Given today’s state of affairs and the requirement for providing users with reliable and highly functional remote access, administrators are looking for any way possible to improve the user experience. Say hello to Citrix Adaptive Transport. What is it? What do you need to do to make it work? There are many companies out there using Citrix for remote access, but not leveraging this technology. Here’s what you need to know.
What is Citrix Adaptive Transport?
Adaptive transport is an optimized data transport mechanism for Citrix Virtual Apps and Desktops. It is faster, can scale, improves application interactivity, and is more interactive on WAN and internet connections. It maintains high server scalability and efficient use of bandwidth. By using adaptive transport, ICA virtual channels automatically respond to changing network conditions. They intelligently switch the underlying protocol between the Citrix protocol called Enlightened Data Transport (EDT, which leverages UDP) and TCP as a fallback to deliver the best performance. It improves data throughput for all ICA virtual channels including display remoting, file transfer, printing, and multimedia redirection. The same setting is applicable for both LAN and WAN conditions. See below for a visual representation of the technology.
This technology can be deployed for both internal (LAN) Citrix connections as well as external Citrix Gateway connections. Internal connections require minimal configuration assuming there are no firewalls between the client and the VDA. External connections require additional configuration which in some cases the network guys aren’t particularly thrilled about.
How Do I Make it Work?
There are minimum requirements on the client side in order to leverage this technology.
- Citrix Workspace app for Windows minimum version 1808 and session reliability.
- Citrix Receiver for Windows minimum version 4.10 and session reliability.
- Citrix Workspace app for Mac minimum version 1808 and session reliability.
- Citrix Receiver for Mac minimum version 12.8 and session reliability.
Citrix policies need to be configured on the delivery controllers to enforce the appropriate settings.
When set to Preferred, data transport over EDT is used as primary and fallback to TCP. With the Citrix Workspace app for Windows minimum version 1808 or Citrix Receiver for Windows minimum version 4.10 and session reliability enabled, EDT and TCP are attempted in parallel during the initial connection, session reliability reconnection, and auto client reconnect. Doing so reduces connection time if EDT is Preferred, but the required underlying UDP transport is unavailable, and TCP must be used. By default, after fallback to TCP, adaptive transport continues to seek EDT every five minutes.
Internal connections will function as expected without much hassle, but those are not the connections that will really benefit from this technology. External connections (specifically NetScaler Gateway) are where we see the performance enhancements. This includes applications being deployed as published apps or within a published desktop like Zoom, Teams, GoToMeeting, etc. It is important to note that this is not a solve everything solution for remote users. Bandwidth and latency between endpoints and the VDA has far more to do with performance than EDT.
Now comes the fun part…getting the network guys to enable UDP on 443 for external connections. In my experience this is generally not a fun conversation to have. The traffic is still encrypted and secured using the DTLS protocol, even though it is going over UDP. See the diagram below.
Externally if using Citrix Gateway (which is typically located in the DMZ), port 443 must be opened to the gateway VIP for UDP and TCP. DTLS protocols and ciphers must also be allowed. In addition, ICA traffic from the NetScaler SNIP to the VDAs must also be allowed for both UDP and TCP on ports 1494 and 2598. If these requirements are not met, Citrix will fallback to TCP for all connections eliminating all of the potential performance improvements provided by EDT/UDP.
Director will indicate the connection type when it comes to troubleshooting purposes. Example shown in the image below.
As long as you can clear everything with your network and security guys, this is functionality you should absolutely implement for remote users. While it may not solve all of your problems with collaboration applications within Citrix, it will certainly improve the user experience. Try it for yourself and you will see the difference.
About the author
Mike Witt is a Microsoft and Citrix certified IT Consultant for X-Centric IT Solutions with over 20 years of experience designing and deploying solutions for clients of all sizes and business types. He is also certified on Citrix Cloud, and Microsoft Azure holding the CC-VAD-CC and CC-VAD-MA certifications.