×

Method and system for authorizing a level of access of a client to a virtual private network connection, based on a client-side attribute

  • US 8,397,287 B2
  • Filed: 08/21/2006
  • Issued: 03/12/2013
  • Est. Priority Date: 08/21/2006
  • Status: Active Grant
First Claim
Patent Images

1. A method for authorizing a level of access of a client to a virtual private network connection, based on an attribute of a client-side computing environment, the method comprising the steps of:

  • (a) establishing, by an appliance, a control connection with a client upon receiving a client request to establish a virtual private network connection with a network;

    (b) transmitting, by the appliance via the control connection to the client, a request for an evaluation component executing on the client to evaluate a security string transmitted in the request, the security string comprising one or more expressions including (i) an identifier of an attribute of a client-side computing environment, and (ii) a logical operation on a value of the attribute, a result of which comprises a value that determines what level of access to grant to the client;

    (c) transmitting, by the client via the control connection, a response to the appliance comprising the result of evaluating the one or more expressions of the security string by the evaluation component; and

    (d) assigning, by the appliance, a level of access to the client responsive to an application of a policy by a policy engine to the result of the evaluation; and

    (e) establishing, by the appliance, the virtual private network connection with the client in accordance with the assigned level of access.

View all claims
  • 8 Assignments
Timeline View
Assignment View
    ×
    ×