We are in the process of evaluating IGEL devices to replace the devices in some of the campus, the one concern that’s been raised by management is the IGEL integration with commercial Antivirus. What’s the security posture that we have to adapt with IGEL devices, any Antivirus integration?
The system runs in read-only mode, so there isn’t a need to have AV. Here’s a link that might help www.igel.com/technology-trends/ransomware-cyberattack-petyas-one-reason-choose-igel-os/
If required would it be possible to add an AV to Igel? I have a customer situation where a two-tier Virus-Scanner is necessary – one must be on the Endpoint where the Browser Content is displayed. Without Citrix Browser Content Redirection they used an AV on the VDA – but with BCR they would need it on the ThinClient.
Back in the time, I remember a project where a local AV solution was implemented on the device. A read-only system is not a bulletproof AV solution.
It’s more about risk management and use cases. Depending on the use case it might be sufficient to install an anti-virus wall.
The Antivirus topic is a tough one, and I would assume that we will not close it…
Antivirus could be integrated as a custom partition (like @member mentioned), but it isn‘t something wo do often. Some thoughts about that:
On our Igel own equipment: in our UD series, we use SSD DOMs that must at least cover our warranty period of 5 years. We rely on our own measurements on R / W cycles, which makes an antivirus incalculable
IGEL OS:
The construction of our operating system ensures that no changes to existing partitions can be made. Currently, only two partitions are in RW mode. These are not systemically relevant
If malware tries to root itself into another system partition, the checksum of the respective partition would change and prevent the device from starting.
If malware tries to anchor itself in another user partition, the checksum of the respective partition would change and deactivate the defective part.
At the latest after a restart, the original state is restored
Changing the bootloader is almost impossible thanks to Secure Boot
SSH or console accesses are disabled (our recommendation)
The connection of Bad USB devices can be limited either by policies or third party software
In addition, if you need some more detailed stuff, we have an internal Presentation where the security features are highlighted; please ask your Igel Sales rep. for it, if needed.
Hope it helps a bit
Continue reading and comment on ‘Antivirus on IGEL OS’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?
Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.Submit a question, or Join Today!