By: Deep Instinct Product Management Team
With the recent release of v2.2, we have added several protection layers in order to deliver a complete cycle of protection for enterprises. Among the new added layers, we have added VDI compatibility. In this post we will cover what VDI means, how it is used and how we ensure our customers VDI environment remains protected.
As the usage of VDI has recently increased, it’s important to pay attention to the security challenges IT faces when implementing such infrastructure in an organization. Deep Instinct’s Endpoint Protection Platform provides a complete, lightweight and optimized solution for VDI environments which allows IT teams to gain the benefits of VDI and while not compromising the organization’s security level.
Deep Instinct Endpoint Protection Platform is certified and compatible with Citrix XenApp 7.15, Citrix XenDesktop 7.15 and Amazon Workspaces and compatible with vMware Horizon 7.
In this post, we will discuss what VDI means, popular use cases, the security challenges it brings and how to deal with such challenges.
Desktop virtualization is a software technology that separates the desktop environment and associated application software from the physical client device that is used to access it. Virtual Desktop infrastructure (VDI) is a virtualization technology that hosts a desktop operating system on a centralized server in a data center. Desktop virtualization can also be provided in a Desktop-as-a-Service (DaaS) model, in which typically the provider takes full responsibility for the hosting and maintenance.
Popular Use Cases
Healthcare – As security is one of the biggest concerns in the healthcare industry, it is extremely convenient to use VDI in order to allow permission-based access to virtual desktops and staff members can use multiple devices throughout the day while maintaining the same user experience.
Education – In an educational institution, where students remain in a building during predictable hours, VDI comes in handy as it is a necessity to apply strict restrictions on what they can and cannot have access to. With VDI, the IT team can provide each student their own virtual desktop with any necessary restrictions for the duration of their enrollment. Then, after graduating, the IT team can delete the virtual desktop in a matter of seconds with only very few clicks.
A similar use case can be found for organizations with contingent employees.
Shift Workers – For organizations s that primarily hires employees based on shifts, they can easily maintain less physical endpoints, as multiple workers work with the same physical machine while having a dedicated virtual desktop for each.
Reduced PC costs – VDI can reduce cost by providing more lightweight devices for employees and avoid upgrade or hardware acquisition costs associated with a refresh by extending the use of current VDI hardware.
Centralized desktop management – IT administrators can more efficiently manage user desktops, settings, and IT policies from one central point.
Patching processes – By installing patches to a master image that IT maintains (so that it can be shared among many users), IT can ensure that all end-user desktops are up to date and in sync.
There’s no doubt that VDI is a great solution with many benefits when managing a modern IT environment, but improving the organization’s security should not be included among those benefits.
Just to mention a few of the security challenges IT need to address in VDI environments:
On top of the challenges that come with deploying and AV in an enterprise, when it comes to deploying AV on a VDI environment, there are some additional challenges, including:
Traditional AV/signature based/cloud based are:
In addition to the challenges mentioned above, it is still required to protect the server so the VDI machine isn’t exposed to attacks (e.g. browser based, doc files with malicious macros, file-less attacks).
To sum up, the VDI environment comes with many benefits, but it is important to be aware of the security challenges that come with deploying it. Deep Instinct addresses those challenges while maintaining low footprints, seamless deployment and easy management.