Security
Table Of Contents
- View Security
- Contents
- View Security
- View Accounts, Resources, and Log Files
- View Security Settings
- Ports and Services
- Configuring Security Protocols and Cipher Suites on a View Connection Server Instance or on a Security Server
- Default Global Policies for Security Protocols and Cipher Suites
- Configuring Global Acceptance and Proposal Policies
- Configure Acceptance Policies on Individual View Servers
- Configure Proposal Policies on View Desktops
- Internet Engineering Task Force Standards
- Older Protocols and Ciphers Disabled in View
- Reducing MIME Type Security Risks
- Mitigating Cross-Site Scripting Attacks
- Content Type Checking
- Origin Checking
- Configuring Security Protocols and Cipher Suites for Blast Secure Gateway
- Deploying USB Devices in a Secure View Environment
- Index
Table 2‑1. Security-Related Global Settings (Continued)
Setting Description
For clients that support
applications.
If the user stops using the
keyboard and mouse,
disconnect their
applications and discard
SSO credentials
Protects application sessions when there is no keyboard or mouse activity on the client
device. If set to After ... minutes, View disconnects all applications and discards SSO
credentials after the specified number of minutes without user activity. Desktop sessions
are disconnected. Users must log in again to reconnect to the applications that were
disconnected or launch a new desktop or application.
If set to Never, View never disconnects applications or discards SSO credentials due to user
inactivity.
The default is Never.
Other clients.
Discard SSO credentials
Discards the SSO credentials after a certain time period. This setting is for clients that do
not support application remoting. If set to After ... minutes, users must log in again to
connect to a desktop after the specified number of minutes has passed since the user logged
in to View, regardless of any user activity on the client device.
The default is After 15 minutes.
Enable IPSec for Security
Server pairing
Determines whether to use Internet Protocol Security (IPSec) for connections between
security servers and View Connection Server instances. This setting must be disabled
before installing a security server in FIPS mode; otherwise pairing will fail.
By default, IPSec for security server connections is enabled.
View Administrator
session timeout
Determines how long an idle View Administrator session continues before the session
times out.
IMPORTANT Setting the View Administrator session timeout to a high number of minutes
increases the risk of unauthorized use of View Administrator. Use caution when you allow
an idle session to persist a long time.
By default, the View Administrator session timeout is 30 minutes. You can set a session
timeout from 1 to 4320 minutes.
For more information about these settings and their security implications, see the View Administration
document.
NOTE SSL is required for all Horizon Client connections and View Administrator connections to View. If
your View deployment uses load balancers or other client-facing, intermediate servers, you can off-load SSL
to them and then configure non-SSL connections on individual View Connection Server instances and
security servers. See "Off-load SSL Connections to Intermediate Servers" in the View Administration
document.
Chapter 2 View Security Settings
VMware, Inc. 13