UEM1859BE Be a Power Admin: VMware AirWatch or distribution · 2019-06-27 · Camille Debay - Solution Architect Morgan Abaziou –Solution Architect UEM1859BE #VMworld #UEM1859BE
Post on 02-Jun-2020
8 Views
Preview:
Transcript
Camille Debay - Solution ArchitectMorgan Abaziou – Solution Architect
UEM1859BE
#VMworld #UEM1859BE
Be a Power Admin: VMware AirWatch Console Tips and Tricks
VMworld 2017 Content: Not fo
r publication or distri
bution
• This presentation may contain product features that are currently under development.
• This overview of new technology represents no commitment from VMware to deliver these features in any generally available product.
• Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind.
• Technical feasibility and market demand will affect final delivery.
• Pricing and packaging for any new technologies or features discussed or presented have not been determined.
Disclaimer
2#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
Corporate-Owned,
Purpose-Built
Combined Management Tools and Processes for Improved Efficiency
AirWatch Unified Endpoint ManagementModern Management and Security for All Connected Devices
3
AIRWATCH UEM
LIFECYCLE MANAGEMENT
SECURITY
USER EXPERIENCE BYO
ANY ENDPOINT
ON ANY PLATFORM
ACROSS ANY USE CASE
Desktops, Laptops,
Mobile Devices, IoT
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
How To Be a Power Admin
4
Admin Workflows
Grouping
Console
Automation
Reports and Analytics
Rest API
Automatic Ownership
Enrollment Customization
Branding
Self-Service
End-user Experience
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
Simplify the Admin Workflows
#UEM1859BE CONFIDENTIAL
Grouping
Console Automation
Reports and Analytics
Rest API
5
VMworld 2017 Content: Not fo
r publication or distri
bution
6
Create organization groups for:• UAT• Production• Admins/Developers• New use cases• Workspace ONE adoption• Ruggedized devices
Use Grouping to its Fullest Potential!
Separate test from production using multi-tenancy
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
7
Create, filter and separate groups of users
Test the impact across platforms and versions
Use Grouping to its Fullest Potential!
Assign policies and applications to specific users
Define settings for specific use cases
Create smart groups to assign your updates
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
8
• AD Security Groups• Organizational Groups• Device Ownership Types• OU Groups• Custom AD Queries• Device-based criteria
• OS version• Device model
• Local AirWatch User Groups
Attributes of Smart Groups
• Apps• Profiles• Compliance policies• Enrollment restrictions• Content Repositories• VMware Identity Manager policies• Workspace ONE application
assignment
Items that Support Smart Groups
Use Grouping to its Fullest Potential
What are Smart Groups?
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
Use your Active Directory Security Groups in AirWatch
9
Use them in your Smart Groups | Apply these groups to Workspace ONE
Use Grouping to its Fullest Potential
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
10
AD grouping for Workspace ONE
Use Grouping to its Fullest Potential
Sync directory users and groups to VMware Identity Manager
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
Simplify the Admin Workflows
#UEM1859BE CONFIDENTIAL
Grouping
Console Automation
Reports and Analytics
Rest API
11
VMworld 2017 Content: Not fo
r publication or distri
bution
Simplify the Admin Workflows
#UEM1859BE CONFIDENTIAL
Grouping
Console Automation
Reports and Analytics
Rest API
12
VMworld 2017 Content: Not fo
r publication or distri
bution
13
Groups and Settings All Settings System Enterprise Integration Directory Services User Advanced. Set the Automatically Sync Enabled or Disabled User Status to Enabled.
Groups and Settings All Settings Devices & Users General Enrollment Grouping.Set the Default Action for Inactive Users to Enterprise Wipe Currently Enrolled Devices.
Automate Console Actions
Enterprise wipe devices from disabled Active Directory users
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
14
Solutions that update Active Directory groups, such as HR management tools, can be automatically reflected in AirWatch
Add or remove assigned resources automatically
Automate Console Actions
Automatically sync your AD groups and users
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
15
Compliance policies are used to perform actions on devices that are not within your rules set in the console.
