Nicola Galante Senior Specialist Systems Engineer EUC/Business Mobility – vmware Lorenzo Di Palma Senior Specialist Systems Engineer EUC/Business Mobility - vmware

vmware Workspace ONE How to deliver and manage Any App on Any Device by integrating Identity, Application and Enterprise Mobility Management

2

Today’s users are on the move Users want to be able to access corporate data, applications and online resources across more devices and locations.

New IT challenges arise:

3

Edu IT Trends Teachers and Students expect easy, efficient access to educational resources aided by mobile technology through either Academic or BYO Devices

Easy and Secure access to all educational content and Apps (SaaS, Web, Local and Native) via single portal through Single Sign-On

Better student experience leading to improved retention and increased revenue

Reduced Helpdesk staffing costs with improved performance and reduced waiting times

The Workspace Become Digital… … and It Requires New Rules

It has to be Simple, Scalable and Flexible

It has to Securely manage user’s data and Apps access, according to which device is used and its compliance!

It needs to deliver the best User Experience in every use case, regardless the device

It has to manage User’s Identity and Policies, not Devices

5 5

Supporting this can be challenging Supporting workplace mobility, minimizing security risks, maintaining compliance is a challenge for IT teams.

App failure costs >$100K in productivity loss Ponemon Group 2015

App Failure Rate is 12% VMware customers

Average Cost of a Data Breach in 2015 was $3.79M IBM and Ponemon Group 2015

Average Time to Image a Physical Device is 1 hr VMware customers

Remote Apps

Desktop Enterprise Mobility

Management

Identity

6

Today’s Traditional Siloed Managements

7

IT shifts from managing siloed technologies to A digital workspace

A New Paradigm

The Mobile Adoption Curve V

alu

e

z

Time

ñ

CONFIDENTIAL

9

Deliver an unmatched Identity-Defined Contextual Experience

The Digital Workspace has to…

Anywhere, Anytime Access with Any Device Access to internal and external apps – Identity is the new perimeter

#digitalworkspace

•  Encryption •  Anti-virus •  Access control

•  Monitoring •  Image management •  Application distribution •  Updates

SECURITY

MANAGEMENT

UEM&S

UEM&S

EMM

UEM&S

EMM

EMM

UEM&S

UEM&S

UEM&S

UEM&S

UEM&S

CONTROL POINT

•  Access policies •  Apps and data policies •  Device configuration

policies •  Analytics

Unifying Endpoint Management

10

•  Single way to manage desktop and mobile •  Proactive, automated analytics •  Policy-based security and management

Market Validation

CONFIDENTIAL 11

vmware’s Business Mobility Solutions Lead the Market

vmware Horizon leaps past the competition “VMware's position reflects the company's market position and commitment to providing resources to expand its EUC product portfolio and infrastructure.”

Magic Quadrant for Enterprise Mobility Management Suites

vmware AirWatch: •  A Leader for 6 Consecutive Years •  Placed Highest on Ability to Execute Axis •  Positioned Furthest on Completeness of Vision

What is driving the shift to the Digital Workspace?

CONFIDENTIAL 13

Digital Workspace

Mobile business transformation

Cloud Office expansion Windows 10

Application heterogeneity Device heterogeneity

Consumerization Increased Self-Service

BYOD

EUC convergence

Unified end-point management

Mobile work styles

Desktop as a Service

Enterprise IoT

Unified app access Cloud computing

Identity as a Service

Make the Move to the Digital Workspace

14 CONFIDENTIAL

Improve Compliance and Secure the

Access to Devices and Data

Drive Down Costs Simplify Desktop, App and

Device Management

Identity Management And True Single-Sign On

from any Device

Delivering the Digital Workspace

DIGITAL WORKSPACE

Identity Management

Application Management

Enterprise Mobility Management

Virtual Windows Desktops

Remoted Windows Applications

… is all about convergence

The Digital Workspace

… but it can be complicated

CONFIDENTIAL 16

Introducing…

vmware Workspace™ ONE™ is the simple and secure enterprise

platform that delivers and manages any app on any device by

integrating identity, application, and enterprise mobility management

(EMM) Consumer Simple | Enterprise Secure

Digital Workspace Requires Various Management Tools to Accomplish

17

Client Management

Application Suites

Device Management

Identity Management

Virtualization

DIGITAL WORKSPACE

Workspace ONE: an Unified Tool to Create the Digital Workspace

18

vmware Workspace ONE value

19

Enterprise Secure

Consumer Simple

Workspace ONE

1.5M Apps

-  OTA Device Configuration -  App Provisioning & Configuration -  Entitlement Management -  Automated Remediation

