SonicWall Mobile Connect

Simple, identity-based and policy-enforced secure access to company

resources, applications and data for iOS, macOS, Android, Chrome OS,
Kindle Fire and Windows 10 devices.

Give your employees safe, easy access to the data BENEFITS

and resources they need to be productive from any
• Ease of use
device, running iOS, macOS, Android™, Chrome OS,
Kindle Fire and Windows*. At the same time, ensure • Centralized policy management
that the corporate network is protected from mobile • Verification of both user and device
security threats.
• Easy access to appropriate resources
The SonicWall Mobile Connect™ application works in • Malware protection
combination with SonicWall Secure Mobile Access (SMA)
• Mobile device registration and
or next-generation firewall appliances. Mobile workers
authorization management
simply install and launch the Mobile Connect application
on their mobile device to establish a secure connection • Per-application VPN
to an SMA or next-generation firewall appliance. The • One-click secure intranet file browsing and
encrypted SSL VPN connection will protect traffic from on-device data protection
being intercepted and keep in-flight data secure. Context-
• Auto-launch VPN
aware authentication ensures only authorized trusted
users and devices are granted access. • Easy integration

• Application intelligence and control

Behind the scenes, IT can easily provision and manage
access policies via SonicWall appliances through a
single management interface, including restricting VPN
access to a set of trusted mobile apps allowed by the
administrator. Plus, the SonicWall solution integrates
easily with most back-end authentication systems,
including most popular identity providers and multi-factor
services authentication, so you can efficiently extend your
preferred authentication practices to your mobile remote
and work-from-home (WFH) workers.
Find the right SonicWall solution for
your business:

sonicwall.com/products

DATASHEET
 Features and benefits

Provide fast, secure mobile Ease of use

iOS, macOS, Windows 10, Android, Chrome OS and Kindle
access through an intuitive, users can easily download and install the Mobile Connect

easy-to-use app that is simple app via the App Store™, Google Play, Amazon App Store,
or Windows Store.
to install and launch on both
Centralized policy management
smartphones and tablets. IT can provision and manage user and device accessing via
SonicWall appliances — including control of data, resources
and applications hosted on-prem or in the cloud — through
a single management interface. Unlike other VPN solutions,
Specifications compatibility the SonicWall solution allows you to quickly set role-based
policy for mobile and laptop devices and users with a single
SonicWall SMA and Next-Generation Firewall
rule across all objects; as a result, policy management can
TZ, NSA, E-Class NSA or Super Massive 9000 Series appliances take only minutes instead of hours.
running Sonic OS 6.5 or higher

SMA 100 Series appliances running 9.0 or higher Verification of both user and device
A Mobile Connect user is granted access to the corporate
SMA 1000 Series appliances running running 12.1 or higher network only after establishing user and device identity,
location and trust. End Point Control can determine whether
SonicWall Mobile Connect an iOS device has been jailbroken or an Android device has
Devices running iOS 12.1 or higher been rooted, as well as whether a certificate is present or
the OS version is current, and then reject or quarantine the
Devices running macOS 10.11 or higher connection as appropriate.

Devices running Android 8.0 or higher

Easy access to appropriate resources
Devices running ChromeOS 45 or higher Mobile devices can connect to all allowed network
resources, including web-based, client/server, server-based,
Devices running Windows 10* host-based and back-connect applications. Once a user and
device are verified, Mobile Connect offers pre-configured
bookmarks for one-click access to corporate applications
and resources for which the user and device has privileges.

Malware protection
When deployed with a SonicWall next-generation firewall,
Mobile Connect establishes an extra layer of protection that
decrypts and scans all SSL VPN traffic for malware before
it enters the network. All files uploaded by trusted user
to corporate networks are inspected by our cloud based
multi-engine Capture ATP service to protect from advanced
Partner Enabled Services
threats such as ransomware and zero-day threats.
Need help to plan, deploy or optimize your SonicWall
solution? SonicWall Advanced Services Partners are Mobile device registration and
trained to provide you with world class professional authorization policy management
services. Learn more at www.sonicwall.com/PES. With Mobile Connect and seamless integration with SMA
solutions, if a mobile device has not previously registered
with the SMA appliance, the user is presented with a device

