This week at Citrix Synergy Los Angeles, Citrix is demonstrating the Citrix XenClient® XT high security computing platform with the Virtual Cyber Defender Introspection Appliance (VCD-IA) extension pack from Adventium Labs. The Citrix XenClient XT platform is a flexible security solution designed for the public sector and other highly regulated industries. It delivers security, isolation, performance, and auditability to highly regulated environments with a next generation secure local virtual desktop, hardware-assisted security features, and extensibility.
XenClient XT uses a hardened Xen ProjectTM client hypervisor that runs on bare metal to maximize security without compromising the user experience. It is based on the mature, market-proven Xen ProjectTM open source hypervisor that has been battle-tested in public clouds and data centers and open for inspection from third-parties. The hypervisor is further strengthened with a thin footprint that reduces the attack surface using SELinux and Xen Project Security Modules (XSM). This is done without impacting performance or user experience because the client hypervisor runs directly on the hardware.
Hardware-assisted security features such as trusted boot and disk encryption built into the Intel® vPro™ platform ensure only authorized users have access to sensitive data with XenClient XT. It provides the ability to boot to a trusted and verified platform every time with Intel Trusted Execution Technology (TXT) technology, which validates at boot time that the hypervisor has not been compromised. Moreover, confidential data is protected with accelerated disk encryption using Intel Advanced Encryption Standard New Instructions (Intel® AES-NI) technology.
Figure 1: Citrix XenClient XT is an open, extensible platform by design
XenClient XT also provides an open platform to allow third-parties to distribute extension packs by developing Service Virtual Machines (VMs). Service VMs are separate VMs used to offload and de-privilege services such as networking, VPN and security scanning from the hypervisor for further isolation and improved performance. For instance, Service VMs that create specialized VPN networks can be deployed on top of the XenClient XT platform. These extension packs turn XenClient XT into a future-proof security platform that can quickly adapt and evolve with continuously changing security threats.
Recently, a new paradigm shift in security has occurred with the ability to inspect memory and CPU state from outside the operating system using hardware virtualization. The VCD-IA (originally called XIP) extension pack from Adventium Labs built on the Citrix XenClient XT platform follows this shift to provide cyber defenses through innovative introspection technology. This augments the strong network and VM isolation capabilities offered by XenClient XT.
Mitch Parker, Group VP and GM of the Client Virtualization Group at Citrix, says “We’re excited to see innovative companies like Adventium Labs building on the Citrix XenClient XT platform. We designed XenClient XT to provide an extensible platform for innovation in cyber defense, and Adventium’s VCD-IA is a great example of this.”
Adventium migrated their security innovations from the open-source Xen Project hypervisor to the Citrix XenClient XT platform, providing customers in highly regulated environments with new defensive capabilities against evolving threats. The new VCD-IA extension pack from Adventium complements the strong defense capabilities and extensible platform of Citrix XenClient XT with a new type of endpoint defense.
To see these defenses in action and to learn more about Citrix XenClient XT, stop by the XenClient XT demo station (Pod 11) at Citrix Synergy. Read about the latest release of XenClient XT and download and evaluate it in your own environment for free! For further information about Adventium VCD-IA, please visit the VCD-IA product page or watch the VCD-IA video to learn more.
Join the conversation by connecting with the Citrix XenClient team online!