You can set the level of security of transfer operations by using SSL encryption and tunneled connections between the client computers that host local desktops and the datacenter.

Using Secure, Tunneled Connection and SSL for Local Desktop Operations shows the security settings for local desktop operations.

Not using SSL or tunneled connection increases data-transfer speed at the expense of secure data communication.

The SSL settings do not affect local data on the client computers, which is always encrypted.

The data disk stored locally on client systems is encrypted using a default encryption strength of AES-128. The encryption keys are stored encrypted on the client system with a key derived from a hash of the user's credentials (username and password or smart card and PIN). On the server side, the key is stored in View LDAP. Whatever security measures you use to protect View LDAP on the server also protect the local mode encryption keys stored in LDAP.

Using Secure, Tunneled Connection and SSL for Local Desktop Operations

Setting

Description

Use secure tunnel connection for Local Mode operations

Local desktops use tunneled communications. Network traffic is routed through View Connection Server or a security server if one is configured.

If you do not use this setting, data transfers take place directly between local desktops and the corresponding remote desktops in the datacenter.

The default is not to use secure tunnel connections.

Use SSL for Local Mode operations

Communications and data transfers between client computers and the datacenter use SSL encryption. These operations include checking in and checking out desktops and replicating data from client computers to the datacenter, but do not include transfers of View Composer base images. They involve connections between client computers and View Transfer Server.

The default is not to use SSL.

Use SSL when provisioning desktops in Local Mode

Transfers of View Composer base-image files from the Transfer Server repository to client computers use SSL encryption. These operations involve connections between client computers and View Transfer Server.

The default is not to use SSL.