $212/yr
LIC/SA OLP Windows Server Standard 2016 2-core $165
LIC/SA OLP Windows RDS CAL 2016 NL User $198
Intel® Xeon™ Processor at 3.4GHz/2MB Cache, 800MH $8,630
6 Build W2012 R2 Server for Install and Config of Citrix $155 $930
6 Install Storefront/Delivery Controller & XenApp Adv Server $155 $930
10 Install and Configure New NetScaler Gateway Ent $155 $1,550
4 Install all Applications and Programs $155 $4,165
Have your eyes glazed over yet? What really is the dilemma with using Citrix for remote desktops and secure file remote access?
Bottom line – it’s expensive and it’s complicated. There’s a lot of overhead and it requires an army of engineers to support. It can be a huge bandwidth hog. There are other factors as well that contribute to making MyWorkDrive your easy file share remote access alternative. Some additional factors to consider and flush out before choosing what path to take when enabling secure file remote access and secure file sharing include:
- Licensing: Citrix XenApp and XenDesktop run on Microsoft RDS, making it necessary for companies to buy and maintain licenses for both. Plus, all Citrix environments need some up-front investment in hardware.
•Complexity: Citrix technology is not cloud-native, and its components are siloed, meaning that multiple consoles are necessary to manage the environment.
•Overhead: Not only do administrators have to manage and update the underlying infrastructure, they have to update every endpoint through the locally-installed Citrix Receiver client. RDP comes installed on every PC enabling automatic updates.
•Expertise: Citrix admins aren’t cheap, and you need a significant squad to make the technology work.
•Performance: While we acknowledge the high quality of Citrix’ HDX media suite, it isn’t necessary for most desktop use cases today.
•End-user Training: Very expensive, time consuming and complex.
•Bandwidth Hog: The more users the slower everyone works.
According to the Parallels.com blog dating as far back as 2008- “This means customers will not receive any patches or support after the EOM and EOL period, respectively. As the flagship product of Citrix, Citrix Virtual Apps (formerly Citrix XenApp) enjoys a larger customer base than other Citrix products. Because the majority of corporate environments are still working on Windows Server 2008 R2, the customer’s only option is to upgrade both the underlying Microsoft operation systems and the Citrix product to the newer version. Alternatively, customers can continue with the unsupported 2008 R2 environment, which is far from ideal. Citrix Virtual Apps (formerly Citrix XenApp) is a customer-facing product that delivers services outside the network to a range of devices and users including home users, mobile users, and other computing devices. Without proper maintenance, a virtual environment cannot remain robust and reliable. Customers require full maintenance and support when it comes to delivery of their critical line-of-business applications.”
Now that was from 2008. It’s ten years later now in 2018 and how many users are still on EOL products? It’s a scary answer to admit to. Decisions have to be made and if you want to set up a hybrid cloud type of environment or a complete private cloud environment then MyWorkDrive becomes the clear winner hands down. MyWorkDrive is easy to install, easy learning curve for users to adapt to, and fast to get up and running. Don’t migrate, start to collaborate and instantly share files and allow editing online easily again without VPN, syncing, or complex Citrix migrations.
By Jackie Bruckman