Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

2° Sessione - Workspace ONE la soluzione semplice e sicura per il lavoro nell’Era Digitale


Published on

In questa seconda sessione faremo una panoramica sulla visione di VMware riguardo l’End User Computing e su come sia possibile declinare il paradigma del Workspace Digitale in tutte le sue sfaccettature attraverso Workspace ONE, la soluzione VMware semplice e sicura per il lavoro nell’Era Digitale.

Published in: Education

2° Sessione - Workspace ONE la soluzione semplice e sicura per il lavoro nell’Era Digitale

  1. 1. Nicola Galante Senior Specialist Systems Engineer EUC/Business Mobility – vmware Lorenzo Di Palma Senior Specialist Systems Engineer EUC/Business Mobility - vmware vmware Workspace ONE How to deliver and manage Any App on Any Device by integrating Identity, Application and Enterprise Mobility Management
  2. 2. 2 Today’s users are on the move Users want to be able to access corporate data, applications and online resources across more devices and locations. New IT challenges arise:
  3. 3. 3 Edu IT Trends Teachers and Students expect easy, efficient access to educational resources aided by mobile technology through either Academic or BYO Devices Easy and Secure access to all educational content and Apps (SaaS, Web, Local and Native) via single portal through Single Sign-On Better student experience leading to improved retention and increased revenue Reduced Helpdesk staffing costs with improved performance and reduced waiting times
  4. 4. The Workspace Become Digital… … and It Requires New Rules It has to be Simple, Scalable and Flexible It has to Securely manage user’s data and Apps access, according to which device is used and its compliance! It needs to deliver the best User Experience in every use case, regardless the device It has to manage User’s Identity and Policies, not Devices
  5. 5. 55 Supporting this can be challenging Supporting workplace mobility, minimizing security risks, maintaining compliance is a challenge for IT teams. App failure costs >$100K in productivity loss Ponemon Group 2015 App Failure Rate is 12% VMware customers Average Cost of a Data Breach in 2015 was $3.79M IBM and Ponemon Group 2015 Average Time to Image a Physical Device is 1 hr VMware customers
  6. 6. Remote Apps Desktop Enterprise Mobility Management Identity 6 Today’s Traditional Siloed Managements
  7. 7. 7 IT shifts from managing siloed technologies to A digital workspace A New Paradigm
  8. 8. The Mobile Adoption Curve Value z Time ñ CONFIDENTIAL
  9. 9. 9 Deliver an unmatched Identity-Defined Contextual Experience The Digital Workspace has to… Anywhere, Anytime Access with Any Device Access to internal and external apps – Identity is the new perimeter
  10. 10. #digitalworkspace •  Encryption •  Anti-virus •  Access control •  Monitoring •  Image management •  Application distribution •  Updates SECURITY MANAGEMENT UEM&S UEM&S EMM UEM&S EMM EMM UEM&S UEM&S UEM&S UEM&S UEM&S CONTROL POINT •  Access policies •  Apps and data policies •  Device configuration policies •  Analytics Unifying Endpoint Management 10 •  Single way to manage desktop and mobile •  Proactive, automated analytics •  Policy-based security and management
  11. 11. Market Validation CONFIDENTIAL 11
  12. 12. vmware’s Business Mobility Solutions Lead the Market vmware Horizon leaps past the competition “VMware's position reflects the company's market position and commitment to providing resources to expand its EUC product portfolio and infrastructure.” Magic Quadrant for Enterprise Mobility Management Suites vmware AirWatch: •  A Leader for 6 Consecutive Years •  Placed Highest on Ability to Execute Axis •  Positioned Furthest on Completeness of Vision
  13. 13. What is driving the shift to the Digital Workspace? CONFIDENTIAL 13 Digital Workspace Mobile business transformation Cloud Office expansion Windows 10 Application heterogeneity Device heterogeneity Consumerization Increased Self-Service BYOD EUC convergence Unified end-point management Mobile work styles Desktop as a Service Enterprise IoT Unified app access Cloud computing Identity as a Service
  14. 14. Make the Move to the Digital Workspace 14 CONFIDENTIAL Improve Compliance and Secure the Access to Devices and Data Drive Down CostsSimplify Desktop, App and Device Management Identity Management And True Single-Sign On from any Device
  15. 15. Delivering the Digital Workspace DIGITAL WORKSPACE Identity Management Application Management Enterprise Mobility Management Virtual Windows Desktops Remoted Windows Applications … is all about convergence The Digital Workspace … but it can be complicated
