Appendix A: Third Party Server-Based Computing Product Comparison
We mentioned several third party server-based computing products in this book, and we alluded to some of their advanced features. In this section, we'll look at the "add-on" products that extend the Terminal Services functionality of Windows Server 2003.
Since the vendors' products and capabilities tend to change, you can download an up-to-date version of this section from www.brianmadden.com.
This section compares the following products:
- Microsoft Windows Server 2003 Terminal Services
- Citrix MetaFrame XP Presentation Server 1.0 with Feature Release 3
- Jetro CockpIT / BoostIT 3.0
- Tarantella New Moon Canaveral iQ 2.0
- DAT Panther Server 2002
Before we get into the side-by-side comparison of all the products, let's take a quick look at an overview of each one.
Terminal Services for Microsoft Windows Server 2003
What's interesting about Terminal Server (in this case) is that it's an absolute requirement if you want to use any of these third party products. Your real decision is whether you want to use Terminal Server by itself or whether you want to use a third-party product in addition to Terminal Server.
Terminal Server has come a long way since Microsoft released the first version of it in 1998. From a pure protocol standpoint, Terminal Server's RDP protocol is just as good as Citrix's ICA protocol. They both support virtually any client platform, and they both support access to all local client resources (ports, printers, audio, and the clipboard). Additionally, the new version of RDP supports 24-bit color and very high resolutions.
This protocol equality does not mean that there is no longer a need for third-party products, however. It just means that there are other things you must look for when deciding which products are best for your server-based computing solution.
For example, Terminal Server still has some major weaknesses, including:
- Load-balancing is limited to 32-nodes. Furthermore, the load-balancing algorithm is based on network traffic--not user or processor load.
- Applications cannot be accessed "seamlessly." This is not a problem if you only plan to run full remote desktops, but the integration of local and remote applications is not that great.
- Users must access a server to access an application. For example, third-party software allows a user to request an application by name (i.e. "Excel"). Terminal Server requires that an administrator manually set up shortcuts to each application. Again, this is less of a problem if the server is to be used exclusively for remote desktop access instead of remote application access.
The bottom line with Terminal Server is that it can stand on its own in smaller environments where users will be accessing full remote desktops, but it cries out for third-party tools in larger and more complex environments.
Citrix is the company that essentially invented modern day Microsoft Windows server-based computing. MetaFrame XP offers dozens of features, including the all-important application load-balancing, application publishing with seamless windows, and a web interface user portal.
In addition to the core features of MetaFrame, the license fee includes rights to use applications such as "Citrix Secure Gateway" (CSG). CSG lets you funnel all of your users, completely encrypted, through a single port on a single IP address. Think about it. With Citrix, you can provide secure remote access to thousands of remote users over a single IP address/port combination.
While not included with the core product, Citrix also offers a number additional products that further extend MetaFrame's capabilities. Example include MetaFrame Conferencing Manager (a product that enables real-time application sharing and collaboration between users anywhere in the world) and Meta-Frame Secure Access Manager (which provides secure and personalized information via a web portal).
The downside to Citrix is their price. While Citrix MetaFrame clearly offers the most features and capabilities, it is also the most expensive, with per-user MSRP prices starting at almost $100 more than the next most-expensive competitor.
Jetro CockpIT / BoostIT
Jetro Platforms' current server-based computing product is CockpIT 3.0. Jetro does not view themselves as a direct competitor to Citrix, Microsoft, or Tarantella. Instead, they focus on creating a "management platform" that allows you to manage your existing environments whether they're Terminal Servers, Citrix MetaFrame servers, or a combination of both.
Jetro uses its own client software that contacts a Jetro server which maintains application lists, server load, user policies, and permissions. Once it determines which server a user should connect to, the Jetro client passes the connection information to the user's standard RDP or ICA client, and the session is launched.
Jetro sells two products: CockpIT and BoostIT. These products are technically 100% identical, with the only difference being how they are licensed. CockpIT adds all of Jetro's capabilities to Terminal Server and RDP environments. BoostIT supports ICA sessions in addition to RDP. Now, here's where it gets interesting. BoostIT is much cheaper than CockpIT. That's right. The product that supports RDP and ICA is much cheaper ($40 per user) than the product that supports RDP only ($160 per user). Jetro's reasoning behind this is that if you need the ICA version, you've already spent enough money on thin client computing licenses, so they give you a break. (Think of it as a "competitive upgrade.") The catch, of course, is that you have to have previously bought a Citrix ICA license for each BoostIT license that you buy, and they require proof of this upon ordering.
Jetro adds some impressive features onto native Terminal Server. In addition to the now "standard" third-party offerings of seamless windows, application publishing, a slick web interface for application access, and application level load-balancing, Jetro's products also allow you to seamlessly publish and manage applications to users regardless of whether they access them via ICA or RDP.
