Understanding the Citrix NetScaler

Understanding the Citrix NetScaler

This chapter provides a conceptual overview of the NetScaler. The main objective is to explain what a NetScaler is and how it works, providing a conceptual basis for all the chapters that follow. The chapter can also be read as a general technical overview.

In This Chapter

What Is a Citrix NetScaler?

Where Does a Citrix NetScaler Fit in the Network?

How a Citrix NetScaler Communicates with Clients and Servers

Understanding Policies and Expressions

Processing Order of Features

What Is a Citrix NetScaler?

A Citrix NetScaler is an application switch that intelligently distributes, optimizes, and secures Layer 4-Layer 7 (L4-L7) network traffic for Web applications. Features include load balancing, compression, Secure Sockets Layer (SSL) offload, a built-in application firewall, and dynamic content caching.

A NetScaler performs application-specific traffic analysis to provide a more effective implementation of the features. For example, a NetScaler makes load balancing decisions on individual HTTP requests rather than on the basis of longlived TCP connections, so that the failure or slowdown of a server is managed much more quickly and with less disruption to clients. Other features can be used

to reduce load and simplify server-farm management, and to accelerate end-user performance.

Switching Features

Its switching features enable a NetScaler to manage application traffic in an efficient manner. When deployed in front of application servers, a NetScaler ensures optimal distribution of traffic by the way in which it directs client requests. Administrators can segment application traffic according to information in the body of an HTTP or TCP request, and on the basis of L4-L7 header information such as URL, application data type, or cookie. Numerous loadbalancing algorithms and extensive server health checks provide greater application availability by ensuring that client requests are directed to the appropriate servers.

Security and Protection Features

Security and protection features help block the theft and leakage of data by protecting Web applications from application-layer attacks. A NetScaler allows legitimate client requests and can block malicious requests. It provides built-in defenses against denial of service (DoS) attacks and supports features that protect the application against legitimate surges in application traffic that would

otherwise overwhelm the servers. An available built-in firewall protects Web applications from application-layer attacks, including buffer overflow exploits, SQL injection attempts, cross-site scripting attacks, and more. In addition, the firewall provides identity theft protection by securing confidential corporate information and sensitive customer data.

Optimization Features

Optimization features offload resource-intensive operations such as Secure Sockets Layer (SSL) processing, data compression, and the caching of static and dynamic content from servers. This improves the performance of the servers in the server farm and therefore speeds up applications. A NetScaler supports several transparent TCP optimizations, which mitigate problems caused by high

latency and congested network links, accelerating the delivery of applications while requiring no configuration changes to clients or servers.