Most of us in the Canadian IT industry have faced the same challenge as our worldwide counterparts: how to rapidly enable a large number of employees to work from home efficiently.
For some, it is relatively straightforward in approach but complex in scale. Our few remote use cases have now become the go-to method for almost entire workforces.
For others, it’s uncharted territory. At Citrix, we have a lot of experience with working remotely — I was doing at as a normal part of my work week before it was mandated. We also have the expertise and the products to help our customers thrive with remote work.
As the Customer Success Enterprise Architect for Citrix Canada, I have helped a lot of customers over the past few weeks get work-from-home solutions up and deployed quickly to meet business demands. I’ve seen customers consider a range of solutions, from “good enough in the short term” to solutions with long-term viability to meet the needs of the new normal after the COVID-19 pandemic passes. Along the way, I’ve made a few observations I wanted to pass along.
Security Is Paramount
When you’re faced with shifting a large number of employees to remote work, it’s easy to cut corners on security to get something deployed quickly. I understand the need to move with the utmost speed, but this is where you should be diligent. Bad actors know times of crisis create exposure and are poised to take advantage.
We must ensure solutions are secure and limit end users to the apps they need. Some form of multi-factor authentication is a must to provide secure access. In addition, tools like a full VPN solution may be easy in the short term, but as Bryan Mann discusses in his blog post, you need to have control over the entire ecosystem from endpoint to resource, and that’s difficult when you can’t necessarily control the endpoint and last mile of the network. And don’t forget the Citrix “basics,” including locking down the endpoint by restricting access to local drives, clipboard access, disabling unused virtual channels, and enforcing idle disconnect policies among others. These security-related considerations should not be overlooked.
It’s All About Bandwidth
Well, bandwidth isn’t everything, but it is important. One of the first things I’ve discussed with all my customers has been capacity at the network edge. When moving hundreds or thousands of users to remote access, customers need to understand the capabilities of their entry point into the corporate network. For example:
- Do ADCs have enough capacity to handle projected load (bandwidth, SSL transaction, and CPU capacity)?
- Is your inbound network pipe sufficient?
Consider the average bandwidth utilization per user and map it against network and device capacity. With HDX workloads on Citrix ADCs, I’ve looked at user counts, average HDX bandwidth per user, and additional options such as HDX Insight, which can influence the capacity of the appliance. Keep an eye on these as you ramp up and have a plan to increase capacity if it becomes necessary. Also, consider the new 1912 LTSR to reduce bandwidth for your HDX sessions. (Read Dan Feller’s recent blog, where he tests 1912 LTSR vs 7.15 LTSR.)
Capacity, or Not
Many of us have virtual apps or desktops built to address use cases within our organizations. Often, though, they aren’t scaled to serve the needs of a large user population, and you might not be able to deploy more workloads within the available infrastructure.
Public cloud solutions may help to provide capacity on-demand, assuming you’re set up to take advantage, but you might also have capacity-based limits on certain resource types. Another alternative is to provide remote access to the user’s desktop. Citrix can help here with our Remote PC Access deployment architecture and design decisions. If you already have an existing Citrix deployment, this can be a quick solution because the infrastructure to support it is already there.
No Citrix deployment?
Citrix Cloud-based solutions also support Remote PC Access deployments. A couple of weeks ago, Citrix added a Canadian point of presence (PoP) for our Gateway service in the AWS Canada Central region, providing improved access to our cloud services within Canada.
Have a “Plan B”
While you are quickly designing and deploying a solution, always have a plan B. We often face curveballs, whether it’s technical challenges, bandwidth and scale, security requirements, or simply new business requirements that we hadn’t considered (e.g. softphone telephony requirements).
In recent weeks I’ve seen capacity issues, both on-prem and in the cloud, VOIP requirements, and security requirements that have necessitated both changing existing plans and considering options to be deployed in parallel. For example, you could consider Remote PC Access as a backup use case for VDI in public cloud if you can’t provision the capacity to meet rollout timing.
Is This the “New Normal”?
Now, that we have a large percentage of our employees working from home, we must ask, is this our new normal? I’m hopeful social distancing and other restrictions end soon, but the COVID-19 pandemic has exposed a risk in our preparedness to deal with these kinds of issues. We might face other situations where employees must work from home at scale. Are we ready? And some companies might have discovered remote work to be sustainable in the long run. From an IT perspective, will the solution we have in place to address our short-term needs be viable long term? Or do we need to re-evaluate and redesign our solutions to support permanent remote work capabilities?
We’ve addressed our initial needs and our end-users are safely working from home, doing their part to prevent the spread of COVID-19. For many in IT, the crisis mode is over and now is the time to look hard at the solutions deployed. Do we need to accommodate additional use cases? Are there issues we didn’t anticipate? Can systems be more efficient, more secure, and more reliable?
If you have questions or are looking for more information, please reach out! Have a listen to our recent TIPs webinar, which answered common questions customers have. It’s available on our TIPs webpage, where you’ll find links to our other webinars, or you can watch it below. You’ll also find a webinar summary this Citrix TIPs blog post from my colleague Nick Rintalan. And reach out to your Citrix sales representative to find out how we can help you to deploy work-from-home solutions successfully.