Welcome to the Unified Access Gateway documentation page.

To access the Unified Access Gateway release notes, product documentation, and technical notes (More Information), use the links on the Table of Contents pane that follows the Collapse All or Expand All option. Product documentation and technical notes are available in the HTML and PDF formats.

About Unified Access Gateway

To help design secure application access for deployments of VMware Horizon® and Workspace ONE, use Unified Access Gateway. This appliance helps enable secure remote access for users of virtual desktops, internal sites, applications, and file repositories. Deploying Unified Access Gateway is simple and secure, providing the necessary security hardening and multi-cloud support across Amazon AWS, Microsoft Azure, and Google Cloud Platform, in addition to vSphere.

Unified Access Gateway is key to VMware's Anywhere Workspace solution and provides several proxy services for different use cases and protocols.

VMware Horizon

Unified Access Gateway equips remote workers anywhere, anytime with secure accesses to Horizon virtual desktops and applications. Unified Access Gateway is designed to be Internet facing in a cloud tenant edge or DMZ network and meets advanced industry compliance and security standards. Multi-factor user authentication for Horizon is enhanced with built-in support for user identity federation with leading SAML identity providers. Fine-grained access controls for authorized protocol access to desktop and application resources are enforced automatically.

VMware Tunnel

Tunnel is a modern VPN replacement providing full device and per application modes to enable remote access to any type of user. Unified Access Gateway appliance serves as the on-premises option for Zero Trust Network Access (ZTNA) leveraging the Workspace ONE Tunnel app. VMware's ZTNA solution is also available as a hosted SaaS service as part of VMware's Secure Access Service Edge.

Web Reverse Proxy

Unified Access Gateway also provides a built-in reverse proxy that can be federated with Workspace ONE Access and other Identity Providers to secure access to internal web sites. This proxy can natively integrate with Conditional Access provided by Workspace ONE Access, and can also provide identity bridging to legacy-authenticated services.

Additional use cases for Workspace ONE

Unified Access Gateway serves as a secure black box for deploying other Workspace ONE components including Content Gateway and Secure Email Gateway. These gateways can be used in conjunction with the Workspace ONE Content app, Workspace ONE Boxer app, and other native and third party mail clients.

Other Unified Access Gateway Documentation Resources

  • VMware Unified Access Gateway Deployment and Configuration

    Videos that shows you how to deploy and configure Unified Access Gateway for Horizon use cases and security best practices.

  • Master Unified Access Gateway

    Additional videos and information about the fundamentals of using Unified Access Gateway with VMware Workspace ONE and VMware Horizon 7.

  • VMware Configuration Maximums

    To simplify the deployment of the Unified Access Gateway appliance as the Workspace ONE security gateway, sizing recommendations are added to the deployment configurations for the appliance. VMware Configuration Maximums is a portal that contains the sizing recommendations for Unified Access Gateway and several other products.

Related Documentation Resources

Documentation for Older Releases

To access old versions of Unified Access Gateway documentation, select Archived Documentation folder in the left navigation panel. Click the release version link to download the zip file containing PDFs.