- What's new
- System requirements
- Technical overview
Install and configure
Prepare to install
- Microsoft Azure Resource Manager virtualization environments
- Microsoft System Center Virtual Machine Manager virtualization environments
- XenServer virtualization environments
- Microsoft System Center Configuration Manager environments
- VMware virtualization environments
- Nutanix virtualization environments
- Microsoft Azure virtualization environments
- Install core components
- Install VDAs
- Install using the command line
- Install VDAs using scripts
- Create a Site
- Create machine catalogs
- Manage machine catalogs
- Create Delivery Groups
- Manage Delivery Groups
- Create Application Groups
- Manage Application Groups
- Remote PC Access
- XenApp Secure Browser
- Publish content
- Server VDI
- Personal vDisk
- Remove components
- Prepare to install
- Upgrade and migrate
- Security considerations and best practices
- Integrate XenApp and XenDesktop with NetScaler Gateway
- Delegated Administration
- Smart cards
- Transport Layer Security (TLS)
- Federated Authentication Service
- General content redirection
- Work with policies
- Policy templates
- Create policies
- Compare, prioritize, model, and troubleshoot policies
- Default policy settings
Policy settings reference
- ICA policy settings
- Load management policy settings
- Profile management policy settings
- Receiver policy settings
- Virtual Delivery Agent policy settings
- Virtual IP policy settings
- Configure COM Port and LPT Port Redirection settings using the registry
- Connector for Configuration Manager 2012 policy settings
- Advanced configuration
- Monitor deployments
- Alerts and notifications
- Delegated Administration and Director
- Secure Director deployment
- Configure permissions for VDAs earlier than XenDesktop 7
- Configure network analysis
- Troubleshoot user issues
- Troubleshoot applications
- Troubleshoot machines
- Feature compatibility matrix
- Data granularity and retention
- Configure PIV smart card authentication
- Application probing
- SDKs and APIs
Text-based session watermark
Text-based session watermarks help to deter and enable tracking data theft. This traceable information appears on the session desktop as a deterrent to those using photographs and screen captures to steal data. You can specify a watermark that is a layer of text, which displays over the entire session screen without changing the content of the original document. Text-based session watermarks require VDA support.
Text-based session watermarking is not a security feature. The solution does not prevent data theft completely, but it provides some level of deterrent and traceability. Although we do not guarantee complete information traceability when using this feature, we recommend that you combine this feature with other security solutions as applicable.
The session watermark is text and is applied to the session that is delivered to the user. The session watermark carries information for tracking data theft. The most important data is the identity of the logon user of the current session in which the screen image was taken. To trace the data leakage more effectively, include other information such as server or client internet protocol address and a connect time.
To adjust the user experience, use the Session Watermark policy settings to configure the placement and watermark appearance on the screen.
Virtual Delivery Agents:
Server OS 7.17 Desktop OS 7.17
Session watermarks are not supported in sessions where Local App Access, Flash redirection, Windows media redirection, MediaStream, browser content redirection, and HTML5 video redirection are used. To use session watermark, ensure that these features are disabled.
Session watermark is not supported and doesn’t appear if the session is running in full-screen hardware accelerated modes (full-screen H.264 or H.265 encoding).
If you set these HDX policies, watermark settings don’t take effect and a watermark isn’t displayed in the session display.
Use hardware encoding for video codec to Enabled Use video codec for compression to For the entire screen
If you set these HDX policies, the behavior is undetermined and the watermark might not display.
Use hardware encoding for video codec to Enabled Use video codec for compression to Use video codec when preferred
To ensure the watermark displays, set Use hardware encoding for video codec to Disabled, or set Use video codec for compression to For actively changing regions or Do not use video codec.
Session watermark supports only Thinwire and not the Framehawk or Desktop Composition Redirection (DCR) graphic modes.
If you use Session Recording, the recorded session doesn’t include the watermark.
If you use Windows remote assistance, the watermark is not shown.
If a user presses the Print Screen key to capture the screen, the screen captured at the VDA side doesn’t include the watermarks. We recommend that you take measures to avoid the captured image being copied.