You can create a secure connection to intranet and internet resources on a provisioned device from a Symantec Sealed app or an enterprise-wrapped app by configuring your app to use a proxy instance with the App Proxy role enabled. There are 2 steps you complete:
Create an app policy that directs traffic through Secure App Proxy - An app policy is where you define what proxy instance your app directs internet and intranet traffic through. From your Mobility Manager console, access Policies and Rules > App Policies. Create an app policy or edit an existing app policy. Scroll down to the Network access control section. Click the checkbox in the Secure App Proxy field and choose a proxy instance with the App Proxy role enabled, from the drop down list.
Next, access the Whitelisted locations option. This defines what locations your app can establish a connection to. The default is all. Click the location definition field to change the default value of all to specific site.
You can create multiple site entries by clicking New Location
Assign the app policy to your app - Access Apps > App list and select the app you wish to use a proxy instance with the App Proxy role enabled. Click the edit icon and access the Policy drop down list. Select an app policy that has Secure App Proxy enabled.