Security

Table Of Contents

Configuring Security Protocols and

Cipher Suites on a View Connection

Server Instance or on a Security

Server 4

You can configure the security protocols and cipher suites that are accepted by View Connection Server.

You can define a global acceptance policy that applies to all View Connection Server instances in a

replicated group, or you can define an acceptance policy for individual View Connection Server instances

and security servers.

You also can configure the security protocols and cipher suites that View Connection Server instances

propose when connecting to vCenter Server and View Composer. You can define a global proposal policy

that applies to all View Connection Server instances in a replicated group. You cannot define individual

instances to opt out of a global proposal policy.

NOTE The security settings for View Connection Server do not apply to Blast Secure Gateway (BSG). You

must configure security for BSG separately. See Chapter 5, “Configuring Security Protocols and Cipher

Suites for Blast Secure Gateway,” on page 31.

Oracle's Unlimited Strength Jurisdiction Policy files are included as standard, allowing 256-bit keys by

default.

This chapter includes the following topics:

“Default Global Policies for Security Protocols and Cipher Suites,” on page 24

“Configuring Global Acceptance and Proposal Policies,” on page 24

“Configure Acceptance Policies on Individual View Servers,” on page 25

“Configure Proposal Policies on View Desktops,” on page 26

“Internet Engineering Task Force Standards,” on page 27

“Older Protocols and Ciphers Disabled in View,” on page 27

“Reducing MIME Type Security Risks,” on page 28

“Mitigating Cross-Site Scripting Attacks,” on page 28

“Content Type Checking,” on page 28

“Origin Checking,” on page 29

VMware, Inc.