You can set the level of security of transfer operations by using SSL encryption and tunneled connections between the client computers that host local desktops and the datacenter.

Using Secure, Tunneled Connection and SSL for Local Desktop Operations shows the security settings for local desktop operations. Not using SSL or tunneled connection increases data-transfer speed at the expense of secure data communication.

The SSL settings do not affect local data on the client computers, which is always encrypted.

The data disk stored locally on client systems is encrypted using a default encryption strength of AES-128. The encryption keys are stored encrypted on the client system with a key derived from a hash of the user's credentials (username and password or smart card and PIN). On the server side, the key is stored in View LDAP. Whatever security measures you use to protect View LDAP on the server also protect the local mode encryption keys stored in LDAP.

Using Secure, Tunneled Connection and SSL for Local Desktop Operations

Setting

Description

Use secure tunnel connection for Local Mode operations

Determines whether local desktops use tunneled communications.

If this setting is enabled, network traffic is routed through View Connection Server or a security server if one is configured.

If this setting is disabled, data transfers take place directly between local desktops and View Transfer Server.

This setting is disabled by default.

Use SSL for Local Mode operations

Determines whether communications and data transfers between client computers and the datacenter use SSL encryption. These operations include checking in and checking out desktops and replicating data from client computers to the datacenter, but do not include transfers of View Composer base images. These operations involve connections between client computers and View Transfer Server.

This setting is enabled by default.

Use SSL when provisioning desktops in Local Mode

Determines whether transfers of View Composer base-image files from the Transfer Server repository to client computers use SSL encryption. These operations involve connections between client computers and View Transfer Server.

This setting is enabled by default.