- Jamf Nation Community
- Community & Events
- Announcements
- Jamf's Network Relay Service Now Available as a Re...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Jamf's Network Relay Service Now Available as a Release Candidate for Apple Mobile
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-02-2025 04:55 AM - last edited a month ago
We’re excited to share that Jamf's Network Relay service - our Jamf solution for transforming the network connectivity experience on Apple devices, is now available as a Release Candidate (RC) for production use on Apple mobile platforms (iPhone, iPad, Apple TV, Vision Pro). For Mac devices, the service continues to be available in public Beta as we continue to work toward production readiness.
Built on Apple native technologies - including MASQUE and Managed Device Attestation, and powered by Jamf’s global private mesh network and conditional access engine, Jamf's Network Relay service is a next-generation remote access solution that delivers pervasive, policy-driven connectivity from the moment a device boots, all configured via MDM and completely invisible to the end user.
Why It Matters
Whether supporting a frontline workforce with shared iPads or enabling executives to stay connected during international travel, modern Apple deployments demand more flexible, secure remote network access. Traditional VPNs and generic ZTNA tools often fall short when it comes to Apple-specific workflows.
Network Relay changes that, giving Jamf customers a device-native, Apple-first way to route private traffic securely and reliably, even in restrictive network environments.
Key Features
- Strong device identity verification: Utilizes Apple Managed Device Attestation for robust device identity verification.
- Device-level encrypted micro-tunnels: Establishes encrypted, domain-specific tunnels utilizing modern transport and encryption protocols, available as early as device onboarding.
- Compatibility: Works seamlessly alongside other user-based VPN or ZTNA solutions.
Key Use Cases for Mobile and Mac
Mobile Use Cases (RC-ready today):
- Traveling employees who need consistent, secure network access to their work application from wherever they connect from in the world, across global cellular and Wi-Fi networks and restricted captive portals (e.g., hotel or airport networks).
- Passwordless Access on Shared iPads: Enable zero-touch, policy-based access on shared iPads - no logins, no VPNs, no compromise on security or compliance.
- Zero-Touch Onboarding for userless purpose-built devices: Securely provision and connect headless devices at scale with automatic, out-of-the-box network connectivity.
Mac Use Cases (Public Beta):
- Enterprise Mac onboarding flows that require early access to AD, LDAP, or licensing servers during device setup.
- Layered Security for Critical Cloud Communications: Add an extra layer of protection for IdP and SaaS traffic by routing it through encrypted, attested tunnels, ensuring only trusted devices connect to high-value cloud services.
- Fallback network access for critical work applications like ServiceNow in case of primary VPN outage or disaster recovery scenarios.
How It Works
Jamf's Network Relay service configures an Apple OS platform tunneling mechanism, routing traffic that matches designated enterprise domains (“Match Domains”) through encrypted micro-tunnels over HTTP/3. This traffic is securely routed via Jamf’s global Network Relay infrastructure, with access policies enforced in the cloud. If access via HTTP/3 isn’t available, the tunnel automatically falls back to HTTP/2, ensuring resilient, high-availability connectivity even in challenging and restrictive environments.
Only devices that are company-managed, and hardware-attested using Apple’s Managed Device Attestation can connect to protected resources.
To explore how to configure Jamf Network Relay in your environment, or to review current known issues and limitations, check out the official documentation here:
Ready to Try It?
We’re offering limited access during this Release Candidate phase to ensure a great customer experience as we continue scaling the service.
👉 If you're interested in enabling Network Relay for your production Apple mobile fleet or explore the service on your test Mac devices, please fill out this short survey outlining your use case and deployment size.
Our Product team will review your request and follow up to confirm whether we’re able to provide access at this time.
Labels:
- Labels:
-
Jamf Connect
Reply
0 REPLIES 0
