When clients connect to a remote desktop or application with the PCoIP display protocol from VMware, Horizon Client can make a second connection to the PCoIP Secure Gateway component on a View Connection Server instance or a security server. This connection provides the required level of security and connectivity when accessing remote desktops and applications from the Internet.

Security servers include a PCoIP Secure Gateway component, which offers the following advantages:

  • The only remote desktop and application traffic that can enter the corporate data center is traffic on behalf of a strongly authenticated user.

  • Users can access only the resources that they are authorized to access.

  • This connection supports PCoIP, which is an advanced remote display protocol that makes more efficient use of the network by encapsulating video display packets in UDP instead of TCP.

  • PCoIP is secured by AES-128 encryption by default. You can, however, change the encryption cipher to AES-256.

  • No VPN is required, as long as PCoIP is not blocked by any networking component. For example, someone trying to access their remote desktop or application from inside a hotel room might find that the proxy the hotel uses is not configured to pass PCoIP.

    For more information, see Firewall Rules for DMZ-Based Security Servers.

Security servers with PCoIP support run on Windows Server 2008 R2 and Windows Server 2012 R2 operating systems and take full advantage of the 64-bit architecture. This security server can also take advantage of Intel processors that support AES New Instructions (AESNI) for highly optimized PCoIP encryption and decryption performance.