Overview
Citrix Whitelisting is used to enable Virtual Channel drivers from the client side. A Citrix Studio console is used to manage machines and deliver applications and desktops. The console can also add Admins and Licenses.
The Virtual Channel Allow List is a feature that allows you to control non-Citrix virtual channels in your environment. By default, this feature is enabled, meaning only Citrix virtual channels are allowed to open in Citrix Virtual Apps and Desktops sessions. If you need to use Custom Virtual Channels, whether homegrown or from a third party, you must explicitly add them to the allowed list.
Configuration
The Virtual Channel Allow List is enabled by default. You can configure this feature using the following settings in the Citrix policy:
Virtual Channel Allow List: to enable or disable the feature and to add virtual channels to the list.
Virtual Channel Allow List log throttling sets the throttling period for the virtual channel allow list event logging.
Virtual Channel Allow List logging: sets the logging level for the virtual channel allow list.
Prerequisite
Users must have a Citrix Server and Event Viewer set up.
Steps
Login to the Citrix server.
Open Citrix Studio on your system.
.png?sv=2022-11-02&spr=https&st=2025-11-30T16%3A27%3A31Z&se=2025-11-30T16%3A39%3A31Z&sr=c&sp=r&sig=wXY%2FYW88sCcCrxYh4ELIjvFf5gkmudBJ%2BdnfQNDUzq0%3D)
Go to Policies → Under the Actions section, click on Create Policy.
Note
While creating the policy, manually Enable the Virtual Channel Allow List.
.png?sv=2022-11-02&spr=https&st=2025-11-30T16%3A27%3A31Z&se=2025-11-30T16%3A39%3A31Z&sr=c&sp=r&sig=wXY%2FYW88sCcCrxYh4ELIjvFf5gkmudBJ%2BdnfQNDUzq0%3D)
A pop-up is displayed. Search for Virtual Channel Allow List driver.
Select the driver and provide the Virtual Channel list under the Enabled textbox from the Virtual Delivery Agent (VDA) machine. Click OK.
Note
The format of the list is the Virtual Channel Name, followed by a Comma and Virtual Channel Path Address.
Example: EPCHD01,C:\Program Files (x86)\Epic\Hyperdrive\100.2404.3.0\Bin\Core\win-x86\HubCore.exe
.png?sv=2022-11-02&spr=https&st=2025-11-30T16%3A27%3A31Z&se=2025-11-30T16%3A39%3A31Z&sr=c&sp=r&sig=wXY%2FYW88sCcCrxYh4ELIjvFf5gkmudBJ%2BdnfQNDUzq0%3D)
Once the policy is created, click on Edit Policy from the Actions section.
.png?sv=2022-11-02&spr=https&st=2025-11-30T16%3A27%3A31Z&se=2025-11-30T16%3A39%3A31Z&sr=c&sp=r&sig=wXY%2FYW88sCcCrxYh4ELIjvFf5gkmudBJ%2BdnfQNDUzq0%3D)
Search for a Virtual Channel Allow List driver.
.png?sv=2022-11-02&spr=https&st=2025-11-30T16%3A27%3A31Z&se=2025-11-30T16%3A39%3A31Z&sr=c&sp=r&sig=wXY%2FYW88sCcCrxYh4ELIjvFf5gkmudBJ%2BdnfQNDUzq0%3D)
Select the driver and click Next
.png?sv=2022-11-02&spr=https&st=2025-11-30T16%3A27%3A31Z&se=2025-11-30T16%3A39%3A31Z&sr=c&sp=r&sig=wXY%2FYW88sCcCrxYh4ELIjvFf5gkmudBJ%2BdnfQNDUzq0%3D)
Find the added Virtual Channel Allow List in the Enabled section and Click OK.
