System Requirements for FIPS Mode

To support FIPS mode, your VMware Horizon 8 deployment must meet the following requirements.

vSphere

Remote desktop

Windows desktops and Linux desktops can both support FIPS mode, after meeting the following requirements.

Windows desktop
- The desktop can run any Windows platform supported by Horizon Agent.
- The Windows desktop must have a FIPS certificate. For information, see "FIPS 140 Validation" on the Microsoft TechNet website.
- Horizon Agent must be installed with the FIPS mode option selected.
Linux desktop
- The desktop can run any Red Hat Enterprise Linux (RHEL) distribution supported by Horizon Agent.
- Horizon Agent must be installed with the FIPS option enabled (-f yes).
- Desktops running RHEL 8.x must have FIPS mode enabled at the Linux system level:
```
fips-mode-setup --enable
reboot
```

Horizon Client

Windows clients must meet the following requirements:
- FIPS mode is enabled at the operating system level and a FIPS certificate is installed. For information, see "FIPS 140 Validation" on the Microsoft TechNet website.
- Horizon Client must be installed with the FIPS option selected. See the Horizon Client for Windows Guide document.
Linux clients must have FIPS mode enabled at the operating system level. See the Horizon Client for Linux Guide document.

Cryptographic protocol

Connection Server

The option to install VMware Horizon 8 in FIPS mode is available only if FIPS mode is enabled in the Windows environment. For more information about enabling FIPS mode in Windows, see https://support.microsoft.com/en-us/kb/811833
A new installation of Connection Server in FIPS mode requires a CA-signed certificate with friendly name vdm to be placed in the Windows certificate store. The installer checks for the presence of this certificate before proceeding with the installation. See Configure Horizon Connection Server to Use a New TLS Certificate for more information.