Abstract: Various techniques for split tunneling based on content type to exclude certain network traffic from a tunnel (e.g., VPN tunnel) are disclosed. In some embodiments, a system, process, and/or computer program product for split tunneling based on content type to exclude certain network traffic from a tunnel includes monitoring session traffic received at a data appliance; determining if the session traffic is associated with a first content type; and redirecting the session traffic if the session traffic is associated with the first content type based on a policy.

Abstract: Techniques for time-based network authentication challenges are disclosed. In some embodiments, a system, process, and/or computer program product for time-based network authentication challenges includes monitoring a session at a firewall to identify a user associated with the session, generating a timestamp for an authentication factor associated with the user after the user successfully authenticates for access to a resource based on an authentication profile, intercepting another request from the user for access to the resource at the firewall, and determining whether the timestamp for the authentication factor is expired based on the authentication profile.

Abstract: Techniques for time-based network authentication challenges are disclosed. In some embodiments, a system, process, and/or computer program product for time-based network authentication challenges includes monitoring a session at a firewall to identify a user associated with the session, generating a timestamp for an authentication factor associated with the user after the user successfully authenticates for access to a resource based on an authentication profile, intercepting another request from the user for access to the resource at the firewall, and determining whether the timestamp for the authentication factor is expired based on the authentication profile.

Abstract: Various techniques for split tunneling based on content type to exclude certain network traffic from a tunnel (e.g., VPN tunnel) are disclosed. In some embodiments, a system, process, and/or computer program product for split tunneling based on content type to exclude certain network traffic from a tunnel includes monitoring session traffic received at a data appliance; determining if the session traffic is associated with a first content type; and redirecting the session traffic if the session traffic is associated with the first content type based on a policy.

Abstract: Various techniques for split tunneling based on content type are disclosed. In some embodiments, a system, process, and/or computer program product for split tunneling based on content type includes monitoring session traffic received at a data appliance; determining if the session traffic is associated with a first content type; and redirecting the session traffic if the session traffic is associated with the first content type based on a policy.

Abstract: Techniques for time-based network authentication challenges are disclosed. In some embodiments, a system, process, and/or computer program product for time-based network authentication challenges includes monitoring a session at a firewall to identify a user associated with the session, generating a timestamp for an authentication factor associated with the user after the user successfully authenticates for access to a resource based on an authentication profile, intercepting another request from the user for access to the resource at the firewall, and determining whether the timestamp for the authentication factor is expired based on the authentication profile.

Abstract: Techniques for time-based network authentication challenges are disclosed. In some embodiments, a system, process, and/or computer program product for time-based network authentication challenges includes monitoring a session at a firewall to identify a user associated with the session, generating a timestamp for an authentication factor associated with the user after the user successfully authenticates for access to a resource based on an authentication profile, intercepting another request from the user for access to the resource at the firewall, and determining whether the timestamp for the authentication factor is expired based on the authentication profile.

Abstract: Various techniques for split tunneling based on content type are disclosed. In some embodiments, a system, process, and/or computer program product for split tunneling based on content type includes monitoring session traffic received at a data appliance; determining if the session traffic is associated with a first content type; and redirecting the session traffic if the session traffic is associated with the first content type based on a policy.

Abstract: Techniques for time-based network authentication challenges are disclosed. In some embodiments, a system, process, and/or computer program product for time-based network authentication challenges includes monitoring a session at a firewall to identify a user associated with the session, generating a timestamp for an authentication factor associated with the user after the user successfully authenticates for access to a resource based on an authentication profile, intercepting another request from the user for access to the resource at the firewall, and determining whether the timestamp for the authentication factor is expired based on the authentication profile.