30 Days of ADM: Day 24 October 21, 2022
The cloudy service vs the on-prem version!
I am back, it is day 24.
I can characterize almost all the conversations that I have had in the last few years.
Mr. Customer, you need to move to the cloud!
Typically, the customer is not so sure, they don’t see the value. You then take a deeper look at what they are running, there are things they have missed just due to the tools they have. I ran a check on a client setup yesterday, their appliance had not been updated for two years. Gulp.
Somehow, he had missed a bunch of critical updates. No judgment, they just get busy with other tasks.
What he needed was some help! It is easy to be critical.
You have been selected for a training course in Citrix ADM, the goal is to provide you with enough information to be actually dangerous when talking to a customer or client. 30 days is a bit of an arbitrary number, but I am prepared to give you 2minutes of material, can I get 2 minutes of your time?
I have talked about Fleet management, general analytics, security analytics, AI / ML, Stylebooks, Pooled Capacity, instance advisory upgrade, security advisory, Autoscaling, onboarding, RESTful API, CADS self-managed, Service Graph, Web Transaction Analytics, Config Jobs, Network Reporting, SSL Dashboard, RBAC, event handling, config drift, WAF learning, the overview, and Gateway insights dashboards.
Today is all about On-Prem vs cloud ADM.
Honestly, what are you talking about?
Citrix gives customers the option of having Citrix ADM run as a virtual machine in their own data centre or to take it as a cloud service. The question is, why would you take one version over the other? Is there a difference between them?
Should I care?
So what? What problem does it solve?
Some many questions!
The purpose of the series is to look at Citrix ADM and provide some idea of the capabilities that it can offer you when you have NetScaler deployed in a DC. AsADM comes in two different guises, it is good to know what the trade-offs are between types. During the series I have talked about ADM service in the main, but you can still do a lot with the version that runs in your dc.
Who would use this?
Almost any customer uses a few different NetScaler appliances within their infrastructure hosting services. That’s everyone, right?
What are the differences between on-prem and cloud?
I will pullout the big items and offer some pointers on each.
1. Updates to the platform
When you run NetScaler, one task that you need to get used to is that it will need to be updated from time to time. The same applies to ADM, right? It is not something you need to think about when you run ADM as a cloud service, updates are handled by Citrix. This covers the other point about the release of ADM always being the same or newer than the appliances it manages.
ADM Service is updated every couple of weeks (link) with no effort from the admin.
2. Deployment 1
On-prem ADM should typically have two nodes running in HA for a highly available setup, it will need good SSDs, including site resilience with the DR node at a second site, which is another node to manage. This is all covered by cloud service again by Citrix.
3. Deployment 2
Opening ports for connectivity between sites for the on-prem version is like doing Swiss cheese approach on your firewall. The support doc is here (link) shows all the ports you need.
ADM service needs just one outbound port, 443.
4. Services offered.
There are some things that ADM service can offer that are not available in the on-prem edition, they are also unlikely to ever be added due to the dependencies that they have on the cloud platform it runs on. These include:
· ML/AI intelligence, as discussed on day 4
· Instance advisory, as discussed on day 7
· Security advisory, as discussed on day 8
· WAF Learning, as discussed on day 21
· CADS self-managed, is only available with ADM service, day 12
· Onboarding, as discussed on day 10
· Autoscaling in the public cloud, as discussed on day 9
Give me another scenario!
You may have looked over the list above and don’t see an option to run the service, as the cloud has issues for your particular business/company. It might be that you area defense-based entity and can’t run the cloud. Whatever form that might take.
Naturally, we still offer ADM as a virtual machine. There will be more capabilities added to the cloud service, but these features may trickle down into the on-prem edition also. It is handy to have the choice!
Moving between versions
If you already have an on-prem version and want to migrate, is that a painful process?
We have a wizard!
The newer on-prem version has a built-in migration wizard that does all the heavy lifting.
You might need to bring your version up to a newer release, but it is pretty simple three step process.
Summary
Running ADM as a service has a bunch of benefits, this is just one less thing to worry about when it comes to infrastructure management. Insight into what the current status is can be very useful, as even if you are not the most skilled person in a team, it is quite easy to see when there are things that need fixing. Which if not addressed will affect service.
All of this will help you stay on top of your environment. With tools like this, you can save time and ensure that you get back to high-value tasks.
Ultimately, it is another killer reason to run ADM as a service.
It is free too.
What’s not to like?