With client drive redirection (CDR), folders and files are sent across the network without encryption and might contain sensitive data, depending on the content being redirected. To ensure that this data cannot be monitored on the network, use CDR only on a secure network.
If the secure tunnel is enabled, CDR connections between Horizon Clients and the View Secure Gateway are secure, but connections from the View Secure Gateway to desktop machines are not encrypted. If the secure tunnel is disabled, CDR connections from Horizon Clients to the desktop machines are not encrypted.
The Client Drive Redirection setup option in the View Agent installer is deselected by default. You must select this option to install the CDR feature.
As a best practice, install the Client Drive Redirection setup option only in desktop pools where users require this feature.
You can disable CDR by configuring a Microsoft Remote Desktop Services group policy setting in Active Directory.
In the Group Policy Editor, go to Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection.
Enable the Do not allow drive redirection group policy setting.