Workspace ONE UEM powered by AirWatch provides you with VMware Tunnel that offers secure method for individual applications to access corporate resources. VMware Tunnel authenticates and encrypts traffic from individual applications on compliant devices to the back-end system they are trying to reach. VMware Tunnel serves as a relay between your mobile devices and enterprise systems by authenticating and encrypting traffic from individual applications to back-end systems.

Supported Platforms for VMware Workspace ONE Tunnel App

VMware Workspace ONE Tunnel app is supported by iOS, macOS, Android and Windows 10.

Key Concepts

When configuring and deploying the VMware Tunnel, you must learn the VMware Tunnel terminology. Understanding the functionality that these components reference will aid your comprehension of this product. For more information, see Key Concepts.

Architecture and Deployment Model

The VMware Tunnel is a product you can install on physical or virtual servers that reside in either the DMZ or a secured internal network zone. VMware Tunnel comprises two separate components, proxy and Per-App Tunneling, each with their own architecture and security features. For more information, see Architecture and Security.

VMware Tunnel Pre-Deployment Configuration

Preparing for your VMware Tunnel installation ensures a smooth installation process. Installation includes performing preliminary steps in the Workspace ONE UEM console, and setting up a server that meets the listed hardware, software, and network requirements. For more information, see Pre-Deployment Configuration.

VMware Tunnel offers two architecture models for deployment, that is single-tier and multi-tier. For more information on deployment models and components, see Deployment Model.

Deploy VMware Tunnel with Unified Access Gateway

VMware offers a hardened virtual appliance (Unified Access Gateway) that hosts Workspace ONE services like Per-app Tunnel, and is the preferred method for deployment. Deploying Tunnel on Unified Access Gateway can be done from either vSphere or Hyper-V and can be automated using PowerShell. The Tunnel service on Unified Access Gateway is same as what the Linux installer provides. For more information, see Deploying VMware Tunnel on Unified Access Gateway.

Deploy VMware Tunnel on a Linux Server

For customers who do not want to use the Unified Access Gateway deployment, Workspace ONE UEM offers the Linux installer so you can configure, download, and install VMware Tunnel onto a server. The Linux installer has different prerequisites than the Unified Access Gateway method. To run the Linux installer, you must meet specific hardware, software, and general requirements before you can begin installationFor information see, Deploying VMware Tunnel on Linux Server .

VMware Tunnel Management

Consider configuring additional functionality to enhance your VMware Tunnel deployment. These features allow you more control over device access and networking support. For more information, see Managing VMware Tunnel .

VMware Tunnel Troubleshooting

The VMware Tunnel supports troubleshooting logs to aid in diagnosing issues in your deployment. For more information, see VMware Tunnel Troubleshooting and Support.