Configuring Secure Walk Away with Roaming VMware Virtual Desktops

This topic details how to configure Imprivata Secure Walk Away with roaming VMware virtual desktops. This topic:

  • Describes two clinical workflows where Imprivata Secure Walk Away is securing Imprivata ProveID Embedded workstations (thin clients).

  • Explains how to configure your Imprivata polices, VDI environment, and thin client endpoints to support the clinical workflows.

Before You Begin

Review the following sections before you begin.

Enterprise Access Management Configuration

The following sections detail the steps to configure your Imprivata OneSign environment, which include:

  • Configuring and assigning a user policy.

  • Configuring the connection to the VMware Horizon View connection brokers.

  • Configuring two computer policies. The first policy is assigned to the thin clients, while the second is assigned to the virtual desktops.

Virtual Desktop Configuration

The following sections detail the steps to configure your virtual desktops, which include:

  • Installing the Imprivata agent on the virtual desktops.

  • Enabling the detection of proximity card events on the virtual desktops.

Thin Client Configuration

The following sections detail the steps to configure your thin clients, which include:

  • Uploading the broker server domain certificates to the thin clients.

  • Configuring the connection to the virtual desktop.

  • Optionally, enabling the VMware Horizon menu bar.

Reporting

You can use the Computer Peripheral Usage report to identify where BLE enabled devices have been deployed in your enterprise. This report identifies:

  • Endpoints to which a BLE device has been plugged in.

  • The model and vendor of the device.

  • The version of the firmware installed on the device.

To run the report:

  1. In the Imprivata Admin Console, click Reports > Add new report.

  2. Under the Platform column, click Computer Peripheral Usage.

  3. Specify a date range, and click Run.

    The date range indicates when the BLE device was plugged into the endpoint.

    For example, a report with a date range of Today, will not include an endpoint where the BLE device was plugged in two days ago.