VMware Horizon 8 includes Group Policy administrative ADMX templates that contain security-related group policy settings that you can use to secure your remote desktops and applications.
For example, you can use group policy settings to perform the following tasks.
- Specify the connection broker instances that can accept user identity and credential information that is passed when a user selects the Log in as current user check box in Horizon Client for Windows.
- Enable single sign-on for smart card authentication in Horizon Client.
- Configure server TLS certificate checking in Horizon Client.
- Prevent users from providing credential information with Horizon Client command line options.
- Prevent non-Horizon Client systems from using RDP to connect to remote desktops. You can set this policy so that connections must be Horizon Client-managed, which means that users must use VMware Horizon 8 to connect to remote desktops.
See the Horizon Remote Desktop Features and GPOs document for information on using remote desktop and Horizon Client group policy settings.