SentinelOne Endpoint Protection Platform for Virtual Desktop Infrastructure (VDI)
Secure the growing need for virtual environments

Overview:

VDI solutions have been an underlying IT trend in some of the key business sectors for a number of reasons ranging from cost, compliance and seasonality of workers. And improvement storage performance improvements will only drive the adoption further.

Securing VDI deployments is imperative to minimize the business risk and achieve regulatory compliance, especially in the face of increasing magnitude and complexity of cyber threats. VDI also presents some unique challenges for security along with some common issues seen in traditional endpoint deployments.

Patching is not always rapid:

Patching requires updating the golden image and need to be certified before rollout.

Balancing cost and complexity:

One of the biggest desired benefits of virtualization is cost savings with oversubscription.

VDI implementations tend to be as light-weight as possible to optimize deployments and maximize resource utilization. Consequently, the layers of security controls are always deep.

False sense of security:

Given the temporal nature of VDI sessions, there is sometimes a false sense of security that drives user behavior. The threats to this environment however are as real – malware such as screen scrapers and key loggers put user credentials and business information at an equivalent risk as traditional endpoint because the virtual desktop is not isolated from corporate environment.

VDI performance accentuates risk:

Traditional AV scans that cause performance problems on traditional endpoints with dedicated CPU experience a more extreme resource crunch when running in shared virtual CPU environment resulting in AV storms. Such scans can take an order of magnitude more time and also negatively impact user experience.

The SentinelOne Endpoint Protection Platform (EPP) for VDI helps customers address the challenges face with traditional VDI security. The SentinelOne agent deploys in a VDI environment as a light-weight agent consuming minimal execution resources. Additionally, it does not require signature updates that increase CPU, memory or I/O contention. The reduce resource requirements enables organizations to maximize VM density on their virtual infrastructure.

The SentinelOne EPP for VDI supports the same level of protection for a VDI environment as offered with physical endpoint devices with pre-execution, on-execution and post-execution scans for prevention, detection and response. SentinelOne EPP supports full spectrum threat coverage with reputation engine, local analysis for file-based malware, deep inspection for document based malware, scripts/PowerShell, memory based attacks, weaponized documents and warranty against ransomware attacks. Additionally, SentinelOne EPP can enable automated zero-touch mitigation and remediation to accelerate speed of response and minimize business risk.

SentinelOne EPP can be deployed to support both persistent and non-persistent VDI deployments with retention of historical threat information even if the devices are deleted. Additionally, it supports both on-premise or cloud-based virtual desktop solutions:

Desktop virtualization:

Also referred to as server-based VDI, desktop virtualization allows hosting a desktop operating system in a virtual machine on a centralized server.

Examples of enterprise application virtualization software include Citrix XenDesktop, Microsoft App-V, VMware Horizon and Systancia AppliDis.

Terminal Services:

A server-based computing and presentation virtualization component to access applications and data on

a remote computer over a network. Examples include Microsoft Windows RDP and Citrix XenApp.

Desktop as a Service (DaaS):

Remote desktop virtualization from SaaS Cloud computing. Examples of enterprise DaaS environments include VMware Horizon and Amazon WorkSpaces.