Last weekend we successfully moved 3 E10 dev servers to our private Azure. This includes the db, service connect and terminal server (for handheld bar code scanners). We are performing a proof of concept to determine how viable it will be to run our production system in Azure. As part of this, I am trying to determine what client to use. We have been serving E10 up through an on prem Citrix application pool since the beginning of time. We are looking into:
Moving to Citrix Cloud. This enables us to host the VDA servers on prem or in Citrix Cloud. All the Citrix controllers, etc are hosted and managed by Citrix.
Uses Azure VPN and use Intune to install the clients on all PC’s (170+ computers and growing).
Use Azure Virtual Desktops and Azure VPN. Users will get a desktop.
For those of you in your own private Azure, how are your client connecting and why did you chose that path?
At the previous place, we moved to private Azure from a co-lo. The old server was dying and we needed reliability. Being a mostly on-prem team, we set up a VPN to the VMs in Azure and just used the regular clients from the desktop. The performance was slightly better than the co-lo.
Unfortunately, we weren’t practicing Zero Trust and when a AD controller was hit with malware, it happily went over the vpn and got our Epicor servers too. Immutable back ups there, so that was fortunate!
During the recovery, we used Window Virtual Desktops. Our people were not used to running the Remote Desktop App (different than the RDP app!), so there was some confusion there but it sounds like your users are already acclimated to a Citrix world. The performance was quite good with everything in Azure. Double bonus because work from home became much easier to do.
But, WVD is not inexpensive! So, we started moving people back to their local workstations.
Once the Kinetic UI settles down, running without the client will give you more opportunities in Azure with a Web App.
I missed this question so thanks @Mark_Wonsil for getting it onto my radar. We went from on-prem to private cloud a few years ago too. Our infrastructure guys setup the Azure servers behind our corporate firewall so we too use the client from the user’s desktops for most of our users except hand held units.
Mark is also correct, Kinetic UI will be great once everything is moved over.
Thanks everyone! I am surprised by the lack of replies as well. After much research into Citrix Cloud, Azure VDI and local clients I have decide to stay with the devil we know (Citrix) with added functionality. I figure all the options have their unique quirks and didn’t want to shift the troubleshooting to new tech. Besides, Citrix, for a reason is the leader in secure remote app access.
We will be moving our Citrix controllers, storefront, etc to Citrix Cloud. They will manage and update them. This allows a hybrid approach to on-prem or cloud based VDA servers (which we manage).
We will add two more options. First, Performance Analytics will give us real time actionable insights into user and servers. It will assist in troubleshooting each leg of their connection (from home WiFi, home internet, all the way to the VDA. It will also give a single pane of glass to the servers and processes for real time and historical troubleshooting data. Second, we will add Adaptive Authentication. Here we can define policies to limit what devices can connect to our systems. For example, we will only allow AD or AAD devices that are running an up to date EDR solution.
Sorry to chime in late here, but we, too, are looking to move our Epicor appservers and database servers to our private Azure cloud. We used Azure’s Disaster Recovery tool to replicate our two test servers to the cloud. When we run Epicor’s PDT Configuration Check, we consistently fail the SQL Query Test. Are there certain tweaks or configuration changes that should be made to pass this test and get closer to matching our on-prem performance?