In questa seconda sessione faremo una panoramica sulla visione di VMware riguardo l’End User Computing e su come sia possibile declinare il paradigma del Workspace Digitale in tutte le sue sfaccettature attraverso Workspace ONE, la soluzione VMware semplice e sicura per il lavoro nell’Era Digitale.

1. Nicola Galante
Senior Specialist Systems Engineer
EUC/Business Mobility – vmware
Lorenzo Di Palma
Senior Specialist Systems Engineer
EUC/Business Mobility - vmware
vmware Workspace ONE
How to deliver and manage Any App on Any Device by integrating
Identity, Application and Enterprise Mobility Management

2. 2
Today’s users are on the move
Users want to be able to access corporate data, applications and online
resources across more devices and locations.
New IT challenges arise:

3. 3
Edu IT Trends
Teachers and Students expect easy, efficient
access to educational resources aided by
mobile technology through either Academic
or BYO Devices
Easy and Secure access to all educational content
and Apps (SaaS, Web, Local and Native) via single
portal through Single Sign-On
Better student experience leading to improved
retention and increased revenue
Reduced Helpdesk staffing costs with improved
performance and reduced waiting times

4. The Workspace Become Digital…
… and It Requires New Rules
It has to be Simple, Scalable and Flexible
It has to Securely manage user’s data and Apps access,
according to which device is used and its compliance!
It needs to deliver the best User Experience in
every use case, regardless the device
It has to manage User’s Identity and Policies,
not Devices

5. 55
Supporting this can
be challenging
Supporting workplace mobility, minimizing
security risks, maintaining compliance is a
challenge for IT teams.
App failure
costs >$100K
in productivity
loss
Ponemon Group 2015
App Failure
Rate is 12%
VMware customers
Average Cost
of a Data
Breach in 2015
was $3.79M
IBM and Ponemon Group
2015
Average Time
to Image a
Physical
Device is 1 hr
VMware customers

6. Remote
Apps
Desktop Enterprise
Mobility
Management
Identity
6
Today’s Traditional Siloed Managements

7. 7
IT shifts from managing siloed technologies to
A digital workspace
A New Paradigm

8. The Mobile Adoption Curve
Value
z
Time
ñ
CONFIDENTIAL

9. 9
Deliver an unmatched Identity-Defined
Contextual Experience
The Digital Workspace has to…
Anywhere, Anytime Access with Any Device
Access to internal and external apps –
Identity is the new perimeter

10. #digitalworkspace
• Encryption
• Anti-virus
• Access control
• Monitoring
• Image management
• Application distribution
• Updates
SECURITY
MANAGEMENT
UEM&S
UEM&S
EMM
UEM&S
EMM
EMM
UEM&S
UEM&S
UEM&S
UEM&S
UEM&S
CONTROL
POINT
• Access policies
• Apps and data policies
• Device configuration
policies
• Analytics
Unifying Endpoint Management
10
• Single way to manage desktop and mobile
• Proactive, automated analytics
• Policy-based security and management

11. Market Validation
CONFIDENTIAL 11

12. vmware’s Business Mobility Solutions Lead the Market
vmware Horizon leaps past the competition
“VMware's position reflects the company's market position and commitment
to providing resources to expand its EUC product portfolio and
infrastructure.”
Magic Quadrant for Enterprise Mobility Management Suites
vmware AirWatch:
• A Leader for 6 Consecutive Years
• Placed Highest on Ability to Execute Axis
• Positioned Furthest on Completeness of Vision

13. What is driving the shift to the Digital Workspace?
CONFIDENTIAL 13
Digital
Workspace
Mobile business transformation
Cloud Office expansion
Windows 10
Application heterogeneity
Device heterogeneity
Consumerization
Increased Self-Service
BYOD
EUC convergence
Unified end-point management
Mobile work styles
Desktop as a Service
Enterprise IoT
Unified app access
Cloud computing
Identity as a Service

