Enterprise Mobility Management

VMware EUC All-Stars at VMworld: We’re Bringing out the Big Brains

That’s right. We’re bringing out the big brains, our senior solutions architects and technical marketing leaders for VMware End-User Computing (EUC). Learn directly from the people that know the technology best at these hands-on labs, breakout sessions, roundtable discussions and quick talks—only at VMworld 2017.

AirWatch Hands-on Labs at VMworld

Sign up in advance for expert-led workshops or check into self-paced labs on a first-come, first-serve basis with our AirWatch architect all-star team.

Meet Justin Sheets

Justin is a senior solutions architect with the VMware Technical Marketing team. He&#rsquo;s been with us two years in Atlanta, after working five years as a software developer. He helps build tools and support AirWatch Hands-on Labs automation.

Meet Shardul Navare

Shardul joined us right out of school, and he&#rsquo;s been an AirWatch employee for five years now. After multiple roles in pre-sales engineering, he moved to our team as a senior architect with focus on end-user computing (EUC), tech partner integrations and mobile application management (MAM).

  • Expert-Led Workshop:AirWatch Getting Started Workshop [ELW185701U]
  • Expert-Led Workshop:AirWatch with VMware Workspace ONE Workshop [ELW185703U]
  • Self-Paced Lab:AirWatch Android Management [SPL185707U]
  • Self-Paced Lab:AirWatch Getting Started [SPL185701U]
  • Self-Paced Lab:AirWatch Productivity Apps [SPL185704U]
  • Self-Paced Lab:AirWatch Unified Endpoint Management for Windows 10 [SPL185702U]
  • Self-Paced Lab: AirWatch Directory and Certificate Authority Integration [SPL185706U]
  • Self-Paced Lab:AirWatch with Workspace ONE [SPL185703U]
  • Self-Paced Lab:AirWatch Mobile Application Management and Developer Tools [SPL185705U]
  • Self-Paced Lab:AirWatch Technology Partner Integration [SPL185708U]

AirWatch Technical Breakout Sessions, Roundtables & Talks

AirWatch, Windows 10 and Horizon admins, these technical topics are for you! Learn from our best and brightest at EUC at these VMworld events.

Meet Matt Coppinger

Matt is our director of technical marketingfor VMware EUC. He leads a team of experienced EUC architects who develop technical deep dive content, reference architectures and hands-on labs for VMware field, partners and customers. Matt has worked on desktop virtualization since its inception at VMware in 2007—first in engineering, then as a field consultant, then as a global practice lead and finally through his role within Technical Marketing.

  • Breakout Session:Enabling Simple, Secure Access to Your VMware Horizon and Citrix Virtual Desktops and Apps with Workspace ONE [SAAM1150BU]
  • Breakout Session: Delivering Virtual Desktops and Apps via the Digital Workspace with Workspace ONE and Horizon [ADV1591BU]
  • Expert Roundtable:Delivering virtual desktops and apps via the Digital Workspace with Workspace ONE and Horizon with Matt Coppinger [MTE4820U]

MeetCamilo Lotero

Camilo, a senior technical marketing manager at VMware EUC, is our go-to guy for identity and access management expertise. Afive-year VMware employee, he’s worked across various teams including technical support, sales engineering and technical marketing. That includes serving as technical advisor for clients across market verticals, as well as providing technical enablement across VMware. A Georgia Tech grad, Camilo holds a degree in industrial and systems engineering.

  • Partner Exchange Bootcamp:Technical Deep Dive: Workspace ONE App Access & Security [PAR4405BCU]
  • Expert Roundtable: Enable Mobile Single Sign-on from Mobile Devices with Workspace ONE, Powered by AirWatch with Camilo Lotero [MTE4830U]
  • Breakout Session: Securing Access & Protecting Information in Microsoft Office 365 with Workspace ONE [SAAM2291BU]

Meet Josué Negrón

Josué serves as senior solutions architect at VMware EUC for Windows platforms, including Windows 10. Another five-year employee, Josué works with clients to define the best way to integrate the latest EUC technologies into their businesses to solve challenges associated with mobile device deployment, management and security. Another brilliant Georgia Tech grad, Josué holds a degree in computer engineering.

  • Partner Exchange Breakout Session: An Insider&#rsquo;s View Into Windows 10 Management with AirWatch [PAR4391BU]
  • Expert Roundtable: Taking a Cloud First, Modern IT Approach to Windows 10 Management withJosueNegron[MTE4828U]
  • Expert Roundtable: Elevates Your Windows Security Architecture withJosueNegron [MTE4827U]
  • Breakout Session: Today’s Cyberthreat Revolution: How VMware Elevates Your Windows Security Architecture [UEM1830BU]

MeetJosue Fontanez

Josue leads product marketing for identity management in Workspace ONE, driving technical enablement, business strategy, demand and awareness. As senior product line marketing manager at VMware, he’s also our identity evangelist online, through social media and at events. Before this role, he led product marketing for VMware Horizon Air (now VMware Horizon Cloud), and he spent time in product management and product marketing for cloud, systems management and security technologies at Citrix and Microsoft.

