Comparison Table: SHIELDGate(RBI) vs SBC(VDI) vs CBC

This document is a comparative analysis of the security effectiveness, implementation efficiency, and operational complexity of web browser-based security solutions such as RBI (Remote Browser Isolation), VDI (Virtual Desktop Infrastructure), and CBC (Client-Based Control).

Category	SHIELDGate (RBI)	VDI	CBC
Basic Structure	Complete remote isolation of browser execution	Running a browser on the central VDI	Install the agent on the user terminal browser.
Threat Approach	★★★★★ Do not allow threat sources to enter internally.	★★★ Access control only at the session level.	★★ Detection and blocking within the terminal
Zero-Day Attack Response	★★★★★ Exploitation of browser vulnerabilities not possible	★★★ VDI OS/Browser Vulnerability Impact	★★ Device infection upon undetection
Ransomware Response	★★★★★ Internal inflow is structurally impossible.	★★★ Possibility of Internal Diffusion in VDI	★★ Internal spread upon terminal infection
Network Worm / Virus	★★★★★ No internal propagation path	★★★ VDI internal propagation possible	⚠️ Possible internal network propagation upon terminal infection.
Attack Surface	Minimum (screen streaming/rendering)	Intermediate (VDI OS + Browser)	Large (OS + Browser + Agent)
Internal network protection level	★★★★★ Complete logical separation	★★★ Logical separation	★★ Device dependency
Cost Structure	★★★★ Centralized / Simplification	★★ High cost of VDI infrastructure	★★★ Low initial cost
Construction Efficiency	★★★★★ Browser only provided	★★ VDI construction/operation complexity	★★★★ Quick deployment available
Operational Complexity	★★★★★ No need for patch and OS management.	⚠️★★ VDI OS·Image Management	★★★ Agent management by device
User Experience	★★★★ Web-based, lightweight	★★★★ Similar PC environment	★★★★★ Local browser same
Impact Scope in Case of Security Incident	★★★★★ Immediate disposal on a session basis	★★★ VDI Unit Impact	⚠️ Device unit → Internal diffusion possible