No matter how robust IT security measures may be, the reality of cyberattacks remains a persistent challenge. IGEL, a notable player in the technology landscape, asserts that while complete prevention may be elusive, endpoints can still be fortified through proactive strategies. Their architecture is designed to streamline management, minimize downtime, and prolong the lifespan of devices across various environments, from operational technology (OT) settings to web applications and Windows endpoints.
In a recent discussion, John Walsh, Field CTO at IGEL, alongside Senior Technology Evangelist Jaime Halscott, shared insights into the company’s evolution. Founded in 2001, IGEL Technology initially specialized in thin clients but has since pivoted towards software solutions that protect endpoints with a read-only operating system. “The endpoint itself cannot be attacked when using IGEL,” Walsh explains, highlighting a significant reduction in the attack surface—up to 95 percent, to be precise.
Simple management
Each endpoint operates in a stateless manner, as Halscott elaborates, meaning it retains no memory of past interactions and functions solely when connected to a user profile. “With our read-only OS, there’s no need for EDR/XDR,” Walsh notes, emphasizing how IGEL extends zero trust principles from applications to the operating system and the endpoint itself, effectively addressing a crucial gap in the security framework. The management of endpoints is facilitated through a unified portal, which integrates seamlessly with other solutions.
Consider an environment powered by Nutanix, with which IGEL has formed a strategic partnership. Policies can be aligned with various vendors, including Zscaler, Trellix, CrowdStrike, Citrix, and Parallels. In an OT context, where endpoints perform limited tasks over extended periods, this integration simplifies operations significantly. Historically, endpoints in industrial settings might have been isolated from IT networks, leaving security teams blind to their status. Now, with IGEL’s solutions, these devices can be integrated without introducing additional security vulnerabilities. This innovation allows IGEL to effectively replace EDR systems, boasting over 120 integrations.
An optional hypervisor can also host Windows workloads as guests while IGEL oversees the endpoint management. Customers are targeting a remarkable 75 percent reduction in endpoint budget expenditures by extending the operational life of their systems.
A longer life
In the realm of operational technology, the longevity of an endpoint is paramount. The physical replacement of devices can be costly, inconvenient, or even unsafe. This concern is compounded by the evolving landscape of Microsoft Windows, particularly with the recent acquisition of VMware by Broadcom, which has introduced new licensing complexities.
Organizations are thus compelled to make swift decisions, especially with Windows 10 nearing its end of support this October. Many devices will struggle to transition to Windows 11 due to inadequate security features. IGEL’s approach, as Walsh articulates, is to navigate these transitions adeptly. “The timing with Windows 10 couldn’t be better,” Halscott adds, noting that IGEL can secure legacy Windows installations by overlaying a read-only Linux system, effectively acting as a hypervisor. This strategy not only enhances security but also contributes to significant cost savings, with IGEL aiming to extend the typical endpoint lifespan from 3-5 years to an impressive 6-8 years.
The unified management system (UMS), combined with the read-only OS, creates a robust enforcement plane that aligns security policies with various services and solutions. Posture signals and logs are shared with partner applications, reinforcing IGEL’s commitment to comprehensive endpoint security. “We are just like Switzerland,” Walsh remarks, emphasizing the company’s neutrality and strong support for both device and user security pillars.
At home in all markets
Another noteworthy aspect of IGEL’s offerings is their remarkable flexibility. The range of application delivery options includes VDI, DaaS, web browsers, IGEL-native applications, and legacy Windows systems. This diversity aims to reduce agent sprawl compared to alternative solutions and shorten update cycles.
While IGEL’s solutions cover a broad spectrum of security needs, it is essential to acknowledge that they do not eliminate all cyber threats. Certain vulnerabilities, such as memory-only exploits or browser-based attacks, remain pertinent. However, these risks are considerably less applicable when the endpoint in question is not a conventional PC but rather an OT sensor or similar device. In essence, for organizations seeking to minimize their attack surface and centralize management, IGEL presents a clear and compelling pathway forward.
Read also: How Nutanix uses Nutanix
