Which two deployment models can ensure secure access to Qlik Sense apps for authorized users outside the firewall?

Enabling all external users to connect via a secure VPN is an effective approach for ensuring secure access to Qlik Sense apps for authorized users outside the firewall. A VPN (Virtual Private Network) creates an encrypted tunnel between the user’s device and the Qlik Sense environment, ensuring that sensitive data and applications are accessible only to those who have the appropriate credentials. This method provides a secure connection that protects against unauthorized access and cyber threats, aligning with best practices for security when allowing external access.

In contrast, deploying Qlik Sense in the DMZ and opening all required ports may expose the system to vulnerabilities, as it can increase the risk of attack from external sources. While it might allow access, the security implications make it a less favorable option.

Installing a proxy server within the intranet could help manage and secure access, but by itself, it does not facilitate direct secure access for external users. The proxy would typically still require a secure connection method like a VPN to maintain data integrity and security.

Setting up a direct connection for external users without a VPN would leave the system vulnerable, as it eliminates the added layer of encryption that a VPN provides. This could potentially allow unauthorized users to gain access to the Qlik Sense apps and data.

Overall, utilizing