Systems and methods for application-specific access to virtual private networks

摘要

Described herein are systems and methods utilizing application-specific access to a virtual private network (“VPN”). A method may comprise receiving, from an application executing on a device, a request for a network data flow to a private network, comparing identification information associated with the application against a set of rules stored on a memory of the device, wherein the set of rules identifies conditions for the application to be authorized to access the private network, and establishing a connection for the network data flow upon the identification information satisfying the conditions for the application to access the private network.

主权项

1. A method, comprising:
generating, by an application executing on a device, a request for a network data flow to a private network; comparing identification information associated with the application against a set of rules stored on the memory, wherein the set of rules identifies conditions for the application to be authorized to access the private network; diverting the network data flow to a virtual private network (VPN) tunnel as opposed to entering a Transport Connection Protocol (TCP)/Internet Protocol (IP) stack; determining if the application specifies a destination by hostname; resolving the hostname for the destination at VPN plugin in response to the application specified hostname; opening a flow divert socket for application data to flow between the application and a data transportation component of the device in response to the application not specifying the destination by hostname or after successfully resolving the hostname for the destination host; establishing a connection for the network data flow upon the identification information satisfying the identified conditions for the application to access the private network; and directing, by the data transportation component, the network data flow directly to the private network.