Abstract: Systems and methods for policy based privileged remote access in zero trust private networks. Various embodiments include receiving a request to an end system; determining available end systems based on one or more criteria associated with the request, wherein the one or more criteria are analyzed based on policy; and providing access to the end system based on the one or more criteria, wherein the access includes remote pixel rendering protocols integrated with a zero trust architecture.

Abstract: Systems and methods for time bound session management for Operational Technology (OT) applications using Cron expression policies over zero trust. Various embodiments include receiving a request to an end system from a user; determining that the request requires a time-based approval; performing one or more time-based policy checks associated with the request; and allowing or denying the request based on the one or more time-based policy checks. The steps can further include monitoring an active session between the user and the end system; and timing out the active session based on time-based policy checks.

Abstract: Systems and methods for policy based seamless authentication for PRA systems through zero trust private networks. The various systems and methods described herein include steps of receiving a request to access a Privileged Remote Access (PRA) system; determining if any credential rules apply to a console associated with the request; retrieving credentials associated with any of a user and the console from a database, thereby avoiding the user being required to provide credentials; and providing access to the requested PRA system based on the retrieved credentials.

Abstract: Systems and methods for a dynamically reconfigurable traffic inspection pipeline in zero trust networks. Methods include steps of intercepting traffic traversing through a zero trust network to a destination; determining one or more traffic inspection stages to utilize for inspecting the traffic based on the characteristics of the traffic; creating a traffic inspection pipeline including the one or more traffic inspection stages; and performing the one or more traffic inspection stages on the traffic through the traffic inspection pipeline. The steps can include dynamically adding or removing traffic inspection stages in the traffic inspection pipeline after performing a traffic inspection stage.

Abstract: Systems and methods for policy based traffic inspection in zero trust private networks. Various embodiments include receiving a request for a workload; analyzing one or more criteria associated with the request; determining an inspection profile to utilize for the request based on the analyzing of the one or more criteria; applying the inspection profile to the request; and inspecting traffic associated with the request based on the inspection profile.

Abstract: Embodiments as disclosed provide a What-You-See-Is-What-You Get (WYSIWYG) editor for web content, allowing the conversion of previously generated web content to reusable templates or components. Embodiments thus allow, among other advantages, users such as web content developers to easily repurpose or reuse previously developed pages or content by giving these users the ability to review and edit previously developed pages or content in a WYSIWYG editor.

Abstract: Systems and methods for policy based agentless file transfer in zero trust private networks. Various systems and methods include receiving a request for a file transfer; determining a file transfer protocol; evaluating one or more criteria associated with the request, the criteria being associated with any of an end user and the contents of the file; and allowing or denying the file transfer based on the evaluating. Responsive to an end user's policy including a requirement for file inspection, the steps can further include sending the file to a sandbox for inspection, and receiving a result of the inspection from the sandbox.

Abstract: Embodiments as disclosed provide a What-You-See-Is-What-You Get (WYSIWYG) editor for web content, allowing the conversion of previously generated web content to reusable templates or components. Embodiments thus allow, among other advantages, users such as web content developers to easily repurpose or reuse previously developed pages or content by giving these users the ability to review and edit previously developed pages or content in a WYSIWYG editor.

Abstract: Embodiments as disclosed provide a What-You-See-Is-What-You Get (WYSIWYG) editor for web content, allowing the conversion of previously generated web content to reusable templates or components. Embodiments thus allow, among other advantages, users such as web content developers to easily repurpose or reuse previously developed pages or content by giving these users the ability to review and edit previously developed pages or content in a WYSIWYG editor.

Abstract: Systems and methods for privileged remote access to Operational Technology (OT)/Internet of Things (IOT)/Industrial IOT (IIOT)/Industrial Control System (ICS) infrastructure, implemented in a cloud-based system. The method includes steps of, responsive to determining a user can access an application associated with the OT/IOT/IIOT/ICS infrastructure, determining the user's security and access policies and creating a session for the user; establishing a secure connection to the application via a lightweight connector connected to the application; and brokering a connection between the user's device and the application through the lightweight connector, enabling the user to interact with the application for the OT/IOT/IIOT/ICS infrastructure, based on the user's security and access policies.

