ADC

Data governance

What is NetScaler Console service connect?

NetScaler Application Delivery Management (ADM) service connect is a feature to enable seamless onboarding of NetScaler MPX, SDX, and VPX instances, and NetScaler Gateway appliances onto NetScaler Console service. This feature lets the NetScaler instance or NetScaler Gateway appliance automatically, securely connect with NetScaler Console service, and send system, usage, and telemetry data to it. Based on this data, you get insights and recommendations for your NetScaler infrastructure on NetScaler Console service.

By using the NetScaler Console service connect feature and onboarding your NetScaler instances or NetScaler Gateway appliances to NetScaler Console service. You can also manage all your NetScaler and NetScaler Gateway assets whether on-premises or in the cloud. Also, you benefit from access to a rich set of visibility features that help in quick identification of performance issues, high resource usage, critical errors, and so on. NetScaler Console service provides a wide range of capabilities for your NetScaler instances and applications. For more information on NetScaler Console service, see NetScaler Application Delivery Management Service

Important

  • NetScaler Gateway appliance also supports the NetScaler Console service connect feature. For better ease, the NetScaler Gateway appliance isn’t called explicitly in the consecutive sections.

What is NetScaler Console service?

NetScaler Console service is a cloud-based solution that helps you manage, monitor, orchestrate, automate, and troubleshoot your NetScaler instances. It also provides you analytical insights and curated machine learning based recommendations about NetScaler instances and about application health, performance, and security. For more information, see NetScaler Console service Overview

How the NetScaler Console service connect is enabled?

NetScaler Console service connect is enabled by default, after you install or upgrade NetScaler or Gateway to release 13.0 build 61.xx and above.

What data is captured using NetScaler Console service connect?

The following details are captured using NetScaler Console service connect:

  • NetScaler details
    • Serial ID
    • Encoded Serial ID
    • Host ID
    • UUID
    • Management IP address
    • Host name
    • Version
    • Build type
    • Build
    • License type
    • Hypervisor
    • Deployment type(standalone/HA)
    • Platform type
    • Platform description
    • System ID
    • Modes enabled on ADC
    • Features enabled on ADC
  • License Information
    • Features licensed on NetScaler
    • License number
  • Key usage metrics
    • System date time
    • CPU usage percentage
    • Management CPU percentage
    • Throughput
    • SSL new sessions
    • SSL encryption throughput
    • SSL decryption throughput
    • System Uptime
  • Configuration
    • ns.conf file

    Note

    Before the NetScaler Console service connect sends the ns.conf file from NetScaler appliance to the NetScaler Console service, it anonymizes the encrypted or hashed passwords. The NetScaler Console service connect checks for -encrypted or -passcrypt parameters and replaces the associated encrypted or hashed value with XXXX. The NetScaler Console service connect then encodes and compresses the ns.conf file, and sends it to the NetScaler Console service endpoint.

  • Critical error details
    • Hard disk failures
    • SSL card failures
    • Power Supply Unit (PSU) failures
    • Flash drive failure
    • Warm reboot
    • Sustained memory usage above 90% or a memory leak
    • Sustained rate limit drops
  • Usage of NITRO automation tools
    • Usage of automation tools such as Ansible, Terraform, or NITRO SDKs.
  • Diagnostics details

    Note:

    The ADM diagnostic tool uses the following diagnostic details. For more information, see the Diagnostic tool topic in NetScaler Console.

    • ADC CLI status
    • ADC DNS status
    • network connection status to ADM endpoint “adm.cloud.com”
    • network connection status to ADM endpoint “agent.adm.cloud.com”
    • network connection status to ADM trust service “trust.citrixnetworkapi.net”
    • network connection status to ADM download site “download.citrixnetworkapi.net”

How the data is used?

By collecting the data, NetScaler can provide you with timely and in-depth insights about your NetScaler installations, which include the following:

  • Key metrics. Details of key metrics about CPU, memory, throughput, SSL throughput, and highlight anomalous behavior on NetScaler instances.
  • Critical errors. Any critical errors that might have occurred on your NetScaler instances.
  • Deployment advisory. Identify NetScaler instances that are deployed in standalone mode but have high throughput and are vulnerable to a single point of failure.
  • Diagnostic tool. When you onboard an ADC instance onto NetScaler Console, you might experience a few issues that prevent the ADC instance from successfully onboarding. To troubleshoot the issues, you can either manually use the diagnostic tool or see the diagnostic information in the ADM GUI. For more information, see Diagnostic tool.

How long the collected data is kept?

Any data collected is kept for no longer than 13 months.

If you decide to terminate the use of the service by disabling the NetScaler Console service connect feature from the NetScaler, any previously collected data is deleted after a period of 30 days.

Where the data is stored and how secure is it?

All data collected by NetScaler Console service connect is stored in one of the three regions–United States, European Union, and Australia and New Zealand (ANZ). For more information, see Geographical Considerations.

The data is stored securely with strict tenant isolation at the database layer.

How to disable NetScaler Console service connect?

If you want to disable data collection through NetScaler Console service connect, see How to enable and disable NetScaler Console service connect.