Feature Description
This feature was previously introduced as an experimental feature in the XenApp and XenDesktop 7.16 release and was included as part of the XenApp and XenDesktop 7.17 release feature set.
The text-based session watermark is designed to deter unauthorized captures of a session display, though it should not be considered a security feature.
If any captures are made, the images will show the watermark’s information
Session watermarks are effectively an overlay of configurable textural information that covers the session display (published Wordpad shown below).


When enabled, session watermarks will appear for both desktop sessions and published app sessions (desktop session shown below).


Care has been taken in the design of the feature to avoid the watermark being too much of a distraction for users working in the session.
The implementation of the session watermark feature in XenApp and XenDesktop 7.17 comes with significant limitations. It is planned that future versions of this feature will resolve many of these.


Feature Configuration
To enable the session watermark feature, administrators must first enable the Enable session watermark HDX policy in Studio. It’s disabled by default.


After enabling the feature, additional session watermark HDX policies control which of the 6 text-based options to include in the watermark overlay.
Information includes client IP address, VDA host name, session connection time, user logon name, and custom text. If none of the 6 text-based watermark policies are configured, the VDA host name and user logon name will be shown in the watermark by default.
To avoid the watermark overlay being too much of a distraction to session users, administrators can configure HDX policies to choose between two watermark styles and can control the watermark transparency level.

Feature Limitations
Session watermarks are not supported and won’t appear:

• In sessions where Local App Access, Flash redirection, Windows Media redirection, Browser Content redirection, and HTML5 video redirection is used.
• If the session is running in full-screen hardware accelerated modes (full-screen H.264 or H.265 encoding).
• If the HDX policy: Use hardware encoding for video codec is set to Enabled.
• If the HDX policy: Use video codec for compression is set to For the entire screen.

To ensure watermarks display in the session:

• Set the HDX policy: Use hardware encoding for video codec to Disabled.
• Set the HDX policy: Use video codec for compression to For actively changing regions or Do not use video codec.
• Session watermark supports only Thinwire and not the Framehawk or Desktop Composition Redirection (DCR) graphic modes.
• If using Session Recording, the recorded session doesn't include the watermark.

Feature Considerations
Screen captures taken on the VDA side do not contain the watermark.
The session watermark layer will incur some graphics and system resource overheads. Because of this, Citrix recommends that if session watermarks have been enabled, no more than 2 text-based information pieces should be included.
Many customers wishing to implement the session watermark feature will also have implemented many of the XenApp and XenDesktop features and settings listed in the Feature Limitations section. For this reason, Citrix support teams need to be familiar with these limitations.