Product Documentation

Reference Architecture for Cloud Deployments

Jan 13, 2017


This article applies to XenMobile Cloud deployments only.

The diagrams in this article shows how XenMobile Cloud integrates with your datacenter. The other component integrations, such as ShareFile, Certificate Authority, XenApp and XenDesktop, are available as shown in the preceding core architectures. For details, see Reference Architecture for On-Premises Deployments.   

Cloud Connector

Use of Cloud Connector eliminates the need to set up complex networking or infrastructure configuration, such as VPNs or IPsec tunnels. If you require a micro VPN, you must use an on-premises NetScaler with Cloud Connector. The following figure shows NetScaler Gateway hosted on your site.

localized image

IPsec connection with NetScaler Gateway hosted by Citrix

In this use case, the figure shows NetScaler Gateway as hosted by Citrix in the cloud environment. Citrix manages the configuration of NetScaler Gateway and ensures that the appliance is running. Micro VPN data passes through Citrix control plane and then passes to the customer's data center or out to the Internet.

localized image

IPsec connection with NetScaler Gateway hosted by the customer

In this use case, the figure shows NetScaler Gateway as hosted by the customer in their data center. Customers may already have a NetScaler Gateway that they want to use for this deployment. Data passes directly to the customers' data center. This deployment is recommended for extremely large deployments that require maximum scalability.  

localized image

Deployments that do not require a VPN connection: XenMobile MDM and Advanced Edition with Local Users only.

Deployments that do require a VPN connection: 

  • XenMobile Enterprise edition
  • Integration with Active Directory - XenMobile instances in the Cloud need an LDAP connection to a domain controller. In most cases, the domain controllers reside within a secured network.
  • XenMobile Apps Secure Browse and micro VPN access – If NetScaler Gateway is used in the cloud, the VPN tunnel gives it secure access to services within the customer datacenter (such as mail servers, intranet sites, SharePoint sites) for Secure Mail, Secure Web, and other XenMobile Apps. 

The following figure shows the IPsec tunnel configured in the XenMobile Cloud solution to connect to your corporate services through various ports.

localized image