Our organization is looking to replace our Citrix NetScaler load balancers due to rising renewal costs, and I've been tasked with exploring alternatives. Has anyone here switched from NetScaler? If so, what did you transition to, and how has it been working for you? We're primarily interested in load balancing, reverse proxy for applications, Global Server Load Balancing (GSLB), and SSL/TLS termination/offload. Any real-world recommendations, lessons learned, or potential pitfalls would be greatly appreciated.
8 Answers
I would recommend steering clear of Riverbed; we've had a bad experience with them and honestly, they just didn't deliver.
We've been using Kemp LoadMaster for a while now, and it's been very stable. Our setup is pretty basic, but we've never had any outages related to it. I can't comment on pricing compared to NetScaler, but it seems like a solid alternative.
I've found success with Kemp load balancers as well. Another option worth considering is Cloudflare, which can provide similar services for free.
It's interesting to see many people suggesting replacements like Azure Virtual Desktop rather than focusing on just load balancers. On that note, Cloudflare's tunneling technology seems like a good option as well.
Honestly, the pricing for VMware and similar options has gone way up. A lot of people have transitioned to Azure Virtual Desktop for app publishing, which simplifies management from a plethora of configurations to just a VPN and a virtual network. It’s much more cost-effective.
Exactly! It's a switch from supporting IT infrastructure to providing IT solutions.
From what I've gathered, Azure Virtual Desktop is robust, albeit on the pricier side. Still, many are finding it to be a worthwhile investment.
What about F5? I haven't used them before, but I've heard good things. Also, Relianoid (previously Zevenet) was decent back when I tried it—pretty basic but functional for the job.
I've heard F5 is solid; their solutions are manageable through Infrastructure as Code, but they had a security breach recently, so just keep that in mind.
If you're using Office 365 and Entra, look into the Entra app proxy. It can publish your internal apps as enterprise apps, adding conditional access and MFA, all included in P1. For anything beyond basic web apps, Entra Private Access is very affordable and covers all ports.
+1 for Kemp! We rely on a Kemp LoadMaster for load balancing and SSL/TLS termination, paired with a NetScaler just as an ICA Proxy. The LoadMaster is definitely more budget-friendly than NetScaler.