Archives

unified endpoint management

The PCLM Revolution Will Not Be Televised. See It Live at VMworld

This blog was updated on May 22,2017, with the latest information about the Device Enrollment Program from Apple. Join the conversation on Twitter using #iOSinBusiness.

What is the Device Enrollment Program from Apple?

The Device Enrollment Program provides a fast, streamlined way to deploy your corporate-owned Mac, iOS or tvOS devices. With a mobile device management (MDM) and unified endpoint management solution like VMware AirWatch, IT can:

  • Customize device settings;
  • Activate and supervise devices over the air; and
  • Enable users to setup their own devices out of the box.

[Related: 27 Questions Answered about AirWatch & the Device Enrollment Program from Apple]

What IT challenges does the Device Enrollment Program help address?

The Device Enrollment Program solves several critical requirements for corporate-owned devices. First, organizations save time and money by eliminating high-touch processes for IT. DEP takes configuration time to zero. Deployment of corporate-owned devices with DEP means zero-touch configuration for IT, eliminates staging and automates device configuration.

Second, onboarding iOS or macOS devices is streamlined for users. Based on the settings IT configured, users are prompted through Setup Assistant (skipping through any unnecessary screens). Users only need to authenticate and don&#rsquo;t need to be tech savvy to get the content, apps and email they need on their smartphones.

Finally, supervising iOS devices over the air is possible with the DEP. With supervision, administrators have more control over the device and can disable features like AirDrop, the App Store and account modification. They can also enable features like password protection. Also, the MDM profile cannot be removed, which eliminates the possibility of un-enrollment to protect data and investments in devices and provides the best user experience possible.

What role does AirWatch play in Apple&#rsquo;s Device Enrollment Program?

To utilize the Device Enrollment Program, MDM capabilities like those part of VMware AirWatch are required. AirWatch integrates with the Device Enrollment Program, enabling organizations to automatically import devices in the console based on order history. Then, administrators can easily configure settings, apply profiles, assign applications and set restrictions that will apply automatically when users unbox devices.

[Related: iOS 10.3, tvOS 10.2 & macOS 10.12.4 Are Live! VMware AirWatch Has Your Mobile Business Covered]

How can I join the Device Enrollment Program from Apple?

First, enroll with Apple and register your organization&#rsquo;s information to create an account and designate your administrators. Next, configure your device settings and Setup Assistant steps in the AirWatch console. You then can ship devices directly to your users.

For more information, check out Apple&#rsquo;s Device Enrollment Program Guide.

What are the device requirements for the Apple Device Enrollment Program?

The devices must be corporate-owned and purchased directly from Apple or through participating Apple Authorized Resellers.*

*The Device Enrollment Program may not be supported by all Apple Authorized Resellers and carriers.

Where is the Device Enrollment Program available?

The Device Enrollment Program is available in 34 countries: Australia,Austria,Belgium,Brazil,Canada,Czech Republic,Denmark,Finland,France,Germany, Greece,Hong Kong,Hungary,India,Ireland,Italy,Japan,Luxembourg,Mexico,Netherlands, NewZealand,Norway,Poland,Portugal,Singapore,South Africa,Spain,Sweden,Switzerland, Taiwan,Turkey,United Arab Emirates,United Kingdom andUnitedStates.

What’s available for education with the Device Enrollment Program from Apple?

Both Apple and AirWatch give special consideration to unique education use cases. With Apple School Manager (ASM), Apple has delivered a central place for account creation, role definitions and content purchases. To support ASM, AirWatch designed a console section for education to setup mobile deployments and streamline management of teachers, students, classes, apps and more—whether you have a 1:1 or shared device deployment. After importing data from Apple School Manager, use AirWatch to:

  • Match devices with students or classes;
  • Assign applications (to users or devices); and
  • Configure the new Classroom application, allowing teachers to guide learning on iPads.

Students quickly choose the device with their photo displayed once their teacher has started the class.

Visit apple.com/business/dep/ and apple.com/education/it/ to learn more about the Device Enrollment Program.

 

Read more..

6 Criteria That Help You Separate the EMM “Sheep” from “Goats”

Sheep Versus Goats

My high school German teacher had a saying: &#rsquo;Midterm exams separate the sheep from the goats.&#rdquo; From a sheep-herder&#rsquo;s perspective, sheep are superior. I grew up in cattle country with little regard for the neighboring county&#rsquo;s sheep-herder population, but I still held onto the idea. Someday, I would understand its meaning. When I accepted a position to evaluate enterprise mobility management (EMM) products, I was reminded of Herr Samson&#rsquo;s words, and I wondered:

&#rsquo;How does one separate the EMM sheep from the goats?&#rdquo;

With the myriad of EMM solutions on the market today, it&#rsquo;s difficult to know how to recognize the leader in the flock. For the seventh consecutive year, the Gartner Magic Quadrant for EMM gave a nod to VMware Workspace ONE, the integrated platform powered by AirWatch unified endpoint management (UEM) technology. That&#rsquo;s all well and good, but how do I know the solution has everything my organization needs?

