Infrastructure Services are definitely undergoing a major transformation. How does one navigate the web of emerging technology trends and stay ahead of the game? Read on to learn more on our Infra Matters blog.

« Too many cooks need a good head chef! | Main | On operations and agreements... »

Securing Virtual Desktop Environment - Part 2

As outlined in my previous blog, securing a VDI environment needs focused attention.


One of the key advantages to desktop virtualization is the ability to create on-demand dynamic desktops specific to the user's role within the organisation. The users are authenticated and connected to desktop sessions via a software component called Connection broker.


The way in which IT departments manage user identities, authenticate systems and enforce access policies across the corporate network, all need to be thought through in the context of a new VDI environment. Having a centralised point of management for user identities, access rights, IT policies and auditing is vitally important.


The connection broker controls the access permissions to specific desktop and applications. Organizations should have the capability to ensure that the Connection broker is not compromised, by making use of strong authentication factors, such as biometrics authentication, password or token, etc. This ensures that the employee logging in has the rights and permissions to access the virtual desktop.


Have you come across or defined any specific strategies for identify management for VDI.? Share your thoughts on this...


Ideally it should be linking the vdi to the ad and map the groups to respective class. Even with an aes256 its not going to be a good scene to publish this outside the corporate infra. What need to be done is to publish this via the existing VPN solution , not aware of any plug-in that could do this yet.

Thanks Vineesh for your comments. You are right. Desktop is no longer an end-user technology! with the VDI. Securing this enviornment needs combination of several technologies we applied on corporate Datacenter assets. I am exploring futher on this through my subsequent blogs...

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Please key in the two words you see in the box to validate your identity as an authentic user and reduce spam.

Subscribe to this blog's feed

Follow us on

Blogger Profiles

Infosys on Twitter