14. Make the Move to the Digital Workspace
14
CONFIDENTIAL
Improve Compliance
and Secure the
Access to Devices
and Data
Drive Down CostsSimplify
Desktop, App and
Device Management
Identity Management
And True Single-Sign On
from any Device

15. Delivering the Digital Workspace
DIGITAL
WORKSPACE
Identity
Management
Application
Management
Enterprise Mobility
Management
Virtual Windows
Desktops
Remoted Windows
Applications
… is all about
convergence
The Digital Workspace
… but it can be
complicated

16. CONFIDENTIAL 16
Introducing…
vmware Workspace™ ONE™ is the
simple and secure enterprise
platform that delivers and manages
any app on any device by
integrating identity, application, and
enterprise mobility management
(EMM)
Consumer Simple | Enterprise Secure

17. Digital Workspace Requires Various Management Tools to Accomplish
17
Client
Management
Application
Suites
Device
Management
Identity
Management
Virtualization

18. DIGITAL
WORKSPACE
Workspace ONE: an Unified Tool to Create the Digital Workspace
18

19. vmware Workspace ONE value
19
Enterprise
Secure
Consumer
Simple

20. Workspace ONE
1.5M
Apps
- OTA Device Configuration
- App Provisioning & Configuration
- Entitlement Management
- Automated Remediation
IDENTITY, SECURITY
& COMPLIANCE
- Federation / Authentication
- Access Policy
- Reporting, Auditing & Analytics
- Compliance Automation
WINDOWS AS A SERVICE
- Full Desktops or Seamless Apps
- Cloud or On-Premises
- Complete Isolation
UNIFIED END POINT
MANAGEMENT
Conditional Access with Data Loss Prevention
Self-Service Enterprise App Store w/ One Touch SSO
Windows Virtual Apps SaaS MobileLegacy
SECURITY & NETWORK VIRTUALIZATION
Flexible App Lifecycle Management Platform (Develop, Deploy, Manage, Support)
Workspace ONE Apps Suite
EMAIL BROWSER CONTENT CHAT

21. Workspace ONE Advantages
21
Simplified onboarding
Single sign-on
Adaptive management
Multi-factor authentication
Conditional access
CONFIDENTIAL

22. Workspace™ ONE™
Self-Service Access
#digitalworkspace

23. Workspace™ ONE™
Choose Your Device
#digitalworkspace

24. Workspace™ ONE™
Secure Messaging and Content
#digitalworkspace

25. Workspace™ ONE™
Conditional Access
#digitalworkspace

26. Bring Your
Own Device
Not Your Device
(Browser Access)
26
One Platform – All Employees, All Use Cases
“Choose Your Own”
You Manage
“Corporate
Issued”
“Choose Your Own”
Corporate Managed
Locked
Down
Ruggedized
Managed Workspace Unified Endpoint ManagementUnmanaged Workspace

27. Bring Your
Own Device
Not Your Device
(Browser Access)
27
“Choose Your Own”
You Manage
“Corporate
Issued”
“Choose Your Own”
Corporate Managed
Locked
Down
Ruggedized
Managed Workspace Unified Endpoint ManagementUnmanaged Workspace
One Platform – All Employees, All Use Cases
Self-service
Anywhere access to apps
One-touch SSO, automatic email
& Wi-Fi setup
Full, No-Fuss “Out-of-the-Box” Configuration
Grant and Block access to apps,
(in network scope, and uses
appropriate authentication
Enforce enterprise app-level data,
DLP and wipe policies with basic
compliance (MAM)
Enforce device-level data, DLP and wipe policies,
full device attestation, and auto-remediation

28. Single App Catalog Across Devices
To Access Any App – Native | Web | Remote
In a Secure MAM Container
Unified User Experience with vmware Workspace ONE™
Internally developed mobile
apps
Native public mobile apps
SaaS apps
Internal web apps
Modern Windows apps
Legacy Windows apps
Virtualized management desktops

