Session watermark
会话水印有助于阻止和启用tracking of data theft. Traceable information appears on session desktops as a deterrent to users who employ photographs and screen captures to steal data. You can specify a watermark as a layer of text or a PNG image with alpha channel. The watermark displays over the entire session screen without changing the content of the original document.
Important:
Session watermark is not a security feature. It does not prevent data theft completely, but it provides some level of deterrent and traceability. We do not guarantee complete information traceability when using this feature. Instead, we recommend that you combine this feature with other security solutions as applicable.
The session watermark carries information for tracking data theft. The most important data is the identity of the user, as tracked by their logon credentials, of the session where the screen image was taken. To trace data leakage more effectively, include other information such as the server or client Internet protocol address and a connect time.
To adjust the user experience, use the following session watermark policy settings to configure the placement and watermark appearance on the screen:
Session watermark policy settings
Enable session watermark
When you enable this setting, the session display has an opaque watermark displaying session-specific information. The other watermark settings depend on this one being enabled.
By default, the session watermark is disabled.
Include client IP address
When you enable this setting, the session displays the current client IP address as a watermark.
By default,Include client IP addressis disabled.
Include connection time
When you enable this setting, the session watermark displays a connect time. The format is yyyy/mm/dd hh:mm. The time displayed is based on the system clock and time zone.
By default,Include connection timeis disabled.
Include logon user name
When you enable this setting, the session displays the current logon user name as a watermark. The display format is USERNAME@DOMAINNAME. We recommend that the user name is a maximum of 20 characters. When a user name is longer than 20 characters, smaller font sizes or truncation might occur, which lessens the effectiveness of the watermark.
By default,Include logon user nameis enabled.
Include VDA host name
When you enable this setting, the session displays the VDA host name of the current ICA session as a watermark.
By default,Include VDA host nameis enabled.
Include VDA IP address
When you enable this setting, the session displays the VDA IP address of the current ICA session as a watermark.
By default,Include VDA IP addressis disabled.
Session watermark style
This setting controls whether you display a single watermark text label or multiple labels. ChooseMultipleorSinglefrom theValuedrop-down menu. For additional style options, see theWatermark custom textsection in this article.
Multipledisplays five watermark labels in the session. One in the center and four in the corners.
Singledisplays a single watermark label in the center of the session.
By default, theSession watermark styleisMultiple.
Watermark transparency
You can specify watermark opacity from 0 through 100. The larger the value specified, the more opaque the watermark.
By default, the value is 17.
Watermark custom text
The value is empty by default. You can type a non-empty string, set a syntax to form a string, or use the combination to display in the session watermark. Non-empty strings support up to 25 Unicode characters per line. Longer strings are truncated to 25 characters.
For example, you can set the policy to the following value:
For a description of all syntax options, see the following table:
| Syntax option | Description | Valid setting (case-sensitive) | Default value | Remarks |
|---|---|---|---|---|
|