Explainedback-iconApple Device Managementback-iconWhat is Per App VPN for iOS?

What is Per App VPN for iOS?

To start with, a Virtual Private Network or a VPN is a tool we use to have a protected connection between our device and the network. It encrypts your internet traffic making your profile practically hidden. It accomplishes this by acting as an intermediary between you and your ISP.   

A regular VPN connection tunnels in the whole device’s web traffic through one network. Per-App VPN is basically the same concept but for every single app. This means that you get to establish a different VPN connection for each app of your device.   

You might be thinking why would I go through the tedious process of setting a VPN for each and every app of my device when I can just use one good encrypted connection for the whole and that’s a fair point. It would be overkill for most people if you are not someone from the corporate world.  

In BYOD-type scenarios employees end up having both personal and corporate data on their own devices. This could be a problem as it not only endangers the privacy of the employee but also puts the organizational data at risk especially when the employee knowingly or unknowingly brings in malicious content.   

In the device-wide VPN data transmission can still happen across the apps through the routes that tunnels provide. Here comes the Per-App VPN, it helps in isolating traffic from each app. App-level segregation allows for the separation of personal and corporate data. Therefore, it is useful in networking securely and also preserves privacy.  

Per-App VPN feature is available for iOS, iPadOS, and macOS but your devices must be a part of a UEM solution to make use of this. Only apps that are managed by the UEM/MDM can be configured to have a VPN for themselves.   

So, to use the Per-App VPN   

  • Get the device enrolled in a UEM solution like Hexnode. 
  • Make sure to use the UEM managed apps.  
  • Add the required apps and configure the VPN for them.  
  • Continue the process for other apps if necessary.