IVO Networks · UnifiedEdge Gateway Series

UnifiedEdge Gateway

Unified Secure Access Gateway Appliance

Comprehensive secure remote access for employees, partners, and vendors — across managed and unmanaged devices — with SSL VPN, application publishing, and granular identity-based access policies.

A single appliance that consolidates remote access for your entire user population: full-tunnel VPN for employees, clientless browser-based access for partners, and published applications for contractors — all governed by identity and endpoint health policies.

Contact Sales

View Models

UE-2000

Entry

UE-4000

Mid-range

UE-6000

Performance

UE-8000

Enterprise

UNIFIED ACCESS

One gateway for every user type

Most organizations serve multiple user populations — employees on managed laptops, contractors on personal devices, partners accessing a handful of specific applications, vendors who need temporary access to a single system. Each population has different trust levels, different device postures, and different access requirements.

UnifiedEdge consolidates these access patterns into a **single gateway appliance**. Employees with managed, domain-joined devices get full SSL VPN tunnel access to corporate resources — the same seamless experience they'd have in the office. Partners and contractors with unmanaged devices get **clientless, browser-based access** to specific applications through the UnifiedEdge web portal — no software installation, no VPN client, no admin rights required on their device.

IT administrators define **granular access policies** based on who the user is, what device they're on, and what that device's security posture looks like. A managed laptop with current patches and active endpoint protection gets full network access. An unmanaged personal tablet gets access to a published web application and nothing else. The same gateway serves both — with different policies enforced per session.

**Application publishing** lets IT make specific internal applications available through the UnifiedEdge web portal without exposing the underlying servers to the network. Users access published applications through their browser; the gateway proxies the connection to the internal server. The application is available; the network is not.

Multi-User Access Model

Managed Employees

Full SSL VPN tunnel · Domain-joined devices · Full resource access

Employee → SSL VPN tunnel → UnifiedEdge → All resources

Partners & Contractors

Clientless browser access · Unmanaged devices · Published apps only

Partner → Web portal → UnifiedEdge → Published app

Same gateway, different policies. Identity and endpoint health determine which access mode each user receives — full tunnel, portal-only, or specific published applications.

CAPABILITIES

What UnifiedEdge delivers

A single gateway appliance that serves every remote access use case — from full VPN to clientless published apps — with identity-driven policies governing every session.

🔒

SSL VPN tunnel access

Full-tunnel SSL VPN for managed devices. Encrypts all traffic between the client and the corporate network, providing employees with seamless access to every resource they're authorized to reach — as if they were in the office.

🌐

Clientless browser access

Partners, contractors, and users on unmanaged devices access specific applications through a browser-based web portal — no VPN client installation required. The gateway proxies the connection; the user never touches the corporate network directly.

📋

Application publishing

Publish specific internal web applications, file shares, and services through the UnifiedEdge portal. Users see only the applications they're authorized for. The underlying servers and network topology remain hidden.

👤

Identity-based access policies

Access decisions based on who the user is — Active Directory group membership, role, authentication method, and MFA status. Different user populations receive different access levels through the same gateway.

🛡

Endpoint health verification

Evaluate the connecting device's security posture — OS patch level, endpoint protection status, disk encryption, firewall state — before granting access. Non-compliant devices receive restricted access or are denied entirely.

🔑

Multi-factor authentication

Integrates with enterprise identity providers for MFA enforcement — including certificate-based authentication, one-time passwords, push notifications, and biometric verification. Supports phishing-resistant methods aligned with OMB M-22-09.

ASAFE Integration

Cloud-based management and monitoring

Every UnifiedEdge deployment integrates with the ASAFE platform — IVO Networks' cloud-based monitoring, high-availability, and security management system.

High-availability failover (FC4AO)

Proprietary failover technology automatically redirects sessions to secondary gateways when the primary becomes unreachable — maintaining access for VPN tunnel users and portal users alike without interruption.

Real-time monitoring & reporting

Track active sessions by type (VPN tunnel, portal, published app), monitor gateway health and resource utilization, and receive alerts — all from a cloud-based dashboard without additional on-premise infrastructure.

TPM security chip management

Centralized TPM health verification and certificate lifecycle management for managed devices connecting via SSL VPN — ensuring hardware-backed device identity across the fleet.

Centralized configuration

Manage gateway configuration, published application definitions, access policies, and portal settings from a single interface. Push changes across the deployment without per-appliance intervention.

ASAFE Platform

Monitoring, failover & security management

Cloud monitoring HA failover TPM management Real-time alerts Session visibility Config management

UnifiedEdge ↔ ASAFE Cloud ↔ IT Dashboard

Learn more about ASAFE →

ARCHITECTURE

Access modes and policy enforcement

Three distinct access modes — all served from the same appliance, all governed by the same policy engine, all enforced based on identity and device posture.

SSL VPN tunnel

Full network-layer VPN for managed devices. Client software establishes an encrypted tunnel to the gateway. The device receives an IP address from the corporate pool and can access resources as if directly connected to the LAN — subject to traffic filter policies.

Clientless web portal

Browser-based access for unmanaged devices. Users authenticate through the UnifiedEdge web portal and access published applications without installing any software. The gateway reverse-proxies connections to internal servers — the user's browser talks to the gateway, never directly to the backend.

Published applications

IT defines which internal applications are available through the portal — web apps, file shares, RDP sessions, and custom services. Each published application has its own access policy: who can see it, what authentication is required, and whether endpoint health checks apply.

Models

UnifiedEdge gateway models

Four appliance tiers from small office to large enterprise — all built on the same hardened platform with SSL VPN, application publishing, and ASAFE management.

Specification	UE-2000	UE-4000	UE-6000	UE-8000
Form factor	1U	1U	1U	2U
Network interfaces	GbE	GbE	GbE / 10GbE	10GbE
SSL VPN tunnel	✓	✓	✓	✓
Clientless portal	✓	✓	✓	✓
App publishing	✓	✓	✓	✓
Encryption	TLS (HW accel)	TLS (HW accel)	TLS (HW accel)	TLS (HW accel)
High availability	Array, FC4AO	Array, FC4AO	Array, FC4AO	Array, FC4AO
Management	ASAFE	ASAFE	ASAFE	ASAFE
Target deployment	Branch / SMB	Mid-size	Mid to large	Enterprise / Gov

GET STARTED

Ready to unify your remote access?

Contact our sales team to discuss your deployment requirements, schedule a demo, or request a proof of concept.

Contact Sales

View Models

Or call us directly: +1 (650) 286-1300