VMWare solves the endpoint problem?

I just saw this article today, entitled "VMWare Takes Virtual Machines Mobile". At first I thought it was about VMWare access from Windows CE or something, but that's not it at all. Apparently VMWare has leveraged their virtual machine technology to provide locked-down endpoint workstation images that can be centrally managed to ensure compliance with IT and security policies.

Here's the scenario I found most interesting: Apparently, you can load OS + applications onto a single DVD, then install that on an untrusted computer, like an employee's home PC. He can run that OS in a VMWare virtual machine, and use the 'trusted" image to connect back to the secure corporate LAN, without fear of some virus or other malware leaking through.

Of course, this isn't perfect security, since an attacker could still log your keystrokes or even theoretically modify or break into the VM image, but it seems like a useful layer of extra security, provided the endpoint hardware is up to the task.