IDENTITY, SECURITY & COMPLIANCE -  Federation / Authentication -  Access Policy -  Reporting, Auditing & Analytics -  Compliance Automation

WINDOWS AS A SERVICE

-  Full Desktops or Seamless Apps -  Cloud or On-Premises -  Complete Isolation

UNIFIED END POINT MANAGEMENT

Conditional Access with Data Loss Prevention

Self-Service Enterprise App Store w/ One Touch SSO

Windows Virtual Apps SaaS Mobile Legacy

SECURITY & NETWORK VIRTUALIZATION Flexible App Lifecycle Management Platform (Develop, Deploy, Manage, Support)

Workspace ONE Apps Suite

EMAIL BROWSERCONTENT CHAT

Workspace ONE Advantages

21

Simplified onboarding

Single sign-on

Adaptive management

Multi-factor authentication

Conditional access

CONFIDENTIAL

Workspace™ ONE™

Self-Service Access

#digitalworkspace

Workspace™ ONE™

Choose Your Device

#digitalworkspace

Workspace™ ONE™

Secure Messaging and Content

#digitalworkspace

Workspace™ ONE™

Conditional Access

#digitalworkspace

Bring Your Own Device

Not Your Device (Browser Access)

26

One Platform – All Employees, All Use Cases

“Choose Your Own” You Manage

“Corporate Issued”

“Choose Your Own” Corporate Managed

Locked Down

Ruggedized

Managed Workspace Unified Endpoint Management Unmanaged Workspace

Bring Your Own Device

Not Your Device (Browser Access)

27

“Choose Your Own” You Manage

“Corporate Issued”

“Choose Your Own” Corporate Managed

Locked Down

Ruggedized

Managed Workspace Unified Endpoint Management Unmanaged Workspace

One Platform – All Employees, All Use Cases

Self-service Anywhere access to apps

One-touch SSO, automatic email & Wi-Fi setup Full, No-Fuss “Out-of-the-Box” Configuration

Grant and Block access to apps, (in network scope, and uses appropriate authentication

Enforce enterprise app-level data, DLP and wipe policies with basic

compliance (MAM) Enforce device-level data, DLP and wipe policies,

full device attestation, and auto-remediation

Single App Catalog Across Devices To Access Any App – Native | Web | Remote

In a Secure MAM Container

Unified User Experience with vmware Workspace ONE™

Internally developed mobile apps

Native public mobile apps

SaaS apps

Internal web apps

Modern Windows apps

Legacy Windows apps

Virtualized management desktops

29

Web Apps

ThinApp

Horizon Desktop

Horizon Hosted App

Office 365

Citrix XenApps

App Catalog

Context Aware

Custom Branding

Web Virtual Native

Workspace ONE App: A Simple, Consumer-Grade Experience

Detection of jailbroken or rooted

devices and compliance actions

Separation of corporate and personal apps

Only approved, authorized apps

installed in corporate container

31

Mobile Application Management Challenges for BYOD

Workspace Services Profile More diverse app ecosystem

Better security and configuration capabilities

Requires profile on the device

Privacy concerns in BYOD deployments

2

O/S

MA

M

App Container 1

Doesn’t require profile installation

Ideal for BYOD deployments

Limits app ecosystem

Requires proprietary SDK

STA

ND

ALO

NE

MA

M

Only approved, authorized apps installed in corporate container

Organizations can detect jailbroken or rooted devices and take compliance action

Separate work and personal apps

Stand Alone MAM vs. O/S MAM

32

NAT

IVE

O/S

MA

M

STA

ND

ALO

NE

MA

M

The Future of MAM for a Successful Mobility Program

33

Stand Alone MAM Universal App Catalog O/S Management

Workspace ONE for BYOD

ADAPTIVE MANAGEMENT

OS MAM

Native Apps

Adaptive Management Workflow

34

No Profile No Profile Workspace Services Profile + +

CONFIDENTIAL

Certificate Management, PIN Strength Enforcement, Corporate

App Wipe, Jailbreak Detection

No Management

Stand Alone MAM

Distribute also Internal Enterprise Apps

No Management Stand Alone MAM OS

MAM

Enable Easy Access to Any App with Workspace ONE

35

Install Workspace ONE

Auto Discover

Branded Login Experience

Access Any App

CONFIDENTIAL

Adaptive Management

CONFIDENTIAL 36

Activate Workspace Services Customer’s EULA Redirect to

configure profile Install Profile Done!

37

Device-Trust Conditional Access

APP

USER

Policy Framework

DEVICE

LOCATION APP

Employee

USER

Contractor

Privileged Customer

R&D Sales Marketing

iOS

DEVICE

Android Win10

Unmanaged Managed

BYOD Corp-Issued

Web

APP

Mobile Virtual

Low Security High Security

External Internal

In Network

LOCATION

Out Network

Beacon 3G / 4G

Geo

Create Compliance Policies for User Groups and Devices

38

App whitelists

App blacklists

Required apps

Current app

version

Assignment criteria

Remediate immediately

Send push notification

s

Uninstall apps

Policies Actions

Keep Barriers Between Work and Personal

39

Separate work and personal apps

Prevent data flow between work and personal apps

Allow IT to only manage and secure the work apps and data

X

Identity Defined Workspace Simple, Secure Access and Productivity

Identity Challenges for SaaS Adoption

•  Notconnectedtoon-premAD•  Requiresanewusername/password•  Userscanpickpasswordthatis

o Weako  SharedacrossmulFplesiteso  SameasADpassword

•  AccountsFllacFvewhenuserleavescompany/AD.

The Role of Directory in a Multi-Cloud World

42

•  Directory = Policy (300m PCs)

•  Domain-joined machines

•  Windows apps

•  Employees

•  AD Driven/User management Active Directory One Source of Truth

Yesterday’s World

•  Multi-cloud (2b+ devices)

•  Any (phones, tablets, laptops)

•  SaaS/Native mobile

•  Contractors, temps, partners

•  HR driven

Today’s World

XenApp Horizon

Many Directories No Unified Policy Management

VMware Identity Manager

43 CONFIDENTIAL

Identity-Defined Workspace

CONFIDENTIAL 44

One Touch SSO & MFA

Secure seamless user experience

Conditional Access

Smart protection for corporate login and

data access

Unified App Catalog

Personalized workspace for apps

on any device

Productivity Apps

Core apps for day one productivity

Workspace ONE: Mobile SSO

Workspace™ ONE™ Secure App Token System

SaaS Apps

TRUST

Trust ID Key

Cloud

#digitalworkspace

One-Touch mobile SSO

CONFIDENTIAL 46

•  Industry’s first one-touch single-sign on (SSO) for public

mobile apps

•  Device Trust Authentication: the device itself becomes a factor of authentication to anchor an SSO experience.

•  The app is only available to that device, and the user must still be able to unlock the device.

•  Many people associate touch ID as a form of authentication for SSO, but...

•  touch ID only unlocks a device, taking the place of pin code entry, which is always a backup to touch ID.

•  Workspace ONE supports pin-code entry or touch ID as another quick assurance that a device is still with its owner.

Multi-Factor Authentication

47 CONFIDENTIAL

vmware Verify Built-in 2-factor authentication

3 ways to authenticate •  Mobile push notification

–  Step 1: Vmware sends you a push notification –  Step 2: Tap to approve or deny access

•  App based passcode (for users with notification disabled) –  Step 1: Open app to get passcode –  Step 2: Enter the passcode on login page

•  SMS based passcode (for users without smartphones) –  Step 1: VMware sends passcode in a text message –  Step 2: Enter the passcode on login page

48

CONFIDENTIAL 49

Non-Federated Apps Browser Plugin (Password Vault) Browser Plugin

Prompt

What This Means for the Digital Workspace

50

Allow access by default

Single clearing house for entitlement and authentication

Verify device posture for compliance

Remove friction from user experience

Contextual rules-engine with continuous security

Users (Identity)

Federate identity for on-premises and cloud

services

Security and More End User Simple and IT Secure

Workspace ONE Multi-Layered Security Approach

52

IDENTITY APP DATA DEVICE NETWORK

Conditional Access

CONFIDENTIAL 53

OS

Managed

Jail Broken

MSA | Malware | Trust 3rd Party

Location

Blacklisted Apps

Authentication strength

Authentication Provider

Session time

Network Scope

Per Application Rules

Device’s Posture Identity Rules

54

DEVICE POSTURE

USER AUTH

AUTHENTICATION MODULE

APP SERVICE

Remote Apps | Web Apps | Native Apps

Workspace ONE

Managed Jail Broken

DEVICE POSTURE

OS

3rd Party MSA | Malware | Trust

Location Blacklist Apps

IDENTITY RULES (VMware IDM or 3rd party)

Authentication Provider

Network Scope

Authentication strength

Session time

Per Application

Workspace ONE Policy Based Conditional Access

Build Policies | Define Escalations | Automate Actions

Identity Manager Policy Based Conditional Access

Configure network, platform and application specific criteria for authentication Enable authentication chaining and multiple compliance policies Require more rigorous authentication methods from external networks / less restrictive when on LAN

AirWatch Device Compliance Policies

Device centric policy management Allows notification, email blocking, remediation and escalation for devices which are not in compliance Oriented towards device criteria – encryption, passcode requirements, Jailbroken or rooted devices

Enabling AirWatch Conditional Access in Identity Manager

Create IDM Policy Rule that checks for Device Compliance in addition to an authentication method If device is out of compliance, login fails If device is brought back into compliance, the user will be able to authenticate

Access Policy for Horizon and Citrix Apps •  Horizon and Citrix can use Access Policies (like web apps)

–  Enables use of VMware Verify step-up authentication –  Combined with Horizon True SSO, allows for zero password access to Windows resources

58

58

Touch ID for “Workspace”

Dynamic Per-App VPN

Intelligent Networking with

NSX Device Usage

Analytics

Conditional Access

CONFIDENTIAL 59

VMware NSX for AirWatch

60

Device Level VPN Full Network Access

App Level VPN Select Network Access

Micro Segmentation with NSX

App Level VPN Full Network Access

VMware NSX for AirWatch

CONFIDENTIAL 61

Advanced security between an AirWatch-managed device

and the NSX micro-segmented cloud data center

The VMware Difference: All Types of Security

62 CONFIDENTIAL

Endpoint Security

IT automated workflows for compliance, remediation

Identity Integration

Secure workspace for apps on any device

Micro Segmentation

Secure and simple network

virtualization

Data Loss Prevention

Prevent data leakage and keep

corporate data secure

VMware Tunnel DLP: Preventing Data Loss in Office 365

63

Workspace ONE Conditional Access Restricts Office 365 access to compliant devices

VMware Tunnel App on device filters network traffic to detect

and block file transfers

Employees may still user their personal file repositories for

personal files

63

How it works:

Protect corporate files from personal cloud repositories

Pervasive Security: Datacenter to Device to App

Data Center

Multi-layered Defense for the Secure Digital Workspace

64

Virtual Desktop Device

Per-app micro-VPN

NSX Micro-segmentation

+

AirWatch Horizon 7

Accelerating Office 365 Deployments with Workspace ONE

65

Federated Identity

Single Sign On to Office 365 users without ADFS Complexity or copying AD credentials to the

cloud

Beyond Microsoft Apps Common Catalog to

access SaaS, internal web, native mobile

and virtualized apps

Increased Security

Integrated Mobile-Push 2FA across any app, Device Posture policy enforcement and auto-entitlement revocation

Simplified Management Automated user

account provisioning for Office 365

NEW! NEW!

