Give Mobile Apps Secure Access to Corporate Resources
Mobile apps are equipped with native support for different secure access solutions, leaving organizations on their own to manually integrate these services or compromise network architecture to solve for a use case involving a custom-developed app.
This Knowledge Base article describes how to use Appdome Access Suite to integrate secure access services to any mobile app easily and without coding. The goal of this knowledge base is to help you to leverage existing network and security investments to manage access to corporate resources from any Android and iOS app on-demand (including 3rd party apps).
Enable Any Android and iOS App with Secure Access to Corporate Resources
Appdome provides you with the ultimate flexibility to add secure access services integrated with an app, eliminating the need for per-app VPNs and VPN-client-based solutions. Encryption and other Appdome Mobile Enterprise Access services improve the mobile end-user experience without compromising data-in-motion security. For example, Appdome Mobile Enterprise Access gives organizations using Microsoft Intune secure access to protected resources without having to rely on the Intune managed browser or specific gateway.
Appdome for Mobile Enterprise Access makes it easy and convenient to add secure access services to any App. Developers and non-developers alike can add MicroVPN, behind-the-firewall resource governing proxy policies, server access paths and more to any Android and iOS App in seconds, no code or coding required.
Using Appdome, there are no development or coding prerequisites. For example, there is no Appdome SDK, libraries, or plug-ins to implement. Likewise, there are no changes required in the App. Appdome is compatible with mobile Apps built in any development environment including Native Android and iOS Apps, Hybrid Apps and non-native Apps built in Xamarin, Cordova, and React Native, Ionic and more.
Appdome is a mobile integration platform as a service (iPaaS) that allows users to add a wide variety of features, SDKs, and APIs to Android and iOS Apps. Integrating your App with Appdome for Mobile Enterprise Access suite will allow you App to authenticate against the Secure Access services and securely connect to the desired enterprise resources.
Appdome For Mobile Enterprise Access
Appdome for Mobile Enterprise Access offers you several options for ensuring Apps needing to access corporate resources can do so securely, including MicroVPN, proxies, and App configuration and setup. These capabilities would ordinarily need to be developed and coded into an app. With Appdome, adding these capabilities to mobile apps is completed in seconds.
Appdome for Access and MicroVPN Profiles Features
Appdome’s home-grown MicroVPN solution allows mobile applications to establish direct and seamless access to corporate resources without requiring device level or per-App VPN.
Appdome MicroVPN is a flexible, all-in-one, mobile enterprise connectivity solution that supports any enterprise standard network gateway such as an SSL gateway, proxy, reverse proxy, or industry standard VPN, all without any change to an enterprise network infrastructure.
Appdome MicroVPN provides two modes of operation:
- Direct Connection mode – enables a direct connection between an App and protected resources (1-to-1 mapping), leveraging a gateway function built into the fusion layer of an App.
- Transparent Proxy Mode – Appdome reroutes connections to internally resolved protected resources (many-to-many mapping) via standard secure gateways. With this feature, you can enable internal DNS resolution as many to one via the standard Transparent Proxy protocol (HTTP CONNECT)
Appdome’s MicroVPN Features:
- Inclusive Routing – allows you to distinguish between secured connections to particular domains using Appdome’s MicroVPN, while others will be allowed to pass directly.
- Session Hardening – Appdome allows you to restrict the parameters of the App’s connection, using Strict Protocol Checking and Server Validation.
- Static Client Pinning – apply restrictions on the server or gateway which is the destination for the mobile App. Appdome can integrate the certificates needed to identify permitted clients and present them as part of the secured connections. Enterprise extension for static client pinning. It allows the use of a unique client-side certificate distributed by a SCEP server on a per-user basis.
- Dynamic Client Pinning – this allows you to pin a dynamic unique personal client certificate to the built app to authenticate client connections to the MicroVPN gateway.
Appdome includes implementations for 3rd-party secure gateways, including those from F5 Networks and Microsoft.
- F5 Access Manager enables enterprises to connect any mobile App to F5 Access Manager natively. Appdome supports all F5 access methods and authentication types out of the box.
- Microsoft’s Azure AD Application Proxy (AppProxy) provides secure remote access for on-premise web Apps. With Appdome, Microsoft AppProxy can be extended to Android and iOS Apps, for controlled authentication. Enterprises can build Appdome for Microsoft AppProxy, enabling Appdome-Built mobile Apps to tunnel traffic using either a transparent or reverse proxy mode.
Appdome Access Suite Options:
Appdome Mobile Enterprise Access provides the ability to build app configuration information, removing the burden for mobile end users having to copy and paste (or manually enter) server locations and other resource data.
This includes private URLs, custom config files and custom values, add private certificates and authorities, proxy PAC files and more to ensure App requests and data can successful traverse complex enterprise network environments:
- Private Server Certificates and Authorities – Appdome’s adapter makes it easy for Apps to be loaded with private CA public certificates during Fusion and allow connections to private servers.
- Certificate Pinning – This allows you to pin a defined list of server public certificate files and CA to enable self-signed backend access from your app.
- Auto-Pin Trusted Domains – automatically downloads and pins all server certificates from connections that the App establishes.
- Proxy Settings – PAC support – Appdome allows you to configure your App to proxy with a dynamic and static configuration.
- Editable User Agent Header – The Appdome technology edits the HTTP User-Agent Header with no manual development work at all. Using Appdome, mobile Apps will use User Agent to send the custom-tailored User-Agent header which you require.
How Do I Learn More?
Check out how Appdome’s proprietary MiTM prevention, can be combined with Appdome MicroVPN to protect mobile data ‘in transit’, and ensure that all mobile sessions, connections, and certificates are valid and trusted at all times.
If you have any questions, please send them our way at email@example.com or via the chat window on the Appdome platform.