  • Quick Talk: Introduction to Password-Less Single Sign-On for Mobile Devices with Workspace ONE [SAAM1084QU]
  • Partner Exchange Breakout Session: Technical Deep Dive: Workspace ONE App Access and Security [PAR4392BU]
  • Breakout Session: Introduction to Access Management in Workspace ONE [SAAM2288BU]
  • Breakout Session: VMware on VMware: Winning a Single Sign-On Solution with Workspace ONE [SAAM1321BU]

Be there for it all—product announcements, free hands-on learning, access to EUC experts—at the biggest event of the year for EUC pros. Our last conference passes are waiting for you here.

The post VMware EUC All-Stars at VMworld: We’re Bringing out the Big Brains appeared first on VMware End-User Computing Blog.

Read more..

3 iOS 11 Features for Enterprises We’re Excited About

This blog was updated on May 22,2017, with the latest information about the Device Enrollment Program from Apple. Join the conversation on Twitter using #iOSinBusiness.

What is the Device Enrollment Program from Apple?

The Device Enrollment Program provides a fast, streamlined way to deploy your corporate-owned Mac, iOS or tvOS devices. With a mobile device management (MDM) and unified endpoint management solution like VMware AirWatch, IT can:

  • Customize device settings;
  • Activate and supervise devices over the air; and
  • Enable users to setup their own devices out of the box.

[Related: 27 Questions Answered about AirWatch & the Device Enrollment Program from Apple]

What IT challenges does the Device Enrollment Program help address?

The Device Enrollment Program solves several critical requirements for corporate-owned devices. First, organizations save time and money by eliminating high-touch processes for IT. DEP takes configuration time to zero. Deployment of corporate-owned devices with DEP means zero-touch configuration for IT, eliminates staging and automates device configuration.

Second, onboarding iOS or macOS devices is streamlined for users. Based on the settings IT configured, users are prompted through Setup Assistant (skipping through any unnecessary screens). Users only need to authenticate and don&#rsquo;t need to be tech savvy to get the content, apps and email they need on their smartphones.

Finally, supervising iOS devices over the air is possible with the DEP. With supervision, administrators have more control over the device and can disable features like AirDrop, the App Store and account modification. They can also enable features like password protection. Also, the MDM profile cannot be removed, which eliminates the possibility of un-enrollment to protect data and investments in devices and provides the best user experience possible.

What role does AirWatch play in Apple&#rsquo;s Device Enrollment Program?

To utilize the Device Enrollment Program, MDM capabilities like those part of VMware AirWatch are required. AirWatch integrates with the Device Enrollment Program, enabling organizations to automatically import devices in the console based on order history. Then, administrators can easily configure settings, apply profiles, assign applications and set restrictions that will apply automatically when users unbox devices.

[Related: iOS 10.3, tvOS 10.2 & macOS 10.12.4 Are Live! VMware AirWatch Has Your Mobile Business Covered]

How can I join the Device Enrollment Program from Apple?

First, enroll with Apple and register your organization&#rsquo;s information to create an account and designate your administrators. Next, configure your device settings and Setup Assistant steps in the AirWatch console. You then can ship devices directly to your users.

For more information, check out Apple&#rsquo;s Device Enrollment Program Guide.

What are the device requirements for the Apple Device Enrollment Program?

The devices must be corporate-owned and purchased directly from Apple or through participating Apple Authorized Resellers.*

*The Device Enrollment Program may not be supported by all Apple Authorized Resellers and carriers.

Where is the Device Enrollment Program available?

The Device Enrollment Program is available in 34 countries: Australia,Austria,Belgium,Brazil,Canada,Czech Republic,Denmark,Finland,France,Germany, Greece,Hong Kong,Hungary,India,Ireland,Italy,Japan,Luxembourg,Mexico,Netherlands, NewZealand,Norway,Poland,Portugal,Singapore,South Africa,Spain,Sweden,Switzerland, Taiwan,Turkey,United Arab Emirates,United Kingdom andUnitedStates.

What’s available for education with the Device Enrollment Program from Apple?

Both Apple and AirWatch give special consideration to unique education use cases. With Apple School Manager (ASM), Apple has delivered a central place for account creation, role definitions and content purchases. To support ASM, AirWatch designed a console section for education to setup mobile deployments and streamline management of teachers, students, classes, apps and more—whether you have a 1:1 or shared device deployment. After importing data from Apple School Manager, use AirWatch to:

  • Match devices with students or classes;
  • Assign applications (to users or devices); and
  • Configure the new Classroom application, allowing teachers to guide learning on iPads.

Students quickly choose the device with their photo displayed once their teacher has started the class.

Visit apple.com/business/dep/ and apple.com/education/it/ to learn more about the Device Enrollment Program.

 

Read more..

Gartner: VMware Scores Highest in 3 Use Cases

This blog was updated on May 22,2017, with the latest information about the Device Enrollment Program from Apple. Join the conversation on Twitter using #iOSinBusiness.

