This is a quick overview of the things to come from the VDISecurity.org At this site you will find information on how to Secure Citrix XenDesktop or XenApp or VMware Horizon VDI Deployment along with how attackers will attack your deployment with known exploits and recon methods.

1. VDISecurity.org Intro
ABOUT IT

2. Agenda
 WhoAmI?
 Why VDI?
 Overview of VDI with
 Citrix and VMware Component Layout
 Securing VDI Basics
 Questions

3. WhoAmI?
 Noob, Patrick Coble, 2x Father, Nerd, Hacker, Trainer, Speaker, Meme User,
PowerPoint Clicker and Citrix CTA.
 I have been working with computers since 1988 and started hacking in the
early AOL days. I started working in the IT industry in 1997 and joined the
Marine Corps where I was Intel working on computers. Upon finishing his
time in the Marine Corps, I worked in the security industry, specifically
within Healthcare, and later joined a reseller before starting his own
company in 2016.
 Patrick Founded his own security consulting company in 2016 to close the
gap in local and personal security along with IT consulting for Small
Businesses and Individuals. I still do EUCVDI Consulting for large
companies.
VDISecurity.org

4. Who cares about VDI?
90% of Fortune 1000 Companies
have a VDI Deployment.
A HACKERS SUMMARY

5. Company Info & Major Versions
Horizon
 VMware Founded, 1998
 VMware 2016, 5.62 Billion
 First Version 2.0, January 2008
 Major Release Family
 3.0, 4.0, 5.0
 6.0
 7.0-7.2
XenDesktop
 Citrix Founded, 1989
 Citrix 2016, 3.42 Billion
 First Version 2.0, October 2007
 Major Release Family
 2.0, 3.0, 4.0
 5.0, 5.6
 7.0-7.15

6. VDI Basic Components
Endpoint
Front End Web
Services
Broker
Virtual Desktop
App Server
Imaging
Method
Agent

7. Citrix VDI Basic Components
Endpoint StoreFront
Delivery
Controller
Virtual Desktop
App Server
Provisioning Server
MCS (Linked Clone)
Agent
NetScaler
Gateway

8. VMware VDI Basic Components
Endpoint
Security Servers
Connectinon
Server
Virtual Desktop
App Server
Linked Clone (Composer)
Instant Clone
Agent
F5 Load
Balancer
or APM
Access Point
Unified Access
Gateway

9. VDISecurity.Org
 I founded this site in honor of people like Sean Metcalf
with ADSecurity.org and many others who were experts
in a product set and work to improve security for it.
 At this Site you will see things from two perspectives
 VDI Admin, How to Secure It
 Security Nerds, How to do Recon, Get In and Pivot
 I have a couple blog posts ready to roll out but just have to
wrap up a couple things. I have been slacking.

10. VDI – Securing It - Basic
 Securing the Policies to make sure data cannot leave the session in a
way you don’t want it to. DLP for VDI.
 Keeping it Patched is the biggest battle, it only takes one box.
 Optimize the image to turn off unused features. (Makes it more secure)
 Run some form of AV (For years when the devices were provisioned
and or Non-Persistent it was recommended not to install it, due to its
overhead and problems within VDI)
 Use AppLocker or other AV Systems to Whitelist applications to ensure
other applications cannot be launched.
 Windows Firewall, IPsec, Microsegmentation
 Replace Default SSL Certificates and use SSL Certificates Everywhere.

11. Questions