There are a few options for enabling access to external clients, some are more involved than others.

1. Tableau online - This is a Tableau "private cloud" offering that enables SaaS.  More info can be found here:  Tableau Online | Tableau Software

2. Standup a distinct Tableau cluster in your corporate DMZ environment

3. What we do, but is quite involved and requires a project to fulfill.  We run a singular H.A. Tableau cluster that is in use by both our internal  workforce and external clients.  It lives within our internal firewall.  I will address external clients at least at a high level at this point.

- Clients access TS content via an Enterprise Client Access Portal (in the DMZ).  The portal initiates viz requests to render dashboards, these requests flow through HTTPS to a reverse proxy load balancer which then sends the request via the Javascript API requests to TS.  Some info on how to do this can be found here:  Configuring Proxies for Tableau Server

- The identity security occurs via trusted authentication.  Some info on how to do this can be found here:  Trusted Authentication

- External clients need to be defined within TS as a valid user that has permissions to the appropriate content.  We have AD integration enabled, so the external clients need to be valid AD users as well.  Clients are part of their own AD domain, there is a 1-way trust established between this AD domain and our internal so that these users can be added.  We use the REST API to add these users

- The dashboards are common across clients.  We know the client identity that logged into TS via trusted authentication.  Therefore, we are able to filter down using internal filters within the dashboard to be contextual to the specific client.

- Part of why we use a distinct site is to track usage effectively, and via our proxy setup, we are able to limit requests to come in that have this specific site which is part of the URI