5.2
Table Of Contents
- VMware Horizon View Security
- Contents
- VMware Horizon View Security
- VMware Horizon View Security Reference
- View Accounts
- View Security Settings
- View Resources
- View Log Files
- View TCP and UDP Ports
- Services on a View Connection Server Host
- Services on a Security Server
- Services on a View Transfer Server Host
- Configuring Security Protocols and Cipher Suites on a View Connection Server Instance or on a Security Server
- Index
Table 1-13. TCP and UDP Ports Used by Local Mode (Continued)
Source Port Target Port Protocol Description
View Connection
Server
* View Transfer Server 80 TCP Local desktop check-
out, check-in, and
replication if tunnel
connections via the
View Connection Server
are used and SSL is
disabled for local mode
operations.
View Connection
Server
* View Transfer Server 443 TCP Local desktop check-
out, check-in, and
replication if tunnel
connections via the
View Connection Server
are used and SSL is
enabled for local mode
operations.
View Transfer
Server
* View Connection Server 4001 TCP JMS traffic to support
local mode.
View Transfer
Server
* ESX host 902 TCP Publishing View
Composer packages for
local mode.
View Transfer
Server
* Server that hosts the
Transfer Server
repository network
share
445 UDP Configuring and
publishing View
Composer packages to
the Transfer Server
repository network
share.
Notes and Caveats for TCP and UDP Ports Used by View
Connection attempts over HTTP are silently redirected to HTTPS, except for connection attempts to View
Administrator. HTTP redirection is not needed with more recent View clients because they default to HTTPS,
but it is useful when your users connect with a Web browser, for example to download View Client.
The problem with HTTP redirection is that it is a non-secure protocol. If a user does not form the habit of
entering https:// in the address bar, an attacker can compromise the Web browser, install malware, or steal
credentials, even when the expected page is correctly displayed.
NOTE HTTP redirection for external connections can take place only if you configure your external firewall
to allow inbound traffic to TCP port 80.
Connection attempts over HTTP to View Administrator are not redirected. Instead, an error message is
returned indicating that you must use HTTPS.
To prevent redirection for all HTTP connection attempts, see “Prevent HTTP Redirection for Client
Connections,” on page 24.
Connections to port 80 of a View Connection Server instance or security server can also take place if you off-
load SSL client connections to an intermediate device. See "Off-load SSL Connections to Intermediate Servers"
in the VMware Horizon View Administration document.
To change the SSL port number, see "Replacing Default Ports for View Services" in the VMware Horizon View
Installation document.
To allow HTTP redirection when the SSL port number was changed, see “Change the Port Number for HTTP
Redirection,” on page 24.
Chapter 1 VMware Horizon View Security Reference
VMware, Inc. 23