For firewalls, consider the list of ports and protocols used for Sun Ray Software. See Ports and Protocols in the Administration Guide for details.

Use switched network gear for the last link to the desktop clients. This configuration makes it very difficult for a malicious PC user or network snooper to obtain unauthorized information. Because switches send packets only to the proper output port, a snooper plugged into another port receives no unauthorized data. If the server and wiring closet are secure, the last step is switched and the desktop client is plugged directly into the wall jack, then it becomes virtually impossible for communications between the server and the client to be intercepted.

Use the ARCFOUR encryption algorithm and the Digital Signature Algorithm (DSA) authentication scheme that Sun Ray Software provides to protect data between Sun Ray servers and their desktop clients. It is recommended that you enable and configure encryption and authentication based on your site's requirements, unless you are confident that your network is secure and performance is an issue. See Encryption and Authentication in the Administration Guide for details on how to enable and disable encryption and authentication in a Sun Ray environment.