  16. 16. CONFIDENTIAL 16 Introducing… vmware Workspace™ ONE™ is the simple and secure enterprise platform that delivers and manages any app on any device by integrating identity, application, and enterprise mobility management (EMM) Consumer Simple | Enterprise Secure
  17. 17. Digital Workspace Requires Various Management Tools to Accomplish 17 Client Management Application Suites Device Management Identity Management Virtualization
  18. 18. DIGITAL WORKSPACE Workspace ONE: an Unified Tool to Create the Digital Workspace 18
  19. 19. vmware Workspace ONE value 19 Enterprise Secure Consumer Simple
  20. 20. Workspace ONE 1.5M Apps -  OTA Device Configuration -  App Provisioning & Configuration -  Entitlement Management -  Automated Remediation IDENTITY, SECURITY & COMPLIANCE -  Federation / Authentication -  Access Policy -  Reporting, Auditing & Analytics -  Compliance Automation WINDOWS AS A SERVICE -  Full Desktops or Seamless Apps -  Cloud or On-Premises -  Complete Isolation UNIFIED END POINT MANAGEMENT Conditional Access with Data Loss Prevention Self-Service Enterprise App Store w/ One Touch SSO Windows Virtual Apps SaaS MobileLegacy SECURITY & NETWORK VIRTUALIZATION Flexible App Lifecycle Management Platform (Develop, Deploy, Manage, Support) Workspace ONE Apps Suite EMAIL BROWSER CONTENT CHAT
  21. 21. Workspace ONE Advantages 21 Simplified onboarding Single sign-on Adaptive management Multi-factor authentication Conditional access CONFIDENTIAL
  22. 22. Workspace™ ONE™ Self-Service Access #digitalworkspace
  23. 23. Workspace™ ONE™ Choose Your Device #digitalworkspace
  24. 24. Workspace™ ONE™ Secure Messaging and Content #digitalworkspace
  25. 25. Workspace™ ONE™ Conditional Access #digitalworkspace
  26. 26. Bring Your Own Device Not Your Device (Browser Access) 26 One Platform – All Employees, All Use Cases “Choose Your Own” You Manage “Corporate Issued” “Choose Your Own” Corporate Managed Locked Down Ruggedized Managed Workspace Unified Endpoint ManagementUnmanaged Workspace
  27. 27. Bring Your Own Device Not Your Device (Browser Access) 27 “Choose Your Own” You Manage “Corporate Issued” “Choose Your Own” Corporate Managed Locked Down Ruggedized Managed Workspace Unified Endpoint ManagementUnmanaged Workspace One Platform – All Employees, All Use Cases Self-service Anywhere access to apps One-touch SSO, automatic email & Wi-Fi setup Full, No-Fuss “Out-of-the-Box” Configuration Grant and Block access to apps, (in network scope, and uses appropriate authentication Enforce enterprise app-level data, DLP and wipe policies with basic compliance (MAM) Enforce device-level data, DLP and wipe policies, full device attestation, and auto-remediation
  28. 28. Single App Catalog Across Devices To Access Any App – Native | Web | Remote In a Secure MAM Container Unified User Experience with vmware Workspace ONE™ Internally developed mobile apps Native public mobile apps SaaS apps Internal web apps Modern Windows apps Legacy Windows apps Virtualized management desktops
  29. 29. 29 Web Apps ThinApp Horizon Desktop Horizon Hosted App Office 365 Citrix XenApps App Catalog Context Aware Custom Branding
  30. 30. Web Virtual Native Workspace ONE App: A Simple, Consumer-Grade Experience
  31. 31. Detection of jailbroken or rooted devices and compliance actions Separation of corporate and personal apps Only approved, authorized apps installed in corporate container 31 Mobile Application Management Challenges for BYOD
  32. 32. Workspace Services Profile More diverse app ecosystem Better security and configuration capabilities Requires profile on the device Privacy concerns in BYOD deployments 2 O/SMAM App Container1 Doesn’t require profile installation Ideal for BYOD deployments Limits app ecosystem Requires proprietary SDK STANDALONEMAM Only approved, authorized apps installed in corporate container Organizations can detect jailbroken or rooted devices and take compliance action Separate work and personal apps Stand Alone MAM vs. O/S MAM 32 NATIVEO/SMAM STANDALONEMAM
  33. 33. The Future of MAM for a Successful Mobility Program 33 Stand Alone MAM Universal App Catalog O/S Management Workspace ONE for BYOD ADAPTIVE MANAGEMENT
  34. 34. OS MAM Native Apps Adaptive Management Workflow 34 No Profile No Profile Workspace Services Profile+ + CONFIDENTIAL Certificate Management, PIN Strength Enforcement, Corporate App Wipe, Jailbreak Detection No Management Stand Alone MAM Distribute also Internal Enterprise Apps No Management Stand Alone MAM OS MAM
  35. 35. Enable Easy Access to Any App with Workspace ONE 35 Install Workspace ONE Auto Discover Branded Login Experience Access Any App CONFIDENTIAL
  36. 36. Adaptive Management CONFIDENTIAL 36 Activate Workspace Services Customer’s EULA Redirect to configure profile Install Profile Done!
  37. 37. 37 Device-Trust Conditional Access APP USER Policy Framework DEVICE LOCATIONAPP Employee USER Contractor PrivilegedCustomer R&D Sales Marketing iOS DEVICE Android Win10 Unmanaged Managed BYOD Corp-Issued Web APP Mobile Virtual Low Security High Security External Internal In Network LOCATION Out Network Beacon 3G / 4G Geo
  38. 38. Create Compliance Policies for User Groups and Devices 38 App whitelists App blacklists Required apps Current app version Assignment criteria Remediate immediately Send push notification s Uninstall apps Policies Actions
  39. 39. Keep Barriers Between Work and Personal 39 Separate work and personal apps Prevent data flow between work and personal apps Allow IT to only manage and secure the work apps and data X
  40. 40. Identity Defined Workspace Simple, Secure Access and Productivity
  41. 41. Identity Challenges for SaaS Adoption •  Not connected to on-prem AD •  Requires a new username/password •  Users can pick password that is o  Weak o  Shared across mulFple sites o  Same as AD password •  Account sFll acFve when user leaves company/AD.
  42. 42. The Role of Directory in a Multi-Cloud World 42 •  Directory = Policy (300m PCs) •  Domain-joined machines •  Windows apps •  Employees •  AD Driven/User management Active Directory One Source of Truth Yesterday’s World •  Multi-cloud (2b+ devices) •  Any (phones, tablets, laptops) •  SaaS/Native mobile •  Contractors, temps, partners •  HR driven Today’s World XenAppHorizon Many Directories No Unified Policy Management
  43. 43. VMware Identity Manager 43CONFIDENTIAL
  44. 44. Identity-Defined Workspace CONFIDENTIAL 44 One Touch SSO & MFA Secure seamless user experience Conditional Access Smart protection for corporate login and data access Unified App Catalog Personalized workspace for apps on any device Productivity Apps Core apps for day one productivity
  45. 45. Workspace ONE: Mobile SSO Workspace™ ONE™ Secure App Token System SaaS Apps TRUST Trust ID Key Cloud #digitalworkspace
  46. 46. One-Touch mobile SSO CONFIDENTIAL 46 •  Industry’s first one-touch single-sign on (SSO) for public mobile apps •  Device Trust Authentication: the device itself becomes a factor of authentication to anchor an SSO experience. •  The app is only available to that device, and the user must still be able to unlock the device. •  Many people associate touch ID as a form of authentication for SSO, but... •  touch ID only unlocks a device, taking the place of pin code entry, which is always a backup to touch ID. •  Workspace ONE supports pin-code entry or touch ID as another quick assurance that a device is still with its owner.
  47. 47. Multi-Factor Authentication 47CONFIDENTIAL
  48. 48. vmware Verify Built-in 2-factor authentication 3 ways to authenticate •  Mobile push notification –  Step 1: Vmware sends you a push notification –  Step 2: Tap to approve or deny access •  App based passcode (for users with notification disabled) –  Step 1: Open app to get passcode –  Step 2: Enter the passcode on login page •  SMS based passcode (for users without smartphones) –  Step 1: VMware sends passcode in a text message –  Step 2: Enter the passcode on login page 48
  49. 49. CONFIDENTIAL 49 Non-Federated Apps Browser Plugin (Password Vault) Browser Plugin Prompt
  50. 50. What This Means for the Digital Workspace Allow access by default Single clearing house for entitlement and authentication Verify device posture for compliance Remove friction from user experience Contextual rules-engine with continuous security Users (Identity) Federate identity for on-premises and cloud services
  51. 51. Security and More End User Simple and IT Secure
  52. 52. Workspace ONE Multi-Layered Security Approach 52 IDENTITYAPPDATADEVICENETWORK
  53. 53. Conditional Access CONFIDENTIAL 53 OS Managed Jail Broken MSA | Malware | Trust3rd Party Location Blacklisted Apps Authentication strength Authentication Provider Session time Network Scope Per Application Rules Device’s Posture Identity Rules
  54. 54. DEVICE POSTURE USER AUTH AUTHENTICATION MODULE APP SERVICE Remote Apps | Web Apps | Native Apps Workspace ONE Managed Jail Broken DEVICE POSTURE OS 3rd Party MSA | Malware | Trust Location Blacklist Apps IDENTITY RULES (VMware IDM or 3rd party) Authentication Provider Network Scope Authentication strength Session time Per Application Workspace ONE Policy Based Conditional Access Build Policies | Define Escalations | Automate Actions
  55. 55. Identity Manager Policy Based Conditional Access Configure network, platform and application specific criteria for authentication Enable authentication chaining and multiple compliance policies Require more rigorous authentication methods from external networks / less restrictive when on LAN
  56. 56. AirWatch Device Compliance Policies Device centric policy management Allows notification, email blocking, remediation and escalation for devices which are not in compliance Oriented towards device criteria – encryption, passcode requirements, Jailbroken or rooted devices
  57. 57. Enabling AirWatch Conditional Access in Identity Manager Create IDM Policy Rule that checks for Device Compliance in addition to an authentication method If device is out of compliance, login fails If device is brought back into compliance, the user will be able to authenticate
  58. 58. Access Policy for Horizon and Citrix Apps •  Horizon and Citrix can use Access Policies (like web apps) –  Enables use of VMware Verify step-up authentication –  Combined with Horizon True SSO, allows for zero password access to Windows resources 58 Touch ID for “Workspace”
  59. 59. Dynamic Per- App VPN Intelligent Networking with NSX Device Usage Analytics Conditional Access CONFIDENTIAL 59
  60. 60. VMware NSX for AirWatch Device Level VPN Full Network Access App Level VPN Select Network Access Micro Segmentation with NSX App Level VPN Full Network Access
  61. 61. VMware NSX for AirWatch CONFIDENTIAL 61 Advanced security between an AirWatch-managed device and the NSX micro- segmented cloud data center
  62. 62. The VMware Difference: All Types of Security 62CONFIDENTIAL Endpoint Security IT automated workflows for compliance, remediation Identity Integration Secure workspace for apps on any device Micro Segmentation Secure and simple network virtualization Data Loss Prevention Prevent data leakage and keep corporate data secure
  63. 63. VMware Tunnel DLP: Preventing Data Loss in Office 365 63 Workspace ONE Conditional Access Restricts Office 365 access to compliant devices VMware Tunnel App on device filters network traffic to detect and block file transfers Employees may still user their personal file repositories for personal files 63 How it works: Protect corporate files from personal cloud repositories
  64. 64. Pervasive Security: Datacenter to Device to App Data Center Multi-layered Defense for the Secure Digital Workspace 64 Virtual DesktopDevice Per-app micro-VPN NSX Micro- segmentation + AirWatch Horizon 7
  65. 65. Accelerating Office 365 Deployments with Workspace ONE 65 Federated Identity Single Sign On to Office 365 users without ADFS Complexity or copying AD credentials to the cloud Beyond Microsoft Apps Common Catalog to access SaaS, internal web, native mobile and virtualized apps Increased Security Integrated Mobile-Push 2FA across any app, Device Posture policy enforcement and auto- entitlement revocation Simplified Management Automated user account provisioning for Office 365 NEW! NEW!
