Security-related global settings for client sessions and connections are accessible under View Configuration > Global Settings in View Administrator.

Table 1. Security-Related Global Settings

Setting

Description

Change data recovery password

The password is required when you restore the View LDAP configuration from an encrypted backup.

When you install View Connection Server version 5.1 or later, you provide a data recovery password. After installation, you can change this password in View Administrator.

When you back up View Connection Server, the View LDAP configuration is exported as encrypted LDIF data. To restore the encrypted backup with the vdmimport utility, you must provide the data recovery password. The password must contain between 1 and 128 characters. Follow your organization's best practices for generating secure passwords.

Message security mode

Determines the security mechanism used when JMS messages are passed between View components.

  • If set to Disabled, message security mode is disabled.

  • If set to Enabled, legacy message signing and verification of JMS messages takes place. View components reject unsigned messages. This mode supports a mix of SSL and plain JMS connections.

  • If set to Enhanced, SSL is used for all JMS connections, to encrypt all messages. Access control is also enabled to restrict the JMS topics that View components can send messages to and receive messages from.

  • If set to Mixed, message security mode is enabled, but not enforced for View components that predate View Manager 3.0.

The default setting is Enhanced for new installations. If you upgrade from a previous version, the setting used in the previous version is retained.

Important:

VMware strongly recommends setting the message security mode to Enhanced after you upgrade all View Connection Server instances, security servers, and View desktops to this release. The Enhanced setting provides many important security improvements and MQ (message queue) updates.

Enhanced Security Status (Read-only)

Read-only field that appears when Message security mode is changed from Enabled to Enhanced. Because the change is made in phases, this field shows the progress through the phases:

  • Waiting for Message Bus restart is the first phase. This state is displayed until you manually restart either all Connection Server instances in the pod or the VMware Horizon View Message Bus Component service on all Connection Server hosts in the pod.

  • Pending Enhanced is the next state. After all View Message Bus Component services have been restarted, the system begins changing the message security mode to Enhanced for all desktops and security servers.

  • Enhanced is the final state, indicating that all components are now using Enhanced message security mode.

Reauthenticate secure tunnel connections after network interruption

Determines if user credentials must be reauthenticated after a network interruption when Horizon Clients use secure tunnel connections to View desktops and applications.

This setting offers increased security. For example, if a laptop is stolen and moved to a different network, the user cannot automatically gain access to the View desktops and applications because the network connection was temporarily interrupted.

This setting is disabled by default.

Forcibly disconnect users

Disconnects all desktops and applications after the specified number of minutes has passed since the user logged in to View. All desktops and applications will be disconnected at the same time regardless of when the user opened them.

The default is 600 minutes.

For clients that support applications.

If the user stops using the keyboard and mouse, disconnect their applications and discard SSO credentials

Protects application sessions when there is no keyboard or mouse activity on the client device. If set to After ... minutes, View disconnects all applications and discards SSO credentials after the specified number of minutes without user activity. Desktop sessions are disconnected. Users must log in again to reconnect to the applications that were disconnected or launch a new desktop or application.

If set to Never, View never disconnects applications or discards SSO credentials due to user inactivity.

The default is Never.

Other clients.

Discard SSO credentials

Discards the SSO credentials after a certain time period. This setting is for clients that do not support application remoting. If set to After ... minutes, users must log in again to connect to a desktop after the specified number of minutes has passed since the user logged in to View, regardless of any user activity on the client device.

The default is After 15 minutes.

Enable IPSec for Security Server pairing

Determines whether to use Internet Protocol Security (IPSec) for connections between security servers and View Connection Server instances. This setting must be disabled before installing a security server in FIPS mode; otherwise pairing will fail.

By default, IPSec for security server connections is enabled.

View Administrator session timeout

Determines how long an idle View Administrator session continues before the session times out.

Important:

Setting the View Administrator session timeout to a high number of minutes increases the risk of unauthorized use of View Administrator. Use caution when you allow an idle session to persist a long time.

By default, the View Administrator session timeout is 30 minutes. You can set a session timeout from 1 to 4320 minutes.

For more information about these settings and their security implications, see the View Administration document.

Note:

SSL is required for all Horizon Client connections and View Administrator connections to View. If your View deployment uses load balancers or other client-facing, intermediate servers, you can off-load SSL to them and then configure non-SSL connections on individual View Connection Server instances and security servers. See "Off-load SSL Connections to Intermediate Servers" in the View Administration document.