Citrix Gateway data source 编辑

The Gateway data source represents the on-premises Citrix Gateway instances in your environment. Citrix Analytics automatically discovers the Citrix Application Delivery Management (ADM) agents and the Gateway instances added to the Citrix ADM service.

When users access any services or applications through Gateway, Citrix Analytics receives the user access events in real time. The user events are processed to detect any security threats.

This article describes the steps to add Citrix Gateway to Citrix Analytics. These steps are applicable for both the offerings: Citrix Analytics for Performance and Citrix Analytics for Security.

Prerequisites

  • Subscribe to Citrix ADM offered on Citrix Cloud. To learn how to get started with Citrix ADM, see Getting Started.

  • Review the system requirements and ensure that the requirements are met.

Gateway data sources added to Citrix ADM

Citrix Analytics automatically discovers the Citrix ADM agents and the Citrix Gateway instances that are already added to the Citrix ADM service.

To view the data source:

From the top bar, click Settings > Data Sources. Depending on your offering, select either Security or Performance to view the Gateway site card.

The discovered agents and the users are displayed on the Gateway site card. Click Turn On Data Processing to allow Citrix Analytics to begin processing data for this data source.

Data source page

You can view the received events.

Gateway data sources not added to Citrix ADM

The Gateway site card displays 0 discovered agents when Citrix ADM agents and Citrix Gateway instances are not added to the Citrix ADM service.

No agents for Gateway

To discover the agents and Gateway instances, do the following:

  1. If you already have a Citrix ADM service subscription, click + on the site card to add the agents and the Gateway instances.

  2. If you do not have a Citrix ADM service subscription, you must subscribe to it. Go to your Citrix Cloud account and do the following:

    1. Under Available Services, click Manage on the Application Delivery Management tile.

    2. Follow the on-screen instructions to create an Express account for Citrix ADM. For more information, see Getting started on the Citrix ADM documentation.

    3. After creating the Express account, log back to Analytics and click Settings > Data Sources > Security.

    4. On the Gateway site card, click + to add the agents and the Gateway instances.

  3. On the following page, click Get Started.

    Linked data sources select Citrix Gateway

  4. Do the following tasks:

Prerequisites

  • Citrix ADM agent installation requirement: In your data center, you can install an agent on Citrix Hypervisor, VMware ESXi, Microsoft Hyper-V, and Linux KVM Server.

    The following table lists the virtual computing resources that the hypervisor must provide for the agent.

    ComponentRequirement
    RAM8 GB (32 GB recommended for better performance.)
    Virtual CPU4 (8 virtual CPUs recommended for better performance)
    Storage space120 GB
    Virtual network interfaces1
    Throughput1 Gbps
  • Port requirements: Ensure that the following ports are open for the Citrix ADM agent to communicate with the Citrix Gateway instances.

    TypePortDescription
    TCP80/443For NITRO communication from agent to Citrix Gateway instances
    TCP22For SSH communication from agent to Citrix Gateway instance.
    UDP4739For AppFlow communication from Citrix Gateway to agent
    ICMPNo reserved portTo detect network reachability from agent to Citrix Gateway instances.
    SNMP161, 162To receive SNMP events from Citrix Gateway instance to agent.
    Syslog514To receive syslog messages in agent from Citrix Gateway instance.
    TCP5557For log stream communication from Citrix Gateway instances to agent.

    For communication between the Citrix ADM agent and Citrix Analytics, ensure that the following port is open:

    TypePortDescription
    TCP443For NITRO communication between the agent and the Citrix Application Delivery Management service.

    For communication between the Citrix ADM agent and Citrix Analytics, ensure that the following endpoint is whitelisted:

    EndpointUS regionEU region
    Event Hubhttps://cas-eh-ns-alias.servicebus.windows.net/https://cas-eh-ns-eu-alias.servicebus.windows.net/

Install and set up an agent

Install and configure the Citrix ADM service agent in your network environment to enable communication between Analytics and the Gateway instances in your data center.

You can install an agent on the following hypervisors in your enterprise data center:

  • Citrix Hypervisor

  • VMware ESXi

  • Microsoft Hyper-V

  • Linux KVM Server

To install and set up an agent, do the following:

  1. Download the agent image.

    On the Set up agent on a hypervisor page, select the hypervisor, and click Download Image to download the agent image to your local system.

    Select hypervisor

  2. Copy service URL and activation code.

    A service URL and an activation code are generated and displayed on the UI as shown in the following image. (This process might take a few seconds.) The agent uses the service URL to locate the service and the activation code to register with the service. Enter the service URL and the activation code while installing the agent on your hypervisor.

    Copy Service URL and Activation Code

  3. Install the agent on a hypervisor.

    Note

    Before you begin agent installation, ensure that:

    • You have the required virtual computing resources that the hypervisor must provide for each agent: RAM: 8 GB, vCPU: 4, storage space: 120 GB, virtual network interface: 1, and throughput: 1 Gbps

    • You configure your DNS to allow internet access to your agent.

    • On a Citrix Hypervisor, perform the following:

      1. Import the agent image file to your hypervisor. From the Console tab configure the initial network configuration options as shown in the following example.

        Agent network configuration

        If you have entered incorrect values or want to change any value, log on to the shell prompt by using the default credentials nsrecover/nsroot. Then run the command networkconfig.

      2. Enter the Service URL and the Activation Code that you saved while downloading the agent image.

        Paste Service URL and Activation Code

        If you entered the service URL or the activation code incorrectly, log on to the shell prompt of the agent and then run the script: deployment_type.py. This script lets you reenter the Service URL and activation code.

    • On a VMware ESXi hypervisor, perform the following:

      1. Import the agent image file to your hypervisor. From the Console tab configure the initial network configuration options as shown in the following example.

        Agent network configuration

      2. After you configure the network, when prompted, log on to the shell prompt of the agent using the default credentials nsrecover/nsroot.

        Login

      3. Navigate to the /mps directory, run the script, and enter the Service URL and the Activation Code that you saved when you while downloading the agent image.

        Paste Service URL and Activation Code

        Paste Service URL and Activation Code

    Note

    You can use the same image file to install multiple agents. However, you cannot use the same activation code on more than one agent. To generate a new activation code, access Citrix Analytics, and on the Setup agent on a hypervisor step, click Download Image again. A new activation code is generated.

  4. Register Agent.

    After agent registration is successful, the agent restarts to complete the installation process. After the agent has restarted, access Citrix Analytics and click Register Agent, and then verify the status of the agent.

    Verify Agent Registration

    When the agent status is in the UP state denoted by a green dot next to it, click Next to start adding instances to the service.

Add Citrix Gateway instances

Instances are Citrix Gateway appliances or virtual appliances that are the data sources for Citrix Analytics.

  1. On the Add Citrix Gateway Instances page, select the instance type and specify host names or IP Addresses or range of IP addresses of Gateway instances to discover.

  2. Create an authentication profile that the agent can use to access the Gateway instances. This profile is the administrator credentials of a Gateway instance. Then, click Add Instances.

    Add Instances

After the instances are added, you can view the number of instances that have been successfully discovered. To add more instances, click Add Citrix Gateway Instance.

Add Instances

Click Next to enable analytics.

Enable analytics

Citrix Analytics automatically discovers the licensed virtual servers on the added Citrix Gateway Instances. Enable analytics on all the discovered virtual servers.

On the Enable Analytics page, by default, all the licensed virtual servers from the Gateway instances appear. Review the list of licensed virtual servers and click Enable Analytics to enable analytics on the virtual servers.

Note

The virtual servers might take some time, approximately 10 minutes, to appear on the page.

Enable analytics

The status of the site card changes to Data Processing On. You can view the received events.

Enable analytics

Watch the onboarding video

The following video shows the steps to onboard a Gateway instance:

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。
列表为空,暂无数据

词条统计

浏览:90 次

字数:17022

最后编辑:7 年前

编辑次数:0 次

    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文