Comparison Material

This document discusses web browser-based security solutions such as RBI (Remote Browser Isolation) and VDI (Virtual Desktop Infrastructure),
This is a document comparing the security effects, construction efficiency, and operational complexity of the CBC (Client-Based Control) method from various angles.

division	SHIELDGate (RBI)	VDI	CBC
Basic Structure	Complete Remote Isolation of Browser Execution	Running Browser on Central VDI	Installing the agent on the user device browser
Threat Approach	★★★★★ Do not allow threat sources to enter internally	★★★ Access control only on a session basis	★★ Detection and Blocking on the Device
Zero-Day Attack Response	★★★★★ Unable to exploit browser vulnerabilities	★★★ VDI OS/Browser Vulnerability Impact	★★ Device Infection on Undetected Threat
Ransomware Response	★★★★★ Internal inflow is structurally impossible	★★★ Possibility of Internal Spread in VDI	★★ Internal Spread upon Device Infection
Network Worm / Virus	★★★★★ No internal propagation path	★★★ VDI Internal Propagation Possible	⚠️ Possible internal network propagation upon device infection
Attack Surface	Minimum (Screen Streaming/Rendering)	Intermediate (VDI OS + Browser)	Large (OS + Browser + Agent)
Internal Network Protection Level	★★★★★ Completely Logical Separation	★★★ Logical Separation	★★ Device Dependency
Cost Structure	★★★★ Centralized / Simplified	★★ High Cost of VDI Infrastructure	★★★ Low Initial Cost
Construction Efficiency	★★★★★ Browser only	★★ VDI Construction/Operation Complexity	★★★★ Fast Deployment Available
Operational Complexity	★★★★★ No need for patching or OS management	⚠️★★ VDI OS·Image Management	★★★ Device-specific Agent Management
User Experience	★★★★ Web-based, lightweight	★★★★ Similar PC Environment	★★★★★ Local Browser Same
Impact Scope in Case of Security Incident	★★★★★ Immediate Disposal by Session	★★★ Impact of VDI Units	⚠️ Device unit → Possible internal diffusion