What is the Device Enrollment Program from Apple?

The Device Enrollment Program provides a fast, streamlined way to deploy your corporate-owned Mac, iOS or tvOS devices. With a mobile device management (MDM) and unified endpoint management solution like VMware AirWatch, IT can:

  • Customize device settings;
  • Activate and supervise devices over the air; and
  • Enable users to setup their own devices out of the box.

[Related: 27 Questions Answered about AirWatch & the Device Enrollment Program from Apple]

What IT challenges does the Device Enrollment Program help address?

The Device Enrollment Program solves several critical requirements for corporate-owned devices. First, organizations save time and money by eliminating high-touch processes for IT. DEP takes configuration time to zero. Deployment of corporate-owned devices with DEP means zero-touch configuration for IT, eliminates staging and automates device configuration.

Second, onboarding iOS or macOS devices is streamlined for users. Based on the settings IT configured, users are prompted through Setup Assistant (skipping through any unnecessary screens). Users only need to authenticate and don&#rsquo;t need to be tech savvy to get the content, apps and email they need on their smartphones.

Finally, supervising iOS devices over the air is possible with the DEP. With supervision, administrators have more control over the device and can disable features like AirDrop, the App Store and account modification. They can also enable features like password protection. Also, the MDM profile cannot be removed, which eliminates the possibility of un-enrollment to protect data and investments in devices and provides the best user experience possible.

What role does AirWatch play in Apple&#rsquo;s Device Enrollment Program?

To utilize the Device Enrollment Program, MDM capabilities like those part of VMware AirWatch are required. AirWatch integrates with the Device Enrollment Program, enabling organizations to automatically import devices in the console based on order history. Then, administrators can easily configure settings, apply profiles, assign applications and set restrictions that will apply automatically when users unbox devices.

[Related: iOS 10.3, tvOS 10.2 & macOS 10.12.4 Are Live! VMware AirWatch Has Your Mobile Business Covered]

How can I join the Device Enrollment Program from Apple?

First, enroll with Apple and register your organization&#rsquo;s information to create an account and designate your administrators. Next, configure your device settings and Setup Assistant steps in the AirWatch console. You then can ship devices directly to your users.

For more information, check out Apple&#rsquo;s Device Enrollment Program Guide.

What are the device requirements for the Apple Device Enrollment Program?

The devices must be corporate-owned and purchased directly from Apple or through participating Apple Authorized Resellers.*

*The Device Enrollment Program may not be supported by all Apple Authorized Resellers and carriers.

Where is the Device Enrollment Program available?

The Device Enrollment Program is available in 34 countries: Australia,Austria,Belgium,Brazil,Canada,Czech Republic,Denmark,Finland,France,Germany, Greece,Hong Kong,Hungary,India,Ireland,Italy,Japan,Luxembourg,Mexico,Netherlands, NewZealand,Norway,Poland,Portugal,Singapore,South Africa,Spain,Sweden,Switzerland, Taiwan,Turkey,United Arab Emirates,United Kingdom andUnitedStates.

What’s available for education with the Device Enrollment Program from Apple?

Both Apple and AirWatch give special consideration to unique education use cases. With Apple School Manager (ASM), Apple has delivered a central place for account creation, role definitions and content purchases. To support ASM, AirWatch designed a console section for education to setup mobile deployments and streamline management of teachers, students, classes, apps and more—whether you have a 1:1 or shared device deployment. After importing data from Apple School Manager, use AirWatch to:

  • Match devices with students or classes;
  • Assign applications (to users or devices); and
  • Configure the new Classroom application, allowing teachers to guide learning on iPads.

Students quickly choose the device with their photo displayed once their teacher has started the class.

Visit apple.com/business/dep/ and apple.com/education/it/ to learn more about the Device Enrollment Program.

 

Read more..

5 New EMM How-To Guides for AirWatch Admins

This blog was updated on May 22,2017, with the latest information about the Device Enrollment Program from Apple. Join the conversation on Twitter using #iOSinBusiness.

What is the Device Enrollment Program from Apple?

The Device Enrollment Program provides a fast, streamlined way to deploy your corporate-owned Mac, iOS or tvOS devices. With a mobile device management (MDM) and unified endpoint management solution like VMware AirWatch, IT can:

  • Customize device settings;
  • Activate and supervise devices over the air; and
  • Enable users to setup their own devices out of the box.

[Related: 27 Questions Answered about AirWatch & the Device Enrollment Program from Apple]

What IT challenges does the Device Enrollment Program help address?

The Device Enrollment Program solves several critical requirements for corporate-owned devices. First, organizations save time and money by eliminating high-touch processes for IT. DEP takes configuration time to zero. Deployment of corporate-owned devices with DEP means zero-touch configuration for IT, eliminates staging and automates device configuration.

Second, onboarding iOS or macOS devices is streamlined for users. Based on the settings IT configured, users are prompted through Setup Assistant (skipping through any unnecessary screens). Users only need to authenticate and don&#rsquo;t need to be tech savvy to get the content, apps and email they need on their smartphones.

