Method and system for dynamically establishing a virtual private network (VPN) session
First Claim
Patent Images
1. A machine-implemented method residing in a non-transitory computer-readable medium for execution on a machine, comprising:
- downloading a control module to process within a device associated with a principal for establishment of a virtual private network (VPN) session between the principal and resources of a remote site;
dynamically receiving an indication from the control module as to whether the principal is to be associated with a thin client installation for the VPN session or whether the principal is to be associated with a clientless access for the VPN session;
downloading VPN modules that act as a proxy for the principal on the device for purposes of accessing the remote site and the resources by establishing a thin client VPN session as the VPN session when the control module indicates the principal has privileges for the thin client installation;
detecting a termination in the thin client VPN session between the principal and the remote site;
receiving another subsequent authentication of the principal via the device;
acquiring a notification from the control module that the proxy is running on the device; and
establishing another thin client VPN session between the principal and the resources.
3 Assignments
0 Petitions
Accused Products
Abstract
Techniques for virtual private network (VPN) access are provided. A dynamic determination, in response to privileges, is made as to whether a principal and a device of a principal are to receive a thin client virtual private network (VPN) installation for a thin client VPN session between the principal and a remote site or whether a clientless VPN session is appropriate. Dynamic switching between the clientless VPN session and thin client VPN session is permissible when the principal supplies the appropriate credentials for such a switch.
-
Citations
16 Claims
-
1. A machine-implemented method residing in a non-transitory computer-readable medium for execution on a machine, comprising:
-
downloading a control module to process within a device associated with a principal for establishment of a virtual private network (VPN) session between the principal and resources of a remote site; dynamically receiving an indication from the control module as to whether the principal is to be associated with a thin client installation for the VPN session or whether the principal is to be associated with a clientless access for the VPN session; downloading VPN modules that act as a proxy for the principal on the device for purposes of accessing the remote site and the resources by establishing a thin client VPN session as the VPN session when the control module indicates the principal has privileges for the thin client installation; detecting a termination in the thin client VPN session between the principal and the remote site; receiving another subsequent authentication of the principal via the device; acquiring a notification from the control module that the proxy is running on the device; and establishing another thin client VPN session between the principal and the resources. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A machine-implemented method residing in a non-transitory computer-readable medium for execution on a machine, comprising:
-
dynamically downloading modules from a remote site to establish a thin client Virtual Private Network (VPN) session between a principal and a device when a thin client installation is present; dynamically searching for credentials of the principal when the thin client installation is missing from the device and when successful downloading the thin client installation and the modules from the remote site to establish the thin client VPN session and checking the device for the credentials and dynamically requesting that the principal supply the credentials when the searching fails to discover the credentials, wherein dynamically searching further includes presenting a dialogue box on a display of the device for the principal to enter additional credentials, wherein presenting further includes including an option within the dialogue box that permits the principal to bypass supplying the additional credentials and select a clientless VPN session; and permitting the clientless VPN session to be established between the principal and the remote site when the thin client VPN session fails to be established. - View Dependent Claims (8, 9, 10)
-
-
11. A machine-implemented method residing in a non-transitory computer-readable medium for execution on a machine, comprising:
-
dynamically downloading modules from a remote site, via a control module, to establish a thin client VPN session between a principal and a device when a thin client installation is present; dynamically searching for additional credentials of the principal when the thin client installation is missing from the device and when successful credentials are found then downloading the thin client installation and the modules from the remote site to establish the thin client VPN session and checking the device for the additional credentials and dynamically requesting that the principal supply the additional credentials when the searching fails to discover the additional credentials and presenting a dialogue box on a display of the device for the principal to enter the additional credentials limiting a total number of attempts that the principal is permitted to make to enter the additional credentials to three attempts and when after three failed attempts determining that a clientless VPN session is to be established; and permitting the clientless VPN session to be established between the principal and the remote site when the thin client VPN session fails to be established. - View Dependent Claims (12, 13, 14, 15, 16)
-
Specification