Desktop virtualization eliminates the need for employees to have physical access to corporate devices – it allows remote workers to connect to cloud-based or on-prem infrastructure that hosts virtualized corporate computers. This enables an organization to maintain control over its systems and data while allowing employees to work from anywhere.
Virtual desktop infrastructure (VDI) uses virtual machines (VMs) to provide access to virtual desktops to remote users. Access to these VMs is managed by a connection broker, which receives requests from remote users and provides them with access to a VM. This setup provides the remote user with the ability to control a machine hosted on the enterprise network.
VDI can be implemented in a couple of ways. One option is to allow users to have dedicated, persistent machines: a virtual machine is assigned for their use, and they access the same one for every session. This allows them to retain state across sessions but requires more overhead.
The other option is to have single-use, non-persistent virtual desktops. A remote user will be assigned a virtual desktop upon connection, and the state of the machine will be discarded after they close the connection. This approach has a lower overhead but means that any state data (documents, etc.) must be stored elsewhere.
VDI enables an organization to host all of its employee desktops in one location, which provides several advantages, including:
While VDI has numerous advantages, it also comes with some security risks, including:
The virtual desktops provided by VDI are still endpoints, meaning that they have the same security risks as traditional endpoints. If virtual desktops are infected with malware, they have the potential to cause significant damage to an organization during the user’s session or across multiple sessions in the case of persistent, dedicated virtual desktops.
This means that, with VDI, an organization needs to ensure that VDI endpoints are protected against cyber threats by endpoint security solutions. An endpoint protection platform (EPP) is an effective way of accomplishing this without incurring significant overhead costs like a traditional signature-based antivirus would.The use of machine learning and prevention-focused security controls makes it possible to block both known and novel attacks with much lower resource consumption than traditional approaches.
An EPP is designed to detect anomalous behavior on an endpoint, enabling it to identify and respond to both known and novel threats. An endpoint detection and response (EDR) solution complements this by giving visibility into advanced attacks and providing investigation tools and remediation support for these advanced attacks.
Check Point’s Harmony Endpoint combines the capabilities of EPP and EDR into a single endpoint security solution, making it the ideal way to secure VDI. To learn more about the capabilities of Harmony Endpoint, check out this product tour. You’re also welcome to schedule a personalized demo to learn how the combination of VDI and Harmony Endpoint provides secure, efficient corporate computing.