USB devices can be vulnerable to a security threat called BadUSB, in which the firmware on some USB devices can be hijacked and replaced with malware. For example, a device can be made to redirect network traffic or to emulate a keyboard and capture keystrokes. You can configure the USB redirection feature to protect your VMware Horizon deployment against this security vulnerability.

By disabling USB redirection, you can prevent any USB devices from being redirected to your users' remote desktops and applications. Alternatively, you can disable redirection of specific USB devices, allowing users to have access only to specific devices on their remote desktops and applications.

The decision whether to take these steps depends on the security requirements in your organization. These steps are not mandatory. You can install USB redirection and leave the feature enabled for all USB devices in your VMware Horizon deployment. At a minimum, consider seriously the extent to which your organization should try to limit its exposure to this security vulnerability.