  66. 66. CONFIDENTIAL 66 Workspace ONE App Suite Mobile Collaboration and Productivity
  67. 67. Workspace ONE Productivity Apps Suite Boxer Mail Calendar Contacts Browser Intranet Internet Kiosk Content View Edit Share Socialcast Social Chat Projects 67CONFIDENTIAL
  68. 68. Workspace ONE Productivity Apps CONFIDENTIAL 68 USABILITY PRIVACYSECURITY FIPS certified encryption End-to-end data security Encryption at-rest & transit Data leakage prevention (DLP Delightful end user experience Follows native design principles Designed for a business user Delivers seamless workflows Privacy First Initiative End User Micro Site Adaptive Management Protect Apps, Data & Identity Workspace ONE Apps Suite
  69. 69. Access Email, Calendar & Contacts via VMware Boxer CONFIDENTIAL
  70. 70. Boxer – Advanced Features Custom combined folders Attach from doc providers Full Gmail label support Send availability Select all from sender Quick replies Custom action grid Swipe to SPAM Archive as read option Collapsing conversation Notification actions Predictive move Combined inbox Inline editing Smart folders Configurable gestures App level pin lock Caller ID Read local calendar Swipe to next Configurable undo Custom signatures CONFIDENTIAL
  71. 71. Deploy Best Of Breed Email Solutions As You Choose… Native Mail CONFIDENTIAL 71 * Native OS profile is not a full device MDM profile Boxer Native user experience Business-centric user experience Consolidated mail, calendar and contactsSeparate work accounts for mail, calendar & contacts Leverages native OS profile * Containerized app with built in security/DLP Encrypt enterprise data and remotely wipe work email Configurable gestures and hero cardsProvide DLP to attachments and email hyperlinks Does not require a native OS profile Encrypt enterprise data and remotely wipe work email Provide DLP to attachments and email hyperlinks
  72. 72. Providing Better Usability with Higher Security in Browser Multi-tabbed intranet & internet browsing Push pre-defined bookmarks SSO across all sites and web apps High fidelity rendering for HTML5 apps CONFIDENTIAL
  73. 73. Force Webapp Launch In VMware Browser 73 Select if app should be opened in VMware browser instead of default OS browser (Safari/Chrome) by Workspace ONE app Benefits: •  Launch intranet site without VPN •  Secure browser cache that can be remote wiped when the user leaves the company or device goes out-of- compliance
  74. 74. Experience Web Apps in Full Screen Mode CONFIDENTIAL
  75. 75. Support Various Use Cases With Kiosk Mode Kiosk Mode with Multiple Websites CONFIDENTIAL
  76. 76. Modern UI for a Unified Mobile Content Explorer Access cloud & on- premise repositories Offline access to files & folders Search across files & folders Automatically publish & sync content CONFIDENTIAL
  77. 77. Boost Productivity with Built-In Editing Tools Quickly add new content Securely capture media w/ metadata Integrated PDF annotations Integrated Office editing CONFIDENTIAL
  78. 78. Over 30 ECM Repositories, Including WebDAV & CMIS Standards CONFIDENTIAL
  79. 79. People Centric Collaboration with Socialcast Home Feed @Mentions Activity Streams New Post CONFIDENTIAL
  80. 80. Integrated Workflows Across Workspace ONE Apps CONFIDENTIAL
  81. 81. AirWatch Privacy First: User’s Awareness CONFIDENTIAL 81 Visual Privacy Privacy Officer
  82. 82. Visual Privacy Notice CONFIDENTIAL 82 Creating transparency for the end user on exactly what is being captured by IT in an easy-to- consume visual format
  83. 83. Windows as a Service Every Kind of Desktop, Every Kind of Application, in Any Environment
  84. 84. VMware Horizon Portfolio 84 MAIN OFFICE REMOTE OFFICE CAMPUS SPECIALIST MOBILE NON-EMPLOYEE Horizon Flex Containerized desktops and apps CONFIDENTIAL Horizon Air Cloud-hosted or Hybrid- mode desktop and app delivery from the public cloud Horizon 7 Desktop and app delivery from private cloud
  85. 85. Desktops and Apps From a Single Platform 85 CONFIDENTIAL Deliver Desktops and Applications On Any Device Securely Manage Desktops, Apps and Devices Support for Windows and Linux The ability to efficiently and cost-effectively deliver, manage and monitor virtual desktops and published applications to end users who may not need access to a full desktop. DESKTOPS APPLICATIONS Physical DevicesVirtual Identity Management and true SSO Adaptive and Contextual User Experience in any Use Case
