Citrix Cloud Aws


Select the AWS zone where VM needs to be hosted. Select the Golden image AMI created to use as Master image for MCS on which VDA agent is installed. Select the AWS VPC where VM needs to be connected; NOTE:- Selected VPC should allow communication between VDA and other Citrix Core components and Active Directory. Citrix and AWS are working together to layer Citrix’s advanced productivity solutions on AWS, enabling improved user experiences, user productivity gains, and an acceleration of business operations. The Citrix Cloud also integrates on-premises IT and AWS into a cohesive, value-producing hybrid.

  1. Citrix Cloud Aws Download
  2. Citrix And Aws
  3. Citrix Cloud Vs Aws
  4. Citrix Cloud Log In

By Joanne Lei, Sr. Partner Solution Architect at AWS
By Valerie DiMartino, Sr. Product Marketing Manager at Citrix

When moving workloads to Amazon Web Services (AWS), one of the most important considerations is connectivity.

With the goal of delivering the best application experience, AWS and Citrix collaborate on many different solutions.

Citrix cloud on aws

One of the key integrations is Citrix SD-WAN’s support for AWS. Citrix SD-WAN provides a unique combination of proactive application traffic management, end to end.

In this post, we’ll show you how to architect a scalable SD-WAN solution with the new AWS Transit Gateway Connect attachment and streamline the deployment with Citrix SD-WAN Orchestrator.

Citrix is an AWS Technology Partner with AWS Competencies in Networking and Digital Workplace. From enabling sustainable hybrid work models to streamlining the journey to multi-cloud, Citrix helps organizations deliver a consistent and secure work experience no matter where work needs to get done—in the office, at home, or in the field.

The Challenge

Legacy WAN architectures are impeding the vision of hybrid multi-cloud. Organizations need a reliable and intelligent network to allow branch and home office workers frictionless access to workloads in the cloud, as well as to the on-premises data center and software-as-a-service (SaaS).

The WANs of yesterday fall short of achieving the performance needs of today’s modern enterprise.

Prevalent WAN technologies like MPLS are unable to effectively handle the uptick in bandwidth demanded from the increase in cloud application traffic, resulting in inconsistent end-user experiences.

Sub-optimal routing practices arise from the need to backhaul application traffic to a central location for inspection purposes, creating additional latency that can worsen application performance for users.

Implementing direct internet access at local branches can easily mitigate the latency challenges. However, a major concern when adopting this approach is security. Left behind in the data center, the security stack is now required to secure the edge of the network where users are.

By running Citrix SD-WAN on AWS, organizations can overcome these challenges and deliver a consistent, high performing, and secure overlay network for their branch and home office users to access the applications in the cloud.

Deploying Citrix SD-WAN in a single virtual private cloud (VPC) is straightforward, but this model does not scale as your footprint on AWS expands to multiple VPCs.

While customers can scale the solution by integrating Citrix SD-WAN with AWS Transit Gateway using either a VPC or virtual private network (VPN) attachment, each attachment type comes with its own limitations.

Solution Overview

The hybrid architecture has a Citrix SD-WAN virtual appliance (VPX) deployed on AWS, usually in an Edge VPC or Transit VPC, serving as an entry point to all of your workloads running in the same or other VPCs.

Citrix SD-WAN VPX on AWS can securely reach all of the branch offices, data centers, and corporate headquarters via multiple network paths, and load balance traffic at the packet level to deliver a resilient and optimized WAN solution.

Now, with the new Transit Gateway Connect, Citrix SD-WAN can natively consolidate edge connectivity to AWS, dynamically route through a single ingress/egress point, provide higher bandwidth interconnects, and lower overall operational costs.

With this native integration, enterprises can simplify overall network architecture, reduce operational overhead, and gain the ability to centrally manage critical aspects of your connectivity, including security.

