IGEL & Lenovo
IGEL & Lenovo
IGEL Agent for Imprivata
IGEL Agent for Imprivata

IGEL Agent for Imprivata

icon
INTRODUCTION
  • Flexibility is crucial in healthcare; providers must adapt to evolving patient needs, technological advancements, and regulatory requirements.
  • Healthcare organizations can integrate and manage various applications, devices, and peripherals with a flexible solution like IGEL. Enabling healthcare professionals to securely access critical patient information and medical applications anywhere, improving mobility and productivity.
  • The importance of secure access to applications and data can not be overstated. Imprivata plays a critical role in shaping a more secure, efficient, and compliant healthcare IT landscape; Imprivata’s solutions mitigate risks by providing a robust, secure framework for access and identity management. 

IGEL and Imprivata, A technology partnership perfectly aligned to solve key challenges and enable new and exciting workflows within healthcare, had unfulfilled potential due to the nature of the integration agent… until now.

A QUICK REVIEW OF THE CHALLENGE:

  • The IGEL Imprivata integration leveraged the Imprivata Linux agent ‘ProveID Embedd’ (PIE agent).
  • The Imprivata PIE agent managed the entire end-to-end workflow. Which required IGEL to run in ‘Appliance Mode.’
  • This integration limited the flexibility that IGEL is known for and that healthcare desperately needs to keep up with those evolving patient needs.

(That said, we have enjoyed a very successful partnership spanning a decade, benefiting thousands of customers through our collaboration.)

WHAT’S NEW? We just released a purpose-built IGEL Agent for Imprivata, expanding our partnership and unleashing the potential of our collaboration.

This new agent allows IGEL to control the end-user experience by expanding beyond the current Imprivata PIE workflows. Healthcare providers benefit from the added flexibility and workflows, allowing both products to thrive.

  • Windows 365 & AVD integration and other VDI workflows (Citrix, VMWare)
  • Device Location based policy to enhance Imprivata VDA user policy
  • Local IGEL OS Desktop access combined with Virtualization scenarios

WORKFLOWS THAT ONLY AVAILABLE VIA IGEL AND IMPRIVATA:

  • Imprivata tap-and-go access to Windows 365.
  • Imprivata tap-and-go access to AVD integration.
  • Imprivata tap-and-go access to VMware Horizon.

The Agent is built into the OS11 firmware and is available as an app in OS12.

OS 11: OS 11.08.440 OS 12 App:  iia-0.3.7+0.1

💡
EXAMPLE 1: AZURE VIRTUAL DESKTOPS (AVD)
  • What is AVD? Azure Virtual Desktop (AVD) is a desktop-as-a-service (DaaS) offering that allows users to run virtual desktops and applications from the Azure public cloud.
  • Is that like VDI?

    • VDI (Virtual Desktop Infrastructure) provides virtualized desktops, usually on-premises. In contrast, AVD provides virtual desktops hosted in Azure (Microsoft's global network of data centers).

AVD HIGHLIGHTS:

  • Desktop and app virtualization service running on top of Microsoft Azure.
  • Works like a local Windows PC
  • Deliver Windows 11 or Windows 10 multi-session environments.
  • Full administrative control over host pools and infrastructure.
  • Monitoring and insight into resource consumption
  • Scalable and redundant
  • Charges based on consumption (CPU, network, storage)
  • A better choice for larger organizations

WHY WOULD HEALTHCARE CUSTOMER FIND INTEREST IN AVD:

  • Epic has put AVD Windows 11 multi-session on their exploratory platform list.
    • Customers can use Epic Hyperdrive on that version of Windows.
  • Azure Stack HCI can also be used with AVD.
    • Local data center running AVD Windows multi-session
    • Faster connections to AVD with Azure Cloud as a backup
  • UDP Shortpath option
    • Faster connection to AVD
    • Supported on private/express route networks

THE HISTORICAL CHALLENGE 😫

The Imprivata "ProveID Embedded Agent" (PIE agent) can’t connect to AVD, so it restricts organizations looking to take advantage of the flexibility and scale of this new technology if they were using Imprivata.

