Manualshelf

Specifications

ManualsBrandsVMware ManualsComputer equipmentVIEW COMPOSER 2.5 - ARCHITECTURE PLANNING EN-000350-01
41424344454647484950
Planning for Security Features 5
VMware View offers strong network security to protect sensitive corporate data. For added security, you can
integrate VMware View with certain third-party user-authentication solutions, use a security server, and
implement the restricted entitlements feature.
This chapter includes the following topics:
n
“Understanding Client Connections,” on page 49
n
“Choosing a User Authentication Method,” on page 51
n
“Restricting View Desktop Access,” on page 53
n
“Using Group Policy Settings to Secure View Desktops,” on page 54
n
“Implementing Best Practices to Secure Client Systems,” on page 55
n
“Assigning Administrator Roles,” on page 55
n
“Preparing to Use a Security Server,” on page 55
n
“Understanding VMware View Communications Protocols,” on page 60
Understanding Client Connections
View Client and View Administrator communicate with a View Connection Server host over secure HTTPS
connections.
The initial View Client connection, which is used for user authentication and View desktop selection, is created
when a user provides an IP address to View Client. The View Administrator connection is created when an
administrator types the View Administrator URL into a Web browser.
A default server SSL certificate is generated during View Connection Server installation. By default, clients are
presented with this certificate when they visit a secure page such as View Administrator.
You can use the default certificate for testing, but you should replace it with your own certificate as soon as
possible. The default certificate is not signed by a commercial Certificate Authority (CA). Use of noncertified
certificates can allow untrusted parties to intercept traffic by masquerading as your server.
n
Tunneled Client Connections with Microsoft RDP on page 50
When users connect to a View desktop with the Microsoft RDP display protocol, View Client makes a
second HTTPS connection to the View Connection Server host. This connection is called the tunnel
connection because it provides a tunnel for carrying RDP data.
VMware, Inc.
49