Introduction
IGEL Agent for Imprivata (IAFI) Overview
IGEL has been an Imprivata technology partner since 2011. Our partnership has empowered tens of thousands of healthcare users globally to achieve secure, quick and easy access to clinical virtual applications and desktops using IGEL OS powered endpoints and the Imprivata ProveID Embedded (PIE) agent for Linux devices.
In September 2022, we expanded our partnership to develop a new ProveID Web agent that would deliver enhanced integrations, enable new workflows, and address evolving market and customer demands. A few examples of these market changes have been Windows 10 to 11 migrations, saving endpoint costs by repurposing existing devices and extending the life of their hardware, the adoption of Cloud delivered desktops or applications such as Microsoft Azure Virtual Desktop (AVD), and the rise of ransomware attacks and a desire for a more secure endpoint OS to help mitigate these threats.
Key Differences Between PIE and IAFI
The IGEL Agent for Imprivata (IAFI) is our implementation for various Imprivata Enterprise Access Management (formerly called OneSign and ConfirmID) related workflows. IAFI is available as an IGEL OS 12 application from the IGEL App Portal. Some older OS 11 firmware versions have the agent but all the latest IAFI versions with updated features, enhancements and fixes are in the OS 12 app. Please see this for additional information: IAFI - IGEL System Requirements
Appliance Mode vs. Non-Appliance Mode Agent
Since our initial integration with the Imprivata PIE Agent, it has only been available as a feature in the IGEL Appliance Mode (OS 11 and older versions). In Appliance Mode, PIE users are unable to access the local IGEL OS desktop and can only connect to virtualized desktops and apps supported by Imprivata. The list of supported features and workflows is maintained by Imprivata on their website which can be accessed here: Imprivata Enterprise Access Management - SSO Supported Components. The IGEL KB for OS 11 and Imprivata can be accessed here: OS 11 and Imprivata Setup
In contrast, due to high customer demand for options such as access to the IGEL local desktop and underlying OS features, the IAFI was created as a “non-appliance mode” option which by design, allowed full access (if needed) to the IGEL OS Desktop and new workflows previously unavailable with the PIE agent. During the initial IAFI development, OS 11 was the only available option for testing, and with a limited feature set, we chose to create a license to enable the use of the agent during the beta and customer early access phase. We also required a workflow review and use case validation before providing licenses for customer testing or production use.
While the IAFI initial feature set was limited, it has since grown and is maintained by IGEL in cooperation with Imprivata. You can review the current IAFI Feature Matrix here: IGEL Agent for Imprivata (IAFI) Feature Comparison Matrix
Summary of IGEL and Imprivata Agent Options for OS 11 and 12
Imprivata ProveID Embedded - PIE Agent | IGEL Agent for Imprivata |
|---|---|
Built and maintained by Imprivata | Built and maintained by IGEL |
IGEL OS 11: Appliance Mode only experience
| Non-Appliance Mode experience for OS 12
|
Uses the Imprivata ProveID Web API
| Uses the Imprivata ProveID Web API
|
The PIE Agent is downloaded from the Imprivata appliance and installed on IGEL OS 11 via an embedded bootloader. | OS 12 agent built as a separate application under the new OS 12 app delivery model. |
Supported workflows, authentication devices, use cases, and roadmap developed by Imprivata. See the Imprivata Supported Configurations Guide for more information. | Supported workflows, use cases, and roadmap developed by IGEL. See IGEL Agent for Imprivata Feature Matrix for further details. |
Not supported for IGEL OS 12 | OS 12 app available in the IGEL App Portal |