HDX 3D Pro GPU Support and Deployment Considerations

This article lists the Graphics Processing Unit (GPU) platforms supported by Citrix for use with HDX 3D Pro. The article intends to provide guidance for customers when choosing GPU hardware to be used for graphics acceleration with HDX 3D Pro. Deployment considerations for XenDesktop and XenApp workloads are also included, in the context of HDX 3D Pro.

Hardware Support

Citrix currently supports the following GPU platforms from the main hardware vendors. Specific GPUs tested by Citrix during the development of HDX 3D Pro are included in this list. Citrix recommends that customers become familiar with different GPU vendor technologies and choose a GPU that meets the technical requirements for the use-case.

    • M6 / M10 / M60
    • P6 / P40 / P100
    • T4
  • AMD RapidFire
    • FirePro S7150 / S7150x2
    • WX 4100
  • Intel Iris Pro
    • Intel Xeon Processor E3 v5 Family

Note: This is not an all-inclusive list of all the GPU hardware that can be used with HDX 3D Pro. This is just a list of the hardware that Citrix includes as part of engineering testing during product development. Refer to the GPU vendor website for additional GPU models supported under each platform.

Cloud deployment options

HDX 3D Pro is supported when running on GPU-enabled virtual machines available from the following Cloud providers:

  • Microsoft Azure NV-Series
  • Amazon AWS EC2 G3

Deployment Considerations

It is important to understand the different deployment options for using GPU hardware acceleration with XenDesktop and XenApp. The following list includes supported deployment options and key design considerations for each:

Virtual Desktops (Single session OS VDI)

HDX 3D Pro mode. Recommended for datacenter desktops with GPU hardware. This option is available with the Desktop OS VDA to leverage GPU vendor drivers and application program interfaces (APIs) for hardware rendering and graphics acceleration. There are two different ways to configure a virtual desktop with HDX 3D Pro depending on the product version used:

VDA versions 7.16 and newer

  • VDA will detect the presence of supported GPU drivers automatically at runtime and leverage GPU for graphics rendering and acceleration if available.

  • Citrix optimizations can be enabled via Citrix policy “Optimize for 3D graphics workload.”
  • Note: There is no special installation mode for HDX 3D Pro
  • Refer to product documentation for additional information: GPU acceleration for Windows single-session OS

VDA version 7.15 LTSR

  • HDX 3D Pro mode must be selected during installation of the VDA.
  • Required in order to utilize GPU vendor drivers as well as enable Citrix optimizations for 3D graphics workloads.
HDX 3D Pro Support NVIDIA AMD Intel
Display Driver GRID FirePro Iris Pro
Operating Systems Windows 7 (7.15 LTSR only) and Windows 10 Windows 7 (7.15 LTSR only) and Windows 10 Windows 10
Multi-monitor Up to the number supported by GPU and license in use. Up to 6 Up to 3 (tested with 7.6 – 7.15 LTSR)

Up to 8 (tested with 7.16 – newer)
H.264 hardware encoding GPUs must support NVENC hardware encoding. See NVIDIA video codec SDK for a list of supported GPUs. *Pass-through only with select RapidFire compatible GPUs. Intel Broadwell processor family and later required.

Intel Remote Displays SDK version 1.0 is required and can be downloaded from Intel website: Remote Displays SDK.

3D & Custom Driver extension APIs DirectX, OpenGL, OpenCL, CUDA

*May vary based on GPU vendor support

Standard mode. This is the default installation option with the Desktop OS VDA version 7.15 LTSR. Recommended for virtual desktops without GPU and RemotePC installations. This mode will install and use the Citrix Display Driver for rendering. Note that if a GPU is available, hardware acceleration for applications is still possible in standard mode with the following limitations:

  • Windowed applications only, no full-screen application support.
  • DirectX feature levels up to 9.3 with Windows 7. Some DirectX 10, 11, 12 applications may not run if they do not tolerate fallback to DirectX 9.
  • DirectX 10, 11, and 12 with Windows 10 only.
  • OpenGL application acceleration with NVIDIA GPUs only.
  • No hardware encoding support.

