Global security settings determine whether clients are reauthenticated after interruptions, message security mode is enabled, IPSec is used for security server connections, and SSO is used for local desktop operations.

SSL is required for all View Client connections and View Administrator connections to View. If your View deployment uses load balancers or other client-facing, intermediate servers, you can off-load SSL to them and then configure non-SSL connections on individual View Connection Server instances and security servers. See Off-load SSL Connections to Intermediate Servers.

Global Security Settings for Client Sessions and Connections

Setting

Description

Reauthenticate secure tunnel connections after network interruption

Determines if user credentials must be reauthenticated after a network interruption when View clients use secure tunnel connections to View desktops.

When you select this setting, if a secure tunnel connection ends during a desktop session, View Client requires the user to reauthenticate before reconnecting.

This setting offers increased security. For example, if a laptop is stolen and moved to a different network, the user cannot automatically gain access to the remote desktop because the network connection was temporarily interrupted.

When this setting is not selected, the client reconnects to the desktop without requiring the user to reauthenticate.

This setting has no effect when you use direct connection.

Message security mode

Determines if signing and verification of the JMS messages passed between View Manager components takes place. For details, see Message Security Mode for View Components.

By default, message security mode is enabled.

Use IPSec for Security Server connections

Determines whether to use Internet Protocol Security (IPSec) for connections between security servers and View Connection Server instances.

By default, secure connections (using IPSec) for security server connections is enabled.

Disable Single Sign-on for Local Mode operations

Determines if single sign-on is enabled when users log in to their local desktops.

If you enable this setting, users must manually log in to their desktops to start their Windows sessions after they log in.

When you change this setting, the change takes effect for each user at the next user operation.

Note

If you upgrade to View 5.1 or later from an earlier View release, the global setting Require SSL for client connections is displayed in View Administrator, but only if the setting was disabled in your View configuration before you upgraded. Because SSL is required for all View Client connections and View Administrator connections to View, this setting is not displayed in fresh installations of View 5.1 or later versions and is not displayed after an upgrade if the setting was already enabled in the previous View configuration.

After an upgrade, if you do not enable the Require SSL for client connections setting, HTTPS connections from View clients will fail, unless they connect to an intermediate device that is configured to make onward connections using HTTP. See Off-load SSL Connections to Intermediate Servers.