Join our upcoming webinar! Up in the Cloud: The New Threat Landscape for Email, Browsers & Cloud Channels.

VDI Solutions: Comparing Top 6 Solutions

What is VDI and How Does it Work?

Virtual desktop infrastructure (VDI) enables organizations to deliver operating systems and applications in a centralized manner, without having to deploy a dedicated workstation for each employee. VDI solutions are based on desktop images, which a user connects to and uses as if it was running locally on their device. VDI solutions support a variety of endpoints including Windows, Linux and MacOS computers, mobile devices, or thin clients.Learn how enterprise IT and security teams can protect sensitive assets from endpoint attacks. Click here. The term “VDI” typically refers to an on-premise deployment model, in which organizations run VDI infrastructure in their local data center and use it to deliver virtualized desktops to users. However, VDI technology can be operated by cloud providers or other vendors, who use it to deliver VDI as a managed service—a deployment model known as Desktop as a Service (DaaS).

Enterprise VDI Solutions

Enterprise VDI solutions are full-featured offerings that allow an organization to deliver VDI services to large numbers of users. They can be used by individual organizations, or by service providers to deliver managed desktop virtualization services to many organizations.

VMware Horizon

VMware Horizon is a VDI solution based on the popular vSphere hypervisor. Each user’s desktop is managed as an ESXi virtual machine. Horizon supports endpoint devices including personal computers, tablets, smartphones, thin clients, and zero clients (an endpoint device with no local storage capacity, which connects remotely to a server).

Unlike vSphere, VMware Horizon is licensed according to the number of desktops the organization can serve concurrently.

VMware Horizon components include:

Horizon View Connection Server—management server which allows desktop users to connect and authenticate via LDAP.

View Composer—installed on vCenter Server, manages virtual desktop storage and can save up to 90% of virtual desktop disk space through linked cloning.

Horizon Administrator—UI for managing the VDI deployment. Can be used to add vCenter Servers and View Composers.

View Agent—installed on all VMs that are managed as part of the VDI infrastructure. Provides features like access to peripherals and connectivity monitoring.

Horizon Client—installed on the user’s device (Windows, MacOS or Linux), and lets the user connect and authenticate on the View Connection Server, and access their virtualized desktop.

Citrix Virtual Apps and Desktops

Citrix provides a popular VDI platform, which provides fine-grained control over virtual machines, licensing, applications, and security. It enables organizations to run virtual desktops on any device, regardless of the operating system of the local device. It is based on the Citrix FlexCast Management Architecture (FMA), which can be used to deliver individual applications as well as entire desktops to users.

Citrix Virtual Apps and Desktops offers two price tiers—Citrix VDI, Enterprise Edition and Platinum Edition, with three payment models—payment per concurrent users, payment per device, or payment per team.

Citrix components include:

  • Delivery Controller—the central management component of a VDI deployment. Communicates with the hypervisor to run desktops and manage user access.
  • Database—Microsoft SQL Server used for configurations and session data.
  • Virtual Delivery Agent (VDA)—installed on each physical or virtual machine that hosts virtualized desktops.
  • Citrix StoreFront—authenticates users and directs them to the desktop or application they are eligible to access.
  • Citrix Workspace App—installed on user devices, or delivered via HTML5 in a browser. Lets users access their virtual desktop and personal data.
  • Citrix Studio—a management console that lets administrators control the VDI deployment and track licensing.
  • Citrix Director—an administrative interface that allows IT teams to troubleshoot issues and support end users.
  • Citrix Hypervisor—the VDI solution can run on the Citrix hypervisor, or use a hypervisor from another vendor.

New call-to-action

Cloud-Based VDI Solutions (Desktop as a Service)

Several major cloud providers provide managed VDI solutions, in a model known as desktop as a service (DaaS). These solutions run a VDI stack behind the scenes, but do not require an upfront investment, and allow organizations to get started with VDI quickly and pay per actual usage.

Amazon WorkSpaces

A cloud-based desktop service that lets you configure Windows or Linux desktops in minutes, and scale quickly to deliver thousands of concurrent desktops. It is billed monthly, according to the number of workspaces launched, or hourly per desktop usage.

Amazon WorkSpaces was designed to eliminate many administrative tasks related to desktop lifecycle management, such as provisioning, deployment, and maintenance. It provides one cloud-based management interface, and does require the organization to manage multiple VDI components.

Azure Windows Virtual Desktop (WVD)

This new service is the successor of the legacy Microsoft offering, Remote Desktop Service (RDS), which was also offered in a DaaS model. WVD allows users to access a Windows 10 desktop from any device. The service is fully hosted in Azure, with extensive compliance and security features.

WVD lets users access Office 365 Pro Plus, and is fully integrated with the Microsoft 365 platform. It is based on a multi-session version of Windows 10 which was especially designed for the DaaS platform. An important advantage is that WVD users receive free Extended Security Updates for Windows 7.

IBM Cloud

IBM Cloud offers a virtual desktop solution with accelerated graphics capabilities. It lets several virtual desktops use the same graphical processing unit (GPU), using high performance NVIDIA GRID hardware. This offers mobile workers a workstation-like experience for graphic-intensive use cases on any device.

IBM Cloud enhances security for virtual desktops by never sending any data—only encrypted visual output and mouse or keyboard input over the network. This means users don’t need to keep a local copy of their files.

Evolve IP

  • Evolve provides a third-party desktop as a service solution based on Microsoft Azure. Its unique features include:
  • PCoIP (PC over IP) distribution protocol for accessing local USB peripherals.
  • Integration with Microsoft Office, SharePoint and Evolve IP applications.
  • Built-in antivirus, anti-malware and two-factor authentication for virtualized desktops.
  • Full control and customization of your virtual desktop environment—configure how the solution provides application, desktop and storage space.
  • Customize the operating systems and applications provided to users to optimize license costs.

Addressing VDI Challenges with Perception Point

Implementing a VDI solution is a large project and a huge undertaking for an organization. Creating, planning the infrastructure correctly, and making sure everything is tested, has the proper sizing to support the target population requires thousands of hours of work and a huge investment. In addition, running the servers on premise, involves tremendous costs of purchasing the servers, and of course maintaining the infrastructure leading to high OpEx and CapEx costs.

With that said, in today’s remote first world, users connecting to the datacenter VDI solution, sometimes over a VPN tunnel will get poor performance and user experience and desktops are not available when offline. Furthermore, as many users mainly use web-based apps in the VDI desktop, it makes little sense to force users to work through a full remote desktop just to secure the browser. 

Perception Point’s Advanced Browser Security solves these problems, users get a local isolated browser running on their machine, deployed within minutes, which is managed from the cloud. 

Isolated browsers enable: 

  • A higher level of freedom on employees corporate devices
  • Ability to receive 3rd party generated content 
  • Secure isolated access to sensitive or privileged web apps in their everyday environment
  • Secure access to enterprise web apps on unmanaged or 3rd party or personal endpoints
  • A great user experience; users use their native Chrome or Edge browsers with no added latency

The behavior of the secured browser is managed in the cloud, while all of the computing resources run locally on user endpoints. This eliminates the need to invest in a large and costly infrastructure, and provides a better local user experience in terms of speed, along with offline availability.

Contact us for a demo or download the free version of our Advanced Browser Security here.

CISO's guide 2022


Ready to Try
Perception Point?