Comment Re:Lockdown (Score 1) 414
Citrix is overused in some deployments I've seen, but can be a real boon for specific applications. On my network, workstations and users are locked down tight as a drum, users can install apps, but only from a list of specific offerings, for everything else the must call *me* first. The majority of our applications on our network are installed locally, installed and updated via Group Policy and some fancy scripting. All machines are loaded from images via RIS/WDS. The network runs smoothly and is extremely stable, with workstations running for 3-5 years without so much as a hiccup.
However, my company has a handful of problem apps though that cannot be used at remote locations:
(1) An accounting package that requires so much bandwidth for it's file/database traffic that it could easily saturate a 10Mbps pipe by itself. (No we *can't* change, it's an industry-specific package that would cost my entire annual IT budget to replace, and that's *before* the soft losses like training and wasted employee time)
(2) A collection of HR Management software that refuses to install or update properly without full admin access.
(3) Full remote desktop access for remote users needing direct access to their files in a centralized network document store. There are "Offline Files" users syncing their files over high-bandwidth VPN connections, but that doesn't help when you need to work on a shared Access database or other file that cannot be synced for some reason.
Standard Windows Terminal services can probably do much of what we need *now*, but when the system was deployed, Citrix was *required*. The accounting and HR systems specifically - they simply didn't function correctly over standard NT 4.0 Terminal Services. We keep using it because we own the software and it works smoothly, so why break something that's working? :)
Performance-wise, the primary applications actually load significantly quicker than they would on even a Gigabit LAN-connected machine (The Citrix servers are are on our network backbone). Because the majority of the network traffic is confined to the core switches, they require minimal bandwidth outside of the core. We limit LAN users to 768kbps, but WAN users are limited to 256kbps, with no ill effects - in fact, they rarely use all that bandwidth.
Citrix/Terminal Services, like any other tool, has it's applications - used incorrectly it's just another source of problems, but in the right situation, it can be a godsend.
Back on topic, our current IT Staff:Users ratio is 75:1, and we spend most of our time handling user requests or teaching.
However, my company has a handful of problem apps though that cannot be used at remote locations:
(1) An accounting package that requires so much bandwidth for it's file/database traffic that it could easily saturate a 10Mbps pipe by itself. (No we *can't* change, it's an industry-specific package that would cost my entire annual IT budget to replace, and that's *before* the soft losses like training and wasted employee time)
(2) A collection of HR Management software that refuses to install or update properly without full admin access.
(3) Full remote desktop access for remote users needing direct access to their files in a centralized network document store. There are "Offline Files" users syncing their files over high-bandwidth VPN connections, but that doesn't help when you need to work on a shared Access database or other file that cannot be synced for some reason.
Standard Windows Terminal services can probably do much of what we need *now*, but when the system was deployed, Citrix was *required*. The accounting and HR systems specifically - they simply didn't function correctly over standard NT 4.0 Terminal Services. We keep using it because we own the software and it works smoothly, so why break something that's working?
Performance-wise, the primary applications actually load significantly quicker than they would on even a Gigabit LAN-connected machine (The Citrix servers are are on our network backbone). Because the majority of the network traffic is confined to the core switches, they require minimal bandwidth outside of the core. We limit LAN users to 768kbps, but WAN users are limited to 256kbps, with no ill effects - in fact, they rarely use all that bandwidth.
Citrix/Terminal Services, like any other tool, has it's applications - used incorrectly it's just another source of problems, but in the right situation, it can be a godsend.
Back on topic, our current IT Staff:Users ratio is 75:1, and we spend most of our time handling user requests or teaching.