We use Pulse Secure devices for remote access. We've had a few questions pop up about how we might utilize secure application manager (SAM) to handle some specific scenarios.
We use SAM today for allowing employees to connect and RDP into a "jump" server from their home computers (company issued laptops get a full VPN connection).
SAM works well in this scenario, but I realized that I don't have the foggiest clue as to how it works at a low level. It isn't a full VPN - there is no virtual interface and the client computer does not get an IP address on the corporate network. When you RDP into a host, the host sees the connection as coming from the Pulse Secure's IP address.
Somehow, the SAM client hooks into the tcp/ip stack on the client and proxies traffic meant for the host network via the Pulse Secure box.
Does anyone have any documentation on how SAM does its magic? We are particularly wondering about how DNS lookups are handled.
No comments:
Post a Comment