I asked the smartest technical people I could find in Canada, California, Georgia and Texas.

Together, we came up with a list of the top six EMM buying criteria for enabling a totally mobile workforce, with our own workforce being a great testing ground:

  1. Does the solution support all our use cases?
  2. Can it scale with our organization?
  3. Do I need a PhD to use it?
  4. Will it support our existing application vendors and future security providers?
  5. Does it include Windows 10 management capabilities?
  6. Will it help us troubleshoot issues with our devices?

See It for Yourself

We liked the idea so much, one of the engineers, Stan Hunter, created a demo video showcase Workspace ONE&#rsquo;s unique capabilities in addressing these criteria and why we like to use it so much ourselves.

Summary of Our Findings: 6 Selection Criteria for Enabling a Totally Mobile Workforce

1. Does the solution support our use cases?

Yep. Workspace ONE the most complete endpoint management solution on the market. No matter the use case, the vertical industry or the region of the world, Workspace ONE has the capabilities to meet your specific needs. Stan&#rsquo;s demo video shows a quick example of Workspace ONE accessing any app from any device by launching a native app from an iPad without requiring any added configuration.

Over the last 11 years, Workspace ONE grew to meet the needs of thousands of customers in all verticals and regions of the world. Customers often say, &#rsquo;you can grow into AirWatch (and Workspace ONE), but you can&#rsquo;t grow out of it.”

2. Can it scale with our organization?

Yep. Scaling means more than just adding compute power. It also means including the management chops to enable a large enterprise deployment. Workspace ONE has several layers of &#rsquo;multi-tenancy&#rdquo; for ease in separating disparate groups.

At its core, Workspace ONE offers a multi-tenant architecture by using organization groups. These groups can separate customers within a single instance or can separate business units or geographical regions within a single customer&#rsquo;s tenant. In addition to organization groups, Workspace ONE has smart groups.

Smart groups live inside an organization group and provide an additional layer of separation between devices and users. This allows administrators to easily apply profiles and applications to specific groups of users or devices—at scale and with ease.

3. Do I need a PhD to use it?

Nope. Workspace ONE&#rsquo;s administration console is an easy-to-use tool that provides admins with a best-in-class console to easily access its superior features and functions. The admin console also supports role-based administration, which provides the ability to restrict access for certain administrators or groups. Seeing is believing.

In his demo, Stan shows the powerful and easy-to-use Workspace ONE admin console. Industry curated templates make it easy for admins to rollout out industry-standard policies and apps to their users with a simple mouse click, among other time-saving capabilities.

4. Will it support our existing application vendors and future security providers?

Yep. Workspace ONE provides application security by integrating with application vendors and identity solutions to ensure users are properly authenticated in a quick and easy manner. Workspace ONE also provides conditional access to applications based on device posture.

Workspace ONE provides second-to-none integrations with third-party certificate authorities using both SCEP and direct API integrations. These integrations allow customers to distribute certificates to all device types and can be used in many authentication scenarios, such as Wi-Fi, VPN and email. Existing and future security vendor support is enabled with our open ecosystem and easy API access.

4. Does it include Windows 10 management capabilities?

Yep. VMware partnered with Microsoft to provide the most complete Windows 10 endpoint management solution on the market. Workspace ONE manages not only typical mobile device management (MDM) features, but also application deployment and Windows updates. It combines the management features of MDM with those of PC Lifecycle Management (PCLM) solutions to provide customers with a complete Windows 10 management solution.

5. Will it help us troubleshoot issues with our devices?

Yep. Workspace ONE provides administrators the ability to quickly and easily troubleshoot an individual device or groups of devices. Admins can add and remove device profiles and applications directly from a device without requiring the user to un-enroll and re-enroll the device. In addition, the console provides individual device events and targeted logging for enhanced troubleshooting.

Admins can also create custom reports about device status, application installation status, all from a single console.

There Is More

VMware partners with best-of-breed solutions to provide a complete security solution for mobile devices. Workspace ONE supports the VMware Mobile Security Alliance (MSA), the AppConfig Community and has a complete set of APIs.