Finally, supervising iOS devices over the air is possible with the DEP. With supervision, administrators have more control over the device and can disable features like AirDrop, the App Store and account modification. They can also enable features like password protection. Also, the MDM profile cannot be removed, which eliminates the possibility of un-enrollment to protect data and investments in devices and provides the best user experience possible.

What role does AirWatch play in Apple&#rsquo;s Device Enrollment Program?

To utilize the Device Enrollment Program, MDM capabilities like those part of VMware AirWatch are required. AirWatch integrates with the Device Enrollment Program, enabling organizations to automatically import devices in the console based on order history. Then, administrators can easily configure settings, apply profiles, assign applications and set restrictions that will apply automatically when users unbox devices.

[Related: iOS 10.3, tvOS 10.2 & macOS 10.12.4 Are Live! VMware AirWatch Has Your Mobile Business Covered]

How can I join the Device Enrollment Program from Apple?

First, enroll with Apple and register your organization&#rsquo;s information to create an account and designate your administrators. Next, configure your device settings and Setup Assistant steps in the AirWatch console. You then can ship devices directly to your users.

For more information, check out Apple&#rsquo;s Device Enrollment Program Guide.

What are the device requirements for the Apple Device Enrollment Program?

The devices must be corporate-owned and purchased directly from Apple or through participating Apple Authorized Resellers.*

*The Device Enrollment Program may not be supported by all Apple Authorized Resellers and carriers.

Where is the Device Enrollment Program available?

The Device Enrollment Program is available in 34 countries: Australia,Austria,Belgium,Brazil,Canada,Czech Republic,Denmark,Finland,France,Germany, Greece,Hong Kong,Hungary,India,Ireland,Italy,Japan,Luxembourg,Mexico,Netherlands, NewZealand,Norway,Poland,Portugal,Singapore,South Africa,Spain,Sweden,Switzerland, Taiwan,Turkey,United Arab Emirates,United Kingdom andUnitedStates.

What’s available for education with the Device Enrollment Program from Apple?

Both Apple and AirWatch give special consideration to unique education use cases. With Apple School Manager (ASM), Apple has delivered a central place for account creation, role definitions and content purchases. To support ASM, AirWatch designed a console section for education to setup mobile deployments and streamline management of teachers, students, classes, apps and more—whether you have a 1:1 or shared device deployment. After importing data from Apple School Manager, use AirWatch to:

  • Match devices with students or classes;
  • Assign applications (to users or devices); and
  • Configure the new Classroom application, allowing teachers to guide learning on iPads.

Students quickly choose the device with their photo displayed once their teacher has started the class.

Visit apple.com/business/dep/ and apple.com/education/it/ to learn more about the Device Enrollment Program.

 

Read more..

VMware Named a Leader in Gartner Magic Quadrant for Enterprise Mobility Management

This blog was updated on May 22,2017, with the latest information about the Device Enrollment Program from Apple. Join the conversation on Twitter using #iOSinBusiness.

What is the Device Enrollment Program from Apple?

The Device Enrollment Program provides a fast, streamlined way to deploy your corporate-owned Mac, iOS or tvOS devices. With a mobile device management (MDM) and unified endpoint management solution like VMware AirWatch, IT can:

  • Customize device settings;
  • Activate and supervise devices over the air; and
  • Enable users to setup their own devices out of the box.

[Related: 27 Questions Answered about AirWatch & the Device Enrollment Program from Apple]

What IT challenges does the Device Enrollment Program help address?

The Device Enrollment Program solves several critical requirements for corporate-owned devices. First, organizations save time and money by eliminating high-touch processes for IT. DEP takes configuration time to zero. Deployment of corporate-owned devices with DEP means zero-touch configuration for IT, eliminates staging and automates device configuration.

Second, onboarding iOS or macOS devices is streamlined for users. Based on the settings IT configured, users are prompted through Setup Assistant (skipping through any unnecessary screens). Users only need to authenticate and don&#rsquo;t need to be tech savvy to get the content, apps and email they need on their smartphones.

Finally, supervising iOS devices over the air is possible with the DEP. With supervision, administrators have more control over the device and can disable features like AirDrop, the App Store and account modification. They can also enable features like password protection. Also, the MDM profile cannot be removed, which eliminates the possibility of un-enrollment to protect data and investments in devices and provides the best user experience possible.

What role does AirWatch play in Apple&#rsquo;s Device Enrollment Program?

To utilize the Device Enrollment Program, MDM capabilities like those part of VMware AirWatch are required. AirWatch integrates with the Device Enrollment Program, enabling organizations to automatically import devices in the console based on order history. Then, administrators can easily configure settings, apply profiles, assign applications and set restrictions that will apply automatically when users unbox devices.

[Related: iOS 10.3, tvOS 10.2 & macOS 10.12.4 Are Live! VMware AirWatch Has Your Mobile Business Covered]

How can I join the Device Enrollment Program from Apple?

