Blog
Customer Story: Tackling Citrix VDI with Correlated Visibility
How one financial services firm used ExtraHop to solve the unsolvable
Brittany Iwata
November 13, 2017
One of the most common challenges our customers encounter is gaining visibility into Citrix. For IT teams, it's a major challenge because a problem with Citrix often means that end-users feel the effects immediately. If employees can't log in, or if logins are taking a minute or more — as was the case for Seattle Children's Hospital — it can dramatically impact productivity, customer experience, and the bottom line.
Recently, ExtraHop was working with a financial services firm whose Citrix VDI sessions for a remote site had abruptly stopped registering successfully. The Citrix admin spent days trying to troubleshoot the issue, but the narrow visibility delivered by other performance management tools, including Citrix itself, made it nearly impossible to understand when or from where the problem originated.
A call to an ExtraHop systems engineer was all it took to break the case wide open. Leveraging the custom devices capability within ExtraHop to get visibility into the Desktop Delivery Controller (DDC), the Citrix admin and the systems engineer were able to look at all communications between the Citrix VDI and the DDC, and then from the DDC to Active Directory (AD) / DNS / MSSQL, etc.
Within minutes, the Citrix admin was able to use that correlated, cross-tier information to pinpoint precisely when the issue started. A problem that had seemed unsolvable for weeks could now be quickly and easily unraveled.
The admin determined that the Citrix registration errors happened to coincide with some other issues: SYNs received pentupled and accepted connections dropped to 20 percent below previous levels. RTO's increased, as did LDAP requests and DNS fails. Database connections stopped entirely. Even as this was happening, other segments of the IT team were saying that their systems looked green.
Armed with this information, the Citrix admin was able to identify the likely stakeholders and call a meeting with leadership to determine the root cause of the issue. This problem, which had already begun to have a severe impact on branch business operations, is now well on its way to resolution!
Discover more