Secure HDX
Prerequisites:
The following are the requirements to use Secure HDX within Citrix environments:
- Citrix DaaS or Citrix Virtual Apps and Desktops 2402+
- Virtual Delivery Agents - Windows 2402 or later/Linux 2402 or later
- Citrix Workspace app 2402 or later
- Citrix Workspace or Citrix StoreFront 2402 or later
Why enable Secure HDX?
Secure HDX enabled administrators to securely maintain the data in transit when users are within their Citrix sessions, even when the network is not controlled. This can prevent bad actors and intermediary devices from looking at your enterprise data, even using NetScaler Gateway or the Citrix Gateway service.
Enable Secure HDX
Secure HDX is enabled via Citrix Policy.
- From Citrix Web Studio, go to Policies > Create Policy.
- Go to ICA > Secure HDX.
- Click Edit.
- Uncheck "Use default value: Disabled" and select Enabled from the drop-down menu.
- Click Save.
-
Click Next, and choose how to apply the policy, either All users and computers or Filtered users and computers, using the following options:
- Delivery Group
- Delivery Group type
- Organizational Unit (OU)
- Tag
- Click Next, provide a name for the Policy, and click Finish.
Confirm Secure HDX is Active
To validate that Secure HDX is active within your Citrix session, use ctxsession.exe utility on the VDA machine.
- Open a command prompt
- Run ctxsession.exe -v
- When the results are displayed, look for ICA Encryption: SecureHDX AES-256 GCM