Virtual Apps (XenApp)

Note that there is no HDX 3D Pro mode option available when installing the Multi-session OS VDA (Server OS). A specialized Citrix Driver for display remoting is used in all Windows Server OS installtions. GPU sharing and application graphics acceleration is supported on the Windows Server 2012, 2016, and 2019 operating systems, with the same limitations as listed under the Standard mode section above. Refer to product documentation for more information: GPU acceleration for Windows multi-session OS


Citrix Director becomes unresponsive after accepting user credential when X-Frame-Options is enabled in IIS

  1. On Citrix Director server, update web.config file located in “C:inetpubwwwrootDirector” with following content.

    <system.serviceModel> <serviceHostingEnvironment multipleSiteBindingsEnabled="true" aspNetCompatibilityEnabled="true" />
  2. If X-Frame-Options custom header is enabled, update the web.config file with following.

    <httpProtocol> <customHeader> <add name="X-Frame-Options" value="ALLOW-FROM http://localhost/director/default.html" /> ​ </customHeaders></httpProtocol>

Note: These two entries are needed only if IIS MultiSiteBinding is enabled and X-Frame-Options custom header is configured. In a single domain/single site environment, only step 1 is needed.

In a multi-domain, multi site IIS environment, with X-Frame-Options custom header enabled the multipleSiteBindingsEnabled should be set to True.


In a single domain, enabling the “multipleSiteBindingsEnabled may cause a “Server Error in ‘/Director’ Application” error when trying to open the Citrix Director Logon page. It is recommended to enable “multipleSiteBindingsEnabled” only in an IIS environment with multiple sites and multi domains.


  • No Related Posts

How to Disable Work Space Control Session Roaming on XenApp/XenDesktop

For desktop sessions:

Set-BrokerEntitlementPolicyRule <Delivery-Group-name> -SessionReconnection <value> -LeasingBehavior Allowed|Disallowed

For application sessions:

Set-BrokerAppEntitlementPolicyRule <Delivery-Group-name> -SessionReconnection <value> -LeasingBehavior Allowed|Disallowed

Where <value> can be one of the following:

  • Always: Sessions always roam, regardless of the client device and whether the session is connected or disconnected. This is the default value.
  • DisconnectedOnly: Reconnect only to sessions that are already disconnected; otherwise, launch a new session. (Sessions can roam between client devices by first disconnecting them, or using Workspace Control to explicitly roam them.) An active connected session from another client device is never used; instead, a new session is launched.
  • SameEndpointOnly: A user gets a unique session for each client device they use. This completely disables roaming. Users can reconnect only to the same device that was previously used in the session.


  • No Related Posts

RightSignature Migration FAQ

How do I identify which version of RightSignature I am on?

Why do I have to migrate?

We will be soon taking RS3 (old version) out of service. This will help us to focus our efforts in providing you with the best experience on RS4 (latest version). We aim to ensure that you are provided a migration path to the latest version.

This is a part of the standard decommissioning procedure of old version and upgrading our customers to the latest experience.

Do I have to migrate?

Yes. As RS3 (old version) will be taken out of service, in order to continue using the services of RightSignature through 2020 and thereon, migration is necessary. Migration will be initiated by Citrix and will take place during US off-business hours.

Is there any downtime during the migration?

No downtime is required unless you are an RS3 API consumer. The migration will be conducted during non-US business hours. After the migration you will be able to access RS3 in Read-only mode. This means:

  • No document transactions can be performed from RS3
  • Documents and configurations can only be viewed

What do I have to do after migration to start using RS4 (latest version)?

Accessing RS4 for the first time:

  1. Check your registered mail ID for an activation mail.
a. From mail address RightSignature Support.

b. Mail subject: Welcome to RightSignature.
  1. Follow the link, set your password and start using RS4 (latest version).
  2. Make use of the First Time User guide.