As you migrate more workloads to AWS, you can automatically connect the newly-created workload VPC to SD-WAN by simply attaching it to the Transit Gateway. With Border Gateway Protocol (BGP) peering between Citrix SD-WAN appliance and AWS Transit Gateway, routes are dynamically learned and propagated as new workload VPC and branch office comes online.

Figure 1 – Hybrid cloud architecture with Citrix SD-WAN and AWS.

By accessing resources on AWS from branches over a Citrix SD-WAN virtual path, you get benefits including:

  • Link bonding.
  • Per packet traffic handling for fast failover.
  • Dual-ended Quality of Service (QoS).
  • Packet racing over multiple links for critical traffic like audio.
  • Next-gen integrated edge firewall.
  • Centralized visibility and orchestration.

To reduce the administrative overhead, you can use the SD-WAN Orchestrator service hosted in Citrix Cloud to centrally configure, manage, and operate all of the SD-WAN appliances across your entire infrastructure, cloud or on-premises.

Through a guided workflow on Citrix SD-WAN Orchestrator, IT managers can natively integrate Citrix SD-WAN virtual appliances with Transit Gateway Connect and link to their resources in Amazon VPCs.

Additionally, customers can traverse AWS’s backbone infrastructure to reach resources deployed in other AWS regions across the world.

AWS Transit Gateway Connect Attachment

Prior to the new Transit Gateway Connect attachment, there were two ways to integrate AWS Transit Gateway with third-party network appliances like Citrix SD-WAN—via VPC attachment or VPN attachment.

The VPC attachment approach is simple to implement, but only supports static routing. Failover requires manual intervention, or you can automate it with a custom AWS Lambda function.

The VPN attachment approach allows you to interconnect the Citrix SD-WAN and Transit Gateway with IPSec VPN tunnel, and leverage BGP for dynamic routing for automatic failover. But the maximum throughput is 1.25Gbps per VPN attachment.

To scale beyond that, you need to establish multiple IPSec VPN tunnels and use BGP ECMP (equal-cost multipath) to distribute the network traffic across the different tunnels, as depicted in Figure 2 below.

Provisioning workflow requires multiple touchpoints and can be complex to implement and operate, especially for customers who are not networking savvy.

Figure 2 – Previous integration model with AWS Transit Gateway.

With the new Transit Gateway Connect attachment, you can establish Connect peer (GRE tunnel) between Citrix SD-WAN appliance and AWS Transit Gateway. Each GRE tunnel will support a maximum bandwidth of 5 Gbp.

To achieve higher throughput, you can add more GRE tunnels and scale up to 20 Gbps per Connect attachment (maximum 4 GRE tunnels per Connect attachment at launch). If 20 Gbp aggregated bandwidth is still not sufficient, you can scale horizontally by creating more Connect attachment.

Besides removing the complexity of multiple IPSec tunnels, the Transit Gateway Connect attachment also provides a more native way for third-party appliances to automate the integration.

Since it has a programmatic interface, setting up a GRE tunnel or BGP peering can be done by invoking a REST API or using an AWS Software Developer Kit (SDK). Citrix SD-WAN Orchestrator built an integrated workflow leveraging this API capability so you can provision the entire setup through a single user interface without switching between consoles.

Figure 3 – New integration model with AWS Transit Gateway.

Citrix SD-WAN Orchestrator Workflow

To use SD-WAN Orchestrator for AWS Transit Gateway integration provisioning, you first need to provide the AWS credentials (AWS Subscription ID, Secret Access Key, Access key ID) for Orchestrator to perform operations in your AWS account. Here’s how to create secret keys.

The Citrix SD-WAN VPX should be deployed in a VPC dedicated for networking services like SD-WAN, VPN, or Firewall. Some customers name it Edge VPC, Outbound VPC, or Transit VPC. Regardless of the names, it’s usually managed by the central IT to provide enterprise-wide network security functions across your entire AWS footprint.

Your existing AWS environment most likely has a Transit Gateway deployed already. If not, you can create new Transit Gateway from the AWS Management Console. Once you have identified the Transit Gateway and Edge VPC, you can use Citrix SD-WAN Orchestrator to complete the rest of the deployment without switching between different Consoles.