29. 29
Web Apps
ThinApp
Horizon Desktop
Horizon Hosted App
Office 365
Citrix XenApps
App Catalog
Context Aware
Custom Branding

30. Web Virtual Native
Workspace ONE App: A Simple, Consumer-Grade Experience

31. Detection of
jailbroken or rooted
devices and
compliance actions
Separation of
corporate and
personal apps
Only approved,
authorized apps
installed in corporate
container
31
Mobile Application Management Challenges for BYOD

32. Workspace Services Profile
More diverse app ecosystem
Better security and configuration capabilities
Requires profile on the device
Privacy concerns in BYOD deployments
2
O/SMAM
App Container1
Doesn’t require profile installation
Ideal for BYOD deployments
Limits app ecosystem
Requires proprietary SDK
STANDALONEMAM
Only approved, authorized apps
installed in corporate container
Organizations can detect jailbroken or
rooted devices and take compliance
action
Separate work and personal apps
Stand Alone MAM vs. O/S MAM
32
NATIVEO/SMAM
STANDALONEMAM

33. The Future of MAM for a Successful Mobility Program
33
Stand Alone MAM Universal App Catalog O/S Management
Workspace ONE for BYOD
ADAPTIVE MANAGEMENT

34. OS
MAM
Native
Apps
Adaptive Management Workflow
34
No Profile No Profile
Workspace Services
Profile+ +
CONFIDENTIAL
Certificate Management, PIN
Strength Enforcement, Corporate
App Wipe, Jailbreak Detection
No
Management
Stand Alone
MAM
Distribute also Internal
Enterprise Apps
No
Management
Stand Alone MAM
OS
MAM

35. Enable Easy Access to Any App with Workspace ONE
35
Install Workspace
ONE
Auto
Discover
Branded Login
Experience
Access
Any App
CONFIDENTIAL

36. Adaptive Management
CONFIDENTIAL 36
Activate Workspace
Services
Customer’s EULA
Redirect to
configure profile
Install Profile Done!

37. 37
Device-Trust Conditional Access
APP
USER
Policy Framework
DEVICE
LOCATIONAPP
Employee
USER
Contractor
PrivilegedCustomer
R&D Sales Marketing
iOS
DEVICE
Android Win10
Unmanaged Managed
BYOD Corp-Issued
Web
APP
Mobile Virtual
Low Security High Security
External Internal
In Network
LOCATION
Out Network
Beacon 3G / 4G
Geo

38. Create Compliance Policies for User Groups and Devices
38
App
whitelists
App
blacklists
Required
apps
Current
app
version
Assignment
criteria
Remediate
immediately
Send push
notification
s
Uninstall
apps
Policies Actions

39. Keep Barriers Between Work and Personal
39
Separate work and personal apps
Prevent data flow between work
and personal apps
Allow IT to only manage and secure the
work apps and data
X

40. Identity Defined
Workspace
Simple, Secure Access and Productivity

41. Identity Challenges for SaaS Adoption
• Not connected to on-prem AD
• Requires a new username/password
• Users can pick password that is
o Weak
o Shared across mulFple sites
o Same as AD password
• Account sFll acFve when user leaves
company/AD.

42. The Role of Directory in a Multi-Cloud World
42
• Directory = Policy (300m PCs)
• Domain-joined machines
• Windows apps
• Employees
• AD Driven/User management
Active Directory
One Source of Truth
Yesterday’s World
• Multi-cloud (2b+ devices)
• Any (phones, tablets, laptops)
• SaaS/Native mobile
• Contractors, temps, partners
• HR driven
Today’s World
XenAppHorizon
Many Directories
No Unified Policy Management

