Multi-Geo regions

The multi-geo feature allows you to choose the location/region for the server. For example; US East, US West, EMEA, or APAC. To use the Citrix Web App Firewall service for multi-geo functionality, there is a Base Package SKU called Basic, which can be purchased that is available with 25 Mbps and 200 Mbps performance. You can choose only one bandwidth option at a time and not both.

Limitations

Currently, Citrix Web App Firewall service has the following set of limitations:

  • Rules can operate only on URLs.
  • Default geolocation is mandatory and cannot be changed.
  • Currently, the allowed geo locations are US-West and EMEA. In addition, you can select a geo location only after you select the default location.
  • Signature editor is not supported. WAF supports only signature files upload.

Resource Limitation

The following table gives a list of resource limitation when selecting multi-geo regions.

Entity Max Limits
Domains 5
Profiles 5
Per-entity binding 25

Following are the WAF service product SKUs available when selecting multi-geo regions for a server:

 BASIC: This product SKU is required for service to be configured. This is not only a prerequisite for any configuration to be accepted by WAF-service but also for other SKUs. You cannot have other SKU unless the basic SKU is available. Basic SKUs have the following bandwidth and transmission data limits:

                    - Bandwidth: 25 Mbps or 200 Mbps                     - Transmission Data: 2 TB

There might be only one entitlement corresponding to BASIC SKU.

Note

The BASIC package can only be assigned once, and only to one geo location. Unless this default geo location is selected, you cannot perform any configuration.

Once the geo location of the Base Package is decided and selected, you cannot change it.

    1. PERF-EXPANSION: This product SKU allows you to increase the performance bandwidth. Quantity mentioned in the entitlements corresponding to this SKU is always an integer. Each unit of quantity corresponds to 25 Mbps. There can be multiple entitlements of this type.

You can assign the quantity in integer units to multiple geolocations.

For example, you can buy a PERF-PACKAGE with a quantity of 4 and can assign 2 units to the US EAST region, 1 unit to US WEST and remaining 1 unit to EMEA, which means you intend to have 50 Mbps for US EAST, 25 Mbps to US WEST, and 25 Mbps to the EMEA region.

 2. POP-EXPANSION: This product SKU can be bought to expand POP presence. Quantity mentioned in the entitlements corresponding to this SKU should always be an integer. Each unit of quantity corresponds to one region and default bandwidth of 25 Mbps. There can be multiple entitlements of this type.

 For example: You can buy a POP-EXPANSION with a quantity of 3 and can expand the service presence to three regions each with default capacity of 25 Mbps.

  3. Data: This product SKU can be bought to store total bytes processed in the service. This SKU is integrated with MAS storage licenses/SKUs.

Also, you can purchase more POP-Expansion packages that allow you to add different geo location for the server. This expansion package comes with 25 Mbps performance.

 To speed up the service, you can purchase more “Performance Packages” to add on to the existing locations (including the Base region).

The Performance Package is 25 Mbps per unit.  You can purchase units in the range of 25, 50, 75, 100, and 125 … Mbps. You can change the assignment of “POP-Expansion” and “Performance Packages” after they have been configured and assigned.

Proceed with configuring multi-geo regions.

Multi-Geo regions

In this article