Orchestrator can create Transit Gateway Connect attachment on the Transit Gateway, configure a /24 or larger CIDR block of IPv4 address as the Transit Gateway side of GRE tunnel peer IP, bring up the GRE tunnel, and establish BGP routing between Citrix SD-WAN VPX and Transit Gateway.

The entire workflow is streamline by Orchestrator for end-to-end automation that eliminates multiple touchpoints and manual process.

First of all, Citrix SD-WAN Orchestrator needs to be authenticated in order to interact with AWS infrastructure. Enter the AWS subscription ID, AWS Secret Access Key, and AWS Access Key IDs as shown in the screenshot below.

Figure 4 – Establish trust between Citrix SD-WAN Orchestrator and AWS.

In the next step, we’re going to deploy a VPC attachment to create a connect attachment between the Citrix SD-WAN virtual appliance on AWS (US West, in this case) and the AWS Transit Gateway, which has been preconfigured and is identified with the ID tgw-017379fd84219f3ed.

Figure 5 – Deploy VPC attachment from SD-WAN Orchestrator.

Once the VPC attachment is deployed, we’re going to connect the Citrix SD-WAN virtual appliance in an AWS region (US West, again) with Transit Gateway by picking the IP addresses of Transit Gateway CIDR block and the peer address (SD-WAN VPX’s LAN IP).


Figure 6 – Attaching Citrix SD-WAN virtual appliance to AWS Transit Gateway.

Before finalizing the configuration, you can look at the summary page to decide if you want to go ahead with the configuration process.

Once you click on Save Config, you can proceed to pushing this configuration to the Citrix SD-WAN network in order for the GRE tunnels to be established between the Citrix SD-WAN virtual appliance and AWS Transit Gateway.


Figure 7 – Summary of configuration.


With Citrix SD-WAN support for the new AWS Transit Gateway Connect, you can create a next-generation WAN that provides the foundation of building a successful hybrid cloud.

This solution allows your organization to consolidate the edge connectivity to AWS, scale quickly to provide higher bandwidth as workloads and VPC grows in AWS, automate configuration tasks to eliminate manual intervention, and streamline operations end-to-end with Citrix SD-WAN Orchestrator.



Citrix – AWS Partner Spotlight

Citrixis an AWS Advanced Technology Partner that transforms how businesses and IT work. As an extension of their ongoing collaboration with Amazon, Citrix delivers networking and desktop virtualization solutions on AWS.

Contact Citrix Partner Overview AWS Marketplace

*Already worked with Citrix?Rate this Partner

*To review an AWS Partner, you must be a customer that has worked with them directly on a project.

Citrix Cloud Aws Download

I’ve been a huge fan of VMware Cloud on AWS since first played with it earlier this year. VMware Cloud on AWS is my definition of the cloud platform of choice for IT professionals. With the years of experience, you and I have in managing VMware based workloads in my data center, I yearned for a cloud platform that was just as flexible and intuitive to configure. In recent months, the VMware and Citrix teams have been jointly validating the Citrix suite of products on VMware Cloud on AWS. Today, I am delighted to share big news.

For many reasons, this effort was a unique opportunity. We took a modern product, Citrix Apps and Desktops (previously Citrix XenApp & XenDesktop), that historically has been deeply integrated with VMware vSphere and tested it on the VMware Cloud on AWS platform. This testing bubbled down to ensuring the Citrix products would either not notice, or not fail, when connecting to a VMware Cloud on AWS-based vSphere environment. Since the Citrix product is so deeply integrated with vSphere, there were many opportunities where implementation differences between on-premises vSphere and the VMware Cloud products may have required product changes.

Today, we’re delighted to announce that VMware Cloud on AWS has successfully completed the “Citrix Ready” requirements for Citrix Desktop and Applications. No product changes were required on either product. This “like for like” example of support, demonstrates the effort that the VMware Cloud on AWS team to ensure customers familiar with vSphere could leverage the cloud with the same IT runbook and little to no re-training. I’m super proud to see the simplicity their efforts have provided.

