SONICWALL MOBILE CONNECT Simple, identity-based and policy-enforced secure access to company resources, applications and data for iOS, MacOS, Android, Chrome OS, Kindle Fire and Windows 10 devices.
Give your employees safe, easy access to Features and benefits Benefits: the data and resources they need to be Ease of use • Ease of use productive from any device, running iOS, OS X, Android™, Chrome OS, Kindle Fire iOS, OS X, Windows 10, Android, Chrome • Centralized policy management and Windows. At the same time, ensure OS and Kindle users can easily download • Verification of both user and device that the corporate network is protected and install the Mobile Connect app via • Easy access to appropriate resources from mobile security threats. the App Store™, Google Play, Chrome Web Store, Amazon App Store, or • Malware protection The SonicWall Mobile Connect™ Windows Store. application works in combination with • Mobile device registration and authorization management SonicWall Secure Mobile Access (SMA) Centralized policy management or next-generation firewall appliances. IT can provision and manage user and • Per-application VPN Mobile workers simply install and launch device accessing via SonicWall appliances • One-click secure intranet the Mobile Connect application on — including control of data, resources and file browsing and on-device their mobile device to establish a secure applications hosted on-prem or in the data protection connection to an SMA or next-generation cloud — through a single management • Auto-launch VPN firewall appliance. The encrypted SSL VPN interface. Unlike other VPN solutions, the connection will protect traffic from being SonicWall solution allows you to quickly • Easy integration intercepted and keep in-flight data secure. set role-based policy for mobile and laptop • Application intelligence and control Context-aware authentication ensures devices and users with a single rule across only authorized trusted users and devices all objects; as a result, policy management are granted access. can take only minutes instead of hours.
Behind the scenes, IT can easily provision Verification of both user and device and manage access policies via SonicWall A Mobile Connect user is granted access appliances through a single management to the corporate network only after interface, including restricting VPN establishing user and device identity, access to a set of trusted mobile apps location and trust. End Point Control can allowed by the administrator. Plus, the determine whether an iOS device has been SonicWall solution integrates easily with jailbroken or an Android device has been most back-end authentication systems, rooted, as well as whether a certificate is including most popular identity providers present or the OS version is current, and and multi-factor services authentication, then reject or quarantine the connection so you can efficiently extend your as appropriate. preferred authentication practices to your mobile remote and work-from-home Easy access to appropriate resources (WFH) workers. Mobile devices can connect to all allowed network resources, including web-based, client/server, server-based, host-based and back-connect applications. Once shares and files from within the Mobile Provide fast, secure a user and device are verified, Mobile Connect app. Administrators can Connect offers pre-configured bookmarks establish and enforce mobile application mobile access through for one-click access to corporate management policy for the Mobile an intuitive, easy-to- applications and resources for which the Connect app to control whether files user and device has privileges. viewed can be opened in other apps, use app that is simple copied to the clipboard, printed or cached Malware protection to install and launch securely within the Mobile Connect app. When deployed with a SonicWall next- For iOS devices, this allows administrators on both smartphones generation firewall, Mobile Connect to isolate business data from personal and tablets. establishes a Clean VPN™, an extra data stored on the device and reduces the layer of protection that decrypts and risk of data loss. In addition, if the user’s scans all SSL VPN traffic for malware credentials are revoked, content stored in before it enters the network. All files the Mobile Connect app is locked and can uploaded by trusted user to corporate no longer be accessed or viewed. Specifications compatibility networks are inspected by our cloud based multi-engine Capture ATP service Auto-launch