The Horizon Connection Server must limit the number of concurrent client sessions.

An XCCDF Rule

Description

The Horizon Connection Server has the ability to limit the number of simultaneous client connections. This capability is helpful in limiting resource exhaustion risks related to denial of service attacks. By default, in code, the Connection Server allows up to 2000 client connections at one time, over all protocol types. For larger deployments, this limit can be increased to a tested and supported maximum of 4000 by making modifications to the "locked.properties" file. Ensure any changes to the number of allowed simultaneous connections is supported by VMware for the choice of protocols and that this value is documented as part of the SSP. Satisfies: SRG-APP-000001-AS-000001, SRG-APP-000435-AS-000163

ID: SV-246882r768606_rule
Version: HRZV-7X-000001
Severity: Medium
References: CCI-000054
Updated: 3 days ago

Remediation Templates

On the Horizon Connection Server, navigate to "<install_directory>\VMware\VMware View\Server\sslgateway\conf".

Open "locked.properties" in a text editor. Add or change the following line:

maxConnections=2000
The default value of "2000" may be increased to no more than 4000 if required and properly documented. Otherwise, keep the default value of "2000".

Save and close the file. Restart the "VMware Horizon View Connection Server" service for changes to take effect.

The Horizon Connection Server must limit the number of concurrent client sessions.

Description

Remediation Templates

A Manual Procedure