Web@Work features
Web@Work does not currently support video streaming.
Web@Work Feature |
Platform Support |
Description |
Secure access to websites hosted on servers behind your firewall, without requiring the device user to use VPN |
Android |
Web@Work uses AppConnect and AppTunnel capabilities to provide this secure access. You can use Web@Work without purchasing AppConnect for third-party or in-house apps and without purchasing AppTunnel. Configuration: See Enabling Web@Work |
Support for Single Sign On using Kerberos Constrained Delegation (KCD) |
Android |
Device users register Mobile@Work with Core by entering their Ivanti credentials. They can then use Web@Work to access an enterprise app server without having to enter any further credentials. This support depends on the environment being set up to use KCD, and the necessary AppTunnel configuration. See “Authentication using an identity certificate and Kerberos constrained delegation” in the Sentry Guide. |
Admin-specified bookmarks |
Android |
Web@Work supports bookmarks that you specify on the Admin Portal. Configuration: See Enabling Web@Work. |
User-specified bookmarks |
Android |
Device users can add, name, and remove bookmarks that they create. Device users cannot delete or edit bookmarks that you specify in the Admin Portal. On iOS, device users can organize their bookmarks so that they display between bookmarks that you specified. |
Ability to provide different Web@Work-related settings to different devices and users |
Android |
By using Core’s labels, you can provide different Web@Work-related settings to different devices and users, depending on, for example, device attributes and user membership in the enterprise directory. See “Using labels to establish groups” in the Core Device Management Guide or Connected Cloud Device Management Guide. |
Web content presentation and interaction similar to Safari |
iOS |
Because Web@Work uses iOS web technologies, Web@Work automatically inherits any related iOS security updates that are installed on the device. |
Web content presentation and interaction similar to Google Chrome. |
Android |
Web@Work for Android uses the Chromium engine. |
Browser data is encrypted while the device is locked with a passcode |
iOS |
This data includes the browser cache, HTML5 local storage, cookies, URL history, and bookmarks. The security policy must require a device passcode on the iOS device to enable browser data encryption. |
Prevent device user from opening a document in another app |
iOS |
This behavior protects secure documents from leaking to unsecured apps. The behavior is controlled by the AppConnect global policy or AppConnect container policy. |
User can open documents only in other secure apps. |
Android |
All Android secure apps have this behavior. |
Prevent the device user from pasting into other apps any data that the user copied from Web@Work |
iOS |
You can choose whether data can be copied from Web@Work to:
This behavior is controlled by the Copy/Paste To field of the AppConnect global policy or AppConnect container policy. These restrictions do not impact pasting data into Web@Work from other apps. For example, a device user can copy a URL from an unsecured app and paste it into the Web@Work address bar. Also see: Configure an AppConnect container policy for Web@Work |
Prevent copy and paste between Web@Work and other apps. |
Android |
You can choose whether data can be copied and pasted between Web@Work and:
This behavior is controlled by the AppConnect global policy for all AppConnect apps. |
URL schemes that open web pages automatically, and only, in Web@Work |
iOS |
|
Encrypt downloaded documents and prevent sharing them outside of the secure container |
Android |
Screen capture can be disabled, as well. These behaviors protect documents from leaking to non-secure apps. |
Delete downloaded documents based on device compliance status |
Android |
Downloaded documents are automatically wiped from the device in the following cases:
|
Whitelist and blacklist URL filtering |
Android |
Using key-value pairs, you can configure a blacklist to block URLs, and a whitelist as an exception to blacklisted URLs. |
Custom messages for blacklisted URLs |
Android |
Using a key-value pair, you can provide custom warning messages that appear when Web@Work navigates to a blacklisted URL. |
Configurable Home Page |
Android |
Using a key-value pair, you can specify a URL to be loaded as the home page when the user opens a new tab. The home page URL will be loaded automatically only if there are no defined company bookmarks. |
Configurable product name (user agent) |
Android |
Using a key-value pair, you can change the product’s user agent name that is visible to web servers. |
Form-based auto-fill and HTTP authentication |
Android |
Using key-value pairs, you can configure Web@Work to enable saving data and/or passwords that users enter on forms, and on HTTP authentication forms. |
User can clear cached data |
Android |
The user can clear cached data in the Privacy menu, including clearing the cache, history, cookies and data, auto-fill form data, passwords, location access, and camera access. |
User can save preferences for location sharing |
Android |
Users can save their preference for sharing their location on a per-website basis, and clear their choice in the Privacy menu. |
View web pages in desktop mode |
Android |
Using a key-value pair, you can enable users to view the desktop versions of web pages instead of the mobile versions. |
Prevents opening multiple tabs
|
Android |
Web@Work for Android has an option that prevents it from opening extra tabs, which is applicable only for AppConnect-enabled apps. If a third-party app (such as an AppConnect-enabled app) sends the EXTRA_APPLICATION_ID when it launches the Web@Work browser, the Web@Work app will create a tab associated with the third-party app. All links launched in the third-party app will be opened in an associated tab. |