Leveraging AI for Virtualized Desktop Infrastructures

To understand why we would want to implement an artificial intelligence (AI) solution instead of a traditional antivirus (AV) solution, we must first look at what has historically been done on Virtualized Desktop Infrastructure (VDI) images.

AV solutions are installed on the golden image of a virtual machine (VM). A golden image is a template for a VM, virtual desktop, or server that is cloned to quickly deploy additional machines to the organization’s environment.

After the initial installation, the AV solution does a full scan of the entire image to look for malware before sealing the image. This will be the final image that gets copied for deployment.

In this video, we demonstrate how to configure your CylancePROTECT® agent on your VDI.

While this process seems straightforward, the problem lies in the general principle that traditional AV solutions are based on signatures to identify malware. The result is that whenever the signatures are updated, you need to do another full image scan. This creates a highly degraded performance and user experience due to the required CPU, RAM, and disk I/O resources.

Areas of the image that are excluded from scanning for the sake of performance can then cause a security risk. There a quite a few well-written articles on how to configure these exceptions and optimize the performance, but the fact remains that there are tradeoffs. Not putting in these exceptions requires that these scans happen during low usage change control windows.

On a rare occasion, you may come across an admin that says that having VDI is their endpoint security strategy, as opposed to traditional desktops. Please delicately ask them to consider reading this article by Brian Madden.

While having VDI can image aspects of their security, it does not solve security challenges. It will only give them an (Read more...)

*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Josh Fu and Richard Robitaille-Muffler. Read the original post at: https://threatvector.cylance.com/en_us/home/leveraging-ai-for-virtualized-desktop-infrastructures.html