43. VMware Identity
Manager
43CONFIDENTIAL

44. Identity-Defined Workspace
CONFIDENTIAL 44
One Touch SSO
& MFA
Secure seamless
user experience
Conditional
Access
Smart protection for
corporate login and
data access
Unified App
Catalog
Personalized
workspace for apps
on any device
Productivity
Apps
Core apps for day
one productivity

45. Workspace ONE: Mobile SSO
Workspace™ ONE™
Secure App Token System
SaaS Apps
TRUST
Trust ID Key
Cloud
#digitalworkspace

46. One-Touch mobile SSO
CONFIDENTIAL 46
• Industry’s first one-touch single-sign on (SSO) for public
mobile apps
• Device Trust Authentication: the device itself becomes a
factor of authentication to anchor an SSO experience.
• The app is only available to that device, and the user must
still be able to unlock the device.
• Many people associate touch ID as a form of authentication
for SSO, but...
• touch ID only unlocks a device, taking the place of pin code
entry, which is always a backup to touch ID.
• Workspace ONE supports pin-code entry or touch ID as
another quick assurance that a device is still with its owner.

47. Multi-Factor Authentication
47CONFIDENTIAL

48. vmware Verify
Built-in 2-factor authentication
3 ways to authenticate
• Mobile push notification
– Step 1: Vmware sends you a push notification
– Step 2: Tap to approve or deny access
• App based passcode (for users with notification disabled)
– Step 1: Open app to get passcode
– Step 2: Enter the passcode on login page
• SMS based passcode (for users without smartphones)
– Step 1: VMware sends passcode in a text message
– Step 2: Enter the passcode on login page
48

49. CONFIDENTIAL 49
Non-Federated Apps Browser Plugin (Password Vault)
Browser Plugin
Prompt

50. What This Means for the Digital Workspace
Allow access by default
Single clearing house
for entitlement and
authentication
Verify device posture
for compliance
Remove friction from
user experience
Contextual rules-engine
with continuous security
Users
(Identity)
Federate identity for
on-premises and cloud
services

51. Security and More
End User Simple and IT Secure

52. Workspace ONE Multi-Layered Security Approach
52
IDENTITYAPPDATADEVICENETWORK

53. Conditional Access
CONFIDENTIAL 53
OS
Managed
Jail Broken
MSA | Malware | Trust3rd Party
Location
Blacklisted Apps
Authentication strength
Authentication Provider
Session time
Network Scope
Per Application Rules
Device’s Posture Identity Rules

54. DEVICE
POSTURE
USER
AUTH
AUTHENTICATION MODULE
APP SERVICE
Remote Apps | Web Apps | Native Apps
Workspace ONE
Managed Jail Broken
DEVICE POSTURE
OS
3rd Party
MSA | Malware | Trust
Location
Blacklist
Apps
IDENTITY RULES
(VMware IDM or 3rd party)
Authentication
Provider
Network
Scope
Authentication
strength
Session
time
Per
Application
Workspace ONE Policy Based Conditional Access
Build Policies | Define Escalations | Automate Actions

55. Identity Manager Policy Based Conditional Access
Configure network, platform and
application specific criteria for
authentication
Enable authentication chaining and
multiple compliance policies
Require more rigorous authentication
methods from external networks / less
restrictive when on LAN

56. AirWatch Device Compliance Policies
Device centric policy management
Allows notification, email blocking,
remediation and escalation for
devices which are not in
compliance
Oriented towards device criteria –
encryption, passcode
requirements, Jailbroken or rooted
devices

57. Enabling AirWatch Conditional Access in Identity Manager
Create IDM Policy Rule that
checks for Device Compliance in
addition to an authentication
method
If device is out of compliance, login
fails
If device is brought back into
compliance, the user will be able
to authenticate

58. Access Policy for Horizon and Citrix Apps
• Horizon and Citrix can use Access Policies (like web apps)
– Enables use of VMware Verify step-up authentication
– Combined with Horizon True SSO, allows for zero password access to Windows resources
58
Touch ID for “Workspace”

59. Dynamic Per-
App VPN
Intelligent
Networking with
NSX Device
Usage
Analytics
Conditional Access
CONFIDENTIAL 59

60. VMware NSX for AirWatch
Device Level VPN
Full Network Access
App Level VPN
Select Network Access
Micro Segmentation with NSX
App Level VPN
Full Network Access

61. VMware NSX for AirWatch
CONFIDENTIAL 61
Advanced security between
an AirWatch-managed device
and the NSX micro-
segmented cloud data center

62. The VMware Difference: All Types of Security
62CONFIDENTIAL
Endpoint
Security
IT automated
workflows for
compliance,
remediation
Identity
Integration
Secure workspace for
apps on any device
Micro
Segmentation
Secure and simple
network
virtualization
Data Loss
Prevention
Prevent data
leakage and keep
corporate data
secure

63. VMware Tunnel DLP:
Preventing Data Loss in Office 365
63
Workspace ONE Conditional
Access Restricts Office 365
access to compliant devices
VMware Tunnel App on device
filters network traffic to detect
and block file transfers
Employees may still user their
personal file repositories for
personal files
63
How it works:
Protect corporate files from personal
cloud repositories

64. Pervasive Security: Datacenter to Device to App
Data
Center
Multi-layered Defense for the Secure Digital Workspace
64
Virtual
DesktopDevice
Per-app
micro-VPN
NSX Micro-
segmentation
+
AirWatch Horizon 7

65. Accelerating Office 365 Deployments with Workspace ONE
65
Federated
Identity
Single Sign On to Office
365 users without ADFS
Complexity or copying
AD credentials to the
cloud
Beyond
Microsoft Apps
Common Catalog to
access SaaS, internal
web, native mobile
and virtualized apps
Increased
Security
Integrated Mobile-Push
2FA across any app,
Device Posture policy
enforcement and auto-
entitlement revocation
Simplified
Management
Automated user
account provisioning
for Office 365
NEW!
NEW!

66. CONFIDENTIAL 66
Workspace ONE App Suite
Mobile Collaboration and Productivity

67. Workspace ONE Productivity Apps Suite
Boxer
Mail
Calendar
Contacts
Browser
Intranet
Internet
Kiosk
Content
View
Edit
Share
Socialcast
Social
Chat
Projects
67CONFIDENTIAL

68. Workspace ONE Productivity Apps
CONFIDENTIAL 68
USABILITY PRIVACYSECURITY
FIPS certified encryption
End-to-end data security
Encryption at-rest & transit
Data leakage prevention (DLP
Delightful end user experience
Follows native design principles
Designed for a business user
Delivers seamless workflows
Privacy First Initiative
End User Micro Site
Adaptive Management
Protect Apps, Data & Identity
Workspace ONE Apps Suite

69. Access Email, Calendar & Contacts via VMware Boxer
CONFIDENTIAL

70. Boxer – Advanced Features
Custom combined folders
Attach from doc providers
Full Gmail label support
Send availability
Select all from sender
Quick replies
Custom action grid
Swipe to SPAM
Archive as read option
Collapsing conversation
Notification actions
Predictive move
Combined inbox
Inline editing
Smart folders
Configurable gestures
App level pin lock
Caller ID
Read local calendar
Swipe to next
Configurable undo
Custom signatures
CONFIDENTIAL

71. Deploy Best Of Breed Email Solutions As You Choose…
Native Mail
CONFIDENTIAL 71
* Native OS profile is not a full device MDM profile
Boxer
Native user experience Business-centric user experience
Consolidated mail, calendar and contactsSeparate work accounts for mail, calendar & contacts
Leverages native OS profile * Containerized app with built in security/DLP
Encrypt enterprise data and remotely wipe work email
Configurable gestures and hero cardsProvide DLP to attachments and email hyperlinks
Does not require a native OS profile
Encrypt enterprise data and remotely wipe work email
Provide DLP to attachments and email hyperlinks

