Systems and methods for fine grain policy driven clientless SSL VPN access
First Claim
1. A method for establishing, via policy, a clientless secure socket layer virtual private network (SSL VPN) session between a client and a server, the method comprising:
- a) receiving, by an intermediary, a request from a client to access a server, the intermediary establishing SSL VPN sessions between clients and the server,b) identifying, by the intermediary, a session policy based on the request, the session policy indicating whether to establish a client based SSL VPN session or clientless SSL VPN session with the server;
c) determining, by the intermediary responsive to the session policy, to establish a clientless SSL VPN session between the client and the server; and
d) identifying, by the intermediary responsive to the establishment of the clientless SSL VPN session, a first access profile for the clientless SSL VPN session from a plurality of access profiles for controlling access via the clientless SSL VPN session, the first access profile (i) specifying one or more rewrite policies for modifying content from the server and (ii) identified based on at least one of;
a user of the client and an application providing the content.
8 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure provides solutions that may enable an enterprise providing services to a number of clients to determine whether to establish a client based SSL VPN session or a clientless SSL VPN session with a client based on an information associated with the client. An intermediary establishing SSL VPN sessions between clients and servers may receive a request from a client to access a server. The intermediary may identify a session policy based on the request. The session policy may indicate whether to establish a client based SSL VPN session or clientless SSL VPN session with the server. The intermediary may determine, responsive to the policy, to establish a clientless or client based SSL VPN session between the client and the server.
-
Citations
21 Claims
-
1. A method for establishing, via policy, a clientless secure socket layer virtual private network (SSL VPN) session between a client and a server, the method comprising:
-
a) receiving, by an intermediary, a request from a client to access a server, the intermediary establishing SSL VPN sessions between clients and the server, b) identifying, by the intermediary, a session policy based on the request, the session policy indicating whether to establish a client based SSL VPN session or clientless SSL VPN session with the server; c) determining, by the intermediary responsive to the session policy, to establish a clientless SSL VPN session between the client and the server; and d) identifying, by the intermediary responsive to the establishment of the clientless SSL VPN session, a first access profile for the clientless SSL VPN session from a plurality of access profiles for controlling access via the clientless SSL VPN session, the first access profile (i) specifying one or more rewrite policies for modifying content from the server and (ii) identified based on at least one of;
a user of the client and an application providing the content. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An intermediary for establishing via policy a clientless secure socket layer virtual private network (SSL VPN) session between a client and a server, the intermediary comprising:
-
a packet engine executing on a hardware processor, for receiving a request from a client to access a server, the intermediary establishing SSL VPN sessions between clients and the server, a policy engine for identifying a session policy based on the request, the session policy indicating whether to establish a client based SSL VPN session or clientless SSL VPN session with the server; and wherein the intermediary determines responsive to the session policy to establish a clientless SSL VPN session between the client and the server, and identifies, responsive to the establishment of the clientless SSL VPN session, a first access profile for the clientless SSL VPN session from a plurality of access profiles for controlling access via the clientless SSL VPN session, the access profile (i) specifying one or more rewrite policies for modifying content from the server and (ii) identified based on at least one of;
a user of the client and an application providing the content. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. An intermediary for establishing via policy a clientless secure socket layer virtual private network (SSL VPN) session between a client and a server, the intermediary comprising:
-
means for receiving a request from a client to access a server, the intermediary establishing SSL VPN sessions between clients and the server, means for identifying a session policy based on the request, the session policy indicating whether to establish a client based or clientless SSL VPN session with the server; means for determining, responsive to the session policy, to establish a clientless SSL VPN session between the client and the server; and means for identifying, by the intermediary responsive to the establishment of the clientless SSL VPN session, a first access profile for the clientless SSL VPN session from a plurality of access profiles for controlling access via the clientless SSL VPN session, the first access profile (i) specifying one or more rewrite policies for modifying content from the server, and (ii) identified based on at least one of;
a user of the client and an application providing the content. - View Dependent Claims (21)
-
Specification