Unified Access Gateway can be used as a web reverse proxy and can act as either a plain reverse proxy or an authenticating reverse proxy in the DMZ.
Unified Access Gateway provides secure remote access to an On-Premises deployment of VMware Identity Manager. Unified Access Gateway appliances are typically deployed in a network demilitarized zone (DMZ). With VMware Identity Manager, the Unified Access Gateway appliance operates as a web reverse proxy between a user's browser and the VMware Identity Manager service in the data center. Unified Access Gateway also enables remote access to the Workspace ONE catalog to start Horizon applications.
See Advanced Edge Service Settings for information about the settings used when configuring reverse proxy.
Understanding Reverse Proxy
- You must enable the authentication of the reverse proxy on an Edge Service manager. Currently, RSA SecurID and RADIUS authentication methods are supported.
- You must generate the identity provider metadata (IDP metadata) before enabling authentication on web reverse proxy.
- Unified Access Gateway provides remote access to VMware Identity Manager and web applications with or without authentication from browser-based client and then launch Horizon desktop.
- You can configure multiple instances of the reverse proxy and each configured instance can be deleted.