ThinScale’s Virtual Desktop Agent – The access control you need

Virtual Desktop Agent

ThinScale’s Virtual Desktop Agent (VDA) actively prevents any unsecured machine, not actively running a ThinScale workspace, from connecting to the VDI or DaaS environment in question.

Functionally the VDA acts as a final check on the security and validity of the device attempting to access corporate virtual environments.

ThinScale and Microsoft

The Virtual Desktop Agent facilitates communication between the endpoint and VDI, allowing IT to specify rules to occur at the virtual desktop level depending on the information it reads from the endpoint.

The Virtual Desktop Agent can tell when a user is trying to connect to a virtual machine from a non/inactive ThinKiosk/Secure Remote Worker device and can allow or deny connections based on this with preconfigured rules. Without this, users could easily bypass even the most locked-down endpoint environments by using their corporate credentials on a browser on another device. Through the Virtual Desktop Agent, this is now impossible.

An example of this in action would be where a company has a number of both on-prem and home workers; the Virtual Desktop Agent can make it so the home workers on personal devices cannot access their virtual environment unless connecting from Secure Remote Worker, allowing complete security for your end users when working out of the office.

Admins can even set up the VDA to allow only connection from specific ThinKiosk or Secure Remote Worker profile names, further ensuring strict access control even when credentials may be compromised.

The VDA is installed on the host of the virtual machine, though the control of it can be accessed via the ThinScale Device Portal if using ThinScale Cloud, or the ThinScale Management Platform if using a hosted management environment.

The VDA provides IT control over corporate resource access regardless of deployment or type of work by restricting end-users to accessing these resources only through ThinScale-secured devices. It even reinforces MFA policy by acting as another automated barrier to entry even if credentials are compromised.

Ready to see it in action?