Systems and methods for fine grain policy driven clientless SSL VPN access

摘要

The present disclosure provides solutions that may enable an enterprise providing services to a number of clients to determine whether to establish a client based SSL VPN session or a clientless SSL VPN session with a client based on an information associated with the client. An intermediary establishing SSL VPN sessions between clients and servers may receive a request from a client to access a server. The intermediary may identify a session policy based on the request. The session policy may indicate whether to establish a client based SSL VPN session or clientless SSL VPN session with the server. The intermediary may determine, responsive to the policy, to establish a clientless or client based SSL VPN session between the client and the server.

主权项

1. A method for establishing, via policy, a clientless secure socket layer virtual private network (SSL VPN) session between a client and a server, the method comprising:
a) receiving, by an intermediary, a request from a client to access a server, the intermediary establishing SSL VPN sessions between clients and the server, b) identifying, by the intermediary, a session policy based on the request, the session policy indicating whether to establish a client based SSL VPN session or clientless SSL VPN session with the server; c) determining, by the intermediary responsive to the session policy, to establish a clientless SSL VPN session between the client and the server; and d) identifying, by the intermediary responsive to the establishment of the clientless SSL VPN session, a first access profile for the clientless SSL VPN session from a plurality of access profiles for controlling access via the clientless SSL VPN session, the first access profile (i) specifying one or more rewrite policies for modifying content from the server and (ii) identified based on at least one of: a user of the client and an application providing the content.