Managing the DLP Agent in a VDI environment
search cancel

Managing the DLP Agent in a VDI environment


Article ID: 206132


Updated On:


Data Loss Prevention Endpoint Prevent Data Loss Prevention


  • You want to deploy the DLP agent to a Virtual Desktop Infrastructure (VDI) consisting of non-persistent machines
  • You want to know if any special steps are required on the DLP agent to ensure compatibility.


Release : 15 +

Component : DLP Agent


DLP supports VDI platforms (whether persistent or non-persistent) without any modifications on the DLP agent side. However, implementing non-persistent VDI presents some challenges from the administration side in the Enforce console:

  • Hostnames of the non-persistent VDI cannot be duplicates. This is because the DLP agent is registered using hostname and IP, so the master image that contains the agent needs to have a unique hostname each time it is deployed as a non-persistent VDI workstation
  • If a hostname is no longer in use, the DLP administrator should periodically remove inactive VDI hosts from the system.  There is no "workaround" or automated process in DLP to delete non-persistent VDI hostnames once they are registered.  It may, however, be feasible to just keep them offline in the console depending on the number of machines in this state and your reporting needs
  • To assist in identifying VDI machines, you could create a custom set of agent attributes, agent configuration and/or agent group and add the non-persistent VDI machines to those

Additional Information

You may want to review Article ID: 174312 Deploy DLP Endpoint Prevent in a Citrix Environment