Saturday, December 12, 2009

Citrix Command Center Basics with Netscaler

By:Rick Rohne

If you have been working with Citrix Netscaler, VPX, Access Gateway Enterprise, Application Firewall, or Brach Repeater you are probably interested in ways to collect statistics, reports, and alerts for all your Application Networking devices… Citrix Command Center is just the tool to use, and when configured right, you can get a deep understanding of how your devices are operating in the field. Here, I’m going to go over some of the basic Command Center setup tasks to get you on your way to total knowledge of your Application Networking Infrastructure.

Citrix Command Center is an SSH and SNMP monitoring station that also triples as Config Archiving and mission control center for all of Citrix’s Application Networking gear (both physical and virtual). You can use it to build graphs and receive alerts on system usage and individual entity usage. You can also use it to upload batched commands or transfer configs from development to production. Best of all, it’s included with your purchase of Netscaler Enterprise, Application Firewall, Access Gateway Enterprise, or Branch Repeater.

Who should use Command Center?
• Anyone that has two or more Branch Repeaters, Netscalers, Netscaler VPX, or Application Firewalls.
• Any time you will be transferring your configs from test to development
• When you are using Application Firewall
• When you want to be alerted on up/down events (i.e. when a Service fails and recovers such as the Citrix XML service or your e-commerce web site).
• When you want to keep historic trends of your ANG Infrastructure (i.e. Authentications, VServer hits, Packets received and transmitted, or http requests per second to your Web Sites etc.).
• If you will be writing policies and actions based on traffic usage i.e. Sure Connect or MAX client.


When setting up Command Center (CCC) for the first time, it’s probably a good idea to have a beefy server and a database that can hold plenty of gathered statistics. It supports a MYSQL, Microsoft SQL, or Oracle datastore and it will generally get pretty big (depending on how much information you gather and how long you keep it. Here is a link to the installation guide (It supports both Windows and Linux installations) Citrix Command Center Installation Guide 3.3 .

After you have it setup, you can choose to run CCC manually or as a Windows Service. If you want to run it as a service, simply run the "C:\Program Files\Citrix\Citrix Command Center\bin\InstallCCAsService.bat" file. This will set the service to start automatically and also install an Apache service on TCP port 9090 (unsecure) or 8443 (secure). It’s managed using a web browser pointed at the Server IP with the port specified during setup. The default username is root with the password of public.

First Steps

The first thing you will want to do is go to the Admin tab to setup some default settings for your CCC installation. Here you can:
• Change the Authentication and authorization settings to Local User accounts or central Directory accounts.
• Configure Log rotations and how long to keep logs around
• Configure your email server default settings
• Configure Inventory settings (Such as whether certificates are backed up etc.

After you have your default settings configured, you will want to create a MAP (Under Citrix Network). A Map is a collection of similar devices with similar roles (Such as an HA pair or a quad of devices in a GSLB configuration). Once you setup your map with all the default information, you can then add devices to the map individually or by running a discovery with an IP range (see below).

Provided that you have not locked down the snmp managers in your ANG devices, Command Center will automatically configure the SNMP community and Trap destinations. It is a good idea to later lock down the SNMP manager hosts to just the devices that will be enabled for management.

NOTE: If an SNMP manager or SNMP manager Network is defined, the automatic configuration will fail. Simply delete all SNMP managers and run the discovery again, or manually configure the SNMP settings.

Once the MAP has been defined, you will start collecting Alarms, however, you must still do some manual configuration if you want to receive alerts or build custom graphs.


Alarms can be found under the Fault tab. The Alarms section shows Active Alarms and the status of the Alarm. Not all alarms are enabled by default, Citrix Netscaler comes with some basic alarms that are already configured such as Entity up/down status, Config Changes, Login Failures, HA failover etc.. If you would like to get alarms for typical tasks such as CPU, memory, or Disk usage you will have to configure the alarm thresholds on each device (Or batch a command to configure all the devices from Command Center).

If you would like to setup email alerts, you will want to configure Alarm Triggers. With Alarm triggers you can select what emails addresses receive information on what alarms. You can target specific categories or failure objects and you can use Wild Cards for matching similar failure objects.
NOTE: if you want Command Center to alert on part of a service name for multiple services called SVC_Email_01 and SVC_Email_02, you can add *Email* in the failure object.

Graphing and Reporting statistics

Reporting is one of my favorite features of Command Center because it allows you to know exactly what is going on with your Application Infrastructure and web applications such as:
• CPU, Disk and memory usage over time
• How much traffic is being received and at what are the peak times
• How many SSL VPN connections are occurring
• Authentication Successes and failures
• Reporting also helps you identify if you are using the right size device

The first thing you must do when configuring reporting is configure your Polled Counters… You can configure Counters under the Performance tab of Command Center. Some counters are configured by default; however, you should go in and disable counters that you will not use as well as select counters that are important to your organization.

NOTE: The more counters that are selected, the more processing the Command Center will have to do. Also, Counters with a Plus sign next to them will require additional processing by the appliances. These counters provide the most detailed information such as service and Vserver hit counts, packet rates, etc.

Once you have your counters selected, wait about 5 – 10 minutes and run a quick report or setup a custom report… Custom reports are reports that can be re-used and scheduled and sent to an email distribution. To start, select quick report or Add Custom report from its view.

Select the devices and the counters that you would like to see in your report, and select finish.

Here you can see the counters in the view of your choice.

Central Configuration

The Configuration gives you a single place to execute common tasks for your devices. You can Update Certificates, or Generate Certificates from a central location. You can also use Custom tasks to Batch configurations from Test to Production. You can read more about the custom tasks in a previous blog that I wrote about creating Template configurations for Application Firewall Application Firewall goes Commando

This is just the beginning

There are many other things you can do with Command Center, if you are running any of Citrix’s application networking products in production, I encourage you to download this and give it a try…. Although there is not a whole lot of documentation on Command Center, you can get some useful information from the Admin and User Guides found at

More information on Netscaler

blog comments powered by Disqus
Microsoft Virtualization, Citrix, XENServer, Storage, iscsi, Exchange, Virtual Desktops, XENDesktop, APPSense, Netscaler, Virtual Storage, VM, Unified Comminications, Cisco, Server Virtualization, Thin client, Server Based Computing, SBC, Application Delivery controllers, System Center, SCCM, SCVMM, SCOM, VMware, VSphere, Virtual Storage, Cloud Computing, Provisioning Server, Hypervisor, Client Hypervisor.