XenMobile Cloud is a product service that offers a XenMobile enterprise mobility management (EMM) environment for managing apps and devices as well as users or groups of users. With XenMobile Cloud, Citrix handles the configuration and maintenance of the infrastructure onsite through the Citrix Cloud Operations group. This separation lets you focus exclusively on the user experience and on managing devices, policies, and apps. XenMobile Cloud also replaces the need to purchase and manage licenses with a subscription fee.
Cloud Operations administrators handle maintenance and configuration of the network connectivity, as well as the integration of Citrix products like NetScaler, XenApp, XenDesktop, StoreFront, and ShareFile. The Cloud environment is hosted in Amazon datacenters located throughout the world to deliver high performance, rapid response, and support.
To get started with XenMobile Cloud, go to https://www.citrix.com/products/xenmobile/tech-info/cloud.html
The basic architecture of XenMobile Cloud is shown in the following figure. For detailed reference architecture diagrams, see the XenMobile Deployment Handbook section, "Reference Architecture for Cloud Deployments."
You can integrate XenMobile Cloud architecture into you existing infrastructure by installing and deploying Citrix CloudBridge or by using an existing IPsec gateway in your datacenter.
This architecture allows you to benefit from using NetScaler either in the cloud, as handled by the Cloud Operations group, or in your datacenter. When used in the datacenter, NetScaler gives you a single point of management to control access and limit actions within sessions based on both user identity and the endpoint device. This deployment provides better application security, data protection, and compliance management.
To download and install Citrix CloudBridge, go to https://www.citrix.com/downloads/cloudbridge.html
XenMobile Cloud uses the same Role Based Access Control (RBAC) as an on-premise deployment of XenMobile. The difference with XenMobile Cloud is that the Citrix Cloud Operations group handles any role, including provisioning, that deals with the infrastructure.
The following figure shows the RBAC console for XenMobile Cloud.
XenMobile implements four default user roles to logically separate access to system functions. The default roles are as follows:
- Administrator. Grants full system access.
- Support. Grants access to remote support.
- User. Grants users access to enrolling devices and using the Self Help Portal.
- Provisioning. Grants administrators the ability to provision all Windows Mobile/CE devices as a group using the Device Provisioning Tool. This role is handled by the Cloud Operation group.
You can also use the default roles as templates that you customize to create new user roles with permissions to access specific system functions beyond the functions defined by these default roles.
You can assign roles to users (at the user level) or to Active Directory groups (all users in that group have the same permissions). If a user belongs to several Active Directory groups, all the permissions are merged together to define the permissions for that user. For example, if ADGroupA users can locate manager devices, and ADGroupB users can wipe employee devices, then a user who belongs to both groups can locate and wipe devices of managers and employees.
Note: Local users may have only one role assigned to them.
You can use the RBAC feature in XenMobile to do the following:
- Create a new role.
- Add groups to a role.
- Associate local users to roles.
The following roles are available for you to assign. The Citrix Cloud Operations Group handles any role not on this list.
For step-by-step instructions on customizing roles, see Configuring Roles with RBAC.
To request a restart of the server nodes, contact technical support at https://www.citrix.com/contact/technical-support.html