Citrix Looks to Secure the Virtual Desktop

The latest version of Citrix's Access Gateway appliance creates a more secure virtual desktop.

Citrix Systems is looking to offer a new layer of security around the virtual desktop.

On June 9, the company released the latest version of its Access Gateway appliance-Version 8.1-now integrated with Citrix XenDesktop, which allows IT departments to create a virtual desktop infrastructure where the desktop images and applications are streamed to the PC from a server housed in the data center.

The integrated Access Gateway feature is part of Citrix's Delivery Center, a set of technologies that allow for the creation of a virtual desktop infrastructure, or VDI, that can allow desktop images to be streamed either to the main office or remote locations and branch offices.

The Delivery Center will be available in the second half of 2008. Citrix released its XenDesktop product in May.

The Access Gateway is a security appliance that allows a user to access his or her desktop image and applications from a home or remote PC, while giving the IT department the ability to create policies for how employees can access their virtual desktops. For example, employees can access a desktop image from their own PCs but the IT administrator can ensure that no documents or files can be printed or copied unless the computer is attached directly to the corporate LAN.

While there are several security benefits to creating a virtual desktop infrastructure, including the ability to apply a security patch once in the data center for all the corporate desktop images, enterprises have not fully embraced the models that Citrix and VMware are beginning to develop.

At a forum in May in New York, IDC found that while IT department and enterprises are studying this new model, the costs of investing in a new infrastructure and concerns about issues such as operating systems licensing mean that not many businesses are adopting VDI just yet.

Still, Citrix, VMware and soon Microsoft with its Hyper-V option in Windows Server 2008 are looking to define what it means to create a virtual infrastructure and what benefits come with this type of technology. In this case, Citrix believes it has overcome concerns about protecting a company's data from being lost or stolen from a misplaced laptop by allowing IT to set policies, such as not allowing a user to download the data to a local hard disk drive or print it out at a remote location.

"Most of the IT organizations have done a pretty good job when it comes to protecting the edge of the network," said Sai Allavarpu, a product marketing manager at Citrix. "However, what we are seeing more and more is the need to protect the data itself from being lost or taken in the case of a stolen laptop."

The Access Gateway sits between the various Citrix delivery controllers, such as XenDesktop and XenApp-the new name for Presentation Server-and the desktop or the Branch Repeater that brings the desktop images to a remote office.

Through a series of technologies called SmartAccess, the Access Gateway authenticates the user's identification, checks the policies for accessing applications and desktop images, and finally conducts a check of the end device for malware or spyware.

The Access Gateway and Delivery Center will work with any PC-whether a diskless desktop model, laptop or thin-client PC-which Allavarpu said will help companies if and when they move toward a VDI model. It also allows employees to use their home PCs without compromising work data.

Access Gateway will cost about $3,500, but will include the user licenses for the XenDesktop product.