FAQ: Difference between XenMobile Secure Browse and Full VPN Tunnel

FAQ: Difference between XenMobile Secure Browse and Full VPN Tunnel

book

Article ID: CTX215631

calendar_today

Updated On:

Description

Q: What is Difference between XenMobile Secure Browse and Full VPN Tunnel ?

A: The following are the differences:

Secure Browse - Secure Browse performs SSL offloading of the connection, which means that the NetScaler will terminate the SSL tunnel, unencrypt the traffic, and perform URL manipulation in order to proxy the connection to the internal resource. Since the NetScaler unencrypts the traffic, that means that it can intercept replies from the internal resource, such as 401 authentication challenges, and respond directly to the internal resource with credentials. This enables SSO to internal resources.
User-added image

Full VPN - Full VPN tunnel performs SSL bridging, which means that the Netscaler just passes on the encrypted traffic to the internal resource. Since the NetScaler doesn’t unencrypt the traffic, it can’t intercept authentication challenges and perform SSO. However, certificate-based authentication requires that the encrypted tunnel go all the way from the client to the internal resource, which means that full VPN tunnel is required for internal resources that require certificate-based authentication
User-added image

Additional Resource

XenMobile How Do I

Issue/Introduction

This article has information on the difference between Secure Browse and Full VPN Tunnel.