Understand the architecture design and security features of VMware Content Gateway deployed as a service on the Unified Access Gateway appliance.
Deploying the Content Gateway as a service on the Unified Access Gateway eliminates manual configuration and maintenance of Content Gateway using security updates. The Unified Access Gateway appliance platform goes through multiple security audits and patches are provided for security vulnerabilities. For information about deploying Content Gateway as a service on Unified Access Gateway, see Unified Access Gateway System and Network Requirements section in the Deploying and Configuring VMware Unified Access Gateway guide available at docs.vmware.com.
VMware Content Gateway offers basic and relay-endpoint architecture models for deployment. Both configurations support load-balancing for high-availability and SSL offloading. Configure your VMware Content Gateway deployment in a way that best addresses your security needs and existing setup.
Consider using a load balancer in the DMZ to forward traffic on the configured ports to a Workspace ONE UEM component. Also, consider using dedicated servers to eliminate the risk of other web applications or services causing performance issues.