Abstract: Embodiments as disclosed provide a What-You-See-Is-What-You Get (WYSIWYG) editor for web content, allowing the conversion of previously generated web content to reusable templates or components. Embodiments thus allow, among other advantages, users such as web content developers to easily repurpose or reuse previously developed pages or content by giving these users the ability to review and edit previously developed pages or content in a WYSIWYG editor.

Abstract: Embodiments as disclosed provide a What-You-See-Is-What-You Get (WYSIWYG) editor for web content, allowing the conversion of previously generated web content to reusable templates or components. Embodiments thus allow, among other advantages, users such as web content developers to easily repurpose or reuse previously developed pages or content by giving these users the ability to review and edit previously developed pages or content in a WYSIWYG editor.

Abstract: Generating PKI credentials for authenticating a networking appliance attempting to attach to a network includes: receiving a certificate signing request (CSR) from the networking appliance, wherein the CSR comprises credential data associated with an identity of the networking appliance; generating an appliance certificate based on the credential data and a certificate authority (CA) certificate associated with the computer; and returning the appliance certificate to the networking appliance.

Abstract: Implementations generally relate methods, systems, and computer readable media for discovery of an open network adapter. In some implementations, a method includes receiving, by a software-defined network (SDN) controller, a notification of an open networking adapter (ONA) establishing a connection with a switch, the ONA having an address associated therewith. The method further includes identifying the switch based on a lookup of the address of the ONA in forwarding tables of a neighboring switch of the SDN controller. The method further includes applying a service profile configuration to a port of the switch where the ONA is connected.

Abstract: Authenticating a networking appliance attempting to attach to a network includes receiving at least one value associated with an identity of the networking appliance; receiving a certificate signing request (CSR) from the networking appliance, wherein the CSR comprises credential data associated with the identity of the networking appliance; and generating an appliance certificate based on the credential data and a certificate authority (CA) certificate associated with the computer. The method also includes returning the appliance certificate to the networking appliance; receiving a request from the networking appliance to attach to the network; and authenticating the identity of the networking appliance based on both a) the at least one value associated with the identity of the networking appliance; and b) the appliance certificate.

Abstract: Authenticating a networking appliance attempting to attach to a network includes receiving a request from the networking appliance to attach to the network, wherein the request comprises credential data associated with the networking appliance and a certificate authority (CA) certificate associated with the computer; receiving at least one value associated with an identity of the networking appliance; and authenticating the identity of the networking appliance based on both a) the at least one value associated with the identity of the networking appliance; and b) the appliance certificate.

Abstract: Implementations generally relate methods, systems, and computer readable media for discovery of an open network adapter. In some implementations, a method includes receiving, by a software-defined network (SDN) controller, a notification of an open networking adapter (ONA) establishing a connection with a switch, the ONA having an address associated therewith. The method further includes identifying the switch based on a lookup of the address of the ONA in forwarding tables of a neighboring switch of the SDN controller. The method further includes applying a service profile configuration to a port of the switch where the ONA is connected.

Abstract: Methods, systems and computer readable media for multi-device single network sign-on are described. For example, a method can include authenticating a first device for network access via a first authentication process, the first device being associated with a user account. The method can also include receiving an access request from a second device associated with the user account, and determining whether the second device is within an access perimeter of the first device. The method can further include permitting the second device to access the network without a second authentication process when the second device is within the access perimeter of the first device.

Abstract: Embodiments as disclosed provide a What-You-See-Is-What-You Get (WYSIWYG) editor for web content, allowing the conversion of previously generated web content to reusable templates or components. Embodiments thus allow, among other advantages, users such as web content developers to easily repurpose or reuse previously developed pages or content by giving these users the ability to review and edit previously developed pages or content in a WYSIWYG editor.

Abstract: Methods, systems, and computer readable media for dynamically routing authentication requests are described. An embodiment can include receiving, at one or more computing devices, a network authentication request. An embodiment can also include creating, at the one or more computing devices, an authentication context based on information in the authentication request. An embodiment can also include dynamically routing, using the one or more computing devices, the authentication request to an authentication server.