Method and appliance for authenticating, by an appliance, a client to access a virtual private network connection, based on an attribute of a client-side certificate
First Claim
1. A method for authenticating, by an appliance, a client to access a virtual private network connection, based on an attribute of a client-side certificate, the method comprising the steps of:
- (a) requesting, by an appliance, a client authentication certificate from a client;
(b) identifying, by the appliance, a value of at least one field in the client authentication certificate received from the client, the identified value other than a public key and an identity of a user of the client; and
(c) applying, by the appliance, a policy to the identified value of the at least one field in the client authentication certificate received from the client, responsive to authenticating the client via the same client authentication certificate;
(d) assigning, by the appliance, one of a plurality of types of access to the authenticated client responsive to the application of the policy to the identified value of the at least one field, each of the plurality of access types characterized by at least one connection characteristic.
7 Assignments
0 Petitions
Accused Products
Abstract
In a method and appliance for authenticating, by an appliance, a client to access a virtual network connection, based on an attribute of a client-side certificate, a client authentication certificate is requested from a client. A value of at least one field in the client authentication certificate received from the client is identified. One of a plurality of types of access is assigned responsive to an application of a policy to the identified value of the at least one field, each of the plurality of access types associated with at least one connection characteristic.
95 Citations
55 Claims
-
1. A method for authenticating, by an appliance, a client to access a virtual private network connection, based on an attribute of a client-side certificate, the method comprising the steps of:
-
(a) requesting, by an appliance, a client authentication certificate from a client; (b) identifying, by the appliance, a value of at least one field in the client authentication certificate received from the client, the identified value other than a public key and an identity of a user of the client; and (c) applying, by the appliance, a policy to the identified value of the at least one field in the client authentication certificate received from the client, responsive to authenticating the client via the same client authentication certificate; (d) assigning, by the appliance, one of a plurality of types of access to the authenticated client responsive to the application of the policy to the identified value of the at least one field, each of the plurality of access types characterized by at least one connection characteristic. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. An appliance for authenticating a client to access a virtual private network connection, based on an attribute of a client-side certificate, the appliance comprising:
-
a means for requesting a client authentication certificate from a client; a means for identifying a value of at least one field in the client authentication certificate received from the client, the identified value other than a public key and an identity of a user of the client; a means for applying a policy to the identified value of the at least one field in the client authentication certificate received from the client, responsive to authenticating the client via the same client authentication certificate; and a means for assigning one of a plurality of types of access to the authenticated client responsive to the application of the policy to the identified value of the at least one field, each of the plurality of access types characterized by at least one connection characteristic. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55)
-
Specification