VPN SonicWall SMA and Next- to protect from advanced threats such as URL control allows apps that require a Generation Firewall ransomware and zero-day threats. VPN connection for business (including TZ, NSA, E-Class NSA or Super Safari) to create a VPN profile and Massive 9000 Series appliances Mobile device registration and automatically initiate or disconnect Mobile authorization policy management running Sonic OS 5.9 or higher Connect on launch (requires compatible SMA 100 Series/SRA appliances With Mobile Connect and seamless server firmware). In addition, for iOS or OS running 8.5 or higher integration with SMA solutions, if a mobile X devices, to simplify use when a secure device has not previously registered with connection is required, VPN on Demand SMA 1000 Series/E-Class SRA the SMA appliance, the user is presented automatically initiates a secure SSL VPN appliances running 11.4 or higher with a device authorization policy for session when a user requests internal data, acceptance. The user must accept the applications, websites or hosts. SonicWall Mobile Connect terms of the policy to register the device Devices running iOS version 7.0 and passed all device trust and integrity Integration with existing authentication or higher checks before given permissible access solutions to allowed corporate resources and data. The SonicWall solution supports Devices running OS X 10.9 or higher The terms of the policy are customizable easy integration with most back-end by the administrator. authentication systems, such as LDAP, Devices running Android 4.1 Active Directory and Radius, so you or higher Per-application VPN can efficiently extend your preferred Kindle Fire devices based on Mobile Connect in combination with SMA, authentication practices to your mobile Android 4.1 or higher enables administrators to establish and workers. For optimal security, you can enforce policies to designate which apps apply your choice of identity-based Devices running ChromeOS 45 on a mobile device can be granted VPN authentication using Ping Identity, okta or or higher access to the network. This ensures that onelogin in conjunction with SAML single Devices running Windows 10 only authorized mobile business apps sign-on (SSO) service with enforced two- utilize VPN access. Mobile Connect is the factor authentication (2FA) technologies. only solution that requires no modification of mobile apps for per app VPN access. Application intelligence and control Partner Enabled Services Any mobile app or secure container can When deployed with a next-generation be supported with no modifications, app firewall, IT can easily define and Need help to plan, deploy wrapping or SDK development. enforce how application and bandwidth or optimize your SonicWall assets are used. solution? SonicWall Advanced One-click Secure Intranet File Browse Services Partners are and On-Device Data Protection trained to provide you with Protect company data at rest on mobile world class professional devices. Authenticated users can securely services. Learn more at browse and view allowed intranet file www.sonicwall.com/PES.
2 Software Access
�G / �G / �G / Wi�i �G / �G / �G / Wi�i
Mobile Connect � �
Internet
CORPORATE NETWORK
�� �B ��
�� ��
Next-generation firewall with SSL VPN client license
Secure Mobile Access 100 Secure Mobile Access 1000 Series via a SonicWall Series via a SonicWall next-generation firewall next-generation firewall
� Download and install SonicWall Mobile Connect onto mobile device. � �reate a connection profile to connect to your corporate network.
�� Connect to a SonicWall next-generation firewall. Benefits: P�ovides DPI scanning �or malwa�e as well as application intelligence and cont�ol.
�B Connect to a SonicWall Secure Mobile Access 100 Series appliance via a SonicWall next-generation firewall. Benefits: Provides zero-trust, least privilege access policies, DPI scanning for malware plus end point control to quarantine or reject connections from unregistered, vulnerable, unprotected, and jailbrokenor rooted mobile devices. �� Connect to a SonicWall Secure Mobile Access 1000 Series appliance via a SonicWall next-generation firewall. Benefits: P�ovides zero-trust, least privilege access policies, DPI scanning �or malwa�e, end point cont�ol to quarantine or �eject connections f�om unregistered, vulnerable, unprotected, jailb�oken or rooted mobile devices. Also, enables administrators to restrict VPN access to an allowed set of trusted mobile apps, and manage en�o�ced ��OD security policy terms.
