Hannah Jernigan

VMware EUC All-Stars at VMworld: We’re Bringing out the Big Brains

Published August 21, 2017 | By Hannah Jernigan
Email, RSS Follow

That’s right. We’re bringing out the big brains, our senior solutions architects and technical marketing leaders for VMware End-User Computing (EUC). Learn directly from the people that know the technology best at these hands-on labs, breakout sessions, roundtable discussions and quick talks—only at VMworld 2017.

AirWatch Hands-on Labs at VMworld

Sign up in advance for expert-led workshops or check into self-paced labs on a first-come, first-serve basis with our AirWatch architect all-star team.

Meet Justin Sheets

Justin is a senior solutions architect with the VMware Technical Marketing team. He&#rsquo;s been with us two years in Atlanta, after working five years as a software developer. He helps build tools and support AirWatch Hands-on Labs automation.

Meet Shardul Navare

Shardul joined us right out of school, and he&#rsquo;s been an AirWatch employee for five years now. After multiple roles in pre-sales engineering, he moved to our team as a senior architect with focus on end-user computing (EUC), tech partner integrations and mobile application management (MAM).

  • Expert-Led Workshop:AirWatch Getting Started Workshop [ELW185701U]
  • Expert-Led Workshop:AirWatch with VMware Workspace ONE Workshop [ELW185703U]
  • Self-Paced Lab:AirWatch Android Management [SPL185707U]
  • Self-Paced Lab:AirWatch Getting Started [SPL185701U]
  • Self-Paced Lab:AirWatch Productivity Apps [SPL185704U]
  • Self-Paced Lab:AirWatch Unified Endpoint Management for Windows 10 [SPL185702U]
  • Self-Paced Lab: AirWatch Directory and Certificate Authority Integration [SPL185706U]
  • Self-Paced Lab:AirWatch with Workspace ONE [SPL185703U]
  • Self-Paced Lab:AirWatch Mobile Application Management and Developer Tools [SPL185705U]
  • Self-Paced Lab:AirWatch Technology Partner Integration [SPL185708U]

AirWatch Technical Breakout Sessions, Roundtables & Talks

AirWatch, Windows 10 and Horizon admins, these technical topics are for you! Learn from our best and brightest at EUC at these VMworld events.

Meet Matt Coppinger

Matt is our director of technical marketingfor VMware EUC. He leads a team of experienced EUC architects who develop technical deep dive content, reference architectures and hands-on labs for VMware field, partners and customers. Matt has worked on desktop virtualization since its inception at VMware in 2007—first in engineering, then as a field consultant, then as a global practice lead and finally through his role within Technical Marketing.

  • Breakout Session:Enabling Simple, Secure Access to Your VMware Horizon and Citrix Virtual Desktops and Apps with Workspace ONE [SAAM1150BU]
  • Breakout Session: Delivering Virtual Desktops and Apps via the Digital Workspace with Workspace ONE and Horizon [ADV1591BU]
  • Expert Roundtable:Delivering virtual desktops and apps via the Digital Workspace with Workspace ONE and Horizon with Matt Coppinger [MTE4820U]

MeetCamilo Lotero

Camilo, a senior technical marketing manager at VMware EUC, is our go-to guy for identity and access management expertise. Afive-year VMware employee, he’s worked across various teams including technical support, sales engineering and technical marketing. That includes serving as technical advisor for clients across market verticals, as well as providing technical enablement across VMware. A Georgia Tech grad, Camilo holds a degree in industrial and systems engineering.

  • Partner Exchange Bootcamp:Technical Deep Dive: Workspace ONE App Access & Security [PAR4405BCU]
  • Expert Roundtable: Enable Mobile Single Sign-on from Mobile Devices with Workspace ONE, Powered by AirWatch with Camilo Lotero [MTE4830U]
  • Breakout Session: Securing Access & Protecting Information in Microsoft Office 365 with Workspace ONE [SAAM2291BU]

Meet Josué Negrón

Josué serves as senior solutions architect at VMware EUC for Windows platforms, including Windows 10. Another five-year employee, Josué works with clients to define the best way to integrate the latest EUC technologies into their businesses to solve challenges associated with mobile device deployment, management and security. Another brilliant Georgia Tech grad, Josué holds a degree in computer engineering.