2 | SonicWall Mobile Connect

authorization policy for acceptance. The user must accept Auto-launch VPN
the terms of the policy to register the device and passed all URL control allows apps that require a VPN connection
device trust and integrity checks before given permissible for business (including Safari) to create a VPN profile and
access to allowed corporate resources and data. The terms automatically initiate or disconnect Mobile Connect on
of the policy are customizable by the administrator. launch (requires compatible server firmware). In addition,
for iOS or macOS devices, to simplify use when a secure
Per-application VPN connection is required, VPN on Demand automatically
Mobile Connect in combination with SMA, enables initiates a secure SSL VPN session when a user requests
administrators to establish and enforce policies to designate internal data, applications, websites or hosts.
which apps on a mobile device can be granted VPN access
to the network. This ensures that only authorized mobile Integration with existing authentication solutions
business apps utilize VPN access. Mobile Connect is the The SonicWall solution supports easy integration with most
only solution that requires no modification of mobile apps back-end authentication systems, such as LDAP, Active
for per app VPN access. Any mobile app or secure container Directory and Radius, so you can efficiently extend your
can be supported with no modifications, app wrapping preferred authentication practices to your mobile workers.
or SDK development. For optimal security, you can apply your choice of identity-
based authentication using Ping Identity, okta or onelogin
One-click Secure Intranet File Browse in conjunction with SAML single sign-on (SSO) service with
and On-Device Data Protection
enforced two-factor authentication (2FA) technologies.
Protect company data at rest on mobile devices.
Authenticated users can securely browse and view allowed Application intelligence and control
intranet file shares and files from within the Mobile Connect When deployed with a next-generation firewall, IT can
app. Administrators can establish and enforce mobile easily define and enforce how application and bandwidth
application management policy for the Mobile Connect assets are used.
app to control whether files viewed can be opened in other
apps, copied to the clipboard, printed or cached securely
within the Mobile Connect app. For iOS devices, this allows
administrators to isolate business data from personal data
stored on the device and reduces the risk of data loss. In
addition, if the user’s credentials are revoked, content stored
in the Mobile Connect app is locked and can no longer be
accessed or viewed.

3 | SonicWall Mobile Connect

Software Access

5G / 4G / 3G / WiFi 5G / 4G / 3G / WiFi

Mobile
Connect
1 2

Internet

CORPORATE NETWORK

3A 3B 3C

OR OR

Next-generation
firewall with SSL VPN
client license

Secure Mobile Access 100 Secure Mobile Access 1000

Series via a SonicWall Series via a SonicWall
next-generation firewall next-generation firewall

1 Download and install SonicWall Mobile Connect onto mobile device.

2 Create a connection profile to connect to your corporate network.
3A Connect to a SonicWall next-generation firewall.
Benefits: Provides DPI scanning for malware as well as application intelligence and control.
3B Connect to a SonicWall Secure Mobile Access 100 Series appliance via a SonicWall next-generation firewall.
Benefits: Provides zero-trust, least privilege access policies, DPI scanning for malware plus end point control to
quarantine or reject connections from unregistered, vulnerable, unprotected, and jailbroken or rooted
mobile devices.
3C Connect to a SonicWall Secure Mobile Access 1000 Series appliance via a SonicWall next-generation firewall.
Benefits: Provides zero-trust, least privilege access policies, DPI scanning for malware, end point control to
quarantine or reject connections from unregistered, vulnerable, unprotected, jailbroken or rooted mobile devices.
Also, enables administrators to restrict VPN access to an allowed set of trusted mobile apps, and manage enforced
BYOD security policy terms.

