Deployment use cases with MobileIron Tunnel for iOS

MobileIron Tunnel enables native per-app and device level VPN on iOS devices. MobileIron Tunnel is part of the following MobileIron deployments for securing access to enterprise resources:

• MobileIron UEM and Standalone Sentry.
• MobileIron UEM and MobileIron Access.

The following use cases are enabled with these deployments:

• access to internal corporate URLs from the Safari browser.
• per-app VPN for managed apps (managed apps do not need AppConnect wrapping or SDK).
• device-level VPN.
• single sign-on.

App proxy provider and packet tunnel provider

MobileIron Tunnel for iOS supports app proxy provider and packet tunnel provider VPN tunnels.

For apps that use a TCP connection, such as Office or GSuite apps, create an app proxy Tunnel VPN configuration. An app proxy Tunnel VPN configuration is applicable per app only. Previously, this was the only option available with MobileIron Tunnel.

For apps that use an IP connection (such as Skype for Business an Microsoft Teams), create a packet tunnel provider Tunnel VPN configuration. A packet tunnel provider Tunnel VPN configuration can be configured to be either per-app or device-level.

For additional information about use cases with specific types of apps, see the knowledge base article in the MobileIron Support Community: iOS and macOS - What are VPN Provider Types Packet-Tunnel and App-Proxy?