There are three ways to provide your users with access to private applications via Zero Trust Network Access:
- Dedicated IPSec gateway —There are two kinds of dedicated IPSec gateways
- Quick Connect IPSec
A Linux VM that establishes a secure route to Jamf Security Cloud
For more information, see Creating a Quick Connect IPSec Gateway.
- Custom IPSec
A fully customized IPSec tunnel configuration designed to connect with your existing VPN infrastructure or firewalls
For more information, see Creating a Custom IPSec Gateway.
- Dedicated internet gateway —
A pair of IPv4 addresses that route traffic to the internet through Jamf Security Cloud
For more information, see Dedicated internet gateway.
Jamf Security Cloud Micro-Tunnel Technology
While dedicated gateways and their tunnels are shared by your employees and sites, each individual device-to-application connection within these tunnels are themselves "micro-tunnels".
Each micro-tunnel is built dynamically on a per-app, per-device, per-session basis that conforms to your defined access policy in Jamf Security Cloud. This means that every packet traversing the gateway's tunnel has been validated against Jamf Security Cloud Zero Trust policy engine and is permitted to connect to the requested application.
Any requests to applications that are not permitted by policy are dropped and reported. They are never routed via the tunnel towards the application. For more information, see Zero Trust Network Access Policy.