SYSTEM AND METHOD FOR ESTABLISHING A VIRTUAL PRIVATE NETWORK
First Claim
1. A method comprising:
- (a) establishing, by a network device, a connection with a client requesting access to a network via the network device;
(b) transmitting, by the network device, a first program to the client for automatic installation and execution thereon in response to the establishment;
(c) installing, by the first program upon execution, a second program in a network stack of the client, the second program redirecting to the first program a packet from a client application destined for the network;
(d) encapsulating, by the first program, payload from the redirected packet; and
(e) transmitting, by the first program, the encapsulated payload to the network device.
11 Assignments
0 Petitions
Accused Products
Abstract
A system and method for establishing a virtual private network (VPN) between a client and a private data communication network. An encrypted data communication session, such as a—Secure Sockets Layer (SSL) data communication session, is established between a gateway and the client over a public data communication network. The gateway then sends a programming component to the client for automatic installation and execution thereon. The programming component operates to intercept communications from client applications destined for resources on the private data communication network and to send the intercepted communications to the gateway via the encrypted data communication session instead of to the resources on the private data communication network.
-
Citations
20 Claims
-
1. A method comprising:
-
(a) establishing, by a network device, a connection with a client requesting access to a network via the network device; (b) transmitting, by the network device, a first program to the client for automatic installation and execution thereon in response to the establishment; (c) installing, by the first program upon execution, a second program in a network stack of the client, the second program redirecting to the first program a packet from a client application destined for the network; (d) encapsulating, by the first program, payload from the redirected packet; and (e) transmitting, by the first program, the encapsulated payload to the network device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
(a) establishing a connection between a client on a first network and a network device intermediary to the first network and a second network; (b) intercepting, by a filter operating at a transport layer of the client, a packet from an application of the client responsive to the establishment, the packet destined for the second network; (c) forwarding, by the filter, the intercepted packet to a program executing on the client, the program terminating an end of the connection at the client; and (d) transmitting, by the program, payload from the intercepted packet to the network device via the connection. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification