Patent attributes
This disclosure describes techniques for utilizing strong authentication of device identities and/or user identities to establish secure network tunnels between client devices and a virtual private network (VPN) server of a service provider network. The service provider network may generate routes from the VPN server to services to establish a connection for the client device to access the services. The service provider network may receive posture data from the client device that indicates a state of the client device, and determine, using a security policy, with which services the client device is permitted to interact or utilize. Further, the techniques described herein include receiving requests from the services to provide cryptographic assertion(s) that were used by the VPN server to authenticate the device identities and/or user identities. In this way, the services may be able to perform strong authentication of the client devices that are attempting to utilize the services.
