SYSTEMS AND METHODS FOR FINE GRAIN POLICY DRIVEN CLIENTLESS SSL VPN ACCESS
First Claim
1. A method comprising:
- a) establishing, by a device intermediary to a client and a server, a secure socket layer virtual private network (SSL VPN) session for the client to access the server;
b) identifying, by the device, an access profile for the SSL VPN session based on an application of the server providing content to the client, the access profile specifying one or more rewrite policies for modifying content from the application;
c) receiving, by the device, content of the application to be communicated to the client; and
d) modifying, by the device, the content of the application based on the one or more rewrite policies.
7 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure provides solutions that may enable an enterprise providing services to a number of clients to determine whether to establish a client based SSL VPN session or a clientless SSL VPN session with a client based on an information associated with the client. An intermediary establishing SSL VPN sessions between clients and servers may receive a request from a client to access a server. The intermediary may identify a session policy based on the request. The session policy may indicate whether to establish a client based SSL VPN session or clientless SSL VPN session with the server. The intermediary may determine, responsive to the policy, to establish a clientless or client based SSL VPN session between the client and the server.
8 Citations
20 Claims
-
1. A method comprising:
-
a) establishing, by a device intermediary to a client and a server, a secure socket layer virtual private network (SSL VPN) session for the client to access the server; b) identifying, by the device, an access profile for the SSL VPN session based on an application of the server providing content to the client, the access profile specifying one or more rewrite policies for modifying content from the application; c) receiving, by the device, content of the application to be communicated to the client; and d) modifying, by the device, the content of the application based on the one or more rewrite policies. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising:
-
a device intermediary to a client and a server, the device comprising a hardware processor and configured to establish a secure socket layer virtual private network (SSL VPN) session for the client to access the server; a policy engine configured to execute on the device and to identify an access profile for the SSL VPN session based on an application of the server providing content to the client, the access profile specifying one or more rewrite policies for modifying content from the application; wherein the device is configured to receive content of the application to be communicated to the client and modify the content of the application based on the one or more rewrite policies. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification