Hi,
Could anyone please clarify the following questions in regard of the View Security server?
1. Does the Security server authenticates HTTPS connections from Internet clients before they hit internal broker servers?
After reading the documentation I had an impression that the HTTPS connections from clients are not authenticated by the Security server. Unauthenticated clients are allowed to "touch" the internal servers by using Security servers as a proxy. Is this correct? This is looks like a big risk for me.
2. Is the trafic (AJP13, JMS) between the Security server and broker servers SSL-encrypted?
3. Is there a way to disallow HTTPS connections from Internet to the Broker management console that is located on the same HTTPS that clients use for VDI connections?
Thank you