NetScaler Times newsletter Week 48

issue 2!

Introduction

There is another build release for this week, with some additional changes from the update I posted on Sunday. NetScaler and ADM are linked, so updates for one typically result in updates for the other.

In summary:

Thanks for reading NetScaler Times! Subscribe for free to receive new posts and support my work.

Subscribed

1. New NetScaler ADC build.

2. Some new tech previews for ADM.

3. A great blog post by Jacob over on Citrix Blogs

Build 13.1.37.38 for ADC/Gateway

NetScaler SDX Appliance

• There is a new upgrade process, where the NetScaler SDX appliance upgrade now requires a single reboot instead of two.

• Removal of third-party instances support from SDX UI. These were used to extend the SDX to be more of a common platform for use cases outside of ADC. There is a workaround if this is still needed.

Citrix Gateway

• Support for HttpOnly flag on authentication cookies, this helps in preventing cookie theft due to cross-site scripting.

Load Balancing

• Configure auto-delayed TROFS state.

Networking

• The appliance automatically detects the specified DPDK-compatible NIC ports on the Linux host. The appliance then initializes them in DPDK mode. After starting the NetScaler BLX appliance, the DPDK ports are added as dedicated ports to the appliance.

Platform

• Improved performance for shared-core instances in GCP.

• This release supports the NetScaler MPX 16000 platform. This platform has two 16-core processors and 128 GB (16 x 8 GB DIMM) of memory. The appliance provides a total of eight 25G SFP+ ports and four 100G QSFP28 Ethernet ports.

SSL

• Support for recurrent notifications until certificate expiry
  The NetScaler appliance now sends one notification per day until the certificate expires. Earlier, only one notification was sent a set number of days before the certificate expired.

System

• A new SNMP alarm "syslogConnectionDropped" has been introduced to the appliance for alerting about network connection failure to an external Syslog server.

ADM

Infrastructure

• Preview Instance advisory details on Citrix ADM.

Instance advisory is now available as a preview feature in Citrix ADM with Security and Upgrade advisory details. ADM performs a version scan on the NetScaler’s to check for CVEs and also to get details on those which are running the EOM/EOL builds.
To preview the feature, you can select and onboard a NetScaler instance to ADM Service and get updates on the latest CVEs, custom scans, and workflows to remediate and upgrade.

• View usage and license information for unmanaged CICO NetScaler instances.

  You can now navigate to Infrastructure > Pooled Licensing > Bandwidth Licenses > CICO to view the usage and license information for unmanaged CICO ADC instances on Citrix ADM.

StyleBooks

• StyleBooks support NetScaler BLX instances.
  
  While creating a configuration pack, you can now choose NetScaler BLX instances as the target instances. Earlier, StyleBooks supported NetScaler MPX, SDX, VPX, and CPX instances.

Citrix Blogs

Jacob posted a round-up of an OpenSSL vulnerability and how NetScaler can help.

November has started with the announcement of a high-security OpenSSL vulnerability. OpenSSL has released a blog post that provides more detail, and OpenSSL versions 3.0.0 through 3.0.6 are the ones to watch out for. Now that everyone is hopefully in the process of remediating their systems, let’s discuss how NetScaler can help.

Read more here: Link

Have a great week!