4 | SonicWall Mobile Connect

 Features iOS macOS Android Kindle Fire Windows 10 Chrome OS
Layer-3 VPN connectivity (SSL VPN) Yes Yes Yes Yes Yes Yes
Amazon App
App distribution App Store Mac App Store Google Play Windows Store Google Play
Store
Connect on demand Yes 3
Yes 3
— — MDM/ PowerShell Yes
Configurable trusted networks Yes1 Yes1 — — Yes —
Network awareness Yes1 Yes1 Yes1 Yes1 — —
Credential caching Yes Yes Yes Yes Yes Yes
Touch ID/Fingerprint support Yes2 — Yes2 — — —
Face ID support Yes — — — — —
URL control Yes Yes Yes Yes — —
Basic authentication
Yes Yes Yes Yes Yes Yes
(Username\Password)
Two-Factor Authentication
Yes Yes Yes Yes Yes Yes
(Dell Defender\TOTP\RADIUS)
Client certificate authentication Yes 3 Yes 3 Yes 3 Yes 3 Yes —
Password change Yes Yes Yes Yes Yes Yes
Always On VPN Yes Yes Yes Yes Yes Yes
SAML 2.0 SSO Support Yes Yes Yes Yes Yes Yes
Ping Identity, Ping Identity, Ping Identity, Ping Identity, Ping Identity, Ping Identity,
IdP integration
okta, onelogin okta, onelogin okta, onelogin okta, onelogin okta, onelogin okta, onelogin
TLS 1.3 connection Yes Yes Yes Yes Yes Yes
Time-based OTP Yes Yes Yes Yes Yes Yes
SMS Gateway Yes Yes Yes Yes Yes Yes
Windows domain SSO for VPN — — — — Yes —
Split-tunnel\Tunnel-all routing Yes Yes Yes Yes Yes Yes
IPv6 support Yes 4 Yes 4 Yes 4 Yes 4 Yes 4 —
Compression of data over VPN Yes 3
Yes 3
Yes 3
Yes 3
Yes1 Yes 3
ESP Mode (UDP transport) Yes1 Yes1 Yes1 Yes1 — —
Network conflict resolution Yes1 Yes1 Yes1 Yes1 Yes1 Yes1
DeviceID, OS Root, Certificate, Root, Certificate,
Jailbreak,
version, Client OS version, OS version,
Certificate, DeviceID, OS DeviceID, Chrome
End Point Control certificate, DeviceID, DeviceID,
OS version, version1 OS version1
Anti-Virus Anti-Virus Anti-Virus
DeviceID3
software1 software3 software
File Reader/ Bookmarks Yes2 — Yes2 Yes2 — —
2X RDP, Remote
2X RDP, Microsoft RDP Lite/ 2X RDP, Microsoft
RDP bookmarks Remote Desktop — Enterprise, Remote Desktop — —
for RDP Microsoft Remote for RDP
Desktop for RDP
Citrix receiver bookmarks Yes2 — Yes2 Yes2 — —
android-vnc-
VNC bookmarks Remoter VNC — — — —
viewer
Any browser—
configured in
Web bookmarks Safari, Chrome — Silk Browser — —
Android system
settings
iSSH, Server ConnectBot,
Terminal bookmarks — JuideSSH — —
Auditor for SSH JuideSSH
RDP, VNC, SSH, RDP, VNC, SSH,
Native HTML5 Bookmarks — — — —
Telnet 2 Telnet 2
MDM management of VPN Google Mgmt
Yes — — — Yes
connection profiles Console

1
This feature is supported on the SMA 1000 series appliances only. Please refer to the product release notes for the specific software version required to support this feature.
2
This feature is supported on the SMA 100 series appliances only.
3
This feature is supported on the SMA 100 series and SMA 1000 series appliances only. Please refer to the product release notes for the specific software
version required to support this feature.
4
This feature is supported on the SMA 100 series, SMA 1000 series and Next-Generation Firewall appliances. Please refer to the product release notes for
the software specific version required to support this feature.
*
Mobile Connect for Windows is in Limited Retirement phase. It is recommended to use Mobile Connect for Windows in Windows with ARM64 processor
only. Refer KB: 220527070626007 for more details. Also, please refer the Mobile Connect PLC for more information.

5 | SonicWall Mobile Connect

 Learn more about SonicWall
Mobile Connect
www.sonicwall.com

About SonicWall
SonicWall delivers Boundless Cybersecurity for the hyper-distributed era and a work reality where everyone is remote, mobile
and unsecure. By knowing the unknown, providing real-time visibility and enabling breakthrough economics, SonicWall
closes the cybersecurity business gap for enterprises, governments and SMBs worldwide. For more information, visit
www.sonicwall.com.

SonicWall, Inc.
1033 McCarthy Boulevard | Milpitas, CA 95035
Refer to our website for additional information.
www.sonicwall.com

© 2022 SonicWall Inc. ALL RIGHTS RESERVED.

SonicWall is a trademark or registered trademark of SonicWall Inc. and/or its affiliates in the U.S.A. and/or other countries. All other trademarks and registered trademarks are property of their
respective owners. The information in this document is provided in connection with SonicWall Inc. and/or its affiliates’ products. No license, express or implied, by estoppel or otherwise, to any
intellectual property right is granted by this document or in connection with the sale of SonicWall products. Except as set forth in the terms and conditions as specified in the license agreement for this
product, SonicWall and/or its affiliates assume no liability whatsoever and disclaims any express, implied or statutory warranty relating to its products including, but not limited to, the implied warranty
of merchantability, fitness for a particular purpose, or non- infringement. In no event shall SonicWall and/or its affiliates be liable for any direct, indirect, consequential, punitive, special or incidental
damages (including, without limitation, damages for loss of profits, business interruption or loss of information) arising out of the use or inability to use this document, even if SonicWall and/or its
affiliates have been advised of the possibility of such damages. SonicWall and/or its affiliates make no representations or warranties with respect to the accuracy or completeness of the contents of
this document and reserves the right to make changes to specifications and product descriptions at any time without notice. SonicWall Inc. and/or its affiliates do not make any commitment to update
the information contained in this document.

Datasheet-SonicWallMobileConnect-JK-US-6908