  • Partner Exchange Breakout Session: An Insider&#rsquo;s View Into Windows 10 Management with AirWatch [PAR4391BU]
  • Expert Roundtable: Taking a Cloud First, Modern IT Approach to Windows 10 Management withJosueNegron[MTE4828U]
  • Expert Roundtable: Elevates Your Windows Security Architecture withJosueNegron [MTE4827U]
  • Breakout Session: Today’s Cyberthreat Revolution: How VMware Elevates Your Windows Security Architecture [UEM1830BU]

MeetJosue Fontanez

Josue leads product marketing for identity management in Workspace ONE, driving technical enablement, business strategy, demand and awareness. As senior product line marketing manager at VMware, he’s also our identity evangelist online, through social media and at events. Before this role, he led product marketing for VMware Horizon Air (now VMware Horizon Cloud), and he spent time in product management and product marketing for cloud, systems management and security technologies at Citrix and Microsoft.

  • Quick Talk: Introduction to Password-Less Single Sign-On for Mobile Devices with Workspace ONE [SAAM1084QU]
  • Partner Exchange Breakout Session: Technical Deep Dive: Workspace ONE App Access and Security [PAR4392BU]
  • Breakout Session: Introduction to Access Management in Workspace ONE [SAAM2288BU]
  • Breakout Session: VMware on VMware: Winning a Single Sign-On Solution with Workspace ONE [SAAM1321BU]

Be there for it all—product announcements, free hands-on learning, access to EUC experts—at the biggest event of the year for EUC pros. Our last conference passes are waiting for you here.

The post VMware EUC All-Stars at VMworld: We’re Bringing out the Big Brains appeared first on VMware End-User Computing Blog.

Read more..

Posted in 6482146642362368, By Product, Enterprise Mobility Management, EUC at VMworld, mobile, Syndicate, unified endpoint management, vmware airwatch, VMWare News, vmworld | Tagged

Easy as 9.1.1-2-3: VMware AirWatch EMM Feature Pack Review

Published July 31, 2017 | By Hannah Jernigan
Email, RSS Follow

Use the VMware AirWatch EMM feature pack review to learn about the added features added and bug fixes in the latest releases of the AirWatch Console.

VMware AirWatch EMM Feature Pack v9.1.3

Check out the latest features in theVMware AirWatch EMM Feature Pack v9.1.3 release!

New!Deploy Custom Bootstrap Packages for macOS

Typically,device enrollment requires AirWatch Agent installation prior to executing any other installation packages. In VMware AirWatch EMM Feature Pack v9.1.3,bootstrap packages provides a way around this requirement. Use this featureto deploy installers to a device immediately after enrollment.

Bootstrap Packages use the Apple MDM commandInstallApplication, which allows an MDM to natively install .pkg files to an enrolled device. Historically, the AirWatch Agent handles the download and installation of application files.

Use bootstrap packages to enable device and application management tools besides the AirWatch Agent. Bootstrap a package to an enrollment flow to install alternative tooling and configure the device prior to use.

Create a Bootstrap Package

Use a tool to create bootstrap packages that meet the following criteria:

  • Sign the package with an appropriate certificate (such as a TLS/SSL certificate with signing usage). Only the package needs to be signed, not the app, since the Apple Gatekeeper does not check apps installed through MDM.
  • Use a distribution package (product archive), not a flat component package.

Deploy a Bootstrap Package

Aftercreating a bootstrap package, deploy it todevices. For unmanaged devices enrolling into AirWatch Enterprise Mobility Management, packages automatically deploy post-enrollment. However, by default, these packages do notdeploy to managed devices.

To deploy bootstrap packages to manageddevices, queue them in the package’s Assigned Devices list. For more information, seeDeploy a Bootstrap Package.

New!Create a DEP Enrollment Token from the Self-Service Portal

AirWatch Enterprise Mobility Management combines Apple DEPportal and the AirWatch Self-Service Portal functionality toenable alternate end-user enrollment flows. AirWatch Console v9.1.3, added the ability forend users generate their own DEP enrollment tokens in the AirWatch Self-Service Portal.This enrollment method allows organizations with a large amount of DEP devices to use one-time enrollment tokens to assign devices to end users.

To take advantage of DEP Token Enrollment from the Self-Service Portal:
  • Enable the Self-Service Portal for end users
  • Ensure end users have their device serial number andother required enrollment information

New!Push Public Google Play Store Apps in the Samsung Knox Container

Use AirWatch Console v 9.1.3 and above to push public applications to the Samsung Knox container. These applications have the same functionality as their Google Play Store counterparts.

To get started:
  1. Follow the current set up flow for Samsung Knox
  2. Create a container passcode.
  3. Add and approve public applications for integration between AirWatch and Samsung Knox from the Google Play Store.
  4. Assign the application to devices using smart groups, an AirWatch system that allows you to group devices on criteria you set.
  5. Assign the Terms of Use.

When finished, end users only have access to whitelisted applications that automatically install from Google Play. For more information on how to upload, approve, and deploy public apps, seePublic Applications Overview.

New! Report Devices with Applications and User Details

The new report, Devices with Applications and User Details provides a report on the devices, users, and applications in your AirWatch Console.

In the AirWatch Console, theNewtag in front of the report name identifies new reports. These reports combine multiple deprecated reports.The latest console release includes a new report that returns data on users, devices, and applications.

The following table shows the available columns for the new Application Details by Device report.

New Reports
Application Details By Device
Organization Group ID Installed Version
Organization Group Name Bundle Size (KB)
Friendly Name Dynamic Size (KB)
Serial Number Total Size
App Name Install Status
App Identifier Install Status Reason
Deployed By AirWatch App First Seen
Managed App App Updated Date
Assigned Version Device ID
Device Type Device Model
OS Version Ownership Type
Device Last Seen User name
Email address
To see the new Application Details By Devicereports:

Navigate toHub > Reports & Analytics > Reports > List View.

To see the exported new reports:

Navigate toHub > Reports & Analytics > Exports.[/box]

New! Public IPAddressColumn in Device List View

End-user privacy is a major concern in IT security. As a result, AirWatch Console privacy settings were created. Use these settings to customize the collection of and admin access to user data. In a continued effort to support end user privacy, the device list view now supports an additional column. As always, the Public IPAddress column is configurable to meet end user privacy requirements.

To view Public IP Address column in the AirWatch Console:

Navigate to Device Details > Network > Cellular Section.

To configure privacy settings for the Public IP Address column:

  1. Navigate toDevices > Device Settings > Devices & Users > General > Privacy.
  2. In the Networkdata collection section, view the new Public IP Address column.
  3. Configure Settings and device Commands, as appropriate.

Settings:

Collect and Display– User data is collected and displayed in the AirWatch Console.
Collect Do Not Display– User data is collected for use in reports but is not displayed it in the AirWatch Console.
Do Not Collect– User data is not collected and therefore it is not displayed.

Commands:

Allow– The command is made on devices without permission from the user.
Allow With User Permission– The command is made on devices but only with the permission of the user.
Prevent– The command does not run on devices.

4. ClickSave. You must enter your PIN to save the changes. ClickSave.

Enhancements and Bugs Fixed in v9.1.3

The Software Delivery Notification articleIntroducing AirWatch 9.1.3lists the enhancements and the bugs fixed in this release. If you received an Issue ID for a submitted bug, you can search for it here to see if the issue was fixed in this release.

VMware AirWatch EMM Feature Packv9.1.2

The Software Delivery Notification articleIntroducing AirWatch 9.1.2lists the enhancements and bugs fixed in this release.If you received an Issue ID for a submitted bug, you can search for it here to see if the issue was fixed in this release.

VMware AirWatch EMM Feature Packv9.1.1

The Software Delivery Notification article Introducing AirWatch 9.1.1lists the enhancements and bugs fixed in this release.If you received an Issue ID for a submitted bug, you can search for it here to see if the issue was fixed in this release.

The post Easy as 9.1.1-2-3: VMware AirWatch EMM Feature Pack Review appeared first on VMware End-User Computing Blog.

Read more..

Posted in 6482146642362368, By Product, mobile, Security, Syndicate, Technical Guides, vmware airwatch, VMWare News | Tagged

Symantec VIP Authentication for VMware Identity Manager

Published July 24, 2017 | By Hannah Jernigan
Email, RSS Follow

Do you want to integrate3rd-party identity provider functionality into theVMware Identity Manager authentication workflow? Then you are in luck! Today’s post explains how toenable Symantec VIP authentication for VMware Identity Manager access.

Symantec VIP Authentication for VMware Identity Manager

VMware Identity Manager is an Identity as a Service (IDaaS) product offered by VMware. Since it is a stand-alone product, it does not require 3rd-party integrations to authenticate end users. However, integrating a 3rd-party authentication solution with VMware Identity Manager might make sense or be necessary in certain cases. That’s where Symantec Validation and Identity Protection (VIP), a centralized site for managing user credentials, comes into the picture. IntegrateSymantec VIPwith VMware Identity Manager to implement single or multi-factor authentication into vIDM via Symantec VIP.

Symantec VIP Authentication for VMware Identity Manager Workflows

Prior to attemptingintegration, it makes sense to review the configuration options. Since there are multiple ways to integrateSymantec VIP withVMware Identity Manager, this post explainstwo common options.

Single-Factor Authentication withSymantec VIP

This method uses Symantec VIP as the onlyauthentication factor for accessing the VMware Identity Managerportal and itsapplications.

The workflow begins when an end-user first opens the VMware Identity Manager portal. VMware Identity Manager redirects the end userto Symantec VIP, which challenges the user for their credentials. Theend user then provides their credentials which Symantec VIP validates. Post-validation, Symantec VIP redirects the end user to tothe VMware Identity Manager portal. Once connectedto the portal, end users access any managed application through single-sign on.

Multi-Factor Authentication withSymantec VIP

This method uses Symantec VIP as the second authentication factor for accessing the VMware Identity Managerportal or specific applications.Multi-factor authentication is ideal for organizations withcomplex security requirements.

The workflow begins when an end-user first opens the VMware Identity Manager portal. VMware Identity Manager then challenges the user for their credentials. In response to the challenge, theend user provides their credentials. Then, after validating the credentials, VMware Identity Manager redirects the end user to Symantec VIP with a SAML request. Since the SAML request contains aNameID, Symantec VIP uses the NameID to issue an authentication challenge. The end user then responds to the challenge, and Symantec VIP validates their response. Once authentication completes, the end-user redirects to the VMware Identity Manager portal. End users can now access any managed application from the portal through single-sign on.

Want to see the workflow in action? Then check out this VMware Identity Manager + Symantec VIPdemo.

Integrate Symantec VIP Authentication for VMware Identity Manager

Once you’ve reviewedthe available workflows, determine if you want to use Symantec VIP for single or multi-factor authentication. Once decided, you’re ready to begin integration! Complete the following steps to get started.

1. Obtain the VMware Identity Manager Service Provider Metadata

  1. Open the VMware Identity Manager Administrative Console.
  2. Navigate to Catalog > Settings.
  3. From the menuon the left, select SAML Metadata.
  4. On the Download SAML Certificate window, click Service Provider(SP) Metadata.
  5. Save the file as sp.xml.

2. Download the VMware Identity Manager Signing Certificate

  1. Open the VMware Identity Manager Administrative Console.
  2. Navigate to Catalog > Settings.
  3. From themenuon the left, selectSAML Metadata.
  4. On the Download SAML Certificate window, click Download.
  5. Save the file as signingCertificate.cer.

3. Configure Symantec VIP Login

  1. Open the VIP Manager Administrative Console.
  2. Navigate to Policies > VIP Login > Edit.
  3. Next to Import Metadata File, click Choose File.
  4. Select sp.xml.
  5. Next to Verification Certificate, click Choose File.
  6. Select signingCertificate.cer.
  7. Click Save.

4. If Configuring Single-Factor Symantec VIP Authentication, Enable VIP PIN and Set a PIN code.

  1. Open Symantec VIP.
  2. Navigate toPolicies> Account >Edit.
  3. Configure the VIP PIN policy settings.
    • Require a minimum number of characters.
    • Set character requirements.
    • Configure anexpiration date for the PIN.
    • Set the number of unique PINs required before the user can reuse a PIN.

5. Download Symantec VIP Metadata

    1. Open Symantec VIP.
    2. Navigate to Policies > VIP Login.
    3. Configure single or multi-factor Symantec VIP Authentication for VMware Identity Manager:
      • VIP Login Idp (Second Factor Only) -Download metadata xmlto enable multi-factor authentication with Symantec VIP.
      • VIP Login Idp (First and Second Factor) -Download metadata xmlto enable single-factor authentication with Symantec VIP.

6. Add Symantec VIP as a 3rd-party IDP in VMware Identity Manager

    1. Open the VMware Identity Manager Administrative Console.
    2. Navigate to Identity & Access Management > Manage > Identity Providers > Add Identity Provider.
    3. Complete the fields to add an identity provider:
      • Identity Provider Metadata -Copy the SAML metadata from the file saved in Step 5
      • Name ID Format - Appears asurn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
      • Name ID Value- Select according to your environment.
      • Name ID Policyin SAML Request - Appears as urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified.
      • Authentication Method - Select urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport.

7. Define Policy and Policy Rule

Define the policy and policy rule for single or multi-factor Symantec VIP Authentication.

  • Single-factor -Set the first authenticator in the authentication chain to the defined authentication policy.
  • Multi-factor -Set the second authenticator in the authentication chain to the defined authentication policy.

To learn more about configuring policies, refer to the chapter Managing Access Policiesin the VMware Identity Management Admin Guide.

Learn More

  • VMware Identity Manager Documentation
  • VIP Policy Configuration

The post Symantec VIP Authentication for VMware Identity Manager appeared first on VMware End-User Computing Blog.

Read more..

Posted in 6482146642362368, Configuring VMware Identity Manager, identity, Syndicate, Technical Guides, VMware Identity Manager, VMWare News | Tagged

Office 365 Deployment Models

Published July 17, 2017 | By Hannah Jernigan
Email, RSS Follow

Office 365, the cloud-based version of the ubiquitous enterprise enablementapps is often misunderstood as a single use case with a singleform of implementation. However, a variety of factors result influence this use case, resulting in four primary deployment models. Today’s post reviews the available deployment models andhighlights the variables to help you determine how to implement Office 365.

Introduction to Office 365

Office 365 is an offering from Microsoft’s comprehensive cloud-based stack, the Azure platform.

The movefrom an on-premise infrastructure to the cloud provides the following benefits:

Office 365is Microsoft&#rsquo;s cloud approach to content collaboration and email services. It provides a complete office experience…completely in the cloud! Available services include:

Office 365 Deployment Models

Even though companies usemost of the same Office 365 services, every use case is unique. This leads to four typical deployment models for O365.

Azure AD Pure Cloud

  • Master User Location - Azure Active Directory
  • User Credentials - Azure Cloud user credentials
  • Functionality - Delivers available Azure functionality

Azure ADConnect

  • Master User Location - On-PremisesActive Directory
  • User Credentials - Password hash sync for user credentials
  • Functionality - Delivers available Azure functionality

Azure ADFederation

  • Master User Location - On-PremisesActive Directory
  • User Credentials -On-Premises user credentials
  • Functionality - Delivers most Azure functionality

Pass-through Authentication

  • Master User Location - On-PremisesActive Directory
  • User Credentials -On-Premises user credentials
  • Functionality - DeliversmostAzure functionality

Office 365 Deployment Model Components

The post Office 365 Deployment Models appeared first on VMware End-User Computing Blog.

Read more..

Posted in 6482146642362368, Syndicate, VMWare News | Tagged

NEW WHITEPAPER: VMware AirWatch Windows 10 Unified Endpoint Management Reviewer’s Guide

Published July 3, 2017 | By Hannah Jernigan
Email, RSS Follow

TheVMware AirWatch Windows 10 Unified Endpoint Management Reviewer’s Guideis now available! This guide outlines the waysVMware AirWatch® 9.1 Enterprise Mobility Management™ addresses the challenges of traditional PC management, providing a smarter way to deploy, control, and manage your organization&#rsquo;s PC fleet.

Figure 1: Pain Points of Traditional Management Solutions

While traditional approaches use multiple administrative tools to manage the PC life cycle, VMware AirWatch unifies enterprise mobility management in a single console view. This approach simplifies security, providing a single point-of-reference for key device management configurations.

This guide describes the benefits, features, typical use cases, and best practices for configuring Windows 10 deployments. Use the exercises in the VMware AirWatch Windows 10 Unified Endpoint Management Reviewer&#rsquo;s Guide to learn how to configure security profiles, compliance settings, and device restrictions with VMware AirWatch Enterprise Mobility Management, andevaluate VMware AirWatch Windows 10 management capabilities.

The post NEW WHITEPAPER: VMware AirWatch Windows 10 Unified Endpoint Management Reviewer’s Guide appeared first on VMware End-User Computing Blog.

Read more..

Posted in 6482146642362368, Syndicate, VMWare News | Tagged

VMware AirWatch 101: Windows 10 Custom Settings Profile

Published June 19, 2017 | By Hannah Jernigan