GreenPages Blog

As an IT professional, you need to stay current on all things tech; with articles from industry experts and GreenPages' staff, you get the info you need to help your organization compete and succeed!

All Posts

Is Anti-Virus/Malware a Requirement for a Virtual Desktop?

I’ve been involved in countless virtual desktop conversations over the past several years, and this is a question that continues to surface and generate interesting dialogue with IT security teams. While security is only one of the numerous considerations for VDI, it is at the top of a lot of customers' lists. So, is anti-virus/anti-malware a requirement for a virtual desktop? Well, the short answer is yes, of course it is, but we need to dig a bit deeper here.

For traditional desktops using traditional agent based A/V, the five percent CPU overhead, 100MB RAM, and constant disk I/O, it’s not a big deal.  After all, my laptop has a dual core hyper threaded processor (4 logical processors), 8GB of RAM, and a SSD drive; way more horsepower than most servers had just a few short years ago.  I don’t even notice the slightest hit in performance.  When we look at VDI however, the picture changes quite drastically.  With the latest server hardware, I can pack two 10 core hyper threaded processors (40 logical processors) and close to a half terabyte of RAM in a half height blade. This quickly leads to VDI densities approaching 300-400 desktops on that tiny little blade server.  Now, when I do the math, that 5 percent CPU and 100MB of RAM add up quickly, and that constant real time disk I/O can bring a standard SAN to its knees.  This can potentially knock my desktop density down significantly, which has a  negative impact on overall costs of the solution, not to mention the poor impact it has on user experience.

Couple the above data with the fact that almost all viruses and malware these days are zero day exploits, and that most users are still running around with admin rights on their workstations, means that definition based A/V scanning is almost useless.  My parents are a prime example.  I build them a brand spanking new workstation with Windows 7, fully patched, automatic updates enabled daily, and one of the top A/V solutions on the market installed, yet I still get that dreaded phone call from my mother that the machine is infested with malware.  While I’m pretty sure my parents do not frequent internet sites like the pirate bay, I’m pretty sure that whenever a message comes up in the browser saying ‘Your computer might be infected, click here for a free scan’ they still click the darn thing.  To an A/V agent that’s like inviting a vampire into your house. You’re basically powerless to do anything about it once you say ‘yes, please come in’.

So, how do we design a VDI environment which is reasonably protected without killing the underlying infrastructure from a performance aspect?  We need to remove A/V from the picture. But how do we do that?

  • We can use non-persistent shared images which get blown away every time the user logs off ensuring that every new session starts with a brand new copy of the master image.
  • We can utilize advancements in unified threat management (UTM) firewalls to scan for malware at the edge of the network.
  • We can ensure that users do not have local admin rights to their VDI sessions.
  •  We can still use A/V agents on file servers where user data and profiles are stored.



Related Posts

New SEC Rules for Reporting Cybersecurity Incidents Are Coming

By Jay Pasteris, GreenPages CIO and CISO The SEC is proposing new cybersecurity rules for public companies. GreenPages' Chief Information Officer & Chief Information Security Officer, Jay Pasteris, looks at the pros and cons of these rules and offers advice on how your company can prepare.

CIO Fireside Chat Recap: Responding to a Ransomware Attack

By Mario Brum, VP of Practice Area and Technical Advisory Services, GreenPages   Mario Brum hosted our inaugural CIO Fireside Chat, an online event for business executives and IT experts about the latest tech topics and trends. In this blog post, Mario recaps the discussion on responding to ransomware attacks and shares data from a real-time poll showing how top cybersecurity leaders responded to this controversial topic. 

How Microsoft Purview Simplifies and Secures Your Organization's Data

By David Barter, GreenPages Microsoft Technologies Practice Lead Managing disparate data sources is a challenge for today's hybrid workforces. But Microsoft Purview can simplify your data security, governance, and compliance.