A method for protecting application servers from network-based attacks and verifying the security posture of end client systems is disclosed. A trust broker system receives a request from a user agent associated with a client system remote from the trust broker to connect to applications and resources associated with the trust broker. The trust broker system verifies the integrity of the client system and verifies the identity of a user of the client system. The trust broker system then determines the access level permitted to the identified user and based on the access level. The trust broker system establishes a connection with the user agent and transmits session information to the server system. The trust broker system sends the user agent connection information, wherein the connection information enables the requesting user agent to connect to the requested server system.