.png?sv=2022-11-02&spr=https&st=2025-11-30T16%3A27%3A31Z&se=2025-11-30T16%3A39%3A31Z&sr=c&sp=r&sig=wXY%2FYW88sCcCrxYh4ELIjvFf5gkmudBJ%2BdnfQNDUzq0%3D)
EPCHD01,C:\Program Files (x86)\Epic\Hyperdrive\*\Bin\Core\win-x86\HubCore.exe EPCHD02,C:\Program Files (x86)\Epic\Hyperdrive\*\Bin\Core\win-x86\HubCore.exe CFYAUTH,C:\Program Files (x86)\Epic\Hyperdrive\*\Bin\HubFramework.exe CFYAUTH,C:\Program Files (x86)\AuthX\AuthXScript\tester\StandAloneNETTester.exe CGSLKID,C:\Program Files (x86)\AuthX\AuthXScript\tester\StandAloneNETTester.exe FTRV12,C:\Windows\SysWOW64\rundll32.exe CFYLUMI,C:\Program Files (x86)\AuthX\AuthXScript\tester\StandAloneNETTester.exe CFYAUTH,C:\Program Files (x86)\AuthX\AuthXScript\SubSpaceLauncher.exe CFYDIGI,C:\DPTester\DigiPersonaTester.exe CFYLUMI,C:\Program Files (x86)\Certify Global\CertifyPPID\tester\StandAloneNETTester.exe CFYAUTH,C:\Users\jramalingam\Desktop\ConsoleApplication1.exe CFYAUTH,C:\PROGRA~2\Citrix\ICACLI~1\wfica32.exe ATXFP01,C:\Program Files (x86)\Epic\Hyperdrive\*\Bin\HubFramework.exe CTXPING,C:\temp\ctxping.exe CFYSTAT,C:\Release\vcTest.exe ATXFP01,C:\Program Files (x86)\Certify Global\CertifyPPID\tester\StandAloneNETTester.exe ATXFP01,C:\Program Files (x86)\Epic\Hyperdrive\*\Bin\HubFramework.exe ATXFP01,C:\Program Files (x86)\AuthX\AuthXScript\tester\StandAloneNETTester.exe AXSTAT,C:\Program Files (x86)\Epic\Hyperdrive\*\Bin\HubFramework.exeOpen Event Viewer on your system
.png?sv=2022-11-02&spr=https&st=2025-11-30T16%3A27%3A31Z&se=2025-11-30T16%3A39%3A31Z&sr=c&sp=r&sig=wXY%2FYW88sCcCrxYh4ELIjvFf5gkmudBJ%2BdnfQNDUzq0%3D)
Open Windows Logs → Application
.png?sv=2022-11-02&spr=https&st=2025-11-30T16%3A27%3A31Z&se=2025-11-30T16%3A39%3A31Z&sr=c&sp=r&sig=wXY%2FYW88sCcCrxYh4ELIjvFf5gkmudBJ%2BdnfQNDUzq0%3D)
On the Actions section click Create Custom View. Once the event is loaded, Custom View creation provides a separate filtered section, ensuring easy access to loaded events.
.png?sv=2022-11-02&spr=https&st=2025-11-30T16%3A27%3A31Z&se=2025-11-30T16%3A39%3A31Z&sr=c&sp=r&sig=wXY%2FYW88sCcCrxYh4ELIjvFf5gkmudBJ%2BdnfQNDUzq0%3D)
A pop-up is displayed. Add the required details for the filter and click OK.
.png?sv=2022-11-02&spr=https&st=2025-11-30T16%3A27%3A31Z&se=2025-11-30T16%3A39%3A31Z&sr=c&sp=r&sig=wXY%2FYW88sCcCrxYh4ELIjvFf5gkmudBJ%2BdnfQNDUzq0%3D)
Provide a Name (for example rpm) and Description for the application and click OK.
.png?sv=2022-11-02&spr=https&st=2025-11-30T16%3A27%3A31Z&se=2025-11-30T16%3A39%3A31Z&sr=c&sp=r&sig=wXY%2FYW88sCcCrxYh4ELIjvFf5gkmudBJ%2BdnfQNDUzq0%3D)
Once the Event is loaded. Create a filter with the name provided in the previous step (for example rpm). Click on Event rows to find the Virtual Channel and Path Name under the Event detail section.
.png?sv=2022-11-02&spr=https&st=2025-11-30T16%3A27%3A31Z&se=2025-11-30T16%3A39%3A31Z&sr=c&sp=r&sig=wXY%2FYW88sCcCrxYh4ELIjvFf5gkmudBJ%2BdnfQNDUzq0%3D)