Virtual Desktops

Privilege Guard for Virtual Desktop

Avecto Virtual Desktop Solution

Virtual Desktop Infrastructure (VDI) enables the delivery of desktops from virtual platforms, hosted in the datacenter or the cloud, as a managed service to a variety of end user devices. The benefits of implementing least privilege and application control for virtual desktops are no different to those for physical desktops, as users logging on with excessive privileges carry the same security and operational risks.

The deployment of Privilege Guard polices through Group Policy makes it ideal for the centralized management of application privileges in the datacenter or cloud. Privilege Guard leverages all of the benefits of Active Directory, such as hierarchical management, a strong security model that includes delegated administration, built-in replication, stability and scalability, which are vital for any enterprise class virtual desktop solution.

In almost all organizations, Active Directory will be providing the authentication for users who log on to virtual desktops, and Privilege Guard can apply user policies through Group Policy, which are perfect for the user centric nature of virtual desktop solutions.

Privilege Guard supports all VDI solutions, including Citrix XenDesktop, VMware View and Microsoft VDI suites.

Local Virtual Desktops

Virtual desktop solutions often provide an architecture that allows the virtual desktop to run locally on the client device, as opposed to in the datacenter. This is usually aimed at users with the need to run their virtual desktop offline or need to harness the power of the client device, such as mobile users.

Privilege Guard supports all virtual desktop solutions that include a local virtual desktop capability, including Citrix XenDesktop (Streamed VHD and Local VM desktops) and VMware View (Local Mode).

Session Based Desktops

With Microsoft Session Based Desktops (formerly Terminal Services) users log on to a shared server, which is hosted in the datacenter.

Although the requirements for this type of virtual desktop are slightly different to a physical desktop, as they are often used by task based workers, Privilege Guard can still provide many benefits to improve server security, stability and the end user experience. In addition to elevating privileges for problem applications on shared servers, Privilege Guard can ensure that the server remains stable by restricting users to running only authorized applications. Privilege Guard supports all session based desktop solutions, including Citrix XenDesktop (Hosted Shared desktops).