What is the difference between Global VDI and Group VDI settings?

EDR Servers:  7.2 and higher

Virtual Desktop Infrastructure (VDI) are configured in environments where endpoints can be frequently re-imaged or reverted back to an image.  To avoid multiple sensors for the same endpoint, EDR uses the VDI settings to correlate a modified endpoint with sensors already registered (i.e. hostname and DNS name).

Global VDI:  Affects all sensors when enabled.  It is required to implement Group VDI.  

Group VDI:  This feature allows the VDI correlation to only be used on certain groups.  Once a sensor group is set to VDI it only affects the sensors in the group with VDI enabled.

For example:  Consider an environment with 30% virtual machines assigned to the group VMServers and the remainder are bare-metal endpoints in the Default Group.  As soon as the admin enables Group VDI on VMServers, only the sensors in that group use the correlation mechanism.  The Default Group would not invoke the VDI correlation mechanism on the sensors in its group.

• Bug CB-41520 is addressing Group VDI does not disable the correlation mechanism on non-VDI enabled groups.  In other words, only Global VDI is available currently (4/4/24)