Global security settings determine whether clients are reauthenticated after interruptions, message security mode is enabled, and IPSec is used for security server connections.
SSL is required for all Horizon Client connections and View Administrator connections to View. If your View deployment uses load balancers or other client-facing, intermediate servers, you can off-load SSL to them and then configure non-SSL connections on individual View Connection Server instances and security servers. See Off-load SSL Connections to Intermediate Servers.
|Reauthenticate secure tunnel connections after network interruption|| Determines if user credentials must be reauthenticated after a network interruption when Horizon clients use secure tunnel connections to remote desktops.
When you select this setting, if a secure tunnel connection is interrupted, Horizon Client requires the user to reauthenticate before reconnecting.
This setting offers increased security. For example, if a laptop is stolen and moved to a different network, the user cannot automatically gain access to the remote desktop without entering credentials.
When this setting is not selected, the client reconnects to the remote desktop without requiring the user to reauthenticate.
This setting has no effect when the secure tunnel is not used.
|Message security mode||Determines if signing and verification of the JMS messages passed between View components takes place. For details, see Message Security Mode for View Components.
By default, message security mode is enabled.
|Use IPSec for Security Server connections||Determines whether to use Internet Protocol Security (IPSec) for connections between security servers and View Connection Server instances.
By default, secure connections (using IPSec) for security server connections is enabled.
After an upgrade, if you do not enable the Require SSL for client connections setting, HTTPS connections from Horizon clients will fail, unless they connect to an intermediate device that is configured to make onward connections using HTTP. See Off-load SSL Connections to Intermediate Servers.