Custom configuration of applications on devices has typically required a custom SDK or application wrapping—a process that requires application developers to create multiple versions of their application to support different EMM vendors. VMware created AppConfig to be a standard interface that takes advantage of features that are native to iOS and Android, making it easier for developers to create transportable apps.

Guess Who?

Stay tuned later this month for a detailed comparison report that shows which vendors we used for comparison in this exercise. Feel free to &#rsquo;guess who&#rdquo; in the comment section below, and sign up for our EUC Blog newsletter to get the alert when it is live.

Sheep It Is

After this evaluation, I could see the wisdom in Herr Samson&#rsquo;s philosophy. Like midterm exams, there are winners and losers.

Workspace ONE aced this group&#rsquo;s midterm test and easily made it into the sheep category above the rest. The team of experts who worked on this evaluation include: Stan Hunter, Leon Letto, Roger Deane, Josue Negron, Prab Kalra and Camilo Lotero.

Disclaimer

No sheep or goats were injured in the writing of this article and no biases are held by the author. Both species offer advantages. In doing research for this article, I learned Herr Samson&#rsquo;s reference comes from the Bible and feel compelled to add that this article has no religious affiliation

Hear first hand how leading companies empower the digital workspace for transformation during VMworld. Register for the EUC Showcase keynote to hear their stories, dive into brand new innovations and much more. Seats are going fast, so register today!

The post 6 Criteria That Help You Separate the EMM &#rsquo;Sheep&#rdquo; from &#rsquo;Goats&#rdquo; appeared first on VMware End-User Computing Blog.

Read more..

The Complete Itinerary for Windows 10 Enthusiasts at VMworld 2017

This blog was updated on May 22,2017, with the latest information about the Device Enrollment Program from Apple. Join the conversation on Twitter using #iOSinBusiness.

What is the Device Enrollment Program from Apple?

The Device Enrollment Program provides a fast, streamlined way to deploy your corporate-owned Mac, iOS or tvOS devices. With a mobile device management (MDM) and unified endpoint management solution like VMware AirWatch, IT can:

  • Customize device settings;
  • Activate and supervise devices over the air; and
  • Enable users to setup their own devices out of the box.

[Related: 27 Questions Answered about AirWatch & the Device Enrollment Program from Apple]

What IT challenges does the Device Enrollment Program help address?

The Device Enrollment Program solves several critical requirements for corporate-owned devices. First, organizations save time and money by eliminating high-touch processes for IT. DEP takes configuration time to zero. Deployment of corporate-owned devices with DEP means zero-touch configuration for IT, eliminates staging and automates device configuration.

Second, onboarding iOS or macOS devices is streamlined for users. Based on the settings IT configured, users are prompted through Setup Assistant (skipping through any unnecessary screens). Users only need to authenticate and don&#rsquo;t need to be tech savvy to get the content, apps and email they need on their smartphones.

Finally, supervising iOS devices over the air is possible with the DEP. With supervision, administrators have more control over the device and can disable features like AirDrop, the App Store and account modification. They can also enable features like password protection. Also, the MDM profile cannot be removed, which eliminates the possibility of un-enrollment to protect data and investments in devices and provides the best user experience possible.

What role does AirWatch play in Apple&#rsquo;s Device Enrollment Program?

To utilize the Device Enrollment Program, MDM capabilities like those part of VMware AirWatch are required. AirWatch integrates with the Device Enrollment Program, enabling organizations to automatically import devices in the console based on order history. Then, administrators can easily configure settings, apply profiles, assign applications and set restrictions that will apply automatically when users unbox devices.

[Related: iOS 10.3, tvOS 10.2 & macOS 10.12.4 Are Live! VMware AirWatch Has Your Mobile Business Covered]

How can I join the Device Enrollment Program from Apple?

First, enroll with Apple and register your organization&#rsquo;s information to create an account and designate your administrators. Next, configure your device settings and Setup Assistant steps in the AirWatch console. You then can ship devices directly to your users.

For more information, check out Apple&#rsquo;s Device Enrollment Program Guide.

What are the device requirements for the Apple Device Enrollment Program?

The devices must be corporate-owned and purchased directly from Apple or through participating Apple Authorized Resellers.*

*The Device Enrollment Program may not be supported by all Apple Authorized Resellers and carriers.

Where is the Device Enrollment Program available?

The Device Enrollment Program is available in 34 countries: Australia,Austria,Belgium,Brazil,Canada,Czech Republic,Denmark,Finland,France,Germany, Greece,Hong Kong,Hungary,India,Ireland,Italy,Japan,Luxembourg,Mexico,Netherlands, NewZealand,Norway,Poland,Portugal,Singapore,South Africa,Spain,Sweden,Switzerland, Taiwan,Turkey,United Arab Emirates,United Kingdom andUnitedStates.

