VMware Horizon 7.13 Connection Server Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The Horizon Connection Server must be configured to debug level logging.
To ensure that all security-relevant information and events are logged, the Horizon Connection Server must be configured with the "debug" logging level. This is the default value but since it could...Rule Medium Severity -
SRG-APP-000033-AS-000024
Group -
The Horizon Connection Server must not accept pass-through client credentials.
Horizon Connection Server has the ability to allow clients to authenticate using the local session credentials of their local endpoint. While convenient, this must be disabled for DoD deployments a...Rule Medium Severity -
SRG-APP-000516-AS-000237
Group -
SRG-APP-000015-AS-000010
Group -
The Horizon Connection Server must be configured to only support TLS 1.2 connections.
Preventing the disclosure of transmitted information requires that the application server take measures to employ strong cryptographic mechanisms to protect the information during transmission. Thi...Rule High Severity -
SRG-APP-000015-AS-000010
Group -
The Blast Secure Gateway must be configured to only support TLS 1.2 connections.
Preventing the disclosure of transmitted information requires that the application server take measures to employ strong cryptographic mechanisms to protect the information during transmission. Thi...Rule High Severity -
SRG-APP-000015-AS-000010
Group -
The Horizon Connection Server must force server cipher preference.
By default, during the initial setup of a Transport Layer Security (TLS) connection to the Horizon Connection Server, the client sends a list of supported cipher suites in order of preference. The ...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.