  86. 86. Horizon Makes Desktop and App Management Easy 86 Horizon centralizes end users' desktops and applications in the datacenter, so IT can efficiently provision new clients, centralize desktop management, and improve security and compliance and is based on 7 key pillars Desktops and Apps From a Single Platform Smart PoliciesJust-in-Time Desktops Great User Experience Flexible and Hybrid Delivery SDDC Integration Complete Environment Management CONFIDENTIAL
  87. 87. Hosted Desktop Workspace can be accessed from anywhere Reduce costs with session-based desktop Use less infrastructure and reduce management overhead The Horizon Difference: Every Kind of Desktop 87CONFIDENTIAL Persistent Desktop Custom experience for knowledge workers Get the same desktop every time you login Customize to meet your unique needs Install specialized applications Non-persistent Desktop Infrastructure cost savings Re-usable storage infrastructure Most cost effective implementation for task workers Just-in-time Desktop On-demand creation of live virtual desktops Fully personalized desktops and apps Scalable to thousands of desktops Optimized infrastructure usage
  88. 88. Just-in-Time Desktops 88 CONFIDENTIAL With innovative technologies like Instant Clones, User Environment Management and App Volumes—Horizon ensures that IT can streamline desktop and application management like never before, providing employees with truly stateless desktops. Drive Down Storage Costs by >30% Deliver Apps Instantly Streamline OpEX by >50%
  89. 89. Smart Polices 89 True SSO Experience Policy-Managed Client Features Access Point Authentication Common Criteria / FIPS 140-2 CONFIDENTIAL Policies are tied to the end user allowing IT to be able to provide end users with a truly contextual user experience with policies dynamically changes depending on the device used or the location services are being accessed from.
  90. 90. The Horizon Difference: Every Kind of Application 90CONFIDENTIAL App Access SSO access to all apps and services through a unified Workspace Portal Monitoring Desktop-to- datacenter monitoring with vROPs for Horizon App Isolation Containerized applications, isolated from the operating system with ThinApp App Delivery Application delivery to virtual desktops in real-time with AppVolumes User Environment Management Maintain consistent, personalized settings across devices with UEM
  91. 91. vRealize Operations for XenApp and XenDesktop The App Volumes Difference: Any Environment 91 Reduce Operational and Support Costs User Environment Management •  UEM provides dynamic, context-based profile management and app config •  Personalized settings follow user ThinApp for Packaging Applications •  Can be deployed by App Volumes and natively streamed from file share •  Eliminates conflicts between app. •  Reduces RDSH Server sprawl App Volumes Real-time App Delivery •  Provides real-time application delivery to virtual desktops and RDSH Servers •  Provides single image management for VDI and RDSH •  Supports User Installed Apps Improve App Delivery and Management for Citrix or Horizon, New or Existing CONFIDENTIAL
  92. 92. Unified Endpoint Management Manage, Configure, Track and Automate
  93. 93. Client Management EMM Is No Longer Enough EMM AirWatch Unified Endpoint Management CONFIDENTIAL 93 IoT
  94. 94. Windows 10: A Modern OS for the Mobile-Cloud Era 94 Simplified Lifecycle Management Enterprise Ready Security Any Apps to Stay Productive Intuitive Experience Across Device Types
  95. 95. Windows 10: Windows Redefined CONFIDENTIAL 95 Only Corporate Devices and Data High Touch for IT Joined to Domain Legacy Apps Windows7 Corporate, BYOD and LOB Cloud-based Management On Any Network Expansive App Ecosystem Windows10
  96. 96. The New Standard for Windows Management CONFIDENTIAL 96 Restricted to corporate owned devices joined to the network Complex and high-touch management for IT Costly and fragmented management and app ecosystem Costly, Complex and Restrictive! Flexibly support multiple device ownership use cases and on any networks Simpler cloud based management and self-service capabilities Low TCO with consolidated management tool and a unified apps ecosystem Traditional Windows Management Modern Windows Management Low TCO, Simpler and Flexible!