First, enroll with Apple and register your organization&#rsquo;s information to create an account and designate your administrators. Next, configure your device settings and Setup Assistant steps in the AirWatch console. You then can ship devices directly to your users.

For more information, check out Apple&#rsquo;s Device Enrollment Program Guide.

What are the device requirements for the Apple Device Enrollment Program?

The devices must be corporate-owned and purchased directly from Apple or through participating Apple Authorized Resellers.*

*The Device Enrollment Program may not be supported by all Apple Authorized Resellers and carriers.

Where is the Device Enrollment Program available?

The Device Enrollment Program is available in 34 countries: Australia,Austria,Belgium,Brazil,Canada,Czech Republic,Denmark,Finland,France,Germany, Greece,Hong Kong,Hungary,India,Ireland,Italy,Japan,Luxembourg,Mexico,Netherlands, NewZealand,Norway,Poland,Portugal,Singapore,South Africa,Spain,Sweden,Switzerland, Taiwan,Turkey,United Arab Emirates,United Kingdom andUnitedStates.

What’s available for education with the Device Enrollment Program from Apple?

Both Apple and AirWatch give special consideration to unique education use cases. With Apple School Manager (ASM), Apple has delivered a central place for account creation, role definitions and content purchases. To support ASM, AirWatch designed a console section for education to setup mobile deployments and streamline management of teachers, students, classes, apps and more—whether you have a 1:1 or shared device deployment. After importing data from Apple School Manager, use AirWatch to:

  • Match devices with students or classes;
  • Assign applications (to users or devices); and
  • Configure the new Classroom application, allowing teachers to guide learning on iPads.

Students quickly choose the device with their photo displayed once their teacher has started the class.

Visit apple.com/business/dep/ and apple.com/education/it/ to learn more about the Device Enrollment Program.

 

Read more..

Bring Android to Work with the Latest Enhancements

We&#rsquo;ve received lots of feedback since VMware AirWatch announced support for Android in the enterprise (formerly called Android for Work) in early 2015. Administrators love the ability to standardize management across any Android device. End users love the separation between work and personal apps. We wanted to address what early adopters reported so every customer […]]> We&#rsquo;ve received lots of feedback since VMware AirWatch announced support for Android in the enterprise (formerly called Android for Work) in early 2015. Administrators love the ability to standardize management across any Android device. End users love the separation between work and personal apps.

We wanted to address what early adopters reported so every customer can have the best experience available for an Android device in the enterprise. To achieve this, we worked closely with Google to implement new features for work profile and work managed device solutions.

With the latest capabilities of our last few monthly releases, including AirWatch 9.1, it has never been easier to deploy Android in your organization.

Increase Mobile Adoption & Simplify Device Onboarding

Set up in less time than it takes to make coffee!

It has never been easier to set up AirWatch to deploy Android. AirWatch does all the heavy lifting so you don’t have to. All you need is a Gmail account to act as the administrator and a minute of your time to integrate AirWatch with Android.

The end-user onboarding experience is also simplified. Users authenticate just once to create the work profile. Then, they have access to all the apps and policies they need to get the job done.

Deploying work managed devices? Take advantage of the latest ways to provision them.

Do you need complete management over devices? Do your devices not support near-field communication (NFC)? AirWatch now supports two additional methods of enrollment for work managed devices.

For devices running Android 6.0+, just have your end user type in afw#airwatch when prompted to enter a Google account during device setup. The AirWatch Agent will then download and launch, prompting your end users to authenticate by entering their email address, username and password. By making onboarding part of the device setup wizard, end users or IT can easily onboard work managed devices.

For devices running Android 7.0+, tap the welcome screen six times during device setup. This enables users to scan a QR code that: a) downloads the AirWatch Agent and b) configures the Agent to automatically onboard the device into AirWatch.


Give Users Secure & Simple Access to Work Apps

Simplify app management with Google Play integration.

You can now search and approve apps on Google Play from the AirWatch Console—eliminating the need to navigate to two different places. Your end users will now be able to use Google Play on their device to access their work applications, providing a familiar experience.

Create passcode policies for any app on the Play Store (no SDKs needed!).

It is now possible to set up a separate passcode for work apps—further separating work from personal on the device. This is ideal in bring-your-own-device (BYOD) scenarios where you may not want to enforce a complex device passcode (but still want security as a top priority). Your end users don&#rsquo;t have to enter a complicated password when they want to unlock the device to use their personal Twitter, but will be asked to do so when they launch a work app.

Learn more about our Android management solution here.

Read more about Android in the enterprise:

  • AirWatch Android Enterprise Enhancements
  • Android Nougat Comes to the Enterprise
  • Enterprise App Best Practices for Android Available Today

Read more..

Azure AD Join with VMware Workspace ONE

Secure, timely support for remote Windows users can be tricky.

Imagine your top remote sales rep breaks her laptop before an onsite meeting with a vital client. Does she have time to wait for IT to grab a new laptop, Domain Join it for secure access to corporate resources and then ship it out? Even if there is time, she&#rsquo;ll worry about her meeting, and you&#rsquo;ll get plenty of requests for updates.

Instead, imagine that your rep simply stops by a nearby store for a new laptop. She self-enrolls into your Azure Active Directory (AD) domain using the Windows 10 Getting Started wizard. Her device is automatically protected with VMware Workspace ONE enterprise mobility management (EMM) policies.

When you combine Azure AD Domain Join with the best-in-class Windows 10 management of Workspace ONE, you can ensure security and control over end-user access to resources—even from devices that never touch your internal corporate network.

Azure AD Join automatically protects Windows 10 with Workspace ONE EMM policies.

Secure Azure AD Join with Workspace ONE

Workspace ONE integrates with Azure AD Join to protect remote Windows 10 machines with enterprise mobility policies powered by VMware AirWatch. When an end user follows the Windows 10 setup wizard to join his or her device to your Azure AD instance, Azure AD can automatically enroll the device into Workspace ONE for management.

If you have devices that won&#rsquo;t consistently contact your corporate network, or if you have temporary users such as students or contractors, offering Azure AD Join to your users gives them the following benefits:

  • Easy access to their corporate resources through device enrollment into Workspace ONE;
  • Enterprise-class device security through Workspace ONE EMM;
  • User settings that follow them as they log into different domain-joined devices;
  • Strong but simple authentication with support for biometrics, such as face recognition using Windows Hello for Business and
  • Access to the Windows Store for Business using work or school accounts.

You can find full details on the benefits and prerequisites of Azure AD Join on Microsoft&#rsquo;s site.

Users can choose to Azure AD Join their device from the Windows 10 Getting Started Wizard.

Use Cases for Azure AD Join

Azure AD Join makes Windows 10 management easier than traditional AD Domain Join when you&#rsquo;re working with devices that may not connect to your corporate network or with temporary users (for more information, see this article outlining the pros and cons of Azure AD Join). Common use cases include the following:

  • Remote device registration: Some organizations ship Windows 10 devices to remote employees. If you set up Azure AD domain join, your users can easily join their devices to your domain as part of the Windows 10 setup wizard.
  • Temporary domain membership: If your organization employs temporary workers, such as contractors, or temporary users, such as students, you may choose to domain join them through Azure AD to take advantage of the self-service domain join as part of Windows 10 setup.

Workspace ONE, Azure AD and Office 365

Workspace ONE provides the industry-leading EMM you need to keep your devices and users safe. Learn more about how Workspace ONE protects valuable resources such as Microsoft Office 365, while providing end users with consumer-level ease of use. Visitvmware.com/products/workspace-one, or contact your VMware account representative for more details.

The post Azure AD Join with VMware Workspace ONE appeared first on VMware End-User Computing Blog.

Read more..

VMware AirWatch – NSX Integration

 

Integrate VMware AirWatch Enterprise Mobility Management with VMware NSX Network Virtualization and Security Platformto extend security policies from the data center to mobile application endpoints. VMware AirWatch – NSX Integration brings speed and simplicity to networking and micro-segmentation capabilities. By creating policies that dynamically follow mobile applications, it eliminates the need to dotime-consuming network provisioning. Keep reading to learn how to integrate NSX with VMware AirWatch.

Next Level Per-App VPN

While per-app VPN addresses some of the security concerns ofdevice-level VPN, it still exposes all the domain’s endpoints and services to an application. In comparison,micro-segmentation takes endpoint management to the next level,restricting application-level access to a specified endpoint on the datacenter.

[Related: VMware AirWatch 101: Per-App VPN]

What is NSX Micro-Segmentation?

NSX micro-segmentation is a logical, bi-directional firewall thatmonitors inbound and outbound access controls for individual endpoints. It uses the NSX virtualization tool, making it a streamlined, cost-effective alternative to a physical firewall.

VMware AirWatch – NSX Integration Health Care Use Case

Considera doctor referencing patient health records from an enterprise health app.In this use case, only the health app, and not any of the device’s other applications, can establish a per-app VPN connection. Then, micro-segmentation dictates a designated endpoint for the health app. In this case, a patient database.

This level of restriction means that the healthcare app cannot access the e-mail server, an inventory database, or other unrelated services.The application’s assigned groups also mean that data access gets filtered on an employee level as well. Nurses, or doctors from a different department using the same health app cannot access the specifieddatabase without permission.

Additional Use Cases

  • Enhanced network security and granular controls for mobile workflows
  • Accelerated digital workspace and BYOD deployments
  • Policy defined network access for mobile apps and users
  • Reduced mobile access footprint to data center minimizing attack surface
  • Accelerated mobile app delivery, testing and automation

VMware AirWatch–NSX IntegrationSolution Overview

Starting with a sucessfully installed instance of NSX, sync the NSX Security Groups thatrepresent data center endpoints and services in the AirWatch Console. This actionsharesdatacenter logic with VMware AirWatch.Then,configure and installthe VMware Per-App Tunnel. This server establishes the secure connection between mobile applications and the network.Next, configure a Per-App VPN profile todirects managed applications to specified endpoints. Finally, configure applications.

VMware Tunnel Application

Device communication with the VMware Per-App Tunnel server goes through the VMware Tunnel application.Without this application, a per-app VPN connection cannot establish.Therefore, the VMware Tunnel Application is the most important application to configure and deploy.

The other applications you configure depend on the specific scenario and use case, but are generally the apps that end users accesses internal resources from. When configuring these apps, consider using Assignment Groupswithin AirWatch Console to control access on a user level.

Plan VMwareNSX Implementation

  • Determinethe types of devices accessing your network
  • Identify the endpoints (apps) in your network access.
  • Group applications by level of vulnerability/risk
  • Define the security requirements for each level of access.

InstallVMware NSXfor vSphere 6.1.x+

  • Designate a separate network range for each Security Level to identify incoming traffic
  • Define IP set-based Security Groups in NSX
  • Define internal resource based Security Groups in NSX
  • Determine firewall rules for Security Groups
  • Identify application endpoint addresses
  • Set traffic routing patterns

Meet VMware AirWatch–NSX Integration Requirements

  • AirWatch Admin Console v8.3+
  • AirWatch Tunnel server using the Linux Installer. The AirWatch Tunnel virtual appliance deployment method is currently not supported for NSX integration.
  • AirWatch Cloud Connector (For SaaS Customers)
  • Managed Android or iOS devices

VMware AirWatch – NSX Integration Steps

This post highlights the configurations most important for VMware AirWatch integration with NSX. For comprehensive instructions in AirWatch Console v9.1, click the suggested links.

Step 1: Configure and Download the VMware Per-App Tunnel for Linux Installer

To Configure VMware Tunnel , you need the details of the server where you plan to install. Before configuration determine the deployment model, hostname(s), port(s), and which VMware Tunnel features to implement.

Available VMware Tunnel Features:

Micro-Segmentation with NSX requiresNSX integration and installation of the Per-App VPN component. However, other configuration options remain. Available features include: access log integration, SSL offloading, enterprise certificate authority integration, and more.

Then, use the configuration wizard to go through the installer settings step-by-step. Next, download the installer from the AirWatch Console, for use during Linux server installation. Please note, changing the details in this wizard creates a new configuration, and requires a reinstall of the VMware Tunnel.

AirWatch Console Configurations:
  1. Navigate to Groups & Settings > All Settings > System > Enterprise Integration > VMware Tunnel > Network Accessibility.
  2. Select Enable AirWatch Tunnel.
  3. Click Enabled for NSX Communicationand provide the NSX Manager URL and Admin Username and Password.

4. Sync Security Groups and block all non-compliant devices from the same configuration screen.

5. Select Download Linux Installer. This button downloads a single TAR file used for deploying the relay and endpoints.

6. Select Save.

Step 2: Install VMware Per-App Tunnel with NSX Enabled

After meeting the VMware Tunnel for Linux System Requirements, configuring VMware Tunnel settings, and downloading the installer, begin installation. Run the installer on a Linux server, and enable the service.

During VMware Tunnel configuration, you specify whether you are installing in a multi-tier or single-tier configuration.

  • For multi-tier configurations, continue with the Install the AirWatchTunnel Front-End Server(Linux)steps.
  • For single-tier configurations Install the VMware Tunnel – Basic (Linux).

Important: After accepting the licensing agreement during installation, specifythe components to install. Enter 1to install Per-App Tunnel only.

Step 3: Create a Per-App VPN Profile

After configuring the VMware Tunnel server,Configure Per-App Tunnel Profile for iOS or Configure Per-App Tunnel Profile for Android.This profile enables specified applications to route HTTP(S) and TCP traffic through the VMware Per-App Tunnel. However, please note that the VPN profile can only take effect on devices with the VMware Tunnel application installed.

AirWatch Console Configurations
    1. Navigate to Devices > Profiles > List View > Add.
    2. Select the appropriate platform (iOS or Android).
    3. Configure a VPN Payload.
    4. Set the Connection Type to AirWatch Tunnel.
    5. Select the Per-App VPN Rules checkbox.

Step 4: Configure VMware Tunnel App

The VMware Tunnel application enables access to internal resources through managed applications. To Access the VMware Tunnel App for iOS or Access the VMware Tunnel App for Android end users must download and install the VMware Tunnel application from the App Store.

Step 5: Apply the Per-App VPN Profile and Security Group Mapping to Apps

After you create a per-app tunnel profile, Configure Public Apps to Use Per App Profile in the application configuration screen. This tells that application to use the defined VPNprofile when establishing connections.

On the application configuration screen, select the following options:

Learn More About VMware AirWatch – NSX Integration

To learn more about VMware NSX, check out the links below:

  • NSXproduct page
  • Next Generation Security with VMware AirWatch and NSX Integration Webinar
  • NSX Integration Hands On Lab(All Labs > AirWatch – NSX Integration)
  • VMware AirWatch and NSX Integration External FAQ
  • VMware AirWatch and VMware NSX Integration Guide

Because you liked this blog:

  • VMware NSX Micro-segmentation Day 1 Book Available!
  • New! VMware 2016 State of the Digital Workspace Report
  • Challenges & Benefits of Digital Workspace Transformation: Q&A with VMware&#rsquo;s Shankar Iyer

The post VMware AirWatch – NSX Integration appeared first on VMware End-User Computing Blog.

Read more..

VMware AirWatch Android Enterprise Enhancements

The recent Android Enterprise enhancements for VMware AirWatch make setting upan enterprise mobility management (EMM) solution easier than ever. Use these improvements to secure an Android bring-your-own-device (BYOD) deployment, without sacrificing user experience. To get started, check out ourVMware AirWatch Android Enterpriseinfographic which provides an overview of the enhancements and key configurations.

How Do I Get the Android Enterprise Enhancements?

To take advantage of the enterprise enhancements for Android, meet the minimum platform and version requirements. Then, download additional resources to learn more.

Minimum Requirements

To access the functionality and streamlined workflows outlined in this post, complete the following:

  • Security Challenge functionality available for Android Nougat and above
  • AirWatch Console v9.0+

MyAirWatchResources

Download full guides from MyAirWatch to learn more. (However, please note that MyAirWatch access requires credentials.)

  • Android Platform Guide- Reviewthe basics of VMware AirWatch EMM for Android. Key topics include, but are not limited toenrolling, securing, configuring and managing devices.
  • Integration with Android for Work- Learn aboutAndroid devices with special features forenterprise security,formerly referred to as Android for Work. Then, learn about what VMware AirWatch EMM can do withthese devices.
  • Mobile Device Management (MDM) Guide - Reviewthe basics of VMware AirWatch EMM. Especially relevant topics include, enrolling, securing, configuring and managing devices.
  • Bring Your Own Device (BYOD) Guide - Learn how to secureemployee access to corporate resources on personal devices.

Contact Information

If you have anyquestions or concerns about the Android Enterprise enhancements, then please email us.

Because You Like This Post:

  • Android Nougat Comes to the Enterprise
  • [SlideShare] Gotta Secure Them All—Enterprise Apps!
  • Android Management: Embrace the Flavors and Flexibility of Android

The post VMware AirWatch Android Enterprise Enhancements appeared first on VMware End-User Computing Blog.

Read more..

Announcing the New Reviewer’s Guide for Cloud-Based VMware Workspace ONE

With significant contributions from Kevin Sheehan, End-User-Computing Architect, End-User-Computing Customer Success Team, VMware

The new Reviewer&#rsquo;s Guide for Cloud-Based VMware Workspace ONE is now available to download. Use this Reviewer&#rsquo;s Guide to learn about VMware Workspace ONE architecture and components, and familiarize yourself with its features using the practical exercises.

Mobility is critical for today&#rsquo;s workforce. Work hours are no longer restricted to the traditional nine-to-five schedule. More organizations support remote and flexible working hours. Users require access to their applications, at any time, from any device. The challenge for IT is how to provide application access to corporate or personal devices and still maintain data security.

Workspace ONE rises to this challenge by combining identity and mobility management to provide simple yet secure access to applications. Workspace ONE consists of VMware Identity Manager, VMware AirWatch Enterprise Mobility Management service, and Workspace ONE mobile applications for Android, iOS, and Windows 10.

Benefits include one-touch single sign-on (SSO), conditional access with device compliance, and the choice to use any device—personal or corporate-owned.

The following diagram details Workspace ONE components and features.

Salesforce1 is a mobile business application used by many organizations. The practical exercises in this guide include a section on integrating VMware Identity Manager and Salesforce1, and configuring SSO for Salesforce1.

Adaptive management is another feature demonstrated in the exercises. Using the Workspace ONE mobile application, users can select the applications they want to install. If an application requires only a basic level of security, users are not required to enroll their device into VMware AirWatch Mobile Device Management. Applications that require a higher level of security are indicated with a lock icon. When the user tries to download an application with a lock icon, the enrollment process is triggered.

The exercises include:

  • Installing and configuring AirWatch Cloud Connector
  • Configuring SAML integration between VMware Identity Manager and Salesforce
  • Integrating VMware AirWatch and VMware Identity Manager
  • Configuring VMware Identity Manager access policies
  • Creating and assigning a VMware AirWatch device profile
  • Enrolling an iOS device in VMware AirWatch
  • Accessing the application catalog from the Workspace ONE mobile application

For the details on these exercises and more, download the new Reviewer&#rsquo;s Guide for Cloud-Based VMware Workspace ONE now.

The post Announcing the New Reviewer&#rsquo;s Guide for Cloud-Based VMware Workspace ONE appeared first on VMware End-User Computing Blog.

Read more..

Go Que Newsroom Categories

Fatal error: Allowed memory size of 67108864 bytes exhausted (tried to allocate 53 bytes)
in /home/content/36/8658336/html/goquecom/wp-includes/wp-db.php on line 2022

Query Monitor