Virtual Desktop Infrastructure (VDI) increases workflow accessibility and security while also making IT administration more convenient.
Users connect to virtual desktops using thin clients. Remote desktops are limited to only the required apps and services, so it’s much easier to factor in all possible actions that can harm IT systems. The data users work with is stored on the server, not the user’s device, so configuring and replacing thin clients is easier than traditional PCs.
As useful as they are, VDI thin clients need cybersecurity, and convenient monitoring and centralized management tools.
The user workstation is the most popular target for cybercriminals and malware operators, so it needs protection, and user-friendly tools for monitoring and centralized management. A cyberimmune infrastructure of thin clients provides the required level of security for remote desktop connections.
Kaspersky Secure Remote Workspace (KSRW) is a solution for building a managed and functional infrastructure of thin clients based on the Cyber Immune KasperskyOS operating system for secure VDI connection.
The solution enables:
Kaspersky Secure Remote Workspace in brief
Kaspersky Thin Client has Kaspersky Cyber Immunity and does not require additional antivirus protection
Convenient local and centralized management of thin clients and data channels
Option to connect to various desktop virtualization systems, including Windows and SKALA-R remote desktops
Security is monitored via the Kaspersky Security Center console which simplifies migration from traditional workstations to thin clients
The Cyber Immune operating system that Kaspersky Secure Remote Workspace runs on provides security by default without the use of antivirus tools. This is important for VDI infrastructures because they cannot provide absolute protection and also have weak points of their own.
One of the most popular types of cyberattacks to gain access to data and vulnerable data channels
If one VDI component is compromised, all others are threatened
If there's no control over devices used to access virtual machines, it's easier for attackers to access the VDI and corporate network
Without a convenient centralized management system for thin clients, configuring, updating or auditing them is a time-consuming and risky process.
Kaspersky Thin Client is a software product installed on the TONK TN1200 hardware platform that provides security by design for thin clients.
Thanks to its Cyber Immune operating system, KasperskyOS ensures the integrity of data transmitted between users, remote desktops, the centralized management server, and connection and logging broker servers, as well as enabling certificate management and secure updates.
The Kaspersky Thin Client interface gives users and administrators access to language and network settings, as well as desktop display options.
It is impossible to store information on user terminals, download it to unauthorized media or access untrusted resources
Settings and OS image updates on thin clients are managed centrally
Connection to virtual desktops via Microsoft RDP and to virtual machines within the Skala-R VRM virtualization system are supported. The list of supported connection types is set to be expanded
Popular tokens (RUTOKEN, SafeNet and JaCarta) and USB drive passthrough are supported
Security certificate management is supported
Compact, high-performance thin client for local and terminal workstations
Kaspersky Security Center, a component of Kaspersky Secure Remote Workspace, is a unified management console for centralized administration and monitoring of thin clients. It has all the tools and technology required for an easy transition to thin clients and integration with other Kaspersky products.
Centralized monitoring, configuration and delivery of updates to all thin clients. Automatic software deployment, vulnerability assessment, and update installation
Centralized management of up to 100,000 nodes. Automatic thin clients registration and setup when connecting to Kaspersky Secure Remote Workspace infrastructure
Incident notifications through the channels the administrator prefers: SMS, email, push notifications, etc.
Customizable and ready-to-use reports with dynamic filtering and sorting by any data field
Each administrator can only access the tools and data relevant to their work responsibilities
If the software configuration is updated within the Kaspersky Thin Client corporate image, the solution performs a centralized automated update on all thin clients
The Kaspersky Security Management Suite add-on provides a connection to the Kaspersky Security Center console and enables thin clients to be administered:
• Manage thin client settings on the network using Kaspersky Security Center policies
• Receive all events from devices
• Install and centrally update security certificates on thin clients
• Control license keys in Kaspersky Thin Client
