January 25th Webinar: Innovation in Healthcare Powered by Microsoft Solutions in 2024

Maximizing Productivity and Security with Microsoft Tunnel VPN

The Importance of Mobile VPNs in Today's World

The shift to remote work has pushed many companies to figure out the best and most cost-effective way to help users be productive on iOS and Android devices. 

For companies that are on the cloud already, the transition has been easier than for companies that are still running workloads on premises. 

The Microsoft Tunnel Gateway solution allows Microsoft Intune-enrolled iOS and Android devices to access on-premises apps and resources. The solution is also fully integrated with the Microsoft 365 cloud and takes advantage of single sign-on capabilities using Azure Active Directory (AAD) authentication from the client to Tunnel Gateway.

Solution Overview

To start with, VPN Mobile (Microsoft Tunnel Gateway) installs onto a container that runs on a Linux server. The Linux server can be a physical box in your on-premises environment or a virtual machine that runs on-premises or in the cloud. Accordingly, you’ll deploy a Microsoft Defender for Endpoint as the Microsoft Tunnel client app and Intune VPN profiles to your iOS and Android devices. This is aimed to enable them to use the tunnel and connect to corporate resources. Then, when the tunnel is hosted in the cloud, you’ll need to use a solution like Azure ExpressRoute to extend your on-premises network to the cloud.

Microsoft Tunnel
Microsoft Tunnel Smartmockup

How Does It Work?

Tools like Microsoft Tunnel open access to applications and services beyond PCs. This allows remote workers to use Android and iOS devices with the same level of assured security. By bundling the service as a Linux container, Microsoft makes it easy to get started. Simply, you will need to drop the service in a container and connect it to a Microsoft 365 Endpoint Security subscription.

Microsoft Tunnel - Key Components

The Microsoft Tunnel is a VPN solution for mobile devices that is made up of several components: 

  • Microsoft Intune: This is a mobile device management platform that allows IT administrators to easily manage and deploy the Tunnel client to all devices in their organization.
  • Azure AD and Conditional Access: These services are used to authenticate users and control access to corporate resources.
  • Linux server: The platform for running containers (Podman or Docker). 
  • Containers: The engine for running containers of Tunnel Gateway and the management agent. 
  • Microsoft Tunnel: The VPN provider for access to on-premises resources.
  • Management agent: The agent for applying the required configuration to the Tunnel Gateway.
  • Authentication plugin: The authorization plugin for authentication with Azure AD.
  • TLS certificate: The certificate for securing connections from devices to the Tunnel Gateway server. 
  • Firewall: The secure wall for protecting the on-premises resources.
  • Public IP/FQDN: The public address for accessing the Tunnel Gateway.
  • Corporate network: The location for the on-premises resources.
  • Public Internet: The location for the mobile devices.
  • Device: The device for connecting to the Tunnel Gateway server.

Licensing for Microsoft Tunnel Gateway Users

Each user requires an Intune License, that allow the organization to manage and secure mobile devices, PCs, and apps from a single console.

Therefore, the best part of Microsoft Tunnel Gateway is that it fully integrates with a Microsoft 365 solution which is included in the existing Microsoft Intune license.

What Are The Use Cases?

For anyone seeking a safer, freer, and more secure online experience, the benefits of using a VPN are myriad the VPN connection remains secure, and your device remains protected. Because of the flexibility, a mobile VPN is ideal for users who travel, or for those who don’t have access to a reliable internet connection.

Some of the use cases are:

  1. Access to internal corporate resources
  2. Secure your data
  3. Work from anywhere

Stay Ahead with Microsoft Tunnel - Contact Us

VPN mobile is an essential tool to keep your mobile devices secure while accessing your corporate network. Microsoft Tunnel is one of the best VPN solutions for mobile devices. It is built on Azure, integrated with Azure Virtual WAN and Azure ExpressRoute, and it supports Azure AD and Conditional Access. 

As a Microsoft Partner company, we can help you to setup, manage and support your mobile VPN solution, so you can focus on your business and not on the technology. Contact us today to see how we can help you to stay secure and productive on-the-go.


More Posts


Connect with us