VMware Horizon 8 includes Group Policy administrative ADMX templates that contain security-related group policy settings that you can use to secure your remote desktops and applications.

For example, you can use group policy settings to perform the following tasks.

  • Specify the connection broker instances that can accept user identity and credential information that is passed when a user selects the Log in as current user check box in Horizon Client for Windows.
  • Enable single sign-on for smart card authentication in Horizon Client.
  • Configure server TLS certificate checking in Horizon Client.
  • Prevent users from providing credential information with Horizon Client command line options.
  • Prevent non-Horizon Client systems from using RDP to connect to remote desktops. You can set this policy so that connections must be Horizon Client-managed, which means that users must use VMware Horizon 8 to connect to remote desktops.

See the Horizon Remote Desktop Features and GPOs document for information on using remote desktop and Horizon Client group policy settings.