XenDesktop is a server virtualization application which brings a great amount of efficiency to IT infrastructure. XenDesktop is useful for security measures since it has the advantage of using thin clients as terminals. Migrating one conventional environment with the XenDesktop, you may require repositioning existing firewall or adding new perimeter firewalls. Suppose you have a perimeter firewall amidst a client and database server within a data center. When XenDesktop is used, that firewall has to be placed such that virtual desktop as well as the user device come to one side, and database servers and the controllers of data center come on the other side. You need to, therefore, think about creating a partition within data center to hold servers and controllers that are used by XenDesktop. Also think of having a protection for the user device and virtual desktop.
All computers in the environment need to be protected with a personal firewall on each computer. When you install the virtual desktop agent, it will prompt for the consent to change the configuration of Microsoft Windows firewall that you add important program exceptions or any port exceptions such that the virtual desktop agent operates correctly.
All network statements need to be adequately secured using encrypted as ideal to match a security policy. You will be able to secure total communication between Microsoft Windows 7 computers with the use of IPSec. In addition, the contact between the user devices as well as desktops can be secured through SecureICA, which by default is configured to 128 bit encrypting. You may configure SecureICA when creating / updating assignments.
You may give users only the permissions they need. Microsoft Windows 7 privileges are always applied to desktops as is usual – so configure the privileges with user rights assignment and through group membership with a group policy. So this is one advantage of XenDesktop which is that you can give rights of user administration to a desktop and not giving physical control over the system in which the desktop is stored. When planning for rights please keep in mind that when the non-privileged user connects to any desktop, they can see what time zone of the system is, instead of a time zone on their user device.
A user also an administrator over a desktop keeps full control to that desktop. If it is a pooled desktop, a user should be trusted like all others, including any future users. All users need to know the probable risk to the data security which is posed by such situations. Using XenDesktop over Windows 7 as an agent, has the above privileges. It is therefore necessary when using a server based system on Windows 7 to assign the user rights appropriately. Moreover, it is necessary to do so such that the data center is secure from malicious attacks.