I want to start this year and the first post to explain the use and need of NetBox!
Netbox is a free and amazing tool to help you with control and documentation of your system. Netbox can help you with IPAM(IP address management), DCIM(Data Center Infrastructure Management)
To get your infrastructure and network automated, one of the most important things is to have single SOT (source of truth). How is the infrastructure looks like right now? To have some of the network documented in excel and other just in vCenter, it will be hard or not possible to automate it. This works good for your home network of for big enterprise companies. Netbox comes from the network engineering team at DigitalOcean.
Netbox is easy to install and use. I don’t explain the process of install here since it’s a lot of good documentations and videos on the web. But I want to just spread the word of this tool. Its has helped me a lot in different project to get control of the network and to start automate the inventory. Netbox come with REST API that you can use with other tool or create your own scripts. Also, NAPALM is 100% integrated that help you with automate the network automation. (Network as Code). NAPLAM stands for “Network Automation and Programmability Abstraction Layer with Multivendor support”. The name is far too long, but the functions give Netbox a flying start that’s absolutely worth to try.
I have tried with successes integrated Netbox with following:
Cisco IOS Switches and Routers
Cisco Nexus Switches
Hope this short information give interest to install Netbox and explore all the possibility it gives.
Read more of the documents for Netbox and NAPALM on the links here:
Yesterday Citrix released remaining permanent firmware fixes for the previously identified vulnerability, CVE-2019-19781. To help everyone Citrix has made it available to all customers, regardless of their maintenance entitlement.
Permanent fixes for CVE-2019-19781 ADC versions 13.0, 12.1, 12.0 and 11.1 are available now: These fixes also apply to Citrix ADC/Gateway Virtual Appliances (VPX) hosted on any of ESX, Hyper-V, KVM, XenServer, Azure, AWS, GCP or on a Citrix ADC Service Delivery Appliance (SDX).
It is necessary to upgrade all Citrix ADC/Gateway for instances running 13.0 (MPX or VPX) to build 184.108.40.206, for instances running 12.1 (MPX or VPX) to build 220.127.116.11, for instances running 12.0 (MPX or VPX) to build 18.104.22.168, for instances running 11.1 (MPX or VPX) to build 22.214.171.124 and for instances running 10.5 (MPX or VPX) to build 10.5.70.12 to install the security vulnerability fixes.
In October Citrix released a fix versions for a lot of Netscaler (ADC). Since the vulnerability is critical I wanted to mention on my blog.
A vulnerability has been identified in the management interface of Citrix Application Delivery Controller (ADC) formerly known as NetScaler ADC, and Citrix Gateway, formerly known as NetScaler Gateway, that, if exploited, could allow an attacker with access to the management interface to gain administrative access to the appliance.
This summer VMware acquired AVI Networks. AVI Networks delivers Application Delivery Controllers (ADCs), same as Citrix Netscaler but are born in cloud.
Avi Vantage (ADC), now VMware NSX Advanced Load Balancer, provides central control for security policies with a software-defined architecture, and enables agile application security that aligns with DevOps practices.
Synergy 2018, Citrix announced that the change all products name. This is not first time we have heard that. It has taken over 6 months to change all documentation and installation ISO. If you plan to upgrade some of your Citrix product you need to know the new names.
For those of you that has not heard about the change, I have created a list of the most common used products:
Citrix Virtual Apps
Citrix Virtual Desktops
Citrix Workspace App
Citrix Endpoint Management
Citrix Unified Gateway
Its two name change I want to highlight, XenServer and NetScaler. WHY? XenServer is now Citrix Hypervisor and NetScaler is Citrix ADC.
First, Citrix Hypervisor, isn’t this a bit to obelus? Boeing does not call the newest flight model for Boeing Airplane. XenServer is well known name and have good reputation.
Citrix. ADC. I understand. Less, NetScaler is something EVERYONE associate with something good and a product that work well. The Name has been with Citrix since 2005 when Citrix bought NetScaler. NetScaler has been the begin of Citrix Network product and has over all this year been one of the most known Gateway, Load balancing and ADC in the marked. I hope the name will get a comeback in the next 1-2 year as XenApp did 🙂
Under I try to explain the flow of user registration. It require that you have done all setup steps from Citrix Docs. Go to you login page https://portal.citrixblog.no or something like that. Normal logon form with username and password is shown.
Depend if user has registered personal information earlier or not, it will popup for new user only. If old user want to change or check the information, they can use https://portal.citrixblog.no/register
Both URL will open this form:
Password reset flow
This chapter will cover a Password reset workflow. User go to the portal and try to logon. If they has forgotten the password, user can Click Forgot Password.
After last updates to MAS, system license assignment has changed. In first release of MAS, the limit will hit when you add number 30 LB/CS/VPN etc.
NetScaler Management and Analytics System (NetScaler MAS) requires a verified NetScaler MAS license to manage and monitor the Citrix NetScaler instances.
You can manage and monitor any number of instances and entities without a license. However, you can only manage 30 discovered applications on the App Dashboard and view analytics data for only 30 virtual servers without applying a license. To manage more than 30 discovered applications or to view analytics for more than 30 virtual servers, you must purchase and apply licenses.
Now the MAS automatic select LB/CS/VPN and use all 30 slots after the Netscaler is added. If you have Netscalers with any LBs and only want to monitor few you need to change this setting:
After this setting is changed, you can then manual select witch LB/CS/VPN you want to add: