What's new in network extension and VPN

Use cases

• auto-connect wifi hotspots
• Personal VPN provider
• Enterprise Remote Access
• School Filtering

NEHotspotHelper

helps to identify available wifi hotspots and the developers provide confident level for hotspots. Acts as a helper to perform initial authentication and and maintain the authentication session.

NEVPNManager

• create a personal VPN configuration
• IKEv1 and IKEv2 are supported
• Configure Connect On Demand
• Configure HTTP proxies
• Works with enterrpise VPN configs

NETunnelProviderManager and NSAppProxyProviderManager

• custom VPN protocol provider
• runs as an app extension
  • Packet Tunnel Provider for IP layer tunneling
  • App Proxy Provider for app layer tunneling
• Config and control the providers from the app

per-app VPN for manager apps

• Config per-app VPN using MDM
  • enroll device in MDM
  • Link Managed apps with per-VPN configs
• Supported Protocols
  • Custom App Proxy Provider
  • Custom Packet Tunnel Providers
  • built-in IPSec (IKEv1 and IKEv2)

NEFilterProvider

• on-device filtering
• able to update the filtering rules from the internet
• customizable block page
• app uses webkit that the data will pass though
• app is not using webkit, the data will pass though from the socket

Using Network Extension APIs

for NEVPNManager for development by selecting the "personal VPN" capability in Xcode

Special entitlements for NEHotspotHelper , NETunnelProviderManager and NEFilterProvider and send request at [email protected]