How Skyhigh Mobile Client Works
Skyhigh Mobile Client (SMC) secures mobile devices by enforcing Cloud Application Control policies through the Skyhigh Web Security Gateway Service (WGCS). SMC forwards mobile traffic over an IPSec tunnel on ports 80 and 443 to Skyhigh Cloud, ensuring secure internet connectivity and access to private applications.
Prerequisites
- Ensure that the Skyhigh Mobile Client is installed on your device.
- Ensure all the required certificates are imported.
- Ensure the devices support Android and iOS versions.
Skyhigh Mobile Client (SMC) Workflow
- The user opens the Skyhigh Mobile Client app on their mobile device and establishes a secure connection to the Skyhigh IPSec VPN.
- The mobile client sends all device traffic, including DNS requests, through the IPSec tunnel to the IPSec server.
- The DNS service running on the IPSec server processes all DNS traffic.
- The IPSec server forwards internet-bound traffic to the public internet through the Skyhigh Web Security Gateway.
- The IPSec server forwards private access traffic to the Private Access Gateway through the Skyhigh Web Security Gateway.
- When the Remote Identifier is set to
pa-mobile.skyhigh.cloud:- Only Private Access (PA) traffic is sent to the Skyhigh Web Security Gateway.
- Internet Access (IA) traffic is forwarded directly from the IPSec server to the public internet.
- When the Remote Identifier is set to
mobile.skyhigh.cloud:- All traffic (Internet Access and Private Access) is sent to the Skyhigh Web Security Gateway.
NOTE: SMC forwards all traffic, including DNS requests, to the IPSec server, which runs a DNS service to resolve queries for both internet traffic and private applications.
