The Microsoft Tunnel Gateway solution allows Microsoft Intune-enrolled iOS and Android devices to access on-premises apps and resources. Tunnel is fully integrated with the Microsoft 365 cloud and takes advantage of single sign-on capabilities using Azure Active Directory (AAD) authentication from the client to Tunnel Gateway.
Conditional Access policies, which are integrated into the Tunnel, provide an additional layer of security for your network. By applying these policies, you can restrict network access to just users who are enrolled, compliant, and meet your defined user identity risk requirements. We consider Conditional Access integration with Tunnel to be a key part of your Zero Trust security journey.
Every organization’s network infrastructure is different. Tunnel Gateway installation is flexible to meet your unique network requirements. It can be installed on-premises, in your DMZ, or in the cloud.
For more on this new preview, read the full announcement here:
- ANNOUNCEMENT: Introducing Microsoft Tunnel for remote access to corporate resources from iOS and Android – Microsoft Tech Community
https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/introducing-microsoft-tunnel-for-remote-access-to-corporate/ba-p/1685044
This article explains how the tunnel works, including prerequisites to use it, and its architecture.
- DOCS: Microsoft Tunnel for Intune Overview
https://docs.microsoft.com/en-us/mem/intune/protect/microsoft-tunnel-overview
kurtsh
Kurt Shintaku's Blog 