Systems and methods for fine grain policy driven clientless SSL VPN access
First Claim
1. A method comprising:
- a) determining, by a device intermediary to a client and a server according to a session policy, whether to establish a client-based secure socket layer virtual private network (SSL VPN) session or a clientless SSL VPN session for the client to access the server responsive to a request from the client;
b) identifying, by the device responsive to determining to establish the clientless SSL VPN session between the client and the server, an access profile for the clientless SSL VPN session based on an application executing on the server providing content to the client, the access profile specifying one or more rewrite policies for modifying content from the application;
c) receiving, by the device, from the server, content provided by the application to be communicated to the client; and
d) modifying, by the device, the content of the application based on the one or more rewrite policies.
7 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure provides solutions that may enable an enterprise providing services to a number of clients to determine whether to establish a client based SSL VPN session or a clientless SSL VPN session with a client based on an information associated with the client. An intermediary establishing SSL VPN sessions between clients and servers may receive a request from a client to access a server. The intermediary may identify a session policy based on the request. The session policy may indicate whether to establish a client based SSL VPN session or clientless SSL VPN session with the server. The intermediary may determine, responsive to the policy, to establish a clientless or client based SSL VPN session between the client and the server.
23 Citations
18 Claims
-
1. A method comprising:
-
a) determining, by a device intermediary to a client and a server according to a session policy, whether to establish a client-based secure socket layer virtual private network (SSL VPN) session or a clientless SSL VPN session for the client to access the server responsive to a request from the client; b) identifying, by the device responsive to determining to establish the clientless SSL VPN session between the client and the server, an access profile for the clientless SSL VPN session based on an application executing on the server providing content to the client, the access profile specifying one or more rewrite policies for modifying content from the application; c) receiving, by the device, from the server, content provided by the application to be communicated to the client; and d) modifying, by the device, the content of the application based on the one or more rewrite policies. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system comprising:
-
a device intermediary to a client and a server, the device comprising a hardware processor and configured to determine whether to establish a client-based secure socket layer virtual private network (SSL VPN) session or a clientless SSL VPN session for the client to access the server according to a session policy; a policy engine configured to execute on the device and to identify, responsive to determining to establish the clientless SSL VPN session between the client and the server, an access profile for the clientless SSL VPN session based on an application executing on the server providing content to the client, the access profile specifying one or more rewrite policies for modifying content from the application; wherein the device is configured to receive, from the server, content provided by the application to be communicated to the client and modify the content of the application based on the one or more rewrite policies. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification