Post on 09-Jan-2017
Nicola Galante Senior Specialist Systems Engineer EUC/Business Mobility – vmware Lorenzo Di Palma Senior Specialist Systems Engineer EUC/Business Mobility - vmware
vmware Workspace ONE How to deliver and manage Any App on Any Device by integrating Identity, Application and Enterprise Mobility Management
2
Today’s users are on the move Users want to be able to access corporate data, applications and online resources across more devices and locations.
New IT challenges arise:
3
Edu IT Trends Teachers and Students expect easy, efficient access to educational resources aided by mobile technology through either Academic or BYO Devices
Easy and Secure access to all educational content and Apps (SaaS, Web, Local and Native) via single portal through Single Sign-On
Better student experience leading to improved retention and increased revenue
Reduced Helpdesk staffing costs with improved performance and reduced waiting times
The Workspace Become Digital… … and It Requires New Rules
It has to be Simple, Scalable and Flexible
It has to Securely manage user’s data and Apps access, according to which device is used and its compliance!
It needs to deliver the best User Experience in every use case, regardless the device
It has to manage User’s Identity and Policies, not Devices
5 5
Supporting this can be challenging Supporting workplace mobility, minimizing security risks, maintaining compliance is a challenge for IT teams.
App failure costs >$100K in productivity loss Ponemon Group 2015
App Failure Rate is 12% VMware customers
Average Cost of a Data Breach in 2015 was $3.79M IBM and Ponemon Group 2015
Average Time to Image a Physical Device is 1 hr VMware customers
Remote Apps
Desktop Enterprise Mobility
Management
Identity
6
Today’s Traditional Siloed Managements
7
IT shifts from managing siloed technologies to A digital workspace
A New Paradigm
The Mobile Adoption Curve V
alu
e
z
Time
ñ
CONFIDENTIAL
9
Deliver an unmatched Identity-Defined Contextual Experience
The Digital Workspace has to…
Anywhere, Anytime Access with Any Device Access to internal and external apps – Identity is the new perimeter
#digitalworkspace
• Encryption • Anti-virus • Access control
• Monitoring • Image management • Application distribution • Updates
SECURITY
MANAGEMENT
UEM&S
UEM&S
EMM
UEM&S
EMM
EMM
UEM&S
UEM&S
UEM&S
UEM&S
UEM&S
CONTROL POINT
• Access policies • Apps and data policies • Device configuration
policies • Analytics
Unifying Endpoint Management
10
• Single way to manage desktop and mobile • Proactive, automated analytics • Policy-based security and management
Market Validation
CONFIDENTIAL 11
vmware’s Business Mobility Solutions Lead the Market
vmware Horizon leaps past the competition “VMware's position reflects the company's market position and commitment to providing resources to expand its EUC product portfolio and infrastructure.”
Magic Quadrant for Enterprise Mobility Management Suites
vmware AirWatch: • A Leader for 6 Consecutive Years • Placed Highest on Ability to Execute Axis • Positioned Furthest on Completeness of Vision
What is driving the shift to the Digital Workspace?
CONFIDENTIAL 13
Digital Workspace
Mobile business transformation
Cloud Office expansion Windows 10
Application heterogeneity Device heterogeneity
Consumerization Increased Self-Service
BYOD
EUC convergence
Unified end-point management
Mobile work styles
Desktop as a Service
Enterprise IoT
Unified app access Cloud computing
Identity as a Service
Make the Move to the Digital Workspace
14 CONFIDENTIAL
Improve Compliance and Secure the
Access to Devices and Data
Drive Down Costs Simplify Desktop, App and
Device Management
Identity Management And True Single-Sign On
from any Device
Delivering the Digital Workspace
DIGITAL WORKSPACE
Identity Management
Application Management
Enterprise Mobility Management
Virtual Windows Desktops
Remoted Windows Applications
… is all about convergence
The Digital Workspace
… but it can be complicated
CONFIDENTIAL 16
Introducing…
vmware Workspace™ ONE™ is the simple and secure enterprise
platform that delivers and manages any app on any device by
integrating identity, application, and enterprise mobility management
(EMM) Consumer Simple | Enterprise Secure
Digital Workspace Requires Various Management Tools to Accomplish
17
Client Management
Application Suites
Device Management
Identity Management
Virtualization
DIGITAL WORKSPACE
Workspace ONE: an Unified Tool to Create the Digital Workspace
18
vmware Workspace ONE value
19
Enterprise Secure
Consumer Simple
Workspace ONE
1.5M Apps
- OTA Device Configuration - App Provisioning & Configuration - Entitlement Management - Automated Remediation
IDENTITY, SECURITY & COMPLIANCE - Federation / Authentication - Access Policy - Reporting, Auditing & Analytics - Compliance Automation
WINDOWS AS A SERVICE
- Full Desktops or Seamless Apps - Cloud or On-Premises - Complete Isolation
UNIFIED END POINT MANAGEMENT
Conditional Access with Data Loss Prevention
Self-Service Enterprise App Store w/ One Touch SSO
Windows Virtual Apps SaaS Mobile Legacy
SECURITY & NETWORK VIRTUALIZATION Flexible App Lifecycle Management Platform (Develop, Deploy, Manage, Support)
Workspace ONE Apps Suite
EMAIL BROWSERCONTENT CHAT
Workspace ONE Advantages
21
Simplified onboarding
Single sign-on
Adaptive management
Multi-factor authentication
Conditional access
CONFIDENTIAL
Workspace™ ONE™
Self-Service Access
#digitalworkspace
Workspace™ ONE™
Choose Your Device
#digitalworkspace
Workspace™ ONE™
Secure Messaging and Content
#digitalworkspace
Workspace™ ONE™
Conditional Access
#digitalworkspace
Bring Your Own Device
Not Your Device (Browser Access)
26
One Platform – All Employees, All Use Cases
“Choose Your Own” You Manage
“Corporate Issued”
“Choose Your Own” Corporate Managed
Locked Down
Ruggedized
Managed Workspace Unified Endpoint Management Unmanaged Workspace
Bring Your Own Device
Not Your Device (Browser Access)
27
“Choose Your Own” You Manage
“Corporate Issued”
“Choose Your Own” Corporate Managed
Locked Down
Ruggedized
Managed Workspace Unified Endpoint Management Unmanaged Workspace
One Platform – All Employees, All Use Cases
Self-service Anywhere access to apps
One-touch SSO, automatic email & Wi-Fi setup Full, No-Fuss “Out-of-the-Box” Configuration
Grant and Block access to apps, (in network scope, and uses appropriate authentication
Enforce enterprise app-level data, DLP and wipe policies with basic
compliance (MAM) Enforce device-level data, DLP and wipe policies,
full device attestation, and auto-remediation
Single App Catalog Across Devices To Access Any App – Native | Web | Remote
In a Secure MAM Container
Unified User Experience with vmware Workspace ONE™
Internally developed mobile apps
Native public mobile apps
SaaS apps
Internal web apps
Modern Windows apps
Legacy Windows apps
Virtualized management desktops
29
Web Apps
ThinApp
Horizon Desktop
Horizon Hosted App
Office 365
Citrix XenApps
App Catalog
Context Aware
Custom Branding
Web Virtual Native
Workspace ONE App: A Simple, Consumer-Grade Experience
Detection of jailbroken or rooted
devices and compliance actions
Separation of corporate and personal apps
Only approved, authorized apps
installed in corporate container
31
Mobile Application Management Challenges for BYOD
Workspace Services Profile More diverse app ecosystem
Better security and configuration capabilities
Requires profile on the device
Privacy concerns in BYOD deployments
2
O/S
MA
M
App Container 1
Doesn’t require profile installation
Ideal for BYOD deployments
Limits app ecosystem
Requires proprietary SDK
STA
ND
ALO
NE
MA
M
Only approved, authorized apps installed in corporate container
Organizations can detect jailbroken or rooted devices and take compliance action
Separate work and personal apps
Stand Alone MAM vs. O/S MAM
32
NAT
IVE
O/S
MA
M
STA
ND
ALO
NE
MA
M
The Future of MAM for a Successful Mobility Program
33
Stand Alone MAM Universal App Catalog O/S Management
Workspace ONE for BYOD
ADAPTIVE MANAGEMENT
OS MAM
Native Apps
Adaptive Management Workflow
34
No Profile No Profile Workspace Services Profile + +
CONFIDENTIAL
Certificate Management, PIN Strength Enforcement, Corporate
App Wipe, Jailbreak Detection
No Management
Stand Alone MAM
Distribute also Internal Enterprise Apps
No Management Stand Alone MAM OS
MAM
Enable Easy Access to Any App with Workspace ONE
35
Install Workspace ONE
Auto Discover
Branded Login Experience
Access Any App
CONFIDENTIAL
Adaptive Management
CONFIDENTIAL 36
Activate Workspace Services Customer’s EULA Redirect to
configure profile Install Profile Done!
37
Device-Trust Conditional Access
APP
USER
Policy Framework
DEVICE
LOCATION APP
Employee
USER
Contractor
Privileged Customer
R&D Sales Marketing
iOS
DEVICE
Android Win10
Unmanaged Managed
BYOD Corp-Issued
Web
APP
Mobile Virtual
Low Security High Security
External Internal
In Network
LOCATION
Out Network
Beacon 3G / 4G
Geo
Create Compliance Policies for User Groups and Devices
38
App whitelists
App blacklists
Required apps
Current app
version
Assignment criteria
Remediate immediately
Send push notification
s
Uninstall apps
Policies Actions
Keep Barriers Between Work and Personal
39
Separate work and personal apps
Prevent data flow between work and personal apps
Allow IT to only manage and secure the work apps and data
X
Identity Defined Workspace Simple, Secure Access and Productivity
Identity Challenges for SaaS Adoption
• Notconnectedtoon-premAD• Requiresanewusername/password• Userscanpickpasswordthatis
o Weako SharedacrossmulFplesiteso SameasADpassword
• AccountsFllacFvewhenuserleavescompany/AD.
The Role of Directory in a Multi-Cloud World
42
• Directory = Policy (300m PCs)
• Domain-joined machines
• Windows apps
• Employees
• AD Driven/User management Active Directory One Source of Truth
Yesterday’s World
• Multi-cloud (2b+ devices)
• Any (phones, tablets, laptops)
• SaaS/Native mobile
• Contractors, temps, partners
• HR driven
Today’s World
XenApp Horizon
Many Directories No Unified Policy Management
VMware Identity Manager
43 CONFIDENTIAL
Identity-Defined Workspace
CONFIDENTIAL 44
One Touch SSO & MFA
Secure seamless user experience
Conditional Access
Smart protection for corporate login and
data access
Unified App Catalog
Personalized workspace for apps
on any device
Productivity Apps
Core apps for day one productivity
Workspace ONE: Mobile SSO
Workspace™ ONE™ Secure App Token System
SaaS Apps
TRUST
Trust ID Key
Cloud
#digitalworkspace
One-Touch mobile SSO
CONFIDENTIAL 46
• Industry’s first one-touch single-sign on (SSO) for public
mobile apps
• Device Trust Authentication: the device itself becomes a factor of authentication to anchor an SSO experience.
• The app is only available to that device, and the user must still be able to unlock the device.
• Many people associate touch ID as a form of authentication for SSO, but...
• touch ID only unlocks a device, taking the place of pin code entry, which is always a backup to touch ID.
• Workspace ONE supports pin-code entry or touch ID as another quick assurance that a device is still with its owner.
Multi-Factor Authentication
47 CONFIDENTIAL
vmware Verify Built-in 2-factor authentication
3 ways to authenticate • Mobile push notification
– Step 1: Vmware sends you a push notification – Step 2: Tap to approve or deny access
• App based passcode (for users with notification disabled) – Step 1: Open app to get passcode – Step 2: Enter the passcode on login page
• SMS based passcode (for users without smartphones) – Step 1: VMware sends passcode in a text message – Step 2: Enter the passcode on login page
48
CONFIDENTIAL 49
Non-Federated Apps Browser Plugin (Password Vault) Browser Plugin
Prompt
What This Means for the Digital Workspace
50
Allow access by default
Single clearing house for entitlement and authentication
Verify device posture for compliance
Remove friction from user experience
Contextual rules-engine with continuous security
Users (Identity)
Federate identity for on-premises and cloud
services
Security and More End User Simple and IT Secure
Workspace ONE Multi-Layered Security Approach
52
IDENTITY APP DATA DEVICE NETWORK
Conditional Access
CONFIDENTIAL 53
OS
Managed
Jail Broken
MSA | Malware | Trust 3rd Party
Location
Blacklisted Apps
Authentication strength
Authentication Provider
Session time
Network Scope
Per Application Rules
Device’s Posture Identity Rules
54
DEVICE POSTURE
USER AUTH
AUTHENTICATION MODULE
APP SERVICE
Remote Apps | Web Apps | Native Apps
Workspace ONE
Managed Jail Broken
DEVICE POSTURE
OS
3rd Party MSA | Malware | Trust
Location Blacklist Apps
IDENTITY RULES (VMware IDM or 3rd party)
Authentication Provider
Network Scope
Authentication strength
Session time
Per Application
Workspace ONE Policy Based Conditional Access
Build Policies | Define Escalations | Automate Actions
Identity Manager Policy Based Conditional Access
Configure network, platform and application specific criteria for authentication Enable authentication chaining and multiple compliance policies Require more rigorous authentication methods from external networks / less restrictive when on LAN
AirWatch Device Compliance Policies
Device centric policy management Allows notification, email blocking, remediation and escalation for devices which are not in compliance Oriented towards device criteria – encryption, passcode requirements, Jailbroken or rooted devices
Enabling AirWatch Conditional Access in Identity Manager
Create IDM Policy Rule that checks for Device Compliance in addition to an authentication method If device is out of compliance, login fails If device is brought back into compliance, the user will be able to authenticate
Access Policy for Horizon and Citrix Apps • Horizon and Citrix can use Access Policies (like web apps)
– Enables use of VMware Verify step-up authentication – Combined with Horizon True SSO, allows for zero password access to Windows resources
58
58
Touch ID for “Workspace”
Dynamic Per-App VPN
Intelligent Networking with
NSX Device Usage
Analytics
Conditional Access
CONFIDENTIAL 59
VMware NSX for AirWatch
60
Device Level VPN Full Network Access
App Level VPN Select Network Access
Micro Segmentation with NSX
App Level VPN Full Network Access
VMware NSX for AirWatch
CONFIDENTIAL 61
Advanced security between an AirWatch-managed device
and the NSX micro-segmented cloud data center
The VMware Difference: All Types of Security
62 CONFIDENTIAL
Endpoint Security
IT automated workflows for compliance, remediation
Identity Integration
Secure workspace for apps on any device
Micro Segmentation
Secure and simple network
virtualization
Data Loss Prevention
Prevent data leakage and keep
corporate data secure
VMware Tunnel DLP: Preventing Data Loss in Office 365
63
Workspace ONE Conditional Access Restricts Office 365 access to compliant devices
VMware Tunnel App on device filters network traffic to detect
and block file transfers
Employees may still user their personal file repositories for
personal files
63
How it works:
Protect corporate files from personal cloud repositories
Pervasive Security: Datacenter to Device to App
Data Center
Multi-layered Defense for the Secure Digital Workspace
64
Virtual Desktop Device
Per-app micro-VPN
NSX Micro-segmentation
+
AirWatch Horizon 7
Accelerating Office 365 Deployments with Workspace ONE
65
Federated Identity
Single Sign On to Office 365 users without ADFS Complexity or copying AD credentials to the
cloud
Beyond Microsoft Apps Common Catalog to
access SaaS, internal web, native mobile
and virtualized apps
Increased Security
Integrated Mobile-Push 2FA across any app, Device Posture policy enforcement and auto-entitlement revocation
Simplified Management Automated user
account provisioning for Office 365
NEW! NEW!
CONFIDENTIAL 66
Workspace ONE App Suite Mobile Collaboration and Productivity
Workspace ONE Productivity Apps Suite
Boxer Mail
Calendar Contacts
Browser Intranet Internet Kiosk
Content View Edit
Share
Socialcast Social Chat
Projects
67 CONFIDENTIAL
Workspace ONE Productivity Apps
CONFIDENTIAL 68
USABILITY PRIVACY SECURITY
FIPS certified encryption End-to-end data security
Encryption at-rest & transit Data leakage prevention (DLP
Delightful end user experience Follows native design principles Designed for a business user Delivers seamless workflows
Privacy First Initiative End User Micro Site
Adaptive Management Protect Apps, Data & Identity
Workspace ONE Apps Suite
Access Email, Calendar & Contacts via VMware Boxer
CONFIDENTIAL
Boxer – Advanced Features
Custom combined folders
Attach from doc providers
Full Gmail label support
Send availability
Select all from sender
Quick replies
Custom action grid
Swipe to SPAM
Archive as read option
Collapsing conversation
Notification actions
Predictive move
Combined inbox
Inline editing
Smart folders
Configurable gestures
App level pin lock
Caller ID
Read local calendar
Swipe to next
Configurable undo
Custom signatures
CONFIDENTIAL
Deploy Best Of Breed Email Solutions As You Choose…
Native Mail
CONFIDENTIAL 71
* Native OS profile is not a full device MDM profile
Boxer
Native user experience Business-centric user experience
Consolidated mail, calendar and contacts Separate work accounts for mail, calendar & contacts
Leverages native OS profile * Containerized app with built in security/DLP
Encrypt enterprise data and remotely wipe work email
Configurable gestures and hero cards Provide DLP to attachments and email hyperlinks
Does not require a native OS profile
Encrypt enterprise data and remotely wipe work email
Provide DLP to attachments and email hyperlinks
Providing Better Usability with Higher Security in Browser
Multi-tabbed intranet & internet browsing
Push pre-defined bookmarks
SSO across all sites and web apps
High fidelity rendering for HTML5 apps
CONFIDENTIAL
Force Webapp Launch In VMware Browser
73
Select if app should be opened in VMware browser instead of default OS browser (Safari/Chrome) by Workspace ONE app
Benefits: • Launch intranet site without VPN
• Secure browser cache that can be remote wiped when the user leaves the company or device goes out-of-compliance
Experience Web Apps in Full Screen Mode
CONFIDENTIAL
Support Various Use Cases With Kiosk Mode
Kiosk Mode with Multiple Websites
CONFIDENTIAL
Modern UI for a Unified Mobile Content Explorer
Access cloud & on-premise repositories
Offline access to files & folders
Search across files & folders
Automatically publish & sync content
CONFIDENTIAL
Boost Productivity with Built-In Editing Tools
Quickly add new content
Securely capture media w/ metadata
Integrated PDF annotations
Integrated Office editing
CONFIDENTIAL
Over 30 ECM Repositories, Including WebDAV & CMIS Standards
CONFIDENTIAL
People Centric Collaboration with Socialcast
Home Feed @Mentions Activity Streams New Post
CONFIDENTIAL
Integrated Workflows Across Workspace ONE Apps
CONFIDENTIAL
AirWatch Privacy First: User’s Awareness
CONFIDENTIAL 81
Visual Privacy App WhatIsAirWatch.com Privacy Officer
Visual Privacy Notice
CONFIDENTIAL 82
Creating transparency for the end user on exactly what is being captured by IT in an easy-to-
consume visual format
Windows as a Service Every Kind of Desktop, Every Kind of Application, in Any Environment
VMware Horizon Portfolio
84
MAIN OFFICE REMOTE OFFICE CAMPUS SPECIALIST MOBILE NON-EMPLOYEE
Horizon Flex
Containerized desktops and apps
CONFIDENTIAL
Horizon Air
Cloud-hosted or Hybrid-mode desktop and app delivery from the public cloud
Horizon 7
Desktop and app delivery from private cloud
Desktops and Apps From a Single Platform
85 CONFIDENTIAL
Deliver Desktops and Applications On Any Device
Securely Manage Desktops, Apps and Devices
Support for Windows and Linux
The ability to efficiently and cost-effectively deliver, manage and monitor virtual desktops and published applications to end users who may not need access to a full desktop.
DESKTOPS APPLICATIONS
Physical Devices Virtual
Identity Management and true SSO
Adaptive and Contextual User Experience in any Use Case
Horizon Makes Desktop and App Management Easy
86
Horizon centralizes end users' desktops and applications in the datacenter, so IT can efficiently provision new clients, centralize desktop management, and improve security and compliance and is based on 7 key pillars
Desktops and Apps From a
Single Platform
Smart Policies Just-in-Time Desktops
Great User Experience
Flexible and Hybrid Delivery
SDDC Integration
Complete Environment Management
CONFIDENTIAL
Hosted Desktop
Workspace can be accessed from anywhere
Reduce costs with session-based desktop Use less infrastructure
and reduce management overhead
The Horizon Difference: Every Kind of Desktop
87 CONFIDENTIAL
Persistent Desktop
Custom experience for knowledge workers
Get the same desktop every time you login
Customize to meet your unique needs
Install specialized applications
Non-persistent Desktop
Infrastructure cost savings
Re-usable storage infrastructure
Most cost effective implementation for
task workers
Just-in-time Desktop
On-demand creation of live virtual desktops
Fully personalized desktops and apps
Scalable to thousands of desktops
Optimized infrastructure usage
Just-in-Time Desktops
88 CONFIDENTIAL
With innovative technologies like Instant Clones, User Environment Management and App Volumes—Horizon ensures that IT can streamline desktop and application management like never before, providing employees with truly stateless desktops.
Drive Down Storage Costs by >30%
Deliver Apps Instantly
Streamline OpEX by >50%
Smart Polices
89
True SSO Experience
Policy-Managed Client Features
Access Point Authentication
Common Criteria / FIPS 140-2
CONFIDENTIAL
Policies are tied to the end user allowing IT to be able to provide end users with a truly contextual user experience with policies dynamically changes depending on the device used or the location services are being accessed from.
The Horizon Difference: Every Kind of Application
90 CONFIDENTIAL
App Access SSO access to all apps and services through a unified Workspace Portal
Monitoring Desktop-to- datacenter monitoring with vROPs for Horizon
App Isolation Containerized applications, isolated from the operating system with ThinApp
App Delivery Application delivery to virtual desktops in real-time with AppVolumes
User Environment Management Maintain consistent, personalized settings across devices with UEM
vRealize Operations for XenApp and XenDesktop
The App Volumes Difference: Any Environment
91
Reduce Operational and Support Costs
User Environment Management • UEM provides dynamic, context-based
profile management and app config • Personalized settings follow user
ThinApp for Packaging Applications • Can be deployed by App Volumes and natively
streamed from file share • Eliminates conflicts between app. • Reduces RDSH Server sprawl
App Volumes Real-time App Delivery • Provides real-time application delivery to
virtual desktops and RDSH Servers • Provides single image management for
VDI and RDSH • Supports User Installed Apps
Improve App Delivery and Management for Citrix or Horizon, New or Existing
CONFIDENTIAL
Unified Endpoint Management Manage, Configure, Track and Automate
Client Management
EMM Is No Longer Enough
EMM AirWatch
Unified Endpoint Management
CONFIDENTIAL 93
IoT
Windows 10: A Modern OS for the Mobile-Cloud Era
94
Simplified Lifecycle Management
Enterprise Ready Security
Any Apps to Stay Productive
Intuitive Experience Across Device
Types
Windows 10: Windows Redefined
CONFIDENTIAL 95
Only Corporate Devices and Data
High Touch for IT
Joined to Domain
Legacy Apps
Win
dow
s 7
Corporate, BYOD and LOB
Cloud-based Management
On Any Network
Expansive App Ecosystem W
indo
ws
10
The New Standard for Windows Management
CONFIDENTIAL 96
Restricted to corporate owned devices joined to the network
Complex and high-touch management for IT
Costly and fragmented management and app ecosystem
Costly, Complex and Restrictive!
Flexibly support multiple device ownership use cases and on any networks
Simpler cloud based management and self-service capabilities
Low TCO with consolidated management tool and a unified apps ecosystem
Traditional Windows Management Modern Windows Management
Low TCO, Simpler and Flexible!
Windows Management with VMware AirWatch
Device and OS Lifecycle Management
Application Management and Delivery
End-to-end Security Management
Industry leading EMM capabilities together with the best of traditional client management functions for
managing Windows across any device type.
97
+
Modern EMM Model for Managing Windows with AirWatch
98
Simplified and Flexible
Deployment
Device and App Lifecycle
Management
Enterprise Readiness
End-to-End Security
Bulk provisioning Workplace enrollment Out-of-box experience
Work account enrolment Azure AD integration
Compliance engine IT Remote management
End user Self-Service Portal LOB use cases
Enterprise integrations Productivity apps
Unified endpoint management Over-the-air configuration Application management Windows Store and Business Store Software distribution; product provisioning Windows Update management
Windows Hello and Passport support Device posture and health attestation Application security Conditional access control Enterprise Data Protection Per-app VPN
A New Level of Data Security with Enterprise Data Protection
99
Tagging Data Define data sources to classify as enterprise (IP, domain, SharePoint, and more)
Defining Privileged Apps Configure privileged apps that can handle enterprise data
Setting Policy Levels Configure how enterprise data is handled (encrypt, block, audit)
Configuring Per-App VPN Define which apps can access internal network through VPN
Windows Backwards Compatibility with VMware
CONFIDENTIAL 100
FLEX
Horizon
Horizon Air
App Volumes
Horizon
Horizon Air
AirWatch Browser +
AirWatch Tunnel
Apps with web interfaces
Incompatible apps as a service
Older OS desktops as a service
Older OS images on local machines
The AirWatch Difference: Unified Endpoint Management
101 CONFIDENTIAL
Asset Analytics Tracking, Inventory
System and operations information for higher
SLA
IT Automated Workflows For compliance, remediation and more
OS/App Lifecycle Management
Cradle-to-grave control over most changeable
assets
Unified Endpoint Management
Over the Air Configuration Configured integration with Windows business portal out-of-the-box
Cloud-First, Modern Windows Management and Security
102
Faster Min-set
Provisioning
Unified User Catalog &
SSO
Co-exist with Systems
Management
Deploy Updates Off the Network
Client Health Compliance
Win32 App Lifecycle
Management
Instant Push Configuration for Policies
GPOs On or Off the Domain
Adaptive Enrollment into EMM
Windows Information Protection
Patch Inventory & Auditing
Granular Updates
Management
Client Health & Security
OS Patch Management
Software Distribution
Configuration Management MDM for Windows
Asset Tracking & Inventory
Win32 App Capture & Delivery
VMware AirWatch Unified Endpoint Management for a simpler, more secure and cost effective PC management.
CONFIDENTIAL
Conclusion
Summary: Key Digital Workspace Principles
CONFIDENTIAL 104
Consumer Simple, Enterprise Secure
Cloud infrastructure synergy
Any application, any device
Integrated application management
Unified end-point management
Platform for Business Mobility
Key vmware’s Digital Workspace Solutions
CONFIDENTIAL 105
VMware AirWatch: Enterprise Mobility Management across devices and apps
NSX Micro-segmentation: Security within the datacenter
Workspace ONE: Secure anytime, anywhere access to government resources across devices
AppVolumes: Real-time app delivery and centralized app management
VMware Horizon: Virtual Desktop Infrastructure that strengthens security and centralizes management
To summarize…
106
Workspace ONE is the best solution in five key areas: 1. Unified Endpoint Management manages,
configures, tracks and automates workforce endpoint management.
2. Leading Virtual Desktops & Apps provides every kind of desktop and app and supports any environment with real-time app delivery.
3. Identity-Defined Workspace achieves simple, secure access for end users.
4. Comprehensive Cloud Service offers every kind of service from the cloud.
5. Adaptive Management, Conditional Access and Security keep safe the access to organizations’ data and applications.
CONFIDENTIAL
Why AirWatch
107
Proven track record as industry leader
Best-of-breed digital workspace solution set
Agnostic solution with broadest ecosystem
Comprehensive educational services and global support
Modern UEM platform simplifying endpoint management
The Value of vmware’s
Workspace ONE
Questions?
108
Thank you.