Squeeze me, Citrix...


Sometime this month, I crossed an invisible line that marks my using Citrix as my primary (and quite often, sole) work environment for two and a half years in a row.

Which is interesting in many ways, and not just because it’s (in my view) a major productivity driver and cost saver for my company. Yes, I have become free of the hassle of managing my own desktop, can switch machines at a moment’s notice, and have instant access to new applications without having someone come over (physically or virtually) and run stuff on my machine.

But that, sadly, is not something most companies value, and during my corporate networking years I’ve seen more than one clueless CIO afraid of something he/she couldn’t really grasp – because, after all, isn’t it better to have big desktop machines with more RAM?

Well, I think that if they actually checked how much they’re paying for all the manpower required for maintaining a helpdesk that has to go out (physically or virtually) to all their users every now and then and put up with users regularly trashing their OS, or even merely did the math on how much money they’re wasting on electricity for all those ‘fat’ PCs, they’d ‘get’ it a lot quicker.

That inability to figure out the basics is probably why network computing in any form isn’t something that is truly mainstream, although I watch with amusement as the current proponents of “cloud computing” try to reinvent the wheel using HTML as UI and JavaScript as glue1.

Anyway, back to my usage of Citrix. That is not to say that I don’t use desktop machines or desktop applications (for instance, I still use a local browser and IM client, and have taken to firing up Office 2008 locally when I want to shut off distractions), but it does mean that everything of consequence is delivered to whatever machine I’m using via Citrix anywhere I am on the planet, and that can be tremendously liberating.

And efficient. For instance, last time I had to work from abroad (using a 3G connection in roaming), I transferred around 7MB all told over three days, whereas my colleagues clocked in at anywhere between 80MB and a quarter of a giga (and yes, we pay for roaming traffic). And Outlook ran a lot faster for me than for them – after all, it was only painting pixels on my screen, not carting around attachments and stuff.

However, even though it is a dream to use under Windows, there are a few niggling little things about using Citrix on several machines that I can’t help commenting on after all this time. Some of them have been touched upon in one post or another, but I think it’s about time I jotted them all down in one place.

Not all ICA clients are born equal

Citrix is now revamping their entire software line around the Xen acquisition (which is fine by me), but their client software is still somewhat fragmented in terms of functionality and user experience.

Whereas on the Windows clients I have complete desktop integration and automatic login via the Program Neighborhood Agent (which sits on the system tray and updates the Start menu, populating it with the applications I am entitled to running), the experience is less than stellar on other OSes (and I’ve tried a few, including the Symbian clients).

Please, oh please, fix the Mac

On the Mac client, there is no such integration, period. Although there is an awfully enticing blog post from last March that shows seamlessly integrated application stubs for launching connections, current reality is a bit different.

My usual method of login to Citrix is through a web page from where I download an .ica profile generated on the fly. That automatically launches the client and connects to the right server, etc., but the web login is fiddly and cumbersome, and even more so if you’re using a remote, secured solution.

Linux and SSL

Oh yes, Citrix has kick-ass remote access solutions, whereby all of your session traffic is tunneled via SSL from the moment you log in to a Web gateway. It works beautifully and is vastly more effective – and even more secure than conventional VPN solutions, since all you’re carting across are display bits (i.e., you don’t risk hooking up a virus-infected machine to the corporate network).

But it has a few problems on Linux. For starters, the Linux client has a lot more issues with SSL than the Mac and Windows ones, and setting up a secured connection can be a right pain.

Sure, one can argue that the built-in PKI features of those operating systems are stable and pretty well documented, but I don’t think distributing an up-to-date set of SSL root certificates and some basic tools to manage the ones the Linux client accepts in a graphical fashion would break anything – in fact, it might just make it that much useable.

(Even I, who am used to fooling around with OpenSSL to convert stuff to and fro and extract certificates from funky test sites, have lost patience with this situation and prefer using anything but the Linux Citrix client whenever I have the chance. More on that later)

But since we’ve mentioned graphical tools… What is that hideous thing that I get on my screen when I launch a Linux client?

There’s ugly, and there’s Motif

And we come to my last gripe, which is a relatively minor one for me (since I seldom have to put up with it) but which screams neglect as far as multi-platform support is concerned. The Linux client, despite playing along with OpenDesktop conventions (including populating the application menus properly with launch items) is, for lack of a better term, ossified in terms of GUI.

Not only it is ugly, the conventions and settings are outdated. You might think by looking at this comparison table that Linux is slightly better off than the Mac, but simply trying to find the right fields to configure the Linux client can be a major chore.

One of the reasons why is that its entire UI is still based on OpenMotif, a widget toolkit that is obsoleted beyond repair and that isn’t even shipped with most current2 Linux distributions by default.

This isn’t much of a problem for techie users willing to dig around for weird binaries and creating symlinks to replacement libraries by hand and re-fix them every time something apparently unrelated is updated and indirectly breaks Citrix, but this dependency and the utter lack of usability of the client software is a major stumbling block for everyone else, and I would think that it does not play well with Citrix’s newfound love for Xen and Linux.

In fact, I would say it is the single biggest reason why Citrix is usually maligned by Linux users, and fixing it would certainly drive adoption of Linux as a corporate desktop solution3 by some degree.

(Another thing that might also help would be embedding a free Citrix client in all those Linux-based ‘instant on’ systems and BIOS extensions that are popping up all over the place, but hey, I’m not in their Marketing department…)

So yeah, I would probably like to see a decently coded Citrix client for Linux as well. Something that used GTK or Qt, didn’t go ballistic while running under compiz and basically ‘just worked’, taking care not to rely too much on bleeding edge features and focusing on ease of use and installation.

But first, could we please have an open beta of that fantastic looking Mac client?

1 As much as I like the new JavaScript frameworks for web applications, I keep wondering when they’ll get around to, say, completely reinvent X Windows or something.

2 Where by ‘current’ I mean to say that I have had this issue with every Linux machine I have used for the last two years, spanning probably four years of Fedora releases and plenty of Ubuntu ones.

3 Not that I really believe that Linux is going anywhere on the desktop, but I suspect that this argument will resonate with its more enthusiastic supporters and get them to lobby Citrix for me.


See Also: