"Many people think that because the desktop is now placed in the data center, they do not need to do this. However, he pointed out that the enhanced security does not remove the "need for good security practices on the desktop", such as putting in place virus protection and encryption technologies. Neville Burdan, Datacraft Asia's general manager for Microsoft solutions, concurred. When you use a VDI, that spread doesn't occur." "There's a spread of information and the IT has really little knowledge of where it's all going. "Today when organizations have PCs or laptops, they lose control of their corporate information-people are downloading corporate spreadsheets and files onto machines," he noted. "As soon as you can start to centralize information, it has to be a more secure solution than when you move files, presentations, content down to a laptop," Duursma said in an interview at the Citrix iForum 2010 held in Singapore earlier this month.
Martin Duursma, vice president of Citrix Labs and chair of the CTO Office, noted that security is one of the inherent capabilities of a VDI offering as data and applications are under the control of the data center, not the endpoint. Security inherent, but still a must in desktop virtualization "Customers no longer have to choose between security and VDI returns on investment," said Sheng. Trend Micro last month announced the OfficeScan 10.5, which the company touts can decrease scan-time as well as memory consumption and CPU utilization by up to 80 percent in a VDI environment. Sometimes, users are unable to even login and virtual sessions get dropped, he noted, adding that the entire VDI host may even come to a complete halt.Īs a result, Sheng warned that customers may resort to removing security completely from their VDI installations, exposing their desktops to significant risk. Similarly, when a scheduled malware scan runs on a VDI system, it overloads the CPU and storage capacity, causing all task sessions to slow down. This leads to serious contention on the CPU and the storage side."
Immediately the images would reach out to download the latest security updates, like filters and scan-engine updates. problem' when workers come to their desk in the morning and start up their virtual image. Sheng explained in an e-mail: "Take the so-called '9 a.m.
On physical machines, such utilization of resources would not be significant but in desktop virtualization, where multiple desktops are co-located on one physical server, the base load on that machine is considerably more strenuous.
End-point security software are not built with desktop virtualization in mind and this is proving to be one of the biggest management challenges in virtual desktop infrastructure (VDI) environments today.Īccording to Richard Sheng, Trend Micro's Asia-Pacific regional director for business development and product marketing, because existing endpoint security tools are unable to recognize the presence of virtual machines, they contend for resources at the CPU, storage and network levels.