  97. 97. Windows Management with VMware AirWatch Device and OS Lifecycle Management Application Management and Delivery End-to-end Security Management Industry leading EMM capabilities together with the best of traditional client management functions for managing Windows across any device type. 97 +
  98. 98. Modern EMM Model for Managing Windows with AirWatch 98 Simplified and Flexible Deployment Device and App Lifecycle Management Enterprise Readiness End-to-End Security Bulk provisioning Workplace enrollment Out-of-box experience Work account enrolment Azure AD integration Compliance engine IT Remote management End user Self-Service Portal LOB use cases Enterprise integrations Productivity apps Unified endpoint management Over-the-air configuration Application management Windows Store and Business Store Software distribution; product provisioning Windows Update management Windows Hello and Passport support Device posture and health attestation Application security Conditional access control Enterprise Data Protection Per-app VPN
  99. 99. A New Level of Data Security with Enterprise Data Protection 99 Tagging Data Define data sources to classify as enterprise (IP, domain, SharePoint, and more) Defining Privileged Apps Configure privileged apps that can handle enterprise data Setting Policy Levels Configure how enterprise data is handled (encrypt, block, audit) Configuring Per-App VPN Define which apps can access internal network through VPN
  100. 100. Windows Backwards Compatibility with VMware CONFIDENTIAL 100 FLEX Horizon Horizon Air App Volumes Horizon Horizon Air AirWatch Browser + AirWatch Tunnel Apps with web interfaces Incompatible apps as a service Older OS desktops as a service Older OS images on local machines
  101. 101. The AirWatch Difference: Unified Endpoint Management 101CONFIDENTIAL Asset Analytics Tracking, Inventory System and operations information for higher SLA IT Automated Workflows For compliance, remediation and more OS/App Lifecycle Management Cradle-to-grave control over most changeable assets Unified Endpoint Management Over the Air Configuration Configured integration with Windows business portal out-of-the-box
  102. 102. Cloud-First, Modern Windows Management and Security 102 Faster Min-set Provisioning Unified User Catalog & SSO Co-exist with Systems Management Deploy Updates Off the Network Client Health Compliance Win32 App Lifecycle Management Instant Push Configuration for Policies GPOs On or Off the Domain Adaptive Enrollment into EMM Windows Information Protection Patch Inventory & Auditing Granular Updates Management Client Health & Security OS Patch Management Software Distribution Configuration Management MDM for Windows Asset Tracking & Inventory Win32 App Capture & Delivery VMware AirWatch Unified Endpoint Management for a simpler, more secure and cost effective PC management. CONFIDENTIAL
  103. 103. Conclusion
  104. 104. Summary: Key Digital Workspace Principles CONFIDENTIAL 104 Consumer Simple, Enterprise Secure Cloud infrastructure synergy Any application, any device Integrated application management Unified end-point management Platform for Business Mobility
  105. 105. Key vmware’s Digital Workspace Solutions CONFIDENTIAL 105 VMware AirWatch: Enterprise Mobility Management across devices and apps NSX Micro-segmentation: Security within the datacenter Workspace ONE: Secure anytime, anywhere access to government resources across devices AppVolumes: Real-time app delivery and centralized app management VMware Horizon: Virtual Desktop Infrastructure that strengthens security and centralizes management
  106. 106. To summarize… 106 Workspace ONE is the best solution in five key areas: 1.  Unified Endpoint Management manages, configures, tracks and automates workforce endpoint management. 2.  Leading Virtual Desktops & Apps provides every kind of desktop and app and supports any environment with real-time app delivery. 3.  Identity-Defined Workspace achieves simple, secure access for end users. 4.  Comprehensive Cloud Service offers every kind of service from the cloud. 5.  Adaptive Management, Conditional Access and Security keep safe the access to organizations’ data and applications. CONFIDENTIAL
  107. 107. Why AirWatch 107 Proven track record as industry leader Best-of-breed digital workspace solution set Agnostic solution with broadest ecosystem Comprehensive educational services and global support Modern UEM platform simplifying endpoint management The Value of vmware’s Workspace ONE
  108. 108. Questions? 108
  109. 109. Thank you.