I wanted to confirm my knowledge about ICA and encryption with SSL\TLS.
If my portal web interface used SSL this would encrypt my authentication credentials, however, when I executed a published app this would invoke the ICA protocol from my client and this is not encrypted.
The only way I can see to have ICA encrypted would be to have some sort of VPN (either via an SSL VPN or IPsec or whatever). This would naturally encapsulate my ICA traffic.
Is this basically correct?