Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Virtual Desktop Infrastructure (VDI) support for Apex One as a Service

    • Updated:
    • 5 Oct 2020
    • Product/Version:
    • Apex One as a Service
    • Virtual Desktop Infrastructure
    • Platform:
Summary

This article clarifies the VDI support conditions for Apex One as a Service.

Details
Public

Apex One as a Service does not have a VDI plug-in like its on-premise version, since it requires a direct connection to VDI host servers and it’s not applicable in most environments.

However, Apex One as a Service can support VDI clients that meet the following conditions:

  • Using a supported client OS

    This information can be found in the system requirement.

  • Program Update is disabled

    Customers should regularly update VDI golden images to update Apex One as a Service agent programs.

    • Pattern update  can be enabled as usual.
    • This is to reduce high disk I/O during a program update being deployed to VDI agents.
  • Scheduled Scan is disabled

    As Scheduled Scan triggers lots of disk I/O at the same time, Trend Micro suggests disabling Scheduled Scan on VDI agents

VMware™Citrix™Microsoft™
  • ESX/ESXi Server (Server Edition) 5.x, 6.x
  • ESXi 7.0
  • Server (Server Edition) 1.0.3, 2
  • Workstation and Workstation ACE Edition 7.0, 7.1, 8.0, 9.0, 10.0, 11.0, 12.0, 14.0, 15.0
  • vCenter™ 5.0, 5.1, 5.5, 6.x
  • View™ 5.0, 5.1, 5.3, 6.x
  • Horizon® Air™ Desktops
  • Horizon® Mirage™ 5.x
  • Horizon® View™ 7
  • XenDesktop 5.0, 5.5, 5.6, 7.x
  • XenServer 6.5, 7.0
  • XenApp 4.5, 5.0, 6.0, 6.5, 7.x
  • VDI-in-a-Box 5.1

Hyper-V Server:

  • Microsoft Hyper-V Server 2008/2008 R2 (64-bit)
  • Microsoft Hyper-V Server 2012/2012 R2 (64-bit)
  • Microsoft Hyper-V Server 2016 (64-bit)
  • Windows Server 2008/2008 R2 (64-bit) Hyper-V

Windows Server Hyper-V:

  • Windows Server 2008/2008 R2 (64-bit) Hyper-V
  • Windows Server 2012/2012 R2 (64-bit) Hyper-V
  • Windows Server 2016 (64-bit) Hyper-V
  • Windows 8/8.1 Pro/Enterprise (64-bit) Hyper-V
  • Windows 10 Pro/Enterprise (64-bit) Hyper-V

Windows Virtual Desktop

  1. Why does Apex Central report Windows 10 Enterprise multi-session (Azure VDI) as a Windows Server 2019 machine?

    Windows 10 Enterprise Multi-session is a virtual edition of Windows 10 Enterprise. One of the modifications on the ProductType leads the Apex One agent to identify these endpoints as Server instead of Desktop. This is a normal behavior based on the Windows 10 Enterprise multi-session FAQ article from Microsoft.

  2. Apex Central applies server-based policy settings to the target Azure WVD endpoint.

    Because of limitation (1), the Apex Central will apply server-based policy settings instead of client-based settings by default. Therefore, the administrator will need to create a separate policy for the Azure WVD VM and enable additional client-based protection settings.

    Please refer to Overview of Apex One as a Service Security Agent Features on Different Platforms for more information.

  3. Alert Notification shows up for every logged on User.

    Because Azure WVD is multi-session (shared vm), the Apex One alert notification will show up for every logged on user. A workaround is to disable notification display on the protection settings of each user.

  4. Threat detection logs (AV, BM, WRS, etc.) gets associated to the "Last Logon User".

    In a multi-session scenario (e.g. each logon user initiated a separate session), the Apex One as a Service agent can only associate users to Data Loss Prevention violation logs but not for other threat detections (e.g. Virus, Behavior Monitoring, etc.).

  5. When Apex One agent has been installed in a non-persistent VDI environment, the EDR features can work well in the desktop lifecycle until it has been destroyed.

    Once the desktop lifecycle has been destroyed, the Apex One agent will no longer be active. There are following limitations of EDR features.

    • Users can still do historical investigation before Apex One has removed inactive agents and purged their data.

      • Users can configure when to remove the inactive agent through the Apex One web console.
      • When to purge the data depends on the licenses purchased.
    • Users cannot do live investigation or response because the agent is inactive.
Premium
Internal
Partner
Rating:
Category:
Configure
Solution Id:
000247354
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.