THE SOLUTION: IMPRIVATA TAP AND GO - WORKING ON AVD WITH IGEL

THE IGEL IMPRIVATA AGENT TO THE RESCUE!

Link to the Solution Brief

The Workflow:

  1. The user Taps in is authenticated into the IGEL AVD Client and is reconnected to their AVD Desktop.
  2. Access to the local IGEL desktop is available if needed.
  3. User Taps to lock.
  4. AVD Desktop is disconnected, and the client is logged off
  5. The device is ready for the next user.
💡
EXAMPLE 2: WINDOWS 365 or W365
  • What is W365? Windows 365 is a cloud-based service that creates virtual machines (Cloud PCs) for users. Each Cloud PC is assigned to a single user and is their dedicated Windows device.
  • Is that like AVD?

    • Azure Virtual Desktop (AVD) and Windows 365 are cloud-based services from Azure, offering security, flexibility, and cost-effectiveness. The main difference is the IT admin experience, specifically with customization and management. (W365 is simple but not flexible.)

WINDOWS 365 or W365

  • Fully managed by Microsoft.
  • Less flexible, simpler than AVD
  • Fixed licensing cost per user per month regardless of usage.
  • Specialized Frontline Worker package for healthcare workers – reduces licensing cost by allowing a 3:1 license ratio. 
  • No multi-user sessions. 

A SCENARIO FOR W365 WITHIN HEALTHCARE AND FRONT-LINE WORKERS:

Scenario:

4,000 Front Line clinical workers log in and out of task workstations, terminals, and laptops a hundred times a day to access apps & resources to assist patients. 

The company deals with a series of challenges:

  • Slow booting and login process
  • High latency and poor VM performance from non-persistence experience
  • Slow user experience login timeframes (40-60 seconds login times) username + pw
  • VDI resource management overhead

Objectives:

  • Elevate business performance and employee productivity.
  • Reduce user experience login timeframes (e.g., 10 seconds)
  • Enable Tap & Go badge authentication experience integration for clinicians.
  • Desire to shift away from traditional on-prem VDI looking at a cloud solution Windows 365 Cloud PC
  • Simplify virtual desktop management and support.
  • In need of a predictable license cost

THE HISTORICAL CHALLENGE 😫

The Imprivata "ProveID Embedded Agent" (PIE agent) can’t connect to W365 either, so it restricts organizations looking to take advantage of the flexibility and scale of this new technology if they were using Imprivata.

THE SOLUTION: IMPRIVATA TAP AND GO - now on Windows 365 (W365) WITH IGEL

DEMO WORKFLOW:

  • Windows 365 Cloud PC Roaming Desktop
  • Fast User Switching

💡
EXAMPLE 3: IGEL AGENT FOR IMPRIVATA & VMWARE

IGEL Agent for Imprivata VMWare – Added Value

The IGEL Agent allows us to control the end-user experience by expanding beyond the current Imprivata PIE workflows to enable these additional Horizon use cases:

  • Authentication into Native Horizon Client for Linux with access to local IGEL desktop
  • Horizon Apps (on-prem or cloud)
  • Horizon Desktops (Cloud)
  • Location-based resource selection without user input
    • Removing an Imprivata chooser that interrupts workflow
  • V1 broker supports current.

Roadmap – Horizon v2 broker Next Gen support 

TAP AND GO - Horizon Cloud Desktop on IGEL OS

Demo 1: Tap & Go

Reconnect – Tap to Lock – Disconnect Session

  • User Taps In
  • The user is authenticated into Horizon Client and reconnected to their Cloud Desktop, which is The devicealready running
  • The User minimizes showing the IGEL local desktop
  • The user maximizes the virtual desktop and Taps to Lock the endpoint.
  • IGEL Agent for Imprivata locks the endpoint
  • Device is ready for the next user

Disclaimer