What’s available for education with the Device Enrollment Program from Apple?

Both Apple and AirWatch give special consideration to unique education use cases. With Apple School Manager (ASM), Apple has delivered a central place for account creation, role definitions and content purchases. To support ASM, AirWatch designed a console section for education to setup mobile deployments and streamline management of teachers, students, classes, apps and more—whether you have a 1:1 or shared device deployment. After importing data from Apple School Manager, use AirWatch to:

  • Match devices with students or classes;
  • Assign applications (to users or devices); and
  • Configure the new Classroom application, allowing teachers to guide learning on iPads.

Students quickly choose the device with their photo displayed once their teacher has started the class.

Visit apple.com/business/dep/ and apple.com/education/it/ to learn more about the Device Enrollment Program.

 

Read more..

VMware AirWatch Announces Same-Day Support for Google Glass Enterprise Edition

This blog was updated on May 22,2017, with the latest information about the Device Enrollment Program from Apple. Join the conversation on Twitter using #iOSinBusiness.

What is the Device Enrollment Program from Apple?

The Device Enrollment Program provides a fast, streamlined way to deploy your corporate-owned Mac, iOS or tvOS devices. With a mobile device management (MDM) and unified endpoint management solution like VMware AirWatch, IT can:

  • Customize device settings;
  • Activate and supervise devices over the air; and
  • Enable users to setup their own devices out of the box.

[Related: 27 Questions Answered about AirWatch & the Device Enrollment Program from Apple]

What IT challenges does the Device Enrollment Program help address?

The Device Enrollment Program solves several critical requirements for corporate-owned devices. First, organizations save time and money by eliminating high-touch processes for IT. DEP takes configuration time to zero. Deployment of corporate-owned devices with DEP means zero-touch configuration for IT, eliminates staging and automates device configuration.

Second, onboarding iOS or macOS devices is streamlined for users. Based on the settings IT configured, users are prompted through Setup Assistant (skipping through any unnecessary screens). Users only need to authenticate and don&#rsquo;t need to be tech savvy to get the content, apps and email they need on their smartphones.

Finally, supervising iOS devices over the air is possible with the DEP. With supervision, administrators have more control over the device and can disable features like AirDrop, the App Store and account modification. They can also enable features like password protection. Also, the MDM profile cannot be removed, which eliminates the possibility of un-enrollment to protect data and investments in devices and provides the best user experience possible.

What role does AirWatch play in Apple&#rsquo;s Device Enrollment Program?

To utilize the Device Enrollment Program, MDM capabilities like those part of VMware AirWatch are required. AirWatch integrates with the Device Enrollment Program, enabling organizations to automatically import devices in the console based on order history. Then, administrators can easily configure settings, apply profiles, assign applications and set restrictions that will apply automatically when users unbox devices.

[Related: iOS 10.3, tvOS 10.2 & macOS 10.12.4 Are Live! VMware AirWatch Has Your Mobile Business Covered]

How can I join the Device Enrollment Program from Apple?

First, enroll with Apple and register your organization&#rsquo;s information to create an account and designate your administrators. Next, configure your device settings and Setup Assistant steps in the AirWatch console. You then can ship devices directly to your users.

For more information, check out Apple&#rsquo;s Device Enrollment Program Guide.

What are the device requirements for the Apple Device Enrollment Program?

The devices must be corporate-owned and purchased directly from Apple or through participating Apple Authorized Resellers.*

*The Device Enrollment Program may not be supported by all Apple Authorized Resellers and carriers.

Where is the Device Enrollment Program available?

The Device Enrollment Program is available in 34 countries: Australia,Austria,Belgium,Brazil,Canada,Czech Republic,Denmark,Finland,France,Germany, Greece,Hong Kong,Hungary,India,Ireland,Italy,Japan,Luxembourg,Mexico,Netherlands, NewZealand,Norway,Poland,Portugal,Singapore,South Africa,Spain,Sweden,Switzerland, Taiwan,Turkey,United Arab Emirates,United Kingdom andUnitedStates.

What’s available for education with the Device Enrollment Program from Apple?

Both Apple and AirWatch give special consideration to unique education use cases. With Apple School Manager (ASM), Apple has delivered a central place for account creation, role definitions and content purchases. To support ASM, AirWatch designed a console section for education to setup mobile deployments and streamline management of teachers, students, classes, apps and more—whether you have a 1:1 or shared device deployment. After importing data from Apple School Manager, use AirWatch to:

  • Match devices with students or classes;
  • Assign applications (to users or devices); and
  • Configure the new Classroom application, allowing teachers to guide learning on iPads.

