IGEL Secure Endpoint OS
for Now and Next
IGEL is a transformative secure endpoint OS designed for SaaS, DaaS, VDI and secure browser environments. IGEL significantly reduces endpoint TCO and your endpoint attack surface.
Wakefield and District Housing (WDH) is responsible for over 31,000 homes in the Wakefield district. When the housing association launched in 2005, it secured a £720 million fund to bring all its homes up to the ‘Wakefield Standard’ — a higher specification than the Government’s Decent Homes Standard.
“To reap the benefits of desktop virtualisation you need a strong endpoint solution, and that solution is IGEL endpoints and its management suite.”
Andrew HowardProject ManagerWDH’s vision is to build confident communities, which it aims to achieve through three key core objectives:
WDH’s desktop solution involved published applications from Citrix XenApp to 900 standardised Dell Desktops. The IT and Business Systems Change team began considering changing to a Virtual Desktop Infrastructure (VDI) because the organisation was facing a number of business challenges.
A major difficulty was the log-on times for people working at remote sites. Although geographically bound within Wakefield, the organisation has 75 different locations and 48 of these were Independent Living Schemes (formerly known as sheltered accommodation), which had 1mb ADSL connections into the IT infrastructure.
“When someone logged onto the system, they would have to download their profile over the connection and this could take anything up to 30 minutes at a time,” said Andrew Howard, Project Manager at WDH. “Our teleworkers, who work from home and offer call centre support to our tenants, were also suffering the same difficulties.”
In addition, WDH was in the process of mobilising more of its workforce. With changes in legislation and the changing way housing associations were operating, it was important to have more employees out visiting tenants with information at their fingertips. As a result, these employees were being issued with tablets for their work. “Mobile workers in the past had also experienced problems logging onto the network and with the increase in mobile workers, we needed a different desktop solution,” explained Andrew.
The organisation first virtualised all its servers using VMware, making large savings on electricity and hardware. The team then turned its mind to the desktops and built a detailed business case. “With our VDI we wanted speed, performance, flexibility, mobility, and manageability,” said Andrew. “Manageability and access were key, and we needed to make sure that we weren’t paying any more than our current desktop solution.”
WDH looked at five potential endpoints and quickly narrowed this down to three manufacturers, which included IGEL. “We invited each manufacturer in with an engineer to set up the devices, and looked at their technical knowledge and competency. While onsite we observed how they escalated issues through their organisation and evaluated what tools and systems would be required,” said Andrew. “For the end users, the devices work in much the same way but the IGEL Management software was far superior. The ease of use and flexibility blew all the competition out of the water.”
The IGEL Universal Management Suite software (UMS) can be used to set-up, maintain and upgrade all IGEL endpoints from a central location using a policy-based graphical interface. It is a simple to use management tool, which can have endpoints up and running in minutes. Intuitive to use, secure and scalable up to 100,000 endpoints, the IGEL UMS drastically reduces management time for IT administrators.
“To get the competitor endpoint solution working took five days and it was just two hours for the IGEL devices,” said Andrew. “We couldn’t get them out of the boxes quick enough for the engineers.”
WDH has further complemented the IGEL devices with the Data Security solution DriveLock. Using the DriveLock Virtual Channel already included in the Linux based IGEL Universal Desktop, access rights and security settings for external storage devices can be configured to whitelist approved devices, even down to the serial number of an individual USB stick. With the central DriveLock Management console and the use of policies, WDH is able to determine which users can access the USB-drives and, for example, specify that a user has read only rights. WDH can also determine which types of files may be read by an external drive or written to the device using the integrated file filter. Additionally, using the Encryption-2-Go functions in DriveLock, WDH is able to enforce encryption onto whitelisted USB sticks to ensure data is secure in line with its corporate policy. This is all backed up with comprehensive reporting and forensics in the Drive-Lock Control Center.
The organisation calculated that there would be significant electricity savings as a result of the deployment because the IGEL endpoints use so little power compared to traditional PCs. The electricity savings over the longer five-to-seven year lifecycle meant WDH would be able to afford to deploy the new desktops in one fast roll-out, rather than being forced to stagger it due to cost.
WDH rolled-out 200 IGEL UD5 LX devices to 70 different locations in just two weeks. Today, all 775 PCs have been replaced with IGEL endpoints. The devices use Citrix XenApp application delivery to publish applications from the XenApp server and some over Microsoft App-V to avoid saturating the servers with applications.
The servers are virtualised on Dell hardware using VMware ESX Enterprise plus licensing and work with a standard Windows 2008 64-bit operating system. Applications are installed on start-up by group policy and MSI, which allows the IT team to remove or add applications quickly and efficiently and deploy a new XenApp server in less than 45 minutes. “The feedback we have been getting from our users is that the IGEL devices are now ridiculously quick and easy to use,” said Andrew. “We still use our 1MB ADSL lines and users that used to report log on times of up to 30 minutes can now start their IGEL, turn on the endpoint, log on and launch an application in less than 2 minutes. The desktop infrastructure is also so easy to maintain.”
Andrew finished by saying: “To reap the benefits of desktop virtualisation you need a strong endpoint solution, and that solution is IGEL endpoints and its management suite.”
Eric Backhouse, WDH Infrastructure and Customer Services Manager, added: “The move to an end-toend virtual desktop solution, utilising IGEL endpoints supported by Citrix Xen Desktop, has allowed us to provide a high quality, highly effective way of working for employees at remote sites. The IGEL solution is the backbone of our flexibility and mobility project. It will cost less to own and operate, we will be able to work out how much will be used in terms of resources and the system can be expanded to meet the future needs of WDH.”