Introduction

Virtual Desktop Infrastructure (VDI) is the technology to create and manage virtual desktops. VDI is available as a feature in Check Point's Endpoint Security Client releases.

  • VMware Horizon is supported in E81.00 (and higher) for Persistent Mode and as a feature on E83.10 (and higher) for Non-Persistent Mode.

  • Citrix XenDesktop is supported in E84.20 (and higher).

A virtual machine monitor (the hypervisor) controls the virtual machine that creates the virtual desktops. All the activity on the deployed virtual desktops occurs on the centralized server.

The "Golden Image" is the base ("Master") desktop image and the model for clone images. Desktop Pools define the server resources for the virtual desktops and solutions to hold the latest Anti-Malware signatures on all the virtual desktops.

Virtual desktop software applications support two modes.

  • Persistent Mode:

    • Each user has a single specific desktop for their solitary use.

    • Each user's desktop retains data on the desktop itself between logins and reboots.

    • The user's machine is not "refreshed" for other users.

  • Non-Persistent Mode:

    • Each user has a desktop from a pool of resources. The desktop contains the user's profile.

    • Each user's desktop reverts to its initial state when the user logs out.

    • The user's machine is fresh in each instance.

Important - Non-Persistent virtual desktops access Anti-Malware signatures in a shared folder in the Shared Signatures Solution.

The tested versions are:

  • VMware Horizon 7 version 7.6 and 7.10

  • Citrix Virtual Apps and Desktops 7 1912

The software environments between and after these versions should work. Earlier versions may work. Contact Check Point Support for assistance with earlier versions.

The Check Point Management Servers must run version R80.10 or higher.

Important:

  • Starting from E86.40, Harmony Endpoint supports multi-users in Windows environments. Supported Windows environments include: Microsoft Terminal Servers (RDS), Citrix Virtual Apps (XenApp), and VMware Horizon Apps. For more information, see sk176939 and the Harmony Endpoint EPMaaS Administration Guide. In versions E86.30 and lower, Harmony Endpoint supports only desktop publishing.

  • AD Scanner feature must be enabled in VDI environments.