Accessing RS4 after activation:

  1. You can visit RS4 (latest version) by
  1. Provide your Account Name. To know your Account Name click on the link “Don’t know your Account Name

What happens to my documents after migration?

All the executed documents will be migrated to RS4 (latest version). Any document that is pending signature at the time of migration can be completed by the signer(s) on RS3( old version). But these documents, will not be automatically transferred to RS4 and will remain on RS3. You can download them before your access to RS3 expires. Even if access to RS3 expires, a copy would have been shared with you over an email, upon successful execution of the particular document (as part of the existing signature workflow).

What happens to my Online Forms after migration?

Active online form links will be disabled after migration. These online forms will be migrated and available as Templates under “Templates” section in the latest version. New links can be generated for them.

What happens to my Templates?

All the templates will be migrated and available under “Templates” section in the latest version.

Is my price changing?

Your billing will stay on the old platform for now, but, in the future you will be asked to update your billing information.

Do I have to recreate my users?

No. All active users will be automatically migrated along with their documents, templates and online forms.

The admin of my account has left the company, what should I do to avoid interruptions?

Immediately update the RS3 account owner email ID to the new admin. If the migration has already been performed, contact support to change the admin on the latest version.

Some features are not available on RS4 that were on RS3, what is the benefit of me migrating?

  • Advanced security features:
Knowledge-based authentication, enforceable passcode access, multi-factor authentication and more.
  • Enhanced usability:
A new streamlined layout, enhanced customizability, productivity notifications, and improved mobile functionality.

Once you update to the latest version of RightSignature, you will be able to start receiving the latest feature and functionality updates that aim to improve your productivity.

I do not want to migrate, how do I cancel my account before/after migration?

Please contact support for cancelling your account on RS3/ RS4. The standard cancellation process applies here.


  • No Related Posts

Citrix ShareFile TLS Deprecation/Upgrade Guidance

This article was last updated on May 19, 2020 – Please visit this page often for the latest information.


ShareFile tool users must update to supported versions by June 30, 2020.

Please identify and then upgrade any outdated tool versions you may be using.

TLS Deprecation Information

Citrix ShareFile operations will disable Transport Layer Security (TLS) v1.0 and v1.1 on June 30, 2020. This will prevent customers still using TLS v1.0 and v1.1 from accessing some of their services. To prevent any disruption, action is required before June 30, 2020.

Citrix ShareFile supports security best practices including our Transport Layer Security (TLS) implementation for the various components. There are no known security vulnerabilities in our implementation as of the date of this article. However, we understand that security is very important, and in some cases, customers will need to update their TLS implementation, particularly disabling TLS v1.0 and/or v1.1 to meet security best practices and compliance.

This article will describe how customers can leverage Citrix ShareFile components that support TLS v1.2 and specific dependencies on web browsers, mobile platforms, and development environment for API and SDK consumers.

What is TLS?

TLS stands for “Transport Layer Security.” It is a protocol that provides privacy and data integrity between two communicating applications. It’s the most widely deployed security protocol used today replacing Secure Socket Layer (SSL), and is used for web browsers and other applications that require data to be securely exchanged over a network. TLS ensures that a connection to a remote endpoint reaches the intended endpoint through endpoint identity verification, and encryption. The versions of TLS, to date, are TLS 1.3, 1.2, 1.1 and 1.0.

TLS v1.0, when not configured correctly, can be vulnerable to well-known attacks such POODLETLS,CRIMEand DROWN.

Read more about TLS vulnerabilities here:



Citrix ShareFile is not vulnerable to the known attacks described above provided that the TLS implementation is current. For specific technical details on current supported levels, see:

SSL Labs Test Result for ShareFile

What do I have to do?

Customers must upgrade their applications to a version that supports TLS v1.2 or later. Otherwise, customers can experience disruption or lose access to the service. For customers that have updated their environment to allow only TLS v1.2 and later the following information can help determine the minimum versions of various components to support the environment. Any version earlier than the listed TLS 1.2 supported versions, in the table below, will experience disruption after TLS 1.0 and 1.1 is disabled.

