Security
Table Of Contents
- View Security
- Contents
- View Security
- View Security Reference
- View Accounts
- View Security Settings
- View Resources
- View Log Files
- View TCP and UDP Ports
- Services on a View Connection Server Host
- Services on a Security Server
- Configuring Security Protocols and Cipher Suites on a View Connection Server Instance or on a Security Server
- Default Global Policies for Security Protocols and Cipher Suites
- Updating JCE Policy Files to Support High-Strength Cipher Suites
- Configuring Global Acceptance and Proposal Policies
- Configure Acceptance Policies on Individual View Servers
- Internet Engineering Task Force Standards
- Perfect Forward Secrecy
- SSLv3 Is Disabled in View
- Deploying USB Devices in a Secure View Environment
- Index
Table 1‑11. TCP and UDP Ports Used by View (Continued)
Source Port Target Port Protocol Description
Horizon Client * View security
server
443 TCP HTTPS access. Port 443 is enabled by default for
client connections. Port 443 can be changed.
Connection attempts over HTTP to port 80 are
redirected to port 443 by default, but port 80 can
service client connections if SSL is off-loaded to an
intermediate device. You can reconfigure the
redirection rule if the HTTPS port was changed.
See “Notes and Caveats for TCP and UDP Ports
Used by View,” on page 20.
Horizon Client * View Connection
Server
443 TCP HTTPS access. Port 443 is enabled by default for
client connections. Port 443 can be changed.
Client connection attempts to port 80 are
redirected to port 443 by default, but port 80 can
service client connections if SSL is off-loaded to an
intermediate device. Connection attempts to port
80 to reach View Administrator are not redirected.
You must connect over HTTPS to reach View
Administrator.
You can prevent HTTP redirection and force
clients to use HTTPS. See “Notes and Caveats for
TCP and UDP Ports Used by View,” on page 20.
Horizon Client * View Connection
Server or security
server
4172 TCP PCoIP (HTTPS) if PCoIP Secure Gateway is used.
Horizon Client * View desktop 3389 TCP Microsoft RDP traffic to View desktops if direct
connections are used instead of tunnel
connections.
Horizon Client * View desktop 9427 TCP Wyse MMR redirection if direct connections are
used instead of tunnel connections.
Horizon Client * View desktop 32111 TCP USB redirection if direct connections are used
instead of tunnel connections.
Horizon Client * View Agent 4172 TCP PCoIP (HTTPS) if PCoIP Secure Gateway is not
used.
Horizon Client 50001 View Agent 4172 UDP PCoIP, if PCoIP Secure Gateway is not used.
Horizon Client 50001 View Connection
Server or security
server
4172 UDP PCoIP (not SALSA20) if PCoIP Secure Gateway is
used.
Web Browser * Security server 8443 TCP HTML Access.
View Connection
Server
* View Connection
Server
48080 TCP For internal communication between View
Connection Server components.
View Connection
Server
* vCenter Server or
View Composer
80 TCP SOAP messages if SSL is disabled for access to
vCenter Servers or View Composer.
View Connection
Server
* vCenter Server or
View Composer
443 TCP SOAP messages if SSL is enabled for access to
vCenter Servers or View Composer.
View Connection
Server
55000 View Agent 4172 UDP PCoIP (not SALSA20) if PCoIP Secure Gateway via
the View Connection Server is used.
View Connection
Server
4172 Horizon Client 50001 UDP PCoIP (not SALSA20) if PCoIP Secure Gateway via
the View Connection Server is used.
View Connection
Server
* View Connection
Server
4100 TCP JMS inter-router traffic.
View Connection
Server
* View Connection
Server
4101 TCP JMS SSL inter-router traffic.
Chapter 1 View Security Reference
VMware, Inc. 19