GlobalProtect Clientless VPN provides
secure remote access to common enterprise web applications. Prisma Access
Clientless VPN lets mobile users access Gzip-compressed websites
to use both internal and SaaS applications. Support for Gzip encoding
ensures that the Gzip encoding request within the HTTP header is
accepted by the Clientless VPN portal. This ensures that the content
from the Gzip-compressed web pages is rendered correctly when accessed
through the Clientless VPN portal.
The following diagram illustrates the extended support to allow
users to access internal and SaaS applications through Clientless
VPN in Prisma Access.
The Clientless VPN can determine whether to use Gzip encoding
based on the HTTP request from the client and the corresponding
response from the app. The gzip value must
be included as one of the Accept-Encoding header values so that
it is accepted by the Clientless VPN.
For example, consider the following scenarios when the Clientless
VPN uses Gzip encoding:
The browser sends an HTTP request to the website with
the Accept-Encoding header values set to gzip, deflate,
and br, as shown in the following example.
The Clientless VPN portal in Prisma Access parses the incoming
HTTP request from the browser and sets the Accept-Encoding header
value to gzip that indicates support for
Gzip encoding, as shown in the following example.
If the website supports Gzip encoding in the HTTP response,
the website sends the Content-Encoding header as gzip that
indicates the content is in Gzip format, as shown in the following
example.
The Clientless VPN forwards the response received from the
website to the web browser in the same format, as shown in the following
example.
If the
HTTP request received by the Clientless VPN does not include gzip as
one of the encoding methods, the Clientless VPN does not accept
Gzip encoding either.