Tarantella New Moon Canaveral iQ
Canaveral iQ 2.0 is the latest iteration of the Canaveral iQ server series from Tarantella / New Moon. Tarantella's focus is to bring to the market a less expensive alternative to MetaFrame. Canaveral iQ maintains about 80% of the functionality of MetaFrame for about 40% of the price.
Canaveral iQ can run on Windows Terminal Server 4.0, Windows 2000, or Windows 2003. Canaveral has all the "major" features of a third-party application server, including application publishing, seamless windows, a web interface, and application-level load-balancing.
Load balancing is accomplished independent of Windows through the use of the Canaveral Load Balancer. This operates in much the same way as the Citrix Load Manager to achieve a load-balanced environment. This fact alone can save a company several thousand dollars in a farm with several servers when compared to using pure Terminal Server since Canaveral load-balancing doesn't require the Enterprise Edition of Windows 2003.
One of the features of Canaveral iQ that sets it apart from the rest of the pack is the ability to publish applications to specific terminals or groups of terminals, rather than simply to users and groups. This is very beneficial in a kiosk or shop floor environment, where terminals have one, dedicated purpose.
Tarantella is one of the few companies that officially licensed Microsoft's RDP technology, and therefore they provide their own version of Microsoft's Terminal Services Advanced Client (TSAC). While using the RDP protocol at its core, the Canaveral client also provides access to additional services like seamless windows and the web interface. Tarantella offers Canaveral clients for 32-bit Windows and Windows CE, and a Java client is in currently in beta testing for use on Linux and Macintosh platforms.
The feature set of Canaveral iQ, albeit less robust than MetaFrame, is significantly more robust than Windows Terminal Services. Tarantella has succeeded in adding the most used features of Citrix MetaFrame to Windows Terminal Services and has made their product available at a fraction of the cost of MetaFrame.
DAT Panther Server
The DAT Group is a large UK-based Microsoft partner that is primarily known for their customized mobile applications. DAT Panther Server 2002 adds some basic functionality on top of Terminal Server. Leveraging the RDP protocol, Panther adds seamless windows, application publishing, and application-level load balancing to Terminal Server environments.
While it lacks a web application interface and some of the other features of the competing software packages, DAT Panther adds basic functionality to Terminal Server for a reasonable cost
Server-Based Computing Software Feature Comparison
In addition the basic information about each vendor's offerings, this chart provides a side-by-side comparison of the features and capabilities of each product.
 Refers to products that run on top of Terminal Server that inherit this functionality from Terminal Server.
- Basic Product Information
- Minimum Terminal Server version Required
- Citrix: 2000
- Jetro: 2000
- New Moon: NT4
- DAT: 2000
- Remote Session Protocol
- TS2003: RDP
- Citrix: ICA
- Jetro: Both
- New Moon: RDP
- DAT: RDP
- Cost Per User (US$)(3)
- TS2003: Base
- Citrix: $250-350
- Jetro: $40-160
- New Moon: $199 or 103
- DAT: $150
- Maintenance cost per user / per year
- Citrix: $40-50
- Jetro: 1yr free, $16 after
- Blue Moon: 1yr Free, 5% after
- DAT: Free/$25
- License Type (concurrent or named user)
- TS2003: Either
- Citrix: Conc.
- Jetro: Either
- New Moon: Either
- DAT: Conc.
- Major Features
- Application Publishing: Citrix, Jetro, New Moon, DAT
- Seamless Windows: Citrix, Jetro, New Moon, DAT
- Application Load Balancing: Citrix (XPa), Jetro, New Moon, DAT
- Web Application Interface: Citrix, Jetro, New Moon
- Other Features
- Content Publishing: Citrix, Jetro, New Moon, DAT
- Content Redirection: Citrix, Jetro, New Moon
- Publish applications to specific work stations: New Moon
- Connent to single application (instead of full desktop): TS2003, Citrix, Jetro, New Moon, DAT
- Print Driver Mapping: TS2003, Citrix, Jetro, New Moon, DAT
- Print Driver Replication: TS2003, Citrix, Jetro, New Moon, DAT
- Univarsal Printing: Citrix, Jetro, New Moon
- Server Load Balancing: TS2003, Citrix (XPa), Jetro, New Moon, DAT
- Server Availability Scheduling: Citrix, Jetro
- Session Shadowing: TS2003, Citrix, Jetro, New Moon, DAT
- Client Features
- Web-based client install: TS2003, Citrix, Jetro, New Moon
- Auto Client Update (7) Citrix, Jetro, New Moon
- Local Drive Access: TS2003, Citrix, Jetro, New Moon, DAT
- Local Printer Access: TS2003, Citrix, Jetro, New Moon, DAT
- Local/Remote Clipboard Mapping: TS2003, Citrix, Jetro, New Moon, DAT
- Local COM/LPT Port Access: TS2003, Citrix, Jetro, New Moon, DAT
- Audio Mapping: TS2003, Citrix, Jetro, New Moon, DAT
- Client Desktop Intergration: Citrix, Jetro, New Moon, DAT
- Has it's own client: TS2003, Citrix, Jetro, New Moon, DAT
- 24-bit color, high resolution: TS2003, Citrix, Jetro, New Moon, DAT
- Client multi-monitor support: Citrix, Jetro
- Client Platforms
- 32-bit Windows: TS2003, Citrix, Jetro, New Moon, DAT
- 16-bit Windows: TS2003, Citrix
- DOS: TS2003, Citrix
- Macintosh: TS2003, Citrix
- Linux/Unix: TS2003, Citrix
- Java: TS2003, Citrix
- Windows CE/Pocket PC: TS2003, Citrix, Jetro, New Moon, DAT
- Security Features
- SSL Encryption: TS2003, Citrix, New Moon
- TLS Encryption: TS2003, Citrix, Jetro, New Moon, DAT
- Proxy Support: TS2003, Citrix, Jetro, New Moon, DAT
- SSL Gateway Support: Citrix, New Moon
- Pass-through authentication: Citrix, New Moon
- Protcols (TCP/IP, IPX/SPX, NetBEUI)
- TS2003: TCP/IP
- Citrix: All
- Jetro: TCP/IP
- New Moon: TCP/IP
- DAT: TCP/IP
- Management Features:
- Delegated administration: TS2003, Citrix, Jetro, New Moon, DAT
- Remotely push server install: Jetro, New Moon
- User Policies: TS2003, Citrix, Jetro, New Moon DAT
- Centralized mgmt console: Citrix
- Clone Server: New Moon, DAT
- System Monitoring: TS2003, Citrix (XPe)
- Detailed Usage Reporting: Citrix (XPe), Jetro, New Moon, DAT
- Application packaging and delivery: Citrix (XPe)
- Full Active Directory Integration: TS2003, Jetro, New Moon, DAT
B. Big Feature Chart
Several of Terminal Server 2003's features can be confiqured in multiple locations. This chart shows at what level each feature can be configured.
- Profile Path: User Account, GPO (computer)
- Home Folder: User Account, GPO (computer)
- Allow Login to Terminal Server: User Account
- Enable Remote Control: User Account, GPO (computer), GPO (user), connection
- Remote Control Levels: User Account, GPO (computer), GPO (user), connection
- Start Program at Logon: User Account, GPO (computer), GPO (user), client, connection
- Connect Drives: User Account, GPO (computer), client, connection
- Connect Printers: User Account, GPO (computer), client, connection
- Default to Main Printer: User Account, GPO (computer), connection
- End a Disconnected Session: User Account, GPO (computer), GPO (user), connection
- Active Session Limit: User Account, GPO (computer), GPO (user), connection
- Idle Session Limit: User Account, GPO (computer), GPO (user), connection
- Session Limit Action Taken: User Account, GPO (computer), GPO (user), connection
- Allow from any client: User Account, GPO (computer), GPO (user), connection
- Keep Alive Conections: GPO (computer)
- Automatic Reconnection: GPO (computer), server
- Restrict Users to Single Session: GPO (computer), server
- Enforce Removal of Wallpaper: GPO (computer), client
- Deny Console Admin Logoff: GPO (computer)
- Number of Connections: GPO (computer), connection
- Limit Color Depth: GPO (computer), client, connection
- Resolution: GPO (computer), client
- Enable TS: GPO (computer)
- Local admins may customize permissions: GPO (computer)
- Remove Windows Security from Menu: GPO (computer)
- Time Zone: GPO (computer)
- Clipboard: GPO (computer), connection
- Smart Card: GPO (computer)
- Audio: GPO (computer), client, connection
- COM: GPO (computer), client, connection
- LPT: GPO (computer), connection
- Windows Key Combinations: client
- Always prompt for password: GPO (computer), connection
- RDP Encryption level: GPO (computer), connection
- Authentication type: connection
- Generic Logon: connection
- Licensing Server Security Group: GPO (computer)
- Prevent License Upgrade: GPO (computer)
- "Per session" temp folders: GPO (computer), server
- Delete temp folders on exit: GPO (computer), server
- Session Directory: GPO (computer), server
- IP Address Redirection: GPO (computer), server
- SD Server: GPO (computer), server
- SD Cluster Name: GPO (computer), server
- SD IP Address: server
- Show contents while dragging: client
- Menu and Windows animation: client
- Themes: client
- Cache Bitmaps: client
- Licensing Mode: server
- Disable Active Desktop: server
- Permission Compatibility: server
Appendix C: Links Mentioned in this Book
RDP Client Software
Bandwidth Shaping Hardware