Security
Table Of Contents
- View Security
- Contents
- View Security
- View Accounts, Resources, and Log Files
- View Security Settings
- Ports and Services
- Configuring Security Protocols and Cipher Suites on a View Connection Server Instance or on a Security Server
- Default Global Policies for Security Protocols and Cipher Suites
- Configuring Global Acceptance and Proposal Policies
- Configure Acceptance Policies on Individual View Servers
- Configure Proposal Policies on View Desktops
- Internet Engineering Task Force Standards
- Older Protocols and Ciphers Disabled in View
- Reducing MIME Type Security Risks
- Mitigating Cross-Site Scripting Attacks
- Content Type Checking
- Origin Checking
- Configuring Security Protocols and Cipher Suites for Blast Secure Gateway
- Deploying USB Devices in a Secure View Environment
- Index
For example:
acceptContentType.1=x-www-form-urlencoded
To accept another content type, add the entry acceptContentType.2=content-type, and so on
Origin Checking
By default, protection against cross-site request forging is disabled.
You can enable this protection by adding the following entry to the file locked.properties:
checkOrigin=true
If multiple Connection Servers or security servers are load balanced, you must specify the load balancer
address by adding the following entry to the file locked.properties. Port 443 is assumed for this address.
balancedHost=load-balancer-name
When this option is enabled, connections to View can be made only to the address given in the external
URL, to the balancedHost address, or to localhost.
Chapter 4 Configuring Security Protocols and Cipher Suites on a View Connection Server Instance or on a Security Server
VMware, Inc. 29