Working with FortiEDR on VDI Environments
The FortiEDR Collector must only be installed on the master image (not on a clone) of the VMware Horizon or Citrix XenDesktop in order to ensure that the virtual environment is protected. On Citrix, it is also recommended to install the Collector on the Windows servers that run the entire Citrix platform.
When installing the Collector, set the VDI-designated installation flag. To do so, append the parameter VDI=1 to the command syntax shown above or check the VDI checkbox in the installation wizard, as shown in Installing FortiEDR Collectors.
When installing on a Citrix PVS golden image, append an additional parameter CITRIXPVS=1 to the command syntax shown above.
After the Collector is successfully installed and running on the golden image and before the image is being cloned, the FortiEDR Collector configuration must be erased such so that cloned images will not show up as the same Collector on the Central Manager console. To do that so, run the following command as an administrator:
FortiEDRCollectorService.exe --stop --clean
In VDI installations where VDI pools are used, there is no need to generate Collector groups in the user interface. Any newly generated virtual desktop is automatically assigned to the default VDI Collectors group. Upon first user login to the virtual desktop, FortiEDR automatically generates a Collector group that corresponds with the respective pool name, as specified in VMware Horizon. Any Collector that is installed on a virtual desktop that is part of this pool is automatically assigned from the default VDI Collectors group to the corresponding Collector group, regardless of whether the pool definition in VMware is dedicated or floating. In effect, Collector groups in the FortiEDR user interface are a copy of the virtual machines’ pool on VMware Horizon or Citrix.
Any newly created Collector group is automatically assigned to an out-of-the-box predefined policy. This mechanism ensures that any newly created virtual machine is automatically and immediately protected by a unique instance of the FortiEDR Collector.
IMPORTANT: When using FortiEDR automatic updates to Collectors via the Central Manager, make sure to update the master image too. Otherwise, every time that a new environment is created from the master image, an automatic update is performed, which can overload network traffic.