CONFIDENTIAL 66

Workspace ONE App Suite Mobile Collaboration and Productivity

Workspace ONE Productivity Apps Suite

Boxer Mail

Calendar Contacts

Browser Intranet Internet Kiosk

Content View Edit

Share

Socialcast Social Chat

Projects

67 CONFIDENTIAL

Workspace ONE Productivity Apps

CONFIDENTIAL 68

USABILITY PRIVACY SECURITY

FIPS certified encryption End-to-end data security

Encryption at-rest & transit Data leakage prevention (DLP

Delightful end user experience Follows native design principles Designed for a business user Delivers seamless workflows

Privacy First Initiative End User Micro Site

Adaptive Management Protect Apps, Data & Identity

Workspace ONE Apps Suite

Access Email, Calendar & Contacts via VMware Boxer

CONFIDENTIAL

Boxer – Advanced Features

Custom combined folders

Attach from doc providers

Full Gmail label support

Send availability

Select all from sender

Quick replies

Custom action grid

Swipe to SPAM

Archive as read option

Collapsing conversation

Notification actions

Predictive move

Combined inbox

Inline editing

Smart folders

Configurable gestures

App level pin lock

Caller ID

Read local calendar

Swipe to next

Configurable undo

Custom signatures

CONFIDENTIAL

Deploy Best Of Breed Email Solutions As You Choose…

Native Mail

CONFIDENTIAL 71

* Native OS profile is not a full device MDM profile

Boxer

Native user experience Business-centric user experience

Consolidated mail, calendar and contacts Separate work accounts for mail, calendar & contacts

Leverages native OS profile * Containerized app with built in security/DLP

Encrypt enterprise data and remotely wipe work email

Configurable gestures and hero cards Provide DLP to attachments and email hyperlinks

Does not require a native OS profile

Encrypt enterprise data and remotely wipe work email

Provide DLP to attachments and email hyperlinks

Providing Better Usability with Higher Security in Browser

Multi-tabbed intranet & internet browsing

Push pre-defined bookmarks

SSO across all sites and web apps

High fidelity rendering for HTML5 apps

CONFIDENTIAL

Force Webapp Launch In VMware Browser

73

Select if app should be opened in VMware browser instead of default OS browser (Safari/Chrome) by Workspace ONE app

Benefits: •  Launch intranet site without VPN

•  Secure browser cache that can be remote wiped when the user leaves the company or device goes out-of-compliance

Experience Web Apps in Full Screen Mode

CONFIDENTIAL

Support Various Use Cases With Kiosk Mode

Kiosk Mode with Multiple Websites

CONFIDENTIAL

Modern UI for a Unified Mobile Content Explorer

Access cloud & on-premise repositories

Offline access to files & folders

Search across files & folders

Automatically publish & sync content

CONFIDENTIAL

Boost Productivity with Built-In Editing Tools

Quickly add new content

Securely capture media w/ metadata

Integrated PDF annotations

Integrated Office editing

CONFIDENTIAL

Over 30 ECM Repositories, Including WebDAV & CMIS Standards

CONFIDENTIAL

People Centric Collaboration with Socialcast

Home Feed @Mentions Activity Streams New Post

CONFIDENTIAL

Integrated Workflows Across Workspace ONE Apps

CONFIDENTIAL

AirWatch Privacy First: User’s Awareness

CONFIDENTIAL 81

Visual Privacy App WhatIsAirWatch.com Privacy Officer

Visual Privacy Notice

CONFIDENTIAL 82

Creating transparency for the end user on exactly what is being captured by IT in an easy-to-

consume visual format

Windows as a Service Every Kind of Desktop, Every Kind of Application, in Any Environment

VMware Horizon Portfolio

84

MAIN OFFICE REMOTE OFFICE CAMPUS SPECIALIST MOBILE NON-EMPLOYEE

Horizon Flex

Containerized desktops and apps

CONFIDENTIAL

Horizon Air

Cloud-hosted or Hybrid-mode desktop and app delivery from the public cloud

Horizon 7

Desktop and app delivery from private cloud

Desktops and Apps From a Single Platform

85 CONFIDENTIAL

Deliver Desktops and Applications On Any Device

Securely Manage Desktops, Apps and Devices

Support for Windows and Linux

The ability to efficiently and cost-effectively deliver, manage and monitor virtual desktops and published applications to end users who may not need access to a full desktop.

DESKTOPS APPLICATIONS

Physical Devices Virtual

Identity Management and true SSO

Adaptive and Contextual User Experience in any Use Case

Horizon Makes Desktop and App Management Easy

86

Horizon centralizes end users' desktops and applications in the datacenter, so IT can efficiently provision new clients, centralize desktop management, and improve security and compliance and is based on 7 key pillars

Desktops and Apps From a

Single Platform

Smart Policies Just-in-Time Desktops

Great User Experience

Flexible and Hybrid Delivery

SDDC Integration

Complete Environment Management

CONFIDENTIAL

Hosted Desktop

Workspace can be accessed from anywhere

Reduce costs with session-based desktop Use less infrastructure

and reduce management overhead

The Horizon Difference: Every Kind of Desktop

87 CONFIDENTIAL

Persistent Desktop

Custom experience for knowledge workers

Get the same desktop every time you login

Customize to meet your unique needs

Install specialized applications

Non-persistent Desktop

Infrastructure cost savings

Re-usable storage infrastructure

Most cost effective implementation for

task workers

Just-in-time Desktop

On-demand creation of live virtual desktops

Fully personalized desktops and apps

Scalable to thousands of desktops

Optimized infrastructure usage

Just-in-Time Desktops

88 CONFIDENTIAL

With innovative technologies like Instant Clones, User Environment Management and App Volumes—Horizon ensures that IT can streamline desktop and application management like never before, providing employees with truly stateless desktops.

Drive Down Storage Costs by >30%

Deliver Apps Instantly

Streamline OpEX by >50%

Smart Polices

89

True SSO Experience

Policy-Managed Client Features

Access Point Authentication

Common Criteria / FIPS 140-2

CONFIDENTIAL

Policies are tied to the end user allowing IT to be able to provide end users with a truly contextual user experience with policies dynamically changes depending on the device used or the location services are being accessed from.

The Horizon Difference: Every Kind of Application

90 CONFIDENTIAL

App Access SSO access to all apps and services through a unified Workspace Portal

Monitoring Desktop-to- datacenter monitoring with vROPs for Horizon

App Isolation Containerized applications, isolated from the operating system with ThinApp

App Delivery Application delivery to virtual desktops in real-time with AppVolumes

User Environment Management Maintain consistent, personalized settings across devices with UEM

vRealize Operations for XenApp and XenDesktop

The App Volumes Difference: Any Environment

91

Reduce Operational and Support Costs

User Environment Management •  UEM provides dynamic, context-based

profile management and app config •  Personalized settings follow user

ThinApp for Packaging Applications •  Can be deployed by App Volumes and natively

streamed from file share •  Eliminates conflicts between app. •  Reduces RDSH Server sprawl

App Volumes Real-time App Delivery •  Provides real-time application delivery to

virtual desktops and RDSH Servers •  Provides single image management for

VDI and RDSH •  Supports User Installed Apps

Improve App Delivery and Management for Citrix or Horizon, New or Existing

CONFIDENTIAL

Unified Endpoint Management Manage, Configure, Track and Automate

Client Management

EMM Is No Longer Enough

EMM AirWatch

Unified Endpoint Management

CONFIDENTIAL 93

IoT

Windows 10: A Modern OS for the Mobile-Cloud Era

94

Simplified Lifecycle Management

Enterprise Ready Security

Any Apps to Stay Productive

Intuitive Experience Across Device

Types

Windows 10: Windows Redefined

CONFIDENTIAL 95

Only Corporate Devices and Data

High Touch for IT

Joined to Domain

Legacy Apps

Win

dow

s 7

Corporate, BYOD and LOB

Cloud-based Management

On Any Network

Expansive App Ecosystem W

indo

ws

10

The New Standard for Windows Management

CONFIDENTIAL 96

Restricted to corporate owned devices joined to the network

Complex and high-touch management for IT

Costly and fragmented management and app ecosystem

Costly, Complex and Restrictive!

Flexibly support multiple device ownership use cases and on any networks

Simpler cloud based management and self-service capabilities

Low TCO with consolidated management tool and a unified apps ecosystem

Traditional Windows Management Modern Windows Management

Low TCO, Simpler and Flexible!