72. Providing Better Usability with Higher Security in Browser
Multi-tabbed intranet
& internet browsing
Push pre-defined
bookmarks
SSO across all sites
and web apps
High fidelity rendering
for HTML5 apps
CONFIDENTIAL

73. Force Webapp Launch In VMware Browser
73
Select if app should be
opened in VMware browser
instead of default OS browser
(Safari/Chrome) by
Workspace ONE app
Benefits:
• Launch intranet site without VPN
• Secure browser cache that can be
remote wiped when the user leaves
the company or device goes out-of-
compliance

74. Experience Web Apps in Full Screen Mode
CONFIDENTIAL

75. Support Various Use Cases With Kiosk Mode
Kiosk Mode with
Multiple Websites
CONFIDENTIAL

76. Modern UI for a Unified Mobile Content Explorer
Access cloud & on-
premise repositories
Offline access to files
& folders
Search across files
& folders
Automatically publish
& sync content
CONFIDENTIAL

77. Boost Productivity with Built-In Editing Tools
Quickly add new
content
Securely capture
media w/ metadata
Integrated PDF
annotations
Integrated Office
editing
CONFIDENTIAL

78. Over 30 ECM Repositories, Including WebDAV & CMIS Standards
CONFIDENTIAL

79. People Centric Collaboration with Socialcast
Home Feed @Mentions Activity Streams New Post
CONFIDENTIAL

80. Integrated Workflows Across Workspace ONE Apps
CONFIDENTIAL

81. AirWatch Privacy First: User’s Awareness
CONFIDENTIAL 81
Visual Privacy AppWhatIsAirWatch.com Privacy Officer

82. Visual Privacy Notice
CONFIDENTIAL 82
Creating transparency for the end
user on exactly what is being
captured by IT in an easy-to-
consume visual format

83. Windows as a Service
Every Kind of Desktop, Every Kind of Application, in
Any Environment

84. VMware Horizon Portfolio
84
MAIN OFFICE REMOTE OFFICE CAMPUS SPECIALIST MOBILE NON-EMPLOYEE
Horizon Flex
Containerized desktops
and apps
CONFIDENTIAL
Horizon Air
Cloud-hosted or Hybrid-
mode desktop and app
delivery from the public
cloud
Horizon 7
Desktop and app
delivery from private
cloud

85. Desktops and Apps From a Single Platform
85
CONFIDENTIAL
Deliver Desktops
and Applications
On Any Device
Securely Manage
Desktops, Apps
and Devices
Support for
Windows and
Linux
The ability to efficiently and cost-effectively deliver, manage and monitor
virtual desktops and published applications to end users who may not
need access to a full desktop.
DESKTOPS
APPLICATIONS
Physical DevicesVirtual
Identity
Management and
true SSO
Adaptive and
Contextual User
Experience in
any Use Case

86. Horizon Makes Desktop and App Management Easy
86
Horizon centralizes end users' desktops and applications in the datacenter, so IT can efficiently
provision new clients, centralize desktop management, and improve security and compliance and is
based on 7 key pillars
Desktops and
Apps From a
Single Platform
Smart PoliciesJust-in-Time
Desktops
Great User
Experience
Flexible and
Hybrid Delivery
SDDC
Integration
Complete
Environment
Management
CONFIDENTIAL

87. Hosted
Desktop
Workspace can be accessed
from anywhere
Reduce costs with
session-based desktop
Use less infrastructure
and reduce management
overhead
The Horizon Difference: Every Kind of Desktop
87CONFIDENTIAL
Persistent
Desktop
Custom experience for
knowledge workers
Get the same desktop
every time you login
Customize to meet your
unique needs
Install specialized
applications
Non-persistent
Desktop
Infrastructure cost savings
Re-usable storage
infrastructure
Most cost effective
implementation for
task workers
Just-in-time
Desktop
On-demand creation of
live virtual desktops
Fully personalized
desktops and apps
Scalable to thousands
of desktops
Optimized infrastructure
usage

88. Just-in-Time Desktops
88
CONFIDENTIAL
With innovative technologies like Instant Clones, User Environment
Management and App Volumes—Horizon ensures that IT can streamline
desktop and application management like never before, providing employees
with truly stateless desktops.
Drive Down
Storage Costs by
>30%
Deliver Apps
Instantly
Streamline
OpEX by >50%

89. Smart Polices
89
True SSO
Experience
Policy-Managed
Client Features
Access Point
Authentication
Common Criteria /
FIPS 140-2
CONFIDENTIAL
Policies are tied to the end user allowing IT to be able to provide end users with
a truly contextual user experience with policies dynamically changes depending
on the device used or the location services are being accessed from.

90. The Horizon Difference: Every Kind of Application
90CONFIDENTIAL
App Access
SSO access to all
apps and services
through a unified
Workspace Portal
Monitoring
Desktop-to-
datacenter
monitoring with
vROPs for Horizon
App Isolation
Containerized
applications, isolated
from the operating
system with ThinApp
App Delivery
Application delivery
to virtual desktops in
real-time with
AppVolumes
User
Environment
Management
Maintain consistent,
personalized
settings across
devices with UEM

91. vRealize Operations for
XenApp and XenDesktop
The App Volumes Difference: Any Environment
91
Reduce Operational
and Support Costs
User Environment Management
• UEM provides dynamic, context-based
profile management and app config
• Personalized settings follow user
ThinApp for Packaging Applications
• Can be deployed by App Volumes and natively
streamed from file share
• Eliminates conflicts between app.
• Reduces RDSH Server sprawl
App Volumes Real-time App Delivery
• Provides real-time application delivery to
virtual desktops and RDSH Servers
• Provides single image management for
VDI and RDSH
• Supports User Installed Apps
Improve App Delivery and Management for Citrix or Horizon, New or Existing
CONFIDENTIAL

92. Unified Endpoint
Management
Manage, Configure, Track and Automate

93. Client
Management
EMM Is No Longer Enough
EMM
AirWatch
Unified Endpoint
Management
CONFIDENTIAL 93
IoT

94. Windows 10: A Modern OS for the Mobile-Cloud Era
94
Simplified Lifecycle
Management
Enterprise Ready
Security
Any Apps to Stay
Productive
Intuitive Experience
Across Device
Types

95. Windows 10: Windows Redefined
CONFIDENTIAL 95
Only Corporate
Devices and Data
High Touch
for IT
Joined to
Domain
Legacy
Apps
Windows7
Corporate,
BYOD and LOB
Cloud-based
Management
On Any
Network
Expansive App
Ecosystem
Windows10

96. The New Standard for Windows Management
CONFIDENTIAL 96
Restricted to corporate owned devices
joined to the network
Complex and high-touch management for
IT
Costly and fragmented management and
app ecosystem
Costly, Complex and Restrictive!
Flexibly support multiple device ownership
use cases and on any networks
Simpler cloud based management and
self-service capabilities
Low TCO with consolidated management
tool and a unified apps ecosystem
Traditional Windows Management Modern Windows Management
Low TCO, Simpler and Flexible!

