Workspace ONE UEM powered by AirWatch provides you with VMware Tunnel that offers secure method for individual applications to access corporate resources. VMware Tunnel authenticates and encrypts traffic from individual applications on compliant devices to the back-end system they are trying to reach. VMware Tunnel serves as a relay between your mobile devices and enterprise systems by authenticating and encrypting traffic from individual applications to back-end systems.
When configuring and deploying the VMware Tunnel, you must learn the VMware Tunnel terminology. Understanding the functionality that these components reference will aid your comprehension of this product. For more information, see Key Concepts.
Architecture and Deployment Model
The VMware Tunnel is a product you can install on physical or virtual servers that reside in either the DMZ or a secured internal network zone. VMware Tunnel comprises two separate components, proxy and Per-App Tunneling, each with their own architecture and security features. For more information, see Architecture and Security.
VMware Tunnel Pre-Deployment Configuration
Preparing for your VMware Tunnel installation ensures a smooth installation process. Installation includes performing preliminary steps in the Workspace ONE UEM console, and setting up a server that meets the listed hardware, software, and network requirements. For more information, see Pre-Deployment Configuration.
VMware Tunnel offers two architecture models for deployment, that is single-tier and multi-tier. For more information on deployment models and components, see Deployment Model.
Deploy VMware Tunnel with Unified Access Gateway
VMware offers a hardened virtual appliance (Unified Access Gateway) that hosts Workspace ONE services like Per-app Tunnel, and is the preferred method for deployment. Deploying Tunnel on Unified Access Gateway can be done from either vSphere or Hyper-V and can be automated using PowerShell. The Tunnel service on Unified Access Gateway is same as what the Linux installer provides.
Deploy VMware Tunnel on a Linux Server
For customers who do not want to use the Unified Access Gateway deployment, Workspace ONE UEM offers the Linux installer so you can configure, download, and install VMware Tunnel onto a server. The Linux installer has different prerequisites than the Unified Access Gateway method. To run the Linux installer, you must meet specific hardware, software, and general requirements before you can begin installation.
VMware Tunnel Management
Consider configuring additional functionality to enhance your VMware Tunnel deployment. These features allow you more control over device access and networking support. For more information, see Managing VMware Tunnel .
VMware Tunnel Troubleshooting
The VMware Tunnel supports troubleshooting logs to aid in diagnosing issues in your deployment. For more information, see VMware Tunnel Troubleshooting and Support.