WorkZone Mobile requirements to Citrix XenMobile infrastructure
To allow WorkZone Mobile access to on-premise WorkZone through Citrix XenMobile, some configuration of your organization's infrastructure is required. You need to:
- Set up on-premises XenMobile server or Citrix Cloud Endpoint Management to manage organization's mobile devices.
- Establish a Citrix NetScaler with MicroVPN to an internal WorkZone web server.
- Make the WorkZone Mobile app available in Citrix Secure Hub.
It is recommended that you use per app VPN with Citrix Single Sign-On (SSO) app. For more information, see Per App VPN with XenMobile and Citrix VPN article from Citrix.
The diagram below shows a conceptual overview of the components in the infrastructure and how they are set up to support WorkZone Mobile with Citrix XenMobile. The number of real servers, firewalls, load balancers, and so on, varies depending on how the environment is set up for a specific organization.
Cloud solution
On-premises solution
Citrix XenMobile or Cloud Endpoint Management
You must set up an on-premises XenMobile server or use Citrix Cloud Endpoint Management to manage the mobile devices that should have access to the internal WorkZone web server. For users to have a consistent experience with user names and passwords, it is recommended to allow XenMobile access to look up and approve access in the same internal domain (Active Directory) that holds the WorkZone users. This is done by setting up the Citrix Active Directory Connector.
Citrix NetScaler
You need to set up a MicroVPN tunnel rule that allows mobile devices to access the internal WorkZone web server on port 443 for https protocol.
WorkZone Mobile app uses NTLM, and currently does not support Single Sign-On (SSO) with Citrix NetScaler. If SSO is enabled on your NetScaler, you need to create a policy that disables SSO towards the WorkZone web server.
Publishing the WorkZone Mobile on Citrix XenMobile
You need to import the WorkZone Mobile app from the App Store into Citrix XenMobile. See Publish WorkZone Mobile in Citrix XenMobile.