3 Features iOS OS X/ Mac Android Kindle Fire Windows 10 Chrome OS Layer-3 VPN connectivity (SSL VPN) Yes Yes Yes Yes Yes Yes
App distribution App Store Mac App Store Google Play Amazon App Store Windows Store Chrome Web Store
Connect on demand Yes 3 Yes 3 — — MDM/ PowerShell Yes
Configurable trusted networks Yes1 Yes1 — — Yes — Network awareness Yes1 Yes1 Yes1 Yes1 — — Credential caching Yes Yes Yes Yes Yes Yes Touch ID/Fingerprint support Yes 2 — Yes 2 — — — Face ID support Yes — — — — — URL control Yes Yes Yes Yes — — Basic authentication Yes Yes Yes Yes Yes Yes (Username\Password) Two-Factor Authentication Yes Yes Yes Yes Yes Yes (Dell Defender\TOTP\RADIUS) Client certificate authentication Yes 3 Yes 3 Yes 3 Yes 3 Yes — Password change Yes Yes Yes Yes Yes Yes Always On VPN Yes Yes Yes Yes Yes Yes SAML 2.0 SSO Support Yes Yes Yes Yes Yes Yes Ping Identity, okta, Ping Identity, okta, Ping Identity, okta, Ping Identity, okta, Ping Identity, okta, Ping Identity, okta, IdP integration onelogin onelogin onelogin onelogin onelogin onelogin TLS 1.3 connection Yes Yes Yes Yes Yes Yes Time-based OTP Yes Yes Yes Yes Yes Yes SMS Gateway Yes Yes Yes Yes Yes Yes Windows domain SSO for VPN — — — — Yes — Split-tunnel\Tunnel-all routing Yes Yes Yes Yes Yes Yes IPv6 support Yes 4 Yes 4 Yes 4 Yes 4 Yes 4 — Compression of data over VPN Yes 3 Yes 3 Yes 3 Yes 3 Yes1 Yes 3 ESP Mode (UDP transport) Yes1 Yes1 Yes1 Yes1 — — Network conflict resolution Yes1 Yes1 Yes1 Yes1 Yes1 Yes1 DeviceID, Jailbreak, OS Root, Certificate, OS Root, Certificate, OS DeviceID, OS DeviceID, Chrome End Point Control Certificate, OS version, Client version, DeviceID, version, DeviceID, version1 OS version1 version, DeviceID3 certificate, Anti- Anti-Virus software3 Anti-Virus software Virus software1
File Reader/ Bookmarks Yes 2 — Yes 2 Yes 2 — — 2X RDP, Remote 2X RDP, Microsoft RDP Lite/ 2X RDP, Microsoft RDP bookmarks Remote Desktop — Enterprise, Remote Desktop — — for RDP Microsoft Remote for RDP Desktop for RDP Citrix receiver bookmarks Yes 2 — Yes 2 Yes 2 — — VNC bookmarks Remoter VNC — android-vnc-viewer — — — Any browser— configured in Web bookmarks Safari, Chrome — Silk Browser — — Android system settings iSSH, Server Auditor ConnectBot, Terminal bookmarks — JuideSSH — — for SSH JuideSSH RDP, VNC, SSH, RDP, VNC, SSH, Native HTML5 Bookmarks — — — — Telnet2 Telnet2 MDM management of VPN connection Google Mgmt Yes — — — Yes profiles Console 1 This feature is supported on the E-Class SRA/SMA 1000 series appliances only. Please refer to the product release notes for the specific software version required to support this feature. 2 This feature is supported on the SRA/SMA 100 series appliances only. 3 This feature is supported on the SRA/SMA 100 series and E-Class SRA/SMA 1000 series appliances only. Please refer to the product release notes for the specific software version required to support this feature. 4 This feature is supported on the SRA/SMA 100 series, E-Class SRA/SMA 1000 series and Next-Generation Firewall appliances. Please refer to the product release notes for the software specific version required to support this feature.
About SonicWall SonicWall has been fighting the cybercriminal industry for over 27 years defending small and medium businesses, enterprises and government agencies worldwide. Backed by research from SonicWall Capture Labs, our award- winning, real-time breach detection and prevention solutions secure more than a million networks, and their emails, applications and data, in over 215 countries and territories. These organizations run more effectively and fear less about security. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.
© 2020 SonicWall Inc. ALL RIGHTS RESERVED. SonicWall is a trademark 4 SonicWall, Inc. or registered trademark of SonicWall Inc. and/or its affiliates in the U.S.A. 1033 McCarthy Boulevard | Milpitas, CA 95035 and/or other countries. All other trademarks and registered trademarks Refer to our website for additional information. are property of their respective owners. www.sonicwall.com Datasheet-SonicWallMobileConnect-VG-US-1811