Students quickly choose the device with their photo displayed once their teacher has started the class.

Visit apple.com/business/dep/ and apple.com/education/it/ to learn more about the Device Enrollment Program.

 

Read more..

Gartner: VMware Scores Highest in 3 Use Cases

This blog was updated on May 22,2017, with the latest information about the Device Enrollment Program from Apple. Join the conversation on Twitter using #iOSinBusiness.

What is the Device Enrollment Program from Apple?

The Device Enrollment Program provides a fast, streamlined way to deploy your corporate-owned Mac, iOS or tvOS devices. With a mobile device management (MDM) and unified endpoint management solution like VMware AirWatch, IT can:

  • Customize device settings;
  • Activate and supervise devices over the air; and
  • Enable users to setup their own devices out of the box.

[Related: 27 Questions Answered about AirWatch & the Device Enrollment Program from Apple]

What IT challenges does the Device Enrollment Program help address?

The Device Enrollment Program solves several critical requirements for corporate-owned devices. First, organizations save time and money by eliminating high-touch processes for IT. DEP takes configuration time to zero. Deployment of corporate-owned devices with DEP means zero-touch configuration for IT, eliminates staging and automates device configuration.

Second, onboarding iOS or macOS devices is streamlined for users. Based on the settings IT configured, users are prompted through Setup Assistant (skipping through any unnecessary screens). Users only need to authenticate and don&#rsquo;t need to be tech savvy to get the content, apps and email they need on their smartphones.

Finally, supervising iOS devices over the air is possible with the DEP. With supervision, administrators have more control over the device and can disable features like AirDrop, the App Store and account modification. They can also enable features like password protection. Also, the MDM profile cannot be removed, which eliminates the possibility of un-enrollment to protect data and investments in devices and provides the best user experience possible.

What role does AirWatch play in Apple&#rsquo;s Device Enrollment Program?

To utilize the Device Enrollment Program, MDM capabilities like those part of VMware AirWatch are required. AirWatch integrates with the Device Enrollment Program, enabling organizations to automatically import devices in the console based on order history. Then, administrators can easily configure settings, apply profiles, assign applications and set restrictions that will apply automatically when users unbox devices.

[Related: iOS 10.3, tvOS 10.2 & macOS 10.12.4 Are Live! VMware AirWatch Has Your Mobile Business Covered]

How can I join the Device Enrollment Program from Apple?

First, enroll with Apple and register your organization&#rsquo;s information to create an account and designate your administrators. Next, configure your device settings and Setup Assistant steps in the AirWatch console. You then can ship devices directly to your users.

For more information, check out Apple&#rsquo;s Device Enrollment Program Guide.

What are the device requirements for the Apple Device Enrollment Program?

The devices must be corporate-owned and purchased directly from Apple or through participating Apple Authorized Resellers.*

*The Device Enrollment Program may not be supported by all Apple Authorized Resellers and carriers.

Where is the Device Enrollment Program available?

The Device Enrollment Program is available in 34 countries: Australia,Austria,Belgium,Brazil,Canada,Czech Republic,Denmark,Finland,France,Germany, Greece,Hong Kong,Hungary,India,Ireland,Italy,Japan,Luxembourg,Mexico,Netherlands, NewZealand,Norway,Poland,Portugal,Singapore,South Africa,Spain,Sweden,Switzerland, Taiwan,Turkey,United Arab Emirates,United Kingdom andUnitedStates.

What’s available for education with the Device Enrollment Program from Apple?

Both Apple and AirWatch give special consideration to unique education use cases. With Apple School Manager (ASM), Apple has delivered a central place for account creation, role definitions and content purchases. To support ASM, AirWatch designed a console section for education to setup mobile deployments and streamline management of teachers, students, classes, apps and more—whether you have a 1:1 or shared device deployment. After importing data from Apple School Manager, use AirWatch to:

  • Match devices with students or classes;
  • Assign applications (to users or devices); and
  • Configure the new Classroom application, allowing teachers to guide learning on iPads.

Students quickly choose the device with their photo displayed once their teacher has started the class.

Visit apple.com/business/dep/ and apple.com/education/it/ to learn more about the Device Enrollment Program.

 

Read more..

Mercy Innovates from the Data Center to the Patient Bedside

Mercy is an integrated healthcare organization with 43 hospitals and more than 700 physician practices and outpatient facilities, serving more than 3 million patients a year. Through technology, Mercy wants to be better partners with their patients, giving them more guidance and preventing problems before they happen.

Mercy received the 2016 HiMMS Nicholas E. Davies Award of Excellence for using health information technology to improve patient care and the bottom line. VMware helps Mercy innovate in healthcare from the data center to the patient&#rsquo;s bedside.

  • Mercy&#rsquo;s goal is to analyze data to provide better outcomes for patients – making sure they have the right product for the right patient at the right time - and also to keep that data secure with VMware NSX and VMware vRealize Automation.
  • Mercy is using the VMware vCloud Air partner network to provide general healthcare-class hosting
  • Mobile devices increase care in patients&#rsquo; homes, extending their clinical care team. Mercy also uses the tablet-based Mercy Bedside app, managed by VMware AirWatch, which patients and their families can use while in the hospital to ease the care process.

“The role that VMware has played … really is enabling the technology. Building these solutions is impossible without the ability to utilize technology as seamlessly as we use our stethoscopes.&#rdquo;
—Todd Stewart, Vice President of Clinical Integrated Solutions, Mercy

Learn more about innovative solutions for healthcare at vmware.com/solutions/industry/healthcare.

Because you liked this video:

  • VMware Horizon VDI Powers WCH’s Hospital of the Future
  • Case Study: Halton Healthcare Modernizes Data Centers & Expands with New Hospital
  • American Red Cross Uses VDI for Faster Disaster Relief

 

The post Mercy Innovates from the Data Center to the Patient Bedside appeared first on VMware End-User Computing Blog.

Read more..

Master Unified Endpoint Management at VMworld 2017

This blog was updated on May 22,2017, with the latest information about the Device Enrollment Program from Apple. Join the conversation on Twitter using #iOSinBusiness.

What is the Device Enrollment Program from Apple?

The Device Enrollment Program provides a fast, streamlined way to deploy your corporate-owned Mac, iOS or tvOS devices. With a mobile device management (MDM) and unified endpoint management solution like VMware AirWatch, IT can:

  • Customize device settings;
  • Activate and supervise devices over the air; and
  • Enable users to setup their own devices out of the box.

[Related: 27 Questions Answered about AirWatch & the Device Enrollment Program from Apple]

What IT challenges does the Device Enrollment Program help address?

The Device Enrollment Program solves several critical requirements for corporate-owned devices. First, organizations save time and money by eliminating high-touch processes for IT. DEP takes configuration time to zero. Deployment of corporate-owned devices with DEP means zero-touch configuration for IT, eliminates staging and automates device configuration.

Second, onboarding iOS or macOS devices is streamlined for users. Based on the settings IT configured, users are prompted through Setup Assistant (skipping through any unnecessary screens). Users only need to authenticate and don&#rsquo;t need to be tech savvy to get the content, apps and email they need on their smartphones.

Finally, supervising iOS devices over the air is possible with the DEP. With supervision, administrators have more control over the device and can disable features like AirDrop, the App Store and account modification. They can also enable features like password protection. Also, the MDM profile cannot be removed, which eliminates the possibility of un-enrollment to protect data and investments in devices and provides the best user experience possible.

What role does AirWatch play in Apple&#rsquo;s Device Enrollment Program?

To utilize the Device Enrollment Program, MDM capabilities like those part of VMware AirWatch are required. AirWatch integrates with the Device Enrollment Program, enabling organizations to automatically import devices in the console based on order history. Then, administrators can easily configure settings, apply profiles, assign applications and set restrictions that will apply automatically when users unbox devices.

[Related: iOS 10.3, tvOS 10.2 & macOS 10.12.4 Are Live! VMware AirWatch Has Your Mobile Business Covered]

How can I join the Device Enrollment Program from Apple?

First, enroll with Apple and register your organization&#rsquo;s information to create an account and designate your administrators. Next, configure your device settings and Setup Assistant steps in the AirWatch console. You then can ship devices directly to your users.

For more information, check out Apple&#rsquo;s Device Enrollment Program Guide.

What are the device requirements for the Apple Device Enrollment Program?

The devices must be corporate-owned and purchased directly from Apple or through participating Apple Authorized Resellers.*

*The Device Enrollment Program may not be supported by all Apple Authorized Resellers and carriers.

Where is the Device Enrollment Program available?

The Device Enrollment Program is available in 34 countries: Australia,Austria,Belgium,Brazil,Canada,Czech Republic,Denmark,Finland,France,Germany, Greece,Hong Kong,Hungary,India,Ireland,Italy,Japan,Luxembourg,Mexico,Netherlands, NewZealand,Norway,Poland,Portugal,Singapore,South Africa,Spain,Sweden,Switzerland, Taiwan,Turkey,United Arab Emirates,United Kingdom andUnitedStates.

What’s available for education with the Device Enrollment Program from Apple?

Both Apple and AirWatch give special consideration to unique education use cases. With Apple School Manager (ASM), Apple has delivered a central place for account creation, role definitions and content purchases. To support ASM, AirWatch designed a console section for education to setup mobile deployments and streamline management of teachers, students, classes, apps and more—whether you have a 1:1 or shared device deployment. After importing data from Apple School Manager, use AirWatch to:

  • Match devices with students or classes;
  • Assign applications (to users or devices); and
  • Configure the new Classroom application, allowing teachers to guide learning on iPads.

Students quickly choose the device with their photo displayed once their teacher has started the class.

Visit apple.com/business/dep/ and apple.com/education/it/ to learn more about the Device Enrollment Program.

 

Read more..

Exclusive Event: VMUG EUC Explore New York City

After a great turnout at the huge Boston Summer VMUG UserCon, VMUG is hitting the road again! Don&#rsquo;t miss the exclusive end-user computing (EUC) experience at the New York City roadshow on Friday, June 16: VMUG EUC Explore New York City.

Throughout the one-day conference, attendees will join technical sessions presented by a lineup of expert speakers. Deep dive into VMware&#rsquo;s latest products and share insights with IT professionals.

  • Hear from Shawn Bass, VMware EUC VP and CTO, and discover how the digital workspacetransforms the way work gets done.
  • Engage with EUC Championsas they discuss their personal EUC experiences, including:
    • Matt Heldstab (“Ask the Expert Panel Featuring EUC Champions”)
    • Rebecca Fitzhugh (“Architecting a Highly Available and Scalable Horizon Infrastructure”)
    • Earl Gay (“Hidden Horizon: A look at Less Explored Features”)
    • Sean Massey
  • Learn the latest innovations in Windows 10 and VMware AirWatch unified endpoint management—driving a consumer simple, enterprise secure solution—directly from VMware engineers.
    • “The Why, What and How of Unified Endpoint Management”
    • “5 Essentials for Unified Endpoint Management for Windows 10”
  • Get hands on with the latest VMware Horizon andVMware Workspace ONE labs.
  • Plus, join popular VMware Horizon and desktop virtualization sessions, such as:
    • “Modern Virtual Desktops: Planning and Managing”
    • “Take Desktops to the Cloud with Horizon Cloud Utilizing VMware JMP”
    • “The Secret Sauce Behind VMware&#rsquo;s Internal Horizon Desktop Deployments”

This event offers unsurpassed opportunities to expand local networking contacts and develop EUC expertise. Register today to reserve a spot for this complimentary day conference at theInterContinental New York Times Square, and follow @MyVMUG for updates.

The post Exclusive Event: VMUG EUC Explore New York City appeared first on VMware End-User Computing Blog.

Read more..

VMware AirWatch 101: AirWatch REST APIs

With contributions from:

Hannah Jernigan, Technical Writer, End User Computing Technical Marketing, VMware

Do you ever wish the productivity apps your end-users love had more security features? VMware AirWatch REST APIs can help make this idea a reality by integratingAirWatch REST APIswith existing IT infrastructures and third-party applications. AirWatch API integration extends enterprise mobility management functionality toexternal programs, and is an efficient, cost-effective alternativeto buildingin-house applications.No wonder REST APIsareapillar of the AirWatch Developer’s Toolkit!

This post is most appropriate for the following audiences:

  • Anyone new to VMware AirWatch Enterprise Mobility Management
  • Anyone new to VMware AirWatch REST API capabilities

If you fall into one of these categories, keep reading to learn about:

  • Security features ofAirWatch REST APIs
  • AirWatch REST APIs available for integration
  • Authentication Methods for AirWatch REST APIs
  • Getting Started configurations in the AirWatch Console
If you are already familiar with the topics listed above, and were looking for moretechnical resources, jump straight to the Learn More section and follow the recommended links

AirWatch REST API Security Features

  • Encrypted Communication – REST API calls take place over HTTPS with a certificate signed by a publicly trusted CA.
  • Two-Factor Authentication – Along with the standard headers, API server authentication requires the following headers:
    • Authorization- Authorization header with base 64 encoding of API admin credentials.
    • aw-tenant-code- Header value same as API key randomly generated in the AirWatch Console.
  • Multiple Authentication Options – AirWatch API Admin can authenticate with the API server usingBasic/ NTLM, Directory, orCertificate authentication.
  • ConfigurableAPI Admin Permissions– Default and custom admin roles can restrict the API admin to a limited set of API actions.
  • Advanced On-Premise Settings – On-premises deployments can restrict server throttling and set daily quotas to prevent API overflows and potential service crashes.

AvailableAirWatch REST APIs

Integrate VMware AirWatch’s REST APIs with third party applications, programs, and processes, and take enterprise mobility management beyond the VMware AirWatch solution.

Authentication Methods for AirWatch REST APIs

VMware AirWatch supports multiple ways for Console Admin Users to authenticate into the API server:

Basic Authentication

Authentication into the API server uses a generic username and password. Implementation is simple. However,this authentication model does not integrate with existing corporate user accounts.

Basic Authentication Authorization Header

The authorization header should hold the value in the following example format:

 GET https://host/api/mdm/devices/bulksettings HTTP/1.1 User-Agent: Fiddler aw-tenant-code: 1FC5H4JAAAG5A4SQAMQA Host – host.com Authorization – Basic bW9oYW46bW9oYW4=

Certificate Authentication

Uses a self-signed certificate generated by the AirWatch Console for API Server authentication. AirWatch certificate-basedAPI authentication acceptsincoming requests with CMS signatures and CMSURL authentication schemes.

CMS Signatures Authorization Header

Expects the signature against the message content, and takes the following format.

Authorization:CMS&#rsquo;< Version >< CREDENTIALS >

< Version > information.

< CREDENTIALS > is the Base64 Encoded data of &#rsquo;message content&#rdquo; signed with client certificate using PKCS9 signing.

CMSURL Scheme Authorization Header

Expects the signature against the application path in the URL, and takes the following format.

Authorization:CMSURL&#rsquo;< Version >< CREDENTIALS >

< Version > information.

< CREDENTIALS > is the Base64 Encoded data of &#rsquo;canonical URI resource encoded using UTF-8 format&#rdquo; signed with client certificate using PKCS9 signing.

Directory-Based Authentication

Authentication into the API server uses existing corporate credentials. This method integrates existing corporate accounts from Directory Services withAirWatch user and admin accounts.

Enable AirWatch REST APIs

To enable API access in the AirWatch Console:

  1. Log into the AirWatch Console.
  2. Navigate toGroups & Settings>All Settings>System>Advanced>API>REST API.
  3. Configure the General, Authentication, and the Advanced tab.

a. Configure General tab settings.

  • Enable API Access - SelectEnabled to generate the API authentication key.
  • Add -Select to generate multipletheAPI key for one or multiple servers. Then, configure the related settings.

  • Service – Enter one or multiple service(s) and generate their independent API keys.
  • Account Type – Select the type of the account. To accessthe Mobile Content Management Personal Content APIs, select Enrollment User.
  • Description – Provide ashort description for the service and generated API key.
  • Whitelisted Domains – Specifythedomains where the API key is valid.

b. Configure the Authentication Tab

Enable Basic, Directory, or Certificate based authentication.

c. Configure the Advanced tab.

At the Global Organization Group level, specify default service throttling and daily quota values.

  • Server Throttling -Set the server bandwidth throttling. When server reaches the specified throttling limit, it offloads new requests and not respond to them.
  • Daily Quota -Set the number of API calls to be sent per day.

Configure API Access

After enablingAPIs, configure API access. First, create adedicatedadministrator account for API authentication. Then, select anauthenticationmethod. Finally, provision roles with specific API privileges to the administrator.

  1. Navigate to Accounts > Administrators > List View.
  2. Click Add> Add Admin.
  3. Configure the following tabs:

    a. On the Basic tab, complete the required fields to create a dedicated admin for API access.

    b. Click the Roles tab, and specify the admin role's API authentication permissions.

    c. On the API tab, select the Authentication method from the drop-down menu.

    If configuring certificate authentication, selectCertificates from the Authentication drop-down menu, and enter the same password provided on theBasic tab for Certificate Password.

  4. Select Save to create theAPI Admin Account with defined access permissions.

Summary

Use VMware AirWatch REST APIs as an efficient way to leverage core enterprise mobility management functionality in enterprise servers, programs, and processes. These APIs facilitate custom application development and integration with AirWatch.

Learn More

  • API Help Page - Learn about REST APIs setup and view comprehensive documentation Navigate to https://{apiURL}/api/help and authenticate using API admin credentials.
  • Hands-On Lab- Select Module 5, Introduction to AirWatch REST APIs. Complete the exercises in roughly 30 minutes.
  • VMware AirWatch REST API Guide- Accesstechnical reference material in the manual.

The post VMware AirWatch 101: AirWatch REST APIs appeared first on VMware End-User Computing Blog.

Read more..

Go Que Newsroom

Categories