1) Citrix Files: Clients and Apps

To identify the specific version of the clients, the following can be used in general:

  1. Windows – Navigate to ‘Add or Remove Programs’ and click the Citrix Files or ShareFile application to see which version is installed.
  2. macOS- In the applications folder, find the Citrix Files / ShareFile application, right click and select ‘Get Info.’ There will be a line entry for ‘Version:’

Specific methods for each client is also listed below

Clients or App TLS 1.2 Supported Versions Latest Downloads Client Version Identification Instructions / User Guide Links
Citrix Files for Windows 4.X and later Latest release: Citrix Files for Windows Left-click on the ShareFile logo in the System Tray to open the Dashboard. Select ‘Help’ from the dashboard. The version number appears at the top of the help page. Install and Use Citrix Files for Windows
Citrix Files for Mac 4.X and later Latest release: Citrix Files for Mac Left-click on the ShareFile logo in the System Tray to open the Dashboard. Select ‘Help’ from the dashboard. The version number appears at the top of the help page. Install and Use Citrix Files for Mac
Citrix Files for Outlook 6.X and later Latest release: Citrix Files for Outlook Select ‘Help’ from the Citrix Files for Outlook ‘Options’ menu. The version number appears at the top of the help page. Citrix Files for Outlook User Guide
ShareFile Sync for Windows 3.14 and later Latest release: ShareFile Sync for Windows Select ‘Preferences’ from the dashboard. In the Preferences UI, select ‘About.’ The version number appears on the left side.
ShareFile Sync for Mac 3.0 and later Latest release: ShareFile Sync for Mac Select ‘Preferences’ from the Dashboard. In the Preferences UI, select ‘About.’ The version number appears on the left side.
ShareFile Drive Mapper Dependent on .NET Framework v4.6.2 and later ShareFile drive mapper users should upgrade to Citrix Files for Windows. Right-click the Drive Mapper tray icon, select ‘Settings.’ In the Settings UI select ‘About.’ The version number appears in the center of the UI. ShareFile drive mapper users should upgrade to Citrix Files for Windows.
Print to ShareFile 2.8.97 and later Software details here Select the ‘Help’ icon (?) in the upper right hand corner of the app. On the top right hand side you will see the version number.
ShareFile Desktop App for Windows 1.18 and later Software details here Select the ‘Help’ icon (?) in the upper right hand corner of the app. The version number appears on the top right.
ShareFile Desktop App for Mac N/A Product End of Life (EOL) Try Citrix Files for Mac N/A

2) Citrix Files for Mobile Apps

Mobile Apps TLS 1.2 Supported OS Platforms App Download Location
Citrix Files for Android Android 5 and later Google Play App
Citrix Files for iOS iOS 10 and later

iOS App Store

Note: Only accessible from iOS devices.

3) ShareFile Storage Zones Controller and Tools

Components TLS 1.2 Supported Versions Additional Notes
Storage zones controller 5.3.1 and later
To identify the version of Storage zones controller, please login to ShareFile account > Settings > Admin > StorageZones > check each zone to see the installed version for each controller server.

Latest releaseSign In to access restricted downloads

Configuration guidance with Citrix ADC (NetScaler)

To identify the version of storage zone Controller’s version see this article.

Upgrade guide here.

User Management Tool (UMT) 1.8.1 and later for non policy based administration (PBA) accounts

1.12 and later for PBA accounts

Software details here
ShareFile Data Migration Tool 3.2 and later Software details here
ShareFile Command Line Interface (SFCLI) N/A SFCLI must be updated with PowerShell SDK. More details can be found here.
ShareFile V1 API N/A ShareFIle V1 API must be updated with V3 API. The migration guide can be found here.
Enterprise Sync N/A Product End of Life (EOL) Details here.