Windows Management with VMware AirWatch

Device and OS Lifecycle Management

Application Management and Delivery

End-to-end Security Management

Industry leading EMM capabilities together with the best of traditional client management functions for

managing Windows across any device type.

97

+

Modern EMM Model for Managing Windows with AirWatch

98

Simplified and Flexible

Deployment

Device and App Lifecycle

Management

Enterprise Readiness

End-to-End Security

Bulk provisioning Workplace enrollment Out-of-box experience

Work account enrolment Azure AD integration

Compliance engine IT Remote management

End user Self-Service Portal LOB use cases

Enterprise integrations Productivity apps

Unified endpoint management Over-the-air configuration Application management Windows Store and Business Store Software distribution; product provisioning Windows Update management

Windows Hello and Passport support Device posture and health attestation Application security Conditional access control Enterprise Data Protection Per-app VPN

A New Level of Data Security with Enterprise Data Protection

99

Tagging Data Define data sources to classify as enterprise (IP, domain, SharePoint, and more)

Defining Privileged Apps Configure privileged apps that can handle enterprise data

Setting Policy Levels Configure how enterprise data is handled (encrypt, block, audit)

Configuring Per-App VPN Define which apps can access internal network through VPN

Windows Backwards Compatibility with VMware

CONFIDENTIAL 100

FLEX

Horizon

Horizon Air

App Volumes

Horizon

Horizon Air

AirWatch Browser +

AirWatch Tunnel

Apps with web interfaces

Incompatible apps as a service

Older OS desktops as a service

Older OS images on local machines

The AirWatch Difference: Unified Endpoint Management

101 CONFIDENTIAL

Asset Analytics Tracking, Inventory

System and operations information for higher

SLA

IT Automated Workflows For compliance, remediation and more

OS/App Lifecycle Management

Cradle-to-grave control over most changeable

assets

Unified Endpoint Management

Over the Air Configuration Configured integration with Windows business portal out-of-the-box

Cloud-First, Modern Windows Management and Security

102

Faster Min-set

Provisioning

Unified User Catalog &

SSO

Co-exist with Systems

Management

Deploy Updates Off the Network

Client Health Compliance

Win32 App Lifecycle

Management

Instant Push Configuration for Policies

GPOs On or Off the Domain

Adaptive Enrollment into EMM

Windows Information Protection

Patch Inventory & Auditing

Granular Updates

Management

Client Health & Security

OS Patch Management

Software Distribution

Configuration Management MDM for Windows

Asset Tracking & Inventory

Win32 App Capture & Delivery

VMware AirWatch Unified Endpoint Management for a simpler, more secure and cost effective PC management.

CONFIDENTIAL

Conclusion

Summary: Key Digital Workspace Principles

CONFIDENTIAL 104

Consumer Simple, Enterprise Secure

Cloud infrastructure synergy

Any application, any device

Integrated application management

Unified end-point management

Platform for Business Mobility

Key vmware’s Digital Workspace Solutions

CONFIDENTIAL 105

VMware AirWatch: Enterprise Mobility Management across devices and apps

NSX Micro-segmentation: Security within the datacenter

Workspace ONE: Secure anytime, anywhere access to government resources across devices

AppVolumes: Real-time app delivery and centralized app management

VMware Horizon: Virtual Desktop Infrastructure that strengthens security and centralizes management

To summarize…

106

Workspace ONE is the best solution in five key areas: 1.  Unified Endpoint Management manages,

configures, tracks and automates workforce endpoint management.

2.  Leading Virtual Desktops & Apps provides every kind of desktop and app and supports any environment with real-time app delivery.

3.  Identity-Defined Workspace achieves simple, secure access for end users.

4.  Comprehensive Cloud Service offers every kind of service from the cloud.

5.  Adaptive Management, Conditional Access and Security keep safe the access to organizations’ data and applications.

CONFIDENTIAL

Why AirWatch

107

Proven track record as industry leader

Best-of-breed digital workspace solution set

Agnostic solution with broadest ecosystem

Comprehensive educational services and global support

Modern UEM platform simplifying endpoint management

The Value of vmware’s

Workspace ONE

Questions?

108

Thank you.