Views:

Review information about deploying endpoint agents and sensors using system templates such as a golden image.

Important
Important
  • Read these instructions carefully. Cloning your own VDI machines causes agent IDs to be duplicated and prevents deployed agents from performing response actions.
  • The Image Setup Tool only supports Windows agents.
  • For Standard Endpoint Protection and Server & Workload Protection endpoints, you must update the sensor to the Trend Vision One endpoint sensor before using the Image Setup Tool.
Trend Vision One Endpoint Security supports deploying agents and sensors using VDI templates, golden images, or custom image templates (Azure). The Endpoint Security app automatically detects the endpoint when a user signs in and adds the desktop to the Endpoint Inventory list. You can download the Image Setup Tool from Endpoint Inventory to help configure the golden image or template for the following supported scenarios:
  • Physical desktops configured using a golden image
  • Persistent virtual desktops
  • Non-persistent virtual desktops
The Image Setup Tool is an accurate and efficient tool designed specifically to configure the agent settings for your golden image. Trend Micro recommends using the Image Setup Tool to avoid errors in deployment regardless of the deployment type. Non-persistent virtual desktops must use the Image Setup Tool to configure the virtual desktop image template.
Feature support for persistent and non-persistent virtual desktops is different from physical endpoints. Refer to the following table for more information.

Feature Support

Feature
Persistent
Non-persistent
Sensor agent upgrade (in-place)
Supported
Not supported
Sensor agent upgrade (template)
Supported
Supported
Important
Important
You must create a snapshot of your template from before you run ImageSetupTool.exe.
Standard Endpoint Protection
Supported
Supported
Server & Workload Protection
Supported
Supported
Vulnerability Assessment
Supported
Not supported
Zero Trust Secure Access
Supported
Supported
Endpoint Security offers separate settings for physical/persistent desktops and non-persistent desktops. Virtual desktops which are not turned on regularly are automatically removed based on the agent settings. The time interval is set separately for persistent and non-persistent desktops. For information regarding inactive agent removal, see the following topics:
Trend Micro has tested virtual desktop deployment in the following environments, and only offers support for the listed platforms.

Tested Environments

Provider
Supported Platforms
VMware
  • VMware Horizon 8.3
Microsoft
  • Azure Virtual Desktop
  • Windows 365
Citrix
  • Citrix Virtual Desktops
  • Citrix Virtual Apps
Tip
Tip
Trend Vision One supports multi-session VDI solutions. Trend Vision One does not change or limit the functionality of your virtual desktop operating systems. The Endpoint Security VDI solution works by creating unique device IDs for each virtual desktop after provisioning.
Related information