Blog post by Paul Craddock, Stratodesk Sales Engineer.
Whilst Stratodesk NoTouch OS is an incredibly secure Linux operating system, due to existing security policies many organisations still require some form of anti-virus & malware protection on their Stratodesk NoTouch based VDI endpoints. Typically, antivirus solutions can be resource heavy which can cause performance issues on some low specification devices like thin clients.
One way to overcome this is with Crowdstrike Falcon which is a next generation cloud-based anti-virus solution that uses a lightweight agent that is unobtrusive in nature and has a minimal impact on the endpoint. Stratodesk has partnered up with Crowdstrike to bring their next generation anti-virus protection to VDI Thin Client endpoints.
The good news for Stratodesk customers is that we make the deployment and configuration of the Crowdstrike sensor incredibly easy.
How to configure Crowdstrike Falcon in Stratodesk NoTouch
Getting Started
- Log into your Crowdstrike environment and download the Crowdstrike Sensor as shown below.
- Download the Crowdstrike Ubuntu sensor.
- Make a note of your Customer ID, as this is needed when enabling the Crowdstrike service in Stratodesk NoTouch Center.
- Next log into Stratodesk NoTouch Center and go to ‘Resources/Misc.Files’ and upload the Falcon-Sensor, as NoTouch Center will become the distribution point to your Stratodesk NoTouch OS endpoints.
- To configure the Crowdstrike service & Customer ID go to ‘Group Settings/Services’ and enable the service and copy the Customer ID into the ‘CCID’ field.
- If your Stratodesk NoTouch Center is using a self-signed certificate, then go to the ‘Group Settings/Security’ and disable the ‘Check Certificates on System Downloads’ parameter.
-
Next, go to the group you wish to deploy the plugin to and go to ‘Group Settings/Extension’ Search for the ‘Crowdstrike Plugin URL’ drop-down menu and choose the file you uploaded to Misc. Files.
- Once complete announce the change, and then reboot the Stratodesk NoTouch OS endpoint.
- To verify the installation has been successful, log into the local configuration of the endpoint, and then go to ‘Debug Information/Cache’ to ensure the download of the sensor has been successful.
10. The final step is to log into ‘Hosts-Overview’ of the Crowdstrike dashboard to check that the Stratodesk NoTouch OS endpoints show under Linux hosts and are correctly connected.
You can then drill down further into the Linux Host Management, and into the devices.
If you are still unsure if the falcon-sensor service is running, then you can ssh on the endpoint and run the following command:
ps -e | grep falcon-sensor
You should see an output similar to the one below, which means the service is running.
Summary
With the Stratodesk NoTouch ‘Extension’ module feature, we make it incredibly easy for our customers to deploy the Crowdstrike Falcon sensor. This feature also allows you to deploy a limited number of complimentary third-party applications, like Google Chrome, and Microsoft Edge for Linux as well as optimization plugins for Zoom. If you’d like to know more about this feature then we have created the following blog post on the feature.