IGEL Expands Endpoint Security Capabilities to Enable a Complete “Chain of Trust”

Time to read
1 minute
Read so far

IGEL Expands Endpoint Security Capabilities to Enable a Complete “Chain of Trust”

Tue, 12/10/2019 - 09:41
0 comments

The latest version of IGEL OS Workspace Edition offers advanced security features including signed OS partitions for expanded system-wide authentication

Reading, UK. Dec. 10, 2019 – IGEL, provider of the next-gen edge OS for cloud workspaces, today introduced IGEL OS Workspace Edition, version 11.03. This latest version of IGEL OS features advanced security capabilities, including signed OS partitions, that are designed to extend IGEL’s secure “chain of trust” all the way to the device processor level.

“The threat landscape is constantly evolving and protecting sensitive data and mission-critical applications on the endpoint remains a top concern for our partners and customers,” said Matthias Haas, CTO, IGEL. “Our team is committed to bringing to market hardware and software offerings that feature today’s most advanced security capabilities. The signed OS partitions now available with IGEL OS are the next step in IGEL’s secure ‘chain of trust’ which already includes UEFI Secure Boot and the AMD Secure Processor technology in our latest UD7 and future IGEL endpoint devices.”

The IGEL secure “chain of trust” begins with UEFI secure boot already available with IGEL OS 11.03, and extends to select IGEL hardware models via the AMD Secure Processor technology, a hardware-based security system built right into select AMD processors, including the AMD Embedded RX-216GD system-on-a-chip that powers the latest generation of IGEL UD7 endpoints. Putting the protection right on the processor, this integration leverages a dedicated security system, initiating IGEL’s secure chain of trust at the absolute beginning – the hardware level.

The AMD R-Series Embedded processor checks whether the UEFI binary is cryptographically signed by IGEL, verifying that the UEFI binary is authentic and not manipulated. The UEFI then checks the bootloader for a UEFI Secure Boot signature. Next, the bootloader checks the IGEL OS Linux kernel, and if the OS partitions signatures on disk are correct, IGEL OS is initiated and the partitions are mounted. Finally, for users connecting to a VDI or cloud environment, access software such as Citrix Workspace App or VMware Horizon 7 checks the certificate of the connected server, creating a complete “chain of trust.”

Also new in IGEL OS 11.03 is support for LoginVSI’s Login Pi application performance testing software, enabling IT administrators to thoroughly test end-to-end performance from IGEL-powered endpoints to the destination cloud or server. Now integrated with IGEL OS, this technology enables keen insight and understanding of user experiences across the enterprise.

“Furthermore, IGEL is also pleased to announce that IGEL OS 11.03, together with expanded security documentation, conforms to ‘BSI IT Grundschutz’, a German Security standard for Federal Government IT,” said Haas. “While it is a German standard, BIS IT Grundschutz is based on industry-wide best practices for access control, secure booting, logging and encryption. This is yet further evidence of IGEL’s staunch commitment to offering our customers outstanding endpoint security.”

The IGEL Workspace Edition is a feature-rich software-defined endpoint offering consisting of all essential capabilities to transform any compatible x86 device into a secure, highly functional IGEL-powered endpoint. With IGEL Workspace Edition, the hardware is de-coupled from the software through new, flexible and portable software licensing options that are designed to extend the value of endpoints while simplifying their acquisition, control and management.