Automatic secure client access
First Claim
1. A method comprising:
- transmitting, by a first device, a first message directed to an IP address in a particular network, wherein the IP address in the particular network is a non-routable IP address such that the non-routable IP address is not routable by devices outside of the particular network and the non-routable IP address is routable by devices within the particular network;
responsive to determining that a second device at the IP address within the particular network received the first message, determining that the first device is within the particular network; and
responsive to determining that the second device at the IP address within the particular network did not receive the first message, determining that the first device is outside the particular network.
4 Assignments
0 Petitions
Accused Products
Abstract
Providing secure network access in a networked client device. A client device is provided with a secure connection adapter. In operation, the secure connection adapter detects the network environment of the client device and determines of the network environment is trusted or untrusted. If the client device is operating in an untrusted network environment, the secure connection adapter establishes a secure connection to an enterprise host using a secure tunnel such as IPSec, SSL, or other secure connection. Programs executing on the client device now operate in the secure network environment, with all network activity routed through the secure connection to the enterprise. Optionally, a split tunnel mechanism may be used to direct some network traffic directly to the Internet from the client device.
-
Citations
21 Claims
-
1. A method comprising:
-
transmitting, by a first device, a first message directed to an IP address in a particular network, wherein the IP address in the particular network is a non-routable IP address such that the non-routable IP address is not routable by devices outside of the particular network and the non-routable IP address is routable by devices within the particular network; responsive to determining that a second device at the IP address within the particular network received the first message, determining that the first device is within the particular network; and responsive to determining that the second device at the IP address within the particular network did not receive the first message, determining that the first device is outside the particular network. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory machine readable medium having a set of instructions stored in nonvolatile form therein, which when executed by at least one processor causes a set of operations to be performed comprising:
-
transmitting, by a first device, a first message directed to an IP address in a particular network, wherein the IP address in the particular network is a non-routable IP address such that the non-routable IP address is not routable by devices outside of the particular network and the non-routable IP address is routable by devices within the particular network; responsive to determining that a second device at the IP address within the particular network received the first message, determining that the first device is within the particular network; and responsive to determining that the second device at the IP address within the particular network did not receive the first message, determining that the first device is outside the particular network. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A device comprising:
-
at least one hardware processor; the device configured to perform operations by executing instructions using the at least one hardware processor, the operations comprising; transmitting, by a first device, a first message directed to an IP address in a particular network, wherein the IP address in the particular network is a non-routable IP address such that the non-routable IP address is not routable by devices outside of the particular network and the non-routable IP address is routable by devices within the particular network; responsive to determining that a second device at the IP address within the particular network received the first message, determining that the first device is within the particular network; and responsive to determining that the second device at the IP address within the particular network did not receive the first message, determining that the first device is outside the particular network. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification