Starting a session, even just presenting a logon screen, has quite an impact on resources. Each time a user tries to logon, processes are started on the remote machine, no matter whether the user's credentials are valid or not. You can save resources and prevent Denial of Service (DoS) attacks by using Network Layer Authentication (NLA). NLA checks whether a user is the right person before any logon processes is started.
For more information about NLA, see https://technet.microsoft.com/en-us/magazine/hh750380.aspx.
NLA for Horizon Client Sessions is available from IGEL Linux version 5.08.100 upwards.
To use NLA for a Horizon Client session: