An organization must be able to spe

An organization must be able to specify that the secure work space can use a VPN for the secure connectivity. The following models must be supported:
- Ipsec
- SSL
- L2TP
- PPTP

An organization must be able to manage per-app-VPN connectivity of Android and iOS devices with Secure Work Space
* 0. ability to configure a per-app-VPN profile and associate this profile to specific apps (or specific apps to a certain profile)
1. all configuration parameters available for per-app-VPN should be supported (e.g. VPN on-demand rules)
2. if an administrator chooses a per-app VPN configuration for a Secure Work Space application then this
configuration takes precedence over the Secure Connectivity

Notes:
Samsung SAFE/KNOX also provides this capability, so if these APIs are available this should be implemented for corresponding devices

UX/UI design for the console should be reviewed with EPM

Key Use Cases:

Alternative path to the secure work space connectivity via BlackBerry Infrastructure for redundancy and performance (potentially) reasons.

An organization wants to provide connectivity to specific enterprise provisioned apps but not the entire device.

Business Justification:
ER 9980654 - FoxConn - Foxconn reported the data traffic performance between BES 10 server in China to BlackBerry Infrastructure is poor. It may cause by the poor China Internet connection stability to Canada.
Telus - In discussion with Troy Stark, he indicated Telus has just invested heavily in a work from home VPN infrastructure which they would like to leverage for their Mobile devices / SWS, instead of using BB Secure Connectivity.

Many other MDM vendors offer VPN integration for lack of the BlackBerry type connectivity. While the BlackBerry connectivity is perceived as superior by most customers, customer want to have a backup route for data traffic.