IPsec is supported in Oracle Solaris Zones called exclusive-IP zones. Every zone can have its own IPsec policy and IKE configuration and is treated like a separate host.
Shared-IP zones in Trusted Extensions do not support IPsec per zone because these zones do not have their own IP stack. For shared-IP zones, the IPsec policy and IKE configuration are performed in the global zone. The IPsec policy rules for the shared-IP zone are the rules for the zone's shared IP address.