How to configure Qlik Sense access from external network/ internet
When allowing external access to Qlik Sense, there are a handful of configuration steps needed on the server infrastructure to facilitate external access and potentially configuration steps needed on Qlik Sense itself.
If you want a friendly name for external (or internal) users, then you will need to follow up with your infrastructure / networking team to setup an appropriate DNS alias.
If you to use a DNS alias then be sure to adjust the Virtual Proxy Whitelist for all Virtual Proxies which will be used by external users. See Error Message "An error occurred" When Connecting To Qlik Sense Hub for a walk through on how to adjust the Virtual Proxy Whitelist. In brief QMC > Virtual Proxies > Edit > Advanced > Host white list > Enter the DNS alias (e.g. analytics.company.com)
Independent of the use of a DNS alias, you need to ensure that the appropriate ports are accessible externally.
It is not uncommon for organizations to require that external users either access a server in a DMZ or to use a reverse proxy / network load balancer or other networking appliance at the edge of the network to allow users to access internal resources.
Whether this is required or not is a question for the organization's infrastructure / networking team.
In order to determine which port(s) need to be accessible, the administrator needs to verify against the available ports list for the deployed Qlik Sense version.
See the Qlik Sense for administrators Help > Qlik Sense Enterprise on Windows Architecture > Ports for details.
After determining the entry point at step 1 (DNS alias vs. servername), the administrator needs to determine what sort of SSL certificate is required.
Do note that certain browsers require additional attributes to be on the SSL certificate. See Chrome 58+ and SSL Certificates for a Chrome specific requirement of Subject Alternative Names
After determining any requirements for the SSL certificate from the above bullet points, they need to follow up internally with their security / certificate resources to determine the steps for generating a CSR to request a certificate from third party certificate vendor.