This is a quick overview of the things to come from the VDISecurity.org At this site you will find information on how to Secure Citrix XenDesktop or XenApp or VMware Horizon VDI Deployment along with how attackers will attack your deployment with known exploits and recon methods.
2. Agenda
WhoAmI?
Why VDI?
Overview of VDI with
Citrix and VMware Component Layout
Securing VDI Basics
Questions
3. WhoAmI?
Noob, Patrick Coble, 2x Father, Nerd, Hacker, Trainer, Speaker, Meme User,
PowerPoint Clicker and Citrix CTA.
I have been working with computers since 1988 and started hacking in the
early AOL days. I started working in the IT industry in 1997 and joined the
Marine Corps where I was Intel working on computers. Upon finishing his
time in the Marine Corps, I worked in the security industry, specifically
within Healthcare, and later joined a reseller before starting his own
company in 2016.
Patrick Founded his own security consulting company in 2016 to close the
gap in local and personal security along with IT consulting for Small
Businesses and Individuals. I still do EUCVDI Consulting for large
companies.
VDISecurity.org
4. Who cares about VDI?
90% of Fortune 1000 Companies
have a VDI Deployment.
A HACKERS SUMMARY
5. Company Info & Major Versions
Horizon
VMware Founded, 1998
VMware 2016, 5.62 Billion
First Version 2.0, January 2008
Major Release Family
3.0, 4.0, 5.0
6.0
7.0-7.2
XenDesktop
Citrix Founded, 1989
Citrix 2016, 3.42 Billion
First Version 2.0, October 2007
Major Release Family
2.0, 3.0, 4.0
5.0, 5.6
7.0-7.15
8. VMware VDI Basic Components
Endpoint
Security Servers
Connectinon
Server
Virtual Desktop
App Server
Linked Clone (Composer)
Instant Clone
Agent
F5 Load
Balancer
or APM
Access Point
Unified Access
Gateway
9. VDISecurity.Org
I founded this site in honor of people like Sean Metcalf
with ADSecurity.org and many others who were experts
in a product set and work to improve security for it.
At this Site you will see things from two perspectives
VDI Admin, How to Secure It
Security Nerds, How to do Recon, Get In and Pivot
I have a couple blog posts ready to roll out but just have to
wrap up a couple things. I have been slacking.
10. VDI – Securing It - Basic
Securing the Policies to make sure data cannot leave the session in a
way you don’t want it to. DLP for VDI.
Keeping it Patched is the biggest battle, it only takes one box.
Optimize the image to turn off unused features. (Makes it more secure)
Run some form of AV (For years when the devices were provisioned
and or Non-Persistent it was recommended not to install it, due to its
overhead and problems within VDI)
Use AppLocker or other AV Systems to Whitelist applications to ensure
other applications cannot be launched.
Windows Firewall, IPsec, Microsegmentation
Replace Default SSL Certificates and use SSL Certificates Everywhere.