We're getting ready to incorporate XDR into our VDI infrastructure. Is anyone aware of any version restrictions with vSphere 6 and Horizon view 7.5 and .10? Has anyone had issues with resource consumption as it's deployed more and more into these types of environments?
Along with that is there any helpful advice, tips n tricks, etc. that anyone can provide? I'm getting push back from other teams involved and I'm hoping this will go smoothly.
Thanks in advance!
My 2 cents, based on view 7.4 then 7.10, persistent clones, now non-persistent linked clones, Win 7 now Win 10.
Test in a Test pool
6.1.4 doesn't work it comes up unlicensed
7.0.2 appears to work
Follow the instructions
do imageprep everytime you change image
Issues for us were less around resource consumption and more around conflicts with drivers, or with software that is restoring the profiles (we use Profile Unity). Some of this was resolved with whitelisting, but since moving to the TRAPs in the cloud we haven't had to whitelist much. The most frequent problem is with other IT folks saying "it's TRAPS!" for any problem that happens.
Interesting point on the support matrix. We've called support numerous times (we've used TRAPS for years) and never caught any blowback about running it in View. The agent instructions still have the blurb about installing in a non-persistent VDI environment. I see Citrix listed on the compatibility matrix but wonder if that is actually compatibility for using app virtualization to package/deploy the Cortex agent (which is supported) vs support for Windows 10 running on those platforms. We've found it to be lighter on the endpoints than any of the signature based AV we used in the past, admittedly we haven't used that stuff for some years now, and appreciate that it uses some intelligence to weed out bad software without relying on signatures which are bound to be out of date.
Sorry about that... the agent install works already within our environment. We're just now adding it to our VM environment.
The machine that looked OK in the console yesterday is now in a Disconnected state but I'm also logged into that device now and I can see the agent installed, however it is in a Disabled state. I'm not sure where the problem lies but it seems like there's a communication issue at some point.
Thanks again for the assistance.
I'd open a ticket, to at least get that process started.
We found with non-persistent VDI they are only licensed when a user is logged into the vm. Once they log out it releases the license until another user logs into that machine (this is with floating user assignment not dedicated). If you are using Palo Alto NGFW at the perimeter, something we found that wasn't in the documentation is that it needs "google-base" in addition to "cortex-xdr" in the outbound security policy. If you think it is a communication issue check your traffic logs on the firewall to see if you are seeing any "deny" actions from that machine.
edit: FYI - cortex-xdr depends on ssl, web-browsing
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!