Welcome to the Unified Access Gateway documentation page.

Note: Beginning with version 2.9, VMware Access Point is renamed to VMware Unified Access Gateway.

To access the Unified Access Gateway release notes, product documentation, and technical notes (More Information), use the links on the Table of Contents pane that follows the Collapse All or Expand All option. Product documentation and technical notes are available in the HTML and PDF formats.

About Unified Access Gateway

To help design secure application access for deployments of VMware Horizon® and Workspace ONE, use Unified Access Gateway. This appliance helps enable secure remote access for users of virtual desktops, internal sites, applications, and file repositories. Deploying Unified Access Gateway is simple and secure, providing the necessary security hardening and multi-cloud support across Amazon AWS, Microsoft Azure, and Google Cloud Platform, in addition to vSphere.

Unified Access Gateway is key to VMware's Anywhere Workspace solution and provides several proxy services for different use cases and protocols.

VMware Horizon

Unified Access Gateway equips remote workers anywhere, anytime with secure accesses to Horizon virtual desktops and applications. Unified Access Gateway is designed to be Internet facing in a cloud tenant edge or DMZ network and meets advanced industry compliance and security standards. Multi-factor user authentication for Horizon is enhanced with built-in support for user identity federation with leading SAML identity providers. Fine-grained access controls for authorized protocol access to desktop and application resources are enforced automatically.

VMware Tunnel

Tunnel is a modern VPN replacement providing full device and per application modes to enable remote access to any type of user. Unified Access Gateway appliance serves as the on-premises option for Zero Trust Network Access (ZTNA) leveraging the Workspace ONE Tunnel app. VMware's ZTNA solution is also available as a hosted SaaS service as part of VMware's Secure Access Service Edge.

Web Reverse Proxy

Unified Access Gateway also provides a built-in reverse proxy that can be federated with Workspace ONE Access and other Identity Providers to secure access to internal web sites. This proxy can natively integrate with Conditional Access provided by Workspace ONE Access, and can also provide identity bridging to legacy-authenticated services.

Additional use cases for Workspace ONE

Unified Access Gateway serves as a secure black box for deploying other Workspace ONE components including Content Gateway and Secure Email Gateway. These gateways can be used in conjunction with the Workspace ONE Content app, Workspace ONE Boxer app, and other native and third party mail clients.

Hands-on Labs for Unified Access Gateway

You can access the Hands-on Labs (HOL) to try out the Unified Access Gateway product. You need to have a MyVMware account to access HOL.

Other Unified Access Gateway Documentation Resources

Related Documentation Resources