VMware Tunnel consists of two major components that are referenced frequently throughout this document. Understanding the functionality that these components reference will aid your comprehension of this product.
Tunnel Components and Functionality
- VMware Tunnel – A Workspace ONE UEM product offering secure connections to internal resources through enabled mobile applications. It comprises two components: Proxy and Per-App Tunnel.
- Proxy – The component that handles securing traffic between an end-user device and a Web site through the VMware Browser mobile application. VMware Tunnel Proxy is also available on Windows. To use an internal application with VMware Tunnel Proxy, then ensure the AirWatch SDK is embedded in your application, which gives you tunneling capabilities with this component.
- Per-App Tunnel – The component that enables Per-App Tunneling functionality for iOS, macOS, Android, and Windows devices for your internal and managed public apps through the VMware Tunnel mobile app. Per-App Tunnel is only available for the VMware Tunnel for Linux.
- Virtual Appliance – A virtual appliance is a preconfigured virtual machine that is ready to run on a hypervisor such as VMware vSphere. Deploy VMware Tunnel as a virtual appliance through either the vSphere Web client or using a PowerShell script. Virtual appliances do not require specific hardware or software as they are self-contained and configure the proper hardware requirements upon deployment.
- App tunnel / app tunneling – A generic term used to describe the act of creating a secure "tunnel" through which traffic can pass between an end-user device and a secure internal resource, such as a Web site or file server.
On premises and SaaS
Note the following distinction between on-premises and SaaS deployments:
On premises refers to Workspace ONE UEM deployments where your organization hosts all Workspace ONE UEM components and servers on its internal networks.
SaaS refers to Workspace ONE UEM deployments where Workspace ONE UEM hosts certain Workspace ONE UEM components, such as the Console and API servers, in the cloud.