Security
Table Of Contents
- View Security
- Contents
- View Security
- View Security Reference
- View Accounts
- View Security Settings
- View Resources
- View Log Files
- View TCP and UDP Ports
- Services on a View Connection Server Host
- Services on a Security Server
- Configuring Security Protocols and Cipher Suites on a View Connection Server Instance or on a Security Server
- Default Global Policies for Security Protocols and Cipher Suites
- Updating JCE Policy Files to Support High-Strength Cipher Suites
- Configuring Global Acceptance and Proposal Policies
- Configure Acceptance Policies on Individual View Servers
- Internet Engineering Task Force Standards
- Perfect Forward Secrecy
- SSLv3 Is Disabled in View
- Deploying USB Devices in a Secure View Environment
- Index
Table 1‑10. View Log Files (Continued)
View Component File Path and Other Information
View Connection Server
or Security Server
<Drive Letter>:\ProgramData\VMware\VDM\logs.
The log directory is configurable in the log configuration settings of the View Common
Configuration ADM template file (vdm_common.adm).
PCoIP Secure Gateway logs are written to files named SecurityGateway_*.log in the
PCoIP Secure Gateway subdirectory of the log directory on a security server.
View Services View Event Database configured on an SQL Server or Oracle database server.
Windows System Event logs.
View TCP and UDP Ports
View uses TCP and UDP ports for network access between its components.
During installation, View can optionally configure Windows firewall rules to open the ports that are used by
default. If you change the default ports after installation, you must manually reconfigure Windows firewall
rules to allow access on the updated ports. See "Replacing Default Ports for View Services" in the View
Installation document.
Table 1‑11. TCP and UDP Ports Used by View
Source Port Target Port Protocol Description
Security server 55000 View Agent 4172 UDP PCoIP (not SALSA20) if PCoIP Secure Gateway is
used.
Security server 4172 Horizon Client 50001 UDP PCoIP (not SALSA20) if PCoIP Secure Gateway is
used.
Security server 500 View Connection
Server
500 UDP IPsec negotiation traffic.
Security server * View Connection
Server
4001 TCP JMS traffic.
Security server * View Connection
Server
4002 TCP JMS SSL traffic.
Security server * View Connection
Server
8009 TCP AJP13-forwarded Web traffic, if not using IPsec.
Security server * View Connection
Server
* ESP AJP13-forwarded Web traffic, when using IPsec
without NAT.
Security server 4500 View Connection
Server
4500 UDP AJP13-forwarded Web traffic, when using IPsec
through a NAT device.
Security server * View desktop 3389 TCP Microsoft RDP traffic to View desktops.
Security server * View desktop 9427 TCP Wyse MMR redirection.
Security server * View desktop 32111 TCP USB redirection.
Security server * View desktop 4172 TCP PCoIP (HTTPS) if PCoIP Secure Gateway is used.
Security server * View desktop 22443 TCP HTML Access.
View Agent 4172 Horizon Client 50001 UDP PCoIP, if PCoIP Secure Gateway is not used.
View Agent 4172 View Connection
Server or security
server
55000 UDP PCoIP (not SALSA20) if PCoIP Secure Gateway is
used.
Horizon Client * View Connection
Server or security
server
80 TCP SSL (HTTPS access) is enabled by default for client
connections, but port 80 (HTTP access) can be used
in certain cases. See “Notes and Caveats for TCP
and UDP Ports Used by View,” on page 20.
View Security
18 VMware, Inc.