| CPC H04L 63/0281 (2013.01) [G06F 21/53 (2013.01); G06F 21/64 (2013.01); H04L 41/12 (2013.01); H04L 61/302 (2013.01); H04L 63/0236 (2013.01); H04L 63/029 (2013.01); H04L 63/0823 (2013.01); H04L 63/083 (2013.01); H04L 63/0884 (2013.01); H04L 63/1425 (2013.01); H04L 63/20 (2013.01); H04L 67/1008 (2013.01); H04L 67/1036 (2013.01); G06F 2221/033 (2013.01); H04L 63/0272 (2013.01)] | 20 Claims |
|
1. A system for zero trust network access to a customer application comprising:
an application hosted on a customer premises;
a threat management facility configured to manage security for the customer premises;
a cloud computing platform hosted remotely from the customer premises, the cloud computing platform configured to provide a cloud-based data plane for zero trust network access to the application by a device operated by a user associated with the customer premises, the cloud computing platform including:
a service proxy configured to couple the device to the application hosted on the customer premises,
a reverse proxy server connected to the service proxy, the reverse proxy server configured to securely connect to the customer premises, and
an authentication server securely coupled to the threat management facility and configured to create a secure tunnel to the customer premises by authenticating a secure connection to the reverse proxy server; and
a zero trust network access appliance hosted on the customer premises, the zero trust network access appliance configured to initiate the secure connection to the reverse proxy server, and the zero trust network access appliance configured to operatively couple the application hosted on the customer premises through the cloud-based data plane to the device operated by the user.
|