Unified Access Gateway can be used as a web reverse proxy and can act as either a plain reverse proxy or an authenticating reverse proxy in the DMZ.
Unified Access Gateway provides secure remote access to an On-Premises deployment of Workspace ONE Access. Unified Access Gateway appliances are typically deployed in a network demilitarized zone (DMZ). With Workspace ONE Access, the Unified Access Gateway appliance operates as a web reverse proxy between a user's browser and the Workspace ONE Access service in the data center. Unified Access Gateway also enables remote access to the Workspace ONE catalog to start Horizon applications.
See Advanced Edge Service Settings for information about the settings used when configuring reverse proxy.
Understanding Reverse Proxy
- You must enable the authentication of the reverse proxy on an Edge Service manager. Currently, RSA SecurID and RADIUS authentication methods are supported.
- You must generate the identity provider metadata (IDP metadata) before enabling authentication on web reverse proxy.
- Unified Access Gateway provides remote access to Workspace ONE Access and web applications with or without authentication from browser-based client and then launch Horizon desktop.
- You can configure multiple instances of the reverse proxy and each configured instance can be deleted.
- Simple proxy patterns are case sensitive. Page links and proxy patterns must match.