Other Protection Measures

Docs

Docs
(current)
VMware Communities

Twitter Facebook LinkedIn 微博

Besides the Internet Engineering Task Force and W3 standards, VMware Horizon employs other measures to protect communication that uses the HTTP protocol.

What to read next

Reducing MIME Type Security Risks
By default, VMware Horizon sends the header x-content-type-options: nosniff in its HTTP responses to help prevent attacks based on MIME-type confusion.
Mitigating Cross-Site Scripting Attacks
By default, VMware Horizon employs the XSS (cross-site scripting) Filter feature to mitigate cross-site scripting attacks by sending the header x-xss-protection=1; mode=block in its HTTP responses.
Content Type Checking
By default, VMware Horizon accepts requests with the following declared content types only:
Client Behavior Monitoring
Connection Servers have finite resources available to handle requests from clients, and misbehaving clients can tie up those resources, preventing others from being serviced. Client behavior monitoring is a class of detections and mitigation that protect against bad behavior.
User Agent Whitelisting
Set a whitelist to restrict user agents that can interact with VMware Horizon. By default, all user agents are accepted.
Host Checking
To frustrate host injection attacks, the Host header in each incoming request is checked against a list of expected host names.

Parent topic: HTTP Protection Measures on Connection Servers for VMware Horizon 8

Share on Social Media?

:

|

x

" "?