Core Capability: App Tunneling

 

App Tunneling Overview

An application may require access to web services residing behind a corporate firewall.

A traditional full device VPN solution is not adequate due to manual steps required to enable the VPN on the device, and the security exposure by allowing personal apps the same access to the VPN as corporate apps. A more secure, seamless, targeted solution is required to allow only certain applications restricted access to certain intranet endpoints.

TECHNICAL APPROACHES
Recommended   Supported

RECOMMENDED APPROACHES

AppConfig.org Implementation Summary

  • Use the AppConfig practice of configuring a Per-App VPN profile through your MDM console for your application.
  • All network traffic specific to the whitelisted applications defined in the profile will be redirected through the Tunnel proxy.
  • Requires iOS 7+ / Android 5.0+. (Android 4.x on roadmap)
  • Requires AirWatch Tunnel app to be present on device and the AirWatch Tunnel Server
  • Requires enrollment into MDM.
  • Requires no coding.

SUPPORTED APPROACHES

Airwatch SDK Implementation Summary

  • Integrate the AirWatch SDK into your application and configure a SDK profile with Tunneling enabled and assign it to your application.
  • Ensure the networking classes and methods used by your applications are supported in the AirWatch SDK guide.
  • The SDK will redirect your app network traffic through a supported proxy to reach your targeted backend.
  • Requires coding and device entry in AirWatch system, no MDM required.

App Wrapping Implementation Summary

  • Develop and compile your application.
  • Verify that the app is only using an approved MADP platform and coding techniques
  • Run the compiled binary through the AirWatch application wrapping engine.
  • Assign a wrapping profile to your application with a Tunnel policy.

App Wrapping Tutorials