4) Supported Browsers

Browsers Supported Versions Additional Notes
Chrome Latest version Latest release here
Edge Latest version Latest release here
Firefox Latest version Latest release here
Internet Explorer Latest version Latest release here
Safari Latest version Latest release here

You can use the following resource to check your browser or device compatibility:

Browser and Device test

5) ShareFile API and SDK

ShareFile API negotiates for the latest supported version of TLS, starting with v1.2 before trying earlier versions. This prevents deliberate downgrade if a later TLS version is supported.

To support TLS v1.2, ShareFile SDKs require .NET Framework 4.6.2 and later. The latest .NET Framework can be downloaded



When will ShareFile disable TLS v1.0 and TLS v 1.1?

TLS v1.0 and v1.1 will be disabled on June 30, 2020.

Is ShareFile vulnerable to known TLS vulnerabilities?

As of this writing, there are no known vulnerabilities. This can be independently verified through SSL Labs. You can use your subdomain (eg. company.sharefile.com) to be tested with SSL Labs: https://www.ssllabs.com/ssltest/index.html

What should customers do to avoid TLS v1.0 and TLS v1.1 implementation when using ShareFile?

Use the reference above on ShareFile components and related dependencies (like .NET Framework 4.6.2 and later) that support TLS v1.2 by default. Upgrade the relevant components and prepare the environment to be ready when TLS v1.0 and v1.1 are disabled.

How do I know what clients my employee users are using?

Unfortunately, unless an administrator is deploying applications to end users, it is best to verify the version directly on the installed client. Please see the “Identify Version” column in the ShareFile Applications table above on how to do this.

Why am I getting these notifications again after upgrading?

Some administrators may get multiple notifications because it is likely some users on the account are still using outdated tool versions. Please verify all employees have upgraded and are aware of the TLS deprecation deadline.


  • No Related Posts

ShareConnect End of Life FAQ

Why is Citrix choosing to End of Life ShareConnect?

Citrix Systems, Inc. may periodically retire products that no longer fit the strategic direction of the company.

When will ShareConnect stop working?

As of June 30, 2020, all versions of ShareConnect are End of Life (EOL). At this time the product and all all it’s functionality are no longer accessible. Additionally, technical support and product downloads will no longer be available.

How will this affect other Citrix Products customers use (eg ShareFile)?

After June 30th, customers will be unable to access the ShareConnect service. Customers with both ShareFile and ShareConnect will see no disruption to their ShareFile product capabilities, but these customers will see access to ShareConnect removed from their ShareFile application and web dashboard.

How should I uninstall ShareConnect?

Instructions can be found here.

What product do you recommend using to replace ShareConnect?

We recommend using GoToMyPC .

Will GoToMyPC meet my needs?

Their solution has features familiar to ShareConnect users such as User Management, Remote Access and Remote Print.

What if we have not finished our transition to GoToMyPC yet?

As a courtesy to customers who may need a little more time to migrate, Citrix allows you to reinstate and extend access through July 31, 2020. This access will only be available via www.shareconnect.com and ShareConnect Desktop app for Windows.

I am getting an error, how do I enable the ShareConnect Desktop app for Windows?

To enable the Windows Desktop App to continue working through July 31st, please use the following instructions:

1. In the start menu, locate the Command Prompt program and right-click to “Run as Administrator.”

2. When the elevated command prompt window opens, copy/paste the command below and click enter.

reg query "HKEY_LOCAL_MACHINESOFTWAREWOW6432NodeMicrosoft.NETFrameworkv4.0.30319" && reg add "HKEY_LOCAL_MACHINESOFTWAREWOW6432NodeMicrosoft.NETFrameworkv4.0.30319" /t REG_DWORD /v "SchUseStrongCrypto" /d "1" && reg add "HKEY_LOCAL_MACHINESOFTWAREWOW6432NodeMicrosoft.NETFrameworkv4.0.30319" /t REG_DWORD /v SystemDefaultTlsVersions /d "1"

3. After the command runs successfully, exit and reopen the ShareConnect Desktop app to reinstate your access.

If the app was not previously installed use these instructions to download and install the ShareConnect Desktop app after running the command prompt.


  • No Related Posts