14.7. IPsec

Beyond the IPsec capability to make Sun Ray Client as a VPN endpoint device, Sun Ray Software also supports IPsec to provide high quality, cryptographically-based security between Sun Ray Clients and Sun Ray servers. After configuring and enabling IPsec on the Sun Ray server and the Sun Ray Client, the Sun Ray Client will negotiate a secure end-to-end IPsec tunnel with the Sun Ray server before interacting with Sun Ray services on the server.

The Sun Ray Software implementation of IPsec is incorporated into the Sun Ray Client firmware. The Sun Ray Client will always be the initiator of a connection, so it does not have to respond to inbound connection requests. This type of negotiation is similar to the current IPsec VPN behavior, where IPsec is established with a VPN gateway before Sun Ray services are invoked. However, both IPsec implementations require different configurations.

See Appendix A, IPsec Support for details.