Global security settings determine whether clients are reauthenticated after interruptions, message security mode is enabled, and security status is enhanced.
In Horizon Console, you can configure global security settings by navigating to .
TLS is required for all Horizon Client connections and Horizon Console connections to VMware Horizon. If your VMware Horizon deployment uses load balancers or other client-facing, intermediate servers, you can off-load TLS to them and then configure non-TLS connections on individual Connection Server instances.
| Setting | Description |
|---|---|
| Reauthenticate secure tunnel connections after network interruption | Determines if user credentials must be reauthenticated after a network interruption when Horizon clients use secure tunnel connections to remote desktops. When you select this setting, if a secure tunnel connection is interrupted, Horizon Client requires the user to reauthenticate before reconnecting. This setting offers increased security. For example, if a laptop is stolen and moved to a different network, the user cannot automatically gain access to the remote desktop without entering credentials. When this setting is not selected, the client reconnects to the remote desktop without requiring the user to reauthenticate. This setting has no effect when the secure tunnel is not used. |
| Message security mode | Determines the security mechanism used for sending JMS messages between components
For new installations, by default, message security mode is set to Enhanced. If you upgrade from a previous version, the setting used in the previous version is retained. |
| Enhanced Security Status (Read-only) | Read-only field that appears when Message security mode is changed from Enabled to Enhanced. Because the change is made in phases, this field shows the progress through the phases:
|
