lolloj - Fotolia
Deploying VDI should change your antivirus strategy, but it won't eliminate the need for AV. New viruses are just as effective on virtual desktops as they are on physical ones.
Antivirus for virtual desktop environments can be a source of frustration. The battle against viruses is one where success often comes at the cost of desktop and server performance.
When you deploy VDI, you may wrestle with the decision about whether or not to deploy AV on virtual machines (VMs). It's tempting to think that because you can wipe and recompose the VMs, you don't need antivirus, but that couldn't be further from the truth.
How to integrate antivirus with your VDI deployment
First, consider your response plan. When you suspect an infection on physical desktops, you probably run a scanning process that is time-consuming for you and disruptive for users. With virtual desktops, the response plan should include immediately re-homing the VM to a dead-end virtual network, if you want to isolate and identify the virus. If you don't want to ID the virus, simply delete the VM and reassign the user.
Don't let the VM live on your production LAN any longer than it must, and help users get back to work as soon as you can. The better your profile abstraction strategy, the easier it is to deal with viruses; using non-persistent desktops makes virus response simpler.
Secondly, consider using different antivirus tools for your VDI deployment. Never install AV on the VMs themselves, and look for tools that scan inline as I/O occurs on the VM. This gives you the benefits of AV without adverse effects on performance.
Still don't think that's enough? Me neither. Beef up the perimeter of the network, and focus on multiple layers of protection with disparate scanning engines. These aren't new strategies, but preparing for AV in a VDI deployment lets you revisit and reinforce strategies that may have fallen by the wayside.
Dig Deeper on Virtual desktop management
Related Q&A from Todd Knapp
Virtual workspace products make employees' desktops, applications and data available to them in the office or remotely. But not every company is ... Continue Reading
Technology-wise, it's possible to access a virtual desktop from a tablet, but the user experience may not be ideal. On the other hand, if you have a ... Continue Reading
The ever-changing IT landscape is a reason some shops don't want to get locked into a big virtualization investment, but adopting VDI can actually ... Continue Reading