Today’s announcement adds support for VMware Cloud on AWS for Citrix customers. These customers can now deploy not only the traditional Citrix products on premises but they can also leverage Citrix’s own Citrix Cloud and leverage VMware Cloud on AWS as a resource location. A full list of supported versions can be found here.

This is a huge win, for both VMware Cloud on AWS and to Citrix Customers today who leverage VMware’s vSphere. Here’s why:

Like for Like configuration, with little to no training required:

Citrix customers can move to VMware Cloud on AWS as their cloud platform of choice, with the confidence that little to no re-training will be required. This allows administrators to get busy with planning and deployment, without needing to completely re-educate their IT staff on a new management platform. Administrators, familiar with vCenter, can be up and running in matter of minutes. Moving to VMware Cloud on AWS instead of other cloud platforms will save your IT staff weeks of time and frustration.

And, unlike other clouds, you can bring your RDSH and Desktop golden images with you, with no conversion or concern!

Support for user centric server workloads:

Invariably, simply delivering a desktop from a cloud of choice is the easy part of any Desktop or Application virtualization project. The real challenge comes in moving the application and data servers from their current location (on-premises data center or branch office) to a location closest to the user for best user experience.


As this is VMware to VMware, you have the confidence that you can simply move these VM’s like you would in a data center today to VMware Cloud on AWS with minimal downtime. Unlike other cloud platforms, customers don’t need to completely rebuild or recreate these solutions to run on other cloud platforms. You can even vMotion your workloads to transition to VMware Cloud on AWS with no downtime.

Support for Citrix Provisioning Services:

VMware Cloud on AWS, like vSphere, allows customers to deploy Virtual Machines in whatever size they want, with any virtual hardware combination that they please. In the Citrix environment, this means that VMware Cloud on AWS is the only cloud environment that can support the Citrix Provisioning Services (PVS).

Deleting dropbox from computer. Further as the networking configuration is completely open to the customer, any DHCP PXE / TFTP configuration can be configured and managed natively by the customer.

As many customers have built their environments to take advantage of Citrix’s Provisioning Services to suit their needs, there is zero compromise or changes required. Just ship your images up to VMware Cloud on AWS and get on with adding value to the users.

Support for Citrix Native Netscaler:

A customer can also deploy Netscaler VPX appliances to VMware Cloud on AWS. This allows customers to deploy external connectivity or load balancing as they would on-premises, extend to cloud or even fail to cloud BY leveraging the Netscaler native GSLB capabilities.

Deploy traditional, scale out or Cloud:

When a Citrix customer decides upon VMware Cloud on AWS as their cloud platform of choice, they get the confidence that VMware Cloud on AWS can support the now and the future of their Citrix user virtualization needs with no compromises. All with the peace of mind provided by the years of excellent experience they have had with vSphere in their on-premise deployment.

A Citrix customer can choose to deploy a new site, extend an existing (via zones) site, or even migrate to Citrix Cloud with no excuses.

In conclusion, we are extremely excited to have the VMware Cloud on AWS cloud published as Citrix Ready for Citrix Apps and Desktops. We believe this validation will deliver further value to Citrix customers, and also a clear migration path to a familiar and enterprise proven cloud platform for both their user and server-based workloads.

Citrix And Aws

To learn more about VMware Cloud on AWS, please visit To learn about what’s new with VMware Cloud on AWS, check out this blog post.

Citrix Cloud Vs Aws


Citrix Cloud Log In

  • Get started now:
  • You can learn more about our service at:
  • Learn more about VMware Site Recovery at:
  • Obtain our VMware Cloud on AWS Solution Brief and TCO 1-pager
  • Follow our release notes on continuing updates here:
  • Check out our YouTube channel
  • Follow us on Twitter @vmwarecloudaws