VMware Horizon includes Group Policy administrative ADMX templates that contain security-related group policy settings that you can use to secure your remote desktops and applications.

For example, you can use group policy settings to perform the following tasks.

  • Specify the connection broker instances that can accept user identity and credential information that is passed when a user selects the Log in as current user check box in Horizon Client for Windows.
  • Enable single sign-on for smart card authentication in Horizon Client.
  • Configure server TLS certificate checking in Horizon Client.
  • Prevent users from providing credential information with Horizon Client command line options.
  • Prevent non-Horizon Client systems from using RDP to connect to remote desktops. You can set this policy so that connections must be Horizon Client-managed, which means that users must use VMware Horizon to connect to remote desktops.

See the Horizon Remote Desktop Features and GPOs document for information on using remote desktop and Horizon Client group policy settings.