Forum Discussion

Roderick_Graham's avatar
Roderick_Graham
Icon for Nimbostratus rankNimbostratus
Sep 10, 2015

APM Per-App-VPN: Network Access Split Tunnel vs. App-Tunnel

I'm writing in hopes of getting clarification on APM per-app-vpn setups for iOS devices.

 

From what I've read I've seen two ways of accomplishing an apm per-app-vpn setup for mobile devices: 1. Network Access - full or split tunnel 2. App-Tunnel - with "Java Tunnel" enabled.

 

I've successfully configured both types of setups and the main difference I see between the two is that their is no auto-launch option for the app-tunnel.

 

Is one method preferred over the other?

 

Are there any distinct considerations that would determine which would be the better method?

 

Any assistance you can provide will be appreciated.

 

APM
application delivery
deployment
design
performance
security

1 Reply

Sort By
  • Daniel_W_'s avatar
    Daniel_W_
    Icon for Cirrus rankCirrus
    Sep 11, 2015

    We had the same question and ended up with using Network Access with split tunneling for one simple reason: With per app vpn, all traffic from that app goes into the tunnel. This app needed to be provisioned by MoDM.

     

    Imaging a user with the Word App trying to access an internal sharepoint over the vpn tunnel and his personal Onedrive over the internet. Because we are not able to route the internet traffic over VPN tunnel, per App VPN is not useable in this situation.

     

    If your VPN-enabled Apps don't need to communicate directly to the Internet, you should go for App VPN.