This blog was co-authored by Jonathan Adams, Lead Product Manager for StoreFront and Citrix Workspace.

Being an IT administrator is a busy job. With a whole tech stack to look after, updates to push, and bugs to patch – it can seem like the to-do list just keeps on going. That’s where cloud services come into play – offloading the management and maintenance so you have more time to focus on strategic decisions. That is why we are excited to announce the General Availability of Citrix Gateway service for StoreFront!

Citrix Gateway service for StoreFront is a turnkey HDX proxy solution designed specifically for DaaS customers. This innovative service allows customers to maintain their existing NetScaler and StoreFront customizations, minimize maintenance overheads, and leverage the benefits of Citrix Gateway service.

If you are using Citrix DaaS with on-premises StoreFront 2407 or higher, you can now use Citrix Gateway service to provide remote access to your virtual apps and desktops. 

Let’s dive a little deeper into our latest feature.  

Why Gateway Service for StoreFront

Traditionally to allow your remote users to access their Citrix hosted resources, you would deploy a NetScaler Gateway appliance. This provides two functions.

  1. Remote access to StoreFront. This includes authenticating the user before they reach the StoreFront server inside the corporate network.
  2. Remote access to virtual apps and desktops, known as HDX proxy.
Image shows a network architecture diagram. Access to StoreFront flows from the end user, to the NetScaler Gateway, to StoreFront. Access to the resources flows from the end user, to the NetScaler Gateway, to the VDA that hosts the resource.
Communication diagram for authentication and HDX proxy with NetScaler Gateway

The on-premises NetScaler Gateway is a powerful and highly configurable solution. However, it does introduce additional managed components to the environment. With our cloud hosted access tier Citrix Workspace, you have long been able to use the Citrix Gateway service to provide remote access to your virtual apps and desktops without deploying any infrastructure. However, moving to Citrix Workspace often involved a re-architecting of the end user access tier. With StoreFront 2407, you now have the option to use Citrix Gateway service for HDX proxy– bringing the benefit of cloud scale and resiliency to StoreFront.

Image shows a network architecture diagram. Access to StoreFront flows from the end user, to the NetScaler Gateway, to StoreFront. Access to the resources flows from the end user, to the Citrix Cloud hosted Gateway service, to the Cloud Connector, to the VDA that hosts the resource.
Communication diagram for authentication via NetScaler Gateway and HDX proxy via Citrix Gateway service.

Citrix Gateway service for StoreFront is a cloud-hosted HDX proxy solution that enables customers to maintain their existing access tier and authentication infrastructure while leveraging the benefits of a cloud-based solution. It allows customers to offload the connection brokering and HDX proxy functionality to the cloud, reducing maintenance overhead and improving scalability and resiliency. Some of the key benefits are: 

  • Flexibility: Maintain existing customizations and infrastructure while leveraging the benefits of a cloud-based solution.
  • Cloud Scalability and Reliability: Enjoy the scalability and reliability of a cloud-based solution, ensuring uninterrupted access to applications and data.
  • Minimize Management Overhead: Minimize your time spent managing resources with a Citrix-hosted HDX proxy. Maintain your access tier, offload the connection—it’s a win-win.
  • Operational and IT Efficiency: Reduce maintenance overheads, free up IT resources for strategic initiatives, and enjoy operational efficiency with a fully managed service.

How it Works

When using Citrix Gateway service for StoreFront, authentication and resource enumeration remain unchanged and are handled by either StoreFront or NetScaler depending on your environment. Therefore you can continue to use features such as MFA via SAML, basic EPA scans, and Smart Access Policies. When users launch resources, the connection is brokered by Gateway service. The communication between the Virtual Delivery Agents (VDAs) and the Gateway service is brokered by the Cloud Connectors. 

With this functionality you are able to maintain your NetScaler and StoreFront customizations, and continue to use your existing on-premises NetScaler Gateway URLs – now with the added scale, performance, and resilience of Gateway service.

How to Configure It

To use Gateway Service for StoreFront, you must have an account in Citrix Cloud (excluding Government and Japan) with a DaaS entitlement and one or more Cloud Connectors.

From the StoreFront management console, Click Manage Citrix Gateways then Add. In the Citrix Gateway General Settings, there is a new field called Gateway type which can be set to either Citrix Gateway Appliance or Citrix Gateway Service.

Image shows the ‘Edit Citrix Gateway’ part of the StoreFront console. On the left are two menu options, ‘General Settings’ and Cloud Connectors’. Under ‘General Settings’ there are 4 settings: ‘Display Name’, ‘Gateway type’ which now includes Citrix Gateway service, ‘Usage or role’, ‘Citrix Gateway URL’.
Gateway service for StoreFront setting in the StoreFront console

When you choose Citrix Gateway Service then the only option is to set the Usage or role to HDX routing only. You must then choose one or more Cloud Connectors that StoreFront can use to generate STA tickets. For more information on adding a Gateway, see Add Citrix Gateway Service.

By default, StoreFront uses the same Gateway to connect to VDAs as were used to access StoreFront, so Citrix Gateway service is not used. Therefore, you must use Optimal HDX routing to configure in which situations you wish the Gateway service to be used, based on the resource feed or resource location (called Zone within StoreFront).

For even more details on this new feature, check out our Tech Paper.

Learn More

Citrix Gateway service for StoreFront is a game-changing solution for DaaS customers, offering a unique combination of flexibility, scalability, and resiliency. By leveraging this service, customers can minimize management overhead, reduce maintenance costs, and enjoy operational efficiency. With its fully managed service, customers can focus on strategic initiatives while ensuring uninterrupted access to applications and data. Don’t miss out on this opportunity to transform your access infrastructure – try Citrix Gateway service for StoreFront today!

To learn more, check out our product documentation for Citrix Gateway Service for StoreFront and the StoreFront 2407 release notes.

Disclaimer: This publication may include references to the planned testing, release and/or availability of Cloud Software Group, Inc. products and services. The information provided in this publication is for informational purposes only, its contents are subject to change without notice, and it should not be relied on in making a purchasing decision. The information is not a commitment, promise or legal obligation to deliver any material, code, or functionality. The development, release, and timing of any features or functionality described for products remains at the sole discretion of Cloud Software Group, Inc.