|
Understanding the VDI Feature:
In FortiEDR, the VDI feature is designed to address scenarios where endpoints change hostnames or other identifying parameters. By enabling VDI, the FortiEDR aggregator is instructed to verify the agent ID and update the record for an existing endpoint, even if the hostname changes during registration. This ensures that endpoints are correctly identified and managed in the FortiEDR system.
When to Use the VDI Feature.
Here are some scenarios where enabling the VDI feature can be beneficial:
- VDI Environments: In Virtual Desktop Infrastructure (VDI) environments, endpoints may have dynamic hostnames. Enabling VDI ensures that FortiEDR correctly manages these endpoints when hostnames change.
- Continuous Integration and Continuous Deployment (CICD): In environments with frequent server movements between development (Dev), user acceptance testing (UAT), and production (Prod), hostnames can change. VDI helps maintain endpoint continuity.
Enabling VDI in FortiEDR.
There are several methods to enable the VDI feature in FortiEDR:
Method 1: Manual Configuration.
- Stop the FortiEDR collector service on the endpoint.
- Change the 'isVDI' parameter to 'true' in the collector configuration file.
- Reboot the endpoint.
- If needed, start the FortiEDR collector service.
Method 2: Installer with Repair Option.
- Run the FortiEDR installer on each endpoint.
- Choose the repair option during installation.
- Select the VDI feature for enabling.
- Complete the installation process.
Method 3: Group Policy Object (GPO).
- Create a GPO to execute the following command on endpoints:
msiexec /fv <collector_msi_package> /q UPWD=<registration_password> VDI=1 /l*vx <log_file>
- <collector_msi_package>: Name of the installer file.
- <registration_password>: Registration password.
- <log_file>: Path to store the installation log.
|
