Secure Mobile Access 12.4 Deployment Guide
- Secure Mobile Access
- About this Guide
- About SonicWall Secure Mobile Access
- Planning Your VPN
- Common VPN Configurations
- About the Configurations
- Deployment Scenario: Remote Access for Employees and Partners
- Customizing WorkPlace
- Testing the Deployment Scenario
- Other Remote Access VPN Scenarios
- Additional Partner VPN Scenarios
- End Point Control Scenarios
- Access Policy Scenarios
- Application-Specific Scenarios
- Authentication Scenarios
- Access Component Provisioning
- SonicWall Support
Tunnel, Proxy, or Web: Which Access Method is Best?
The SMA access services and clients offer a wide array of methods with different degrees of capability for reaching your organization’s resources. Use the table below to determine which ones are best for you and your users.
Other factors to consider, aside from technical requirements, are:
-
Security requirements such as the safeguards you want to put in place on the desktop.
-
User profiles, including the levels of technical sophistication among your users.
-
Administrative resources available to manage and support a VPN.
The below table summarizes the access methods and their advantages.
Access Method | Provides Access to | Advantages |
Connect Tunnel |
Full network access to client/server applications, Web resources, network shares, and bi-directional applications such as VoIP, SMS, and FTP. |
|
OnDemand Tunnel | Full network access to client/server applications, Web resources, network shares, and bi-directional applications such as VoIP, SMS, and FTP. |
|
Mobile Connect | Client/server applications, thin-client applications, and Web resources. | Stand-alone, lightweight application that runs on iOS, Android, Mac OS, Chrome OS, and Windows 10 desktops. |
WorkPlace Lite | Access mode that bypasses all Access and EPC Agents and logs the user in to WorkPlace. |
|
ActiveSync | Email, calendar, contacts, tasks, and out-of-office functions available from the Exchange server. | Convenient email and related functions access from Apple iPhones and iPads, smart phones running the Google Android operating system, and smart phones running the Symbian operating system. |
OnDemand proxy agent | Thin client/Server applications. |
|
Translated Web access Custom Port Mapped Web access Custom FQDN Mapped Web access |
Any Web resource (including Web-based applications, Web portals, and Web servers). Translated Web on Windows operating systems also offers access to network shares. Custom Port Mapping provides access via a specific port defined by the administrator, which must be open on the external firewall. Custom FQDN Mapping provides access via DNS and requires new DNS entries and possibly a new SSL certificate and IP address. |
Convenient access to Web and file system resources from any Web browser that supports SSL. No client configuration or administration tasks. Supports the use of aliases to hide internal host names in the browser address bar. Single sign-on to back-end Web servers. A good option for providing business partner access, because it does not require any client configuration or administration. Custom Port Mapping and Custom FQDN Mapping handle Web programming technologies such as JavaScript without the limitations of URL rewriting used in translation. |
Was This Article Helpful?
Help us to improve our support portal