97. Windows Management with VMware AirWatch
Device and OS Lifecycle
Management
Application Management and
Delivery
End-to-end Security
Management
Industry leading EMM capabilities together with the
best of traditional client management functions for
managing Windows across any device type.
97
+

98. Modern EMM Model for Managing Windows with AirWatch
98
Simplified and
Flexible
Deployment
Device and App
Lifecycle
Management
Enterprise
Readiness
End-to-End
Security
Bulk provisioning
Workplace enrollment
Out-of-box experience
Work account enrolment
Azure AD integration
Compliance engine
IT Remote management
End user Self-Service Portal
LOB use cases
Enterprise integrations
Productivity apps
Unified endpoint management
Over-the-air configuration
Application management
Windows Store and Business Store
Software distribution; product provisioning
Windows Update management
Windows Hello and Passport support
Device posture and health attestation
Application security
Conditional access control
Enterprise Data Protection
Per-app VPN

99. A New Level of Data Security with Enterprise Data Protection
99
Tagging Data
Define data sources to classify as enterprise (IP,
domain, SharePoint, and more)
Defining Privileged Apps
Configure privileged apps that can handle
enterprise data
Setting Policy Levels
Configure how enterprise data is handled
(encrypt, block, audit)
Configuring Per-App VPN
Define which apps can access internal network
through VPN

100. Windows Backwards Compatibility with VMware
CONFIDENTIAL 100
FLEX
Horizon
Horizon Air
App Volumes
Horizon
Horizon Air
AirWatch Browser
+
AirWatch Tunnel
Apps with web
interfaces
Incompatible apps as
a service
Older OS desktops
as a service
Older OS images on
local machines

101. The AirWatch Difference: Unified Endpoint Management
101CONFIDENTIAL
Asset Analytics
Tracking, Inventory
System and operations
information for higher
SLA
IT Automated
Workflows
For compliance,
remediation and
more
OS/App Lifecycle
Management
Cradle-to-grave control
over most changeable
assets
Unified Endpoint
Management
Over the Air
Configuration
Configured integration
with Windows business
portal out-of-the-box

102. Cloud-First, Modern Windows Management and Security
102
Faster
Min-set
Provisioning
Unified User
Catalog &
SSO
Co-exist with
Systems
Management
Deploy
Updates Off
the Network
Client Health
Compliance
Win32 App
Lifecycle
Management
Instant Push
Configuration
for Policies
GPOs On or
Off the
Domain
Adaptive
Enrollment
into EMM
Windows
Information
Protection
Patch
Inventory
& Auditing
Granular
Updates
Management
Client Health &
Security
OS Patch
Management
Software
Distribution
Configuration
Management
MDM for Windows
Asset
Tracking &
Inventory
Win32 App
Capture &
Delivery
VMware AirWatch Unified Endpoint Management
for a simpler, more secure and cost effective PC management.
CONFIDENTIAL

103. Conclusion

104. Summary: Key Digital Workspace Principles
CONFIDENTIAL 104
Consumer Simple, Enterprise Secure
Cloud infrastructure synergy
Any application, any device
Integrated application management
Unified end-point management
Platform for Business Mobility

105. Key vmware’s Digital Workspace Solutions
CONFIDENTIAL 105
VMware AirWatch: Enterprise Mobility Management
across devices and apps
NSX Micro-segmentation: Security
within the datacenter
Workspace ONE: Secure anytime,
anywhere access to government
resources across devices
AppVolumes: Real-time app delivery and
centralized app management
VMware Horizon: Virtual Desktop Infrastructure that
strengthens security and centralizes management

106. To summarize…
106
Workspace ONE is the best solution in five
key areas:
1. Unified Endpoint Management manages,
configures, tracks and automates workforce
endpoint management.
2. Leading Virtual Desktops & Apps provides every
kind of desktop and app and supports any
environment with real-time app delivery.
3. Identity-Defined Workspace achieves simple,
secure access for end users.
4. Comprehensive Cloud Service offers every kind of
service from the cloud.
5. Adaptive Management, Conditional Access and
Security keep safe the access to organizations’
data and applications.
CONFIDENTIAL

107. Why AirWatch
107
Proven track record
as industry leader
Best-of-breed digital
workspace solution set
Agnostic solution with
broadest ecosystem
Comprehensive
educational services
and global support
Modern UEM platform
simplifying endpoint
management
The Value
of vmware’s
Workspace ONE

108. Questions?
108

109. Thank you.