Citrix Application Delivery Management service

Release Notes for Citrix ADM service May 17, 2021 Release

This release notes document describes the enhancements and changes, fixed and known issues that exist for the Citrix ADM service release Build May 17, 2021.

Notes

This release notes document does not include security related fixes. For a list of security related fixes and advisories, see the Citrix security bulletin.

What’s New

Troubleshoot issues using the diagnostic tool

When you onboard an ADC instance onto Citrix ADM service, you might experience issues that prevent the ADC instance from successful onboarding. As an administrator, you must know the reason for the onboarding failure.

You can now perform diagnostic checks using the diagnostic tool when you:

Experience any issues during auto-onboarding or script-based onboarding Want to ensure if the ADC instance is ready to onboard Want to analyze issues for the already onboarded ADC instances that show “Down” status in the ADM GUI After analyzing the issues, you can troubleshoot and then onboard the ADC instances to ADM service. For more information, see Troubleshoot issues using the diagnostic tool

Service graph: simplified on-boarding process

The service graph on-boarding process is now simplified. To populate a service graph in Citrix ADM, see Service Graph - Simplified onboarding.

[NSADM-66696]

Import and synchronize configuration packs from a GitHub repository

You can now import and synchronize configuration packs from a GitHub repository to Citrix ADM. To do so, you must create a folder with the name “config packs” in the root directory of the repository. Then, keep all the configuration packs in this folder that you want to import or synchronize with ADM. In Applications > StyleBooks > Repositories, click Sync to import configuration packs. Earlier, this action was only synchronizing StyleBooks. For more information, see Import and synchronize StyleBooks from GitHub repository.

[NSADM-67722]

Assess application SSL rating(by Qualys SSL Labs) on ADM App dashboard

When an application uses unsecured ciphers, protocols and SSL settings for SSL transactions, it can impact the privacy, data integrity and security of the users accessing the application. For this purpose, Qualys SSL Labs gives rating to applications based on ciphers, protocols, and other SSL settings. Learn more about SSL Server Test.

As an application owner, you can now assess if your application will be rated A+ by Qualys. To assess, check the compliance of the applications virtual server SSL settings to the ADC secure front-end profile. The settings required for an A+ rating (as of May 2018) from Qualys SSL Labs are preloaded into the secure front-end profile.

If your application SSL rating is “Not A+”, you can use a one-click way to deploy the secure front-end SSL profile on your applications.

When your application is rated as “Not A+”, you can see the details of a virtual server whose configuration does not comply with the secure front-end profile. Likewise, you can see remediation measures to make the virtual server comply with the secure front-end profile.

After you deploy the secure SSL profile to make your application A+, you can assess the incoming traffic in SSL insight to see the ciphers, protocols on which SSL transactions are getting negotiated. In case some legitimate traffic gets dropped after deploying A+ profile, you can roll back the secure front-end profile configured for your application. For information, see Assess application security ratings in ADM.

Note

In some cases, after deploying the secure front-end profile, if you make some custom configuration to the virtual server, rollback might not be possible due to inconsistent configuration.

[NSADM-67076]

Release Notes for Citrix ADM service May 17, 2021 Release