Set compliance rules based on the severity of the compliance violation, and the work effort required for the user to get back into compliance.
BEST PRACTICE – create one rule in the console with many actions, rather than many rules. Rules are AND commands!
Automate Console Actions
Compliance policies help your administration experience
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
16
Automate Console Actions
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
Simplify the Admin Workflows
#UEM1859BE CONFIDENTIAL
Grouping
Console Automation
Reports and Analytics
Rest API
17
VMworld 2017 Content: Not fo
r publication or distri
bution
Simplify the Admin Workflows
#UEM1859BE CONFIDENTIAL
Grouping
Console Automation
Reports and Analytics
Rest API
18
VMworld 2017 Content: Not fo
r publication or distri
bution
Use Workspace ONE Intelligence for AirWatch Monitoring
19
ONE VIEW
Get visibility into your entire
environment in one place
SEARCH
Query your environment to detect
anomalies
ANALYSE
Get custom and historical reports
on your entire digital workspace to
make data-based decisions (app
deployment, adoption, usage,
engagement, performance and
user experience, device posture
and more)
Insights Planning Automation
SMART DELIVERY
Better plan your app and policy
deployments with custom
recommendations
PERFORMANCE
Monitor app performance to identify
critical issues and increase user
experience
SCALE
Deploy apps and patches to your
entire environment without taking
the network down
RULES ENGINE
Automate processes across your
environment by defining rules that
take actions based on a rich set of
parameters.
CONTEXTUAL WORKFLOWS
Create contextual policies that take
automated remediation actions
based on security threats, and
meet compliance requirements
through automated access control.
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
20
VMworld 2017 Content: Not fo
r publication or distri
bution
#UEM1859BE CONFIDENTIAL 21
VMworld 2017 Content: Not fo
r publication or distri
bution
#UEM1859BE CONFIDENTIAL 22
VMworld 2017 Content: Not fo
r publication or distri
bution
#UEM1859BE CONFIDENTIAL 23
VMworld 2017 Content: Not fo
r publication or distri
bution
Simplify the Admin Workflows
#UEM1859BE CONFIDENTIAL
Grouping
Console Automation
Reports and Analytics
Rest API
24
VMworld 2017 Content: Not fo
r publication or distri
bution
Simplify the Admin Workflows
#UEM1859BE CONFIDENTIAL
Grouping
Console Automation
Reports and Analytics
Rest API
25
VMworld 2017 Content: Not fo
r publication or distri
bution
Automate Tasks Using REST APIs
AirWatch API help page:
SaaS:
https://{ds###}.awmdm.com/API/help
Or installed on the console if on-premises
Use the API for:
• MDM settings
• MAM policies
• MEM configuration
• System Configuration
26
Build custom workflows using REST APIs
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
Automate Tasks Using REST APIs
VMware Identity Manager API documentation:
https://code.vmware.com/apis/57/idm
Use the API for:
• Admin tasks in the console
• Oath2 token settings
• User configuration
• Device registration
27
Build custom workflows using REST APIs
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
Simplify the End-User Experience
28
Automatic Ownership
Enrollment Customization
Branding
Self-ServiceVMworld 2017 Content: N
ot for publicatio
n or distribution
Make the Most of Simplified Enrollment Methods
Define Settings
Automatically apply settings when users power on devices
Eliminate Staging Costs
Take configuration time from hours a few minutes
Simple consumer-like setup
Enable users with instant access and productivity,
skipping unnecessary setup steps
Scalable Deployments
Automating all steps of device management to scale
deployments without added time or effort
29
Apple Device Enrollment Program
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
Make the Most of Simplified Enrollment Methods
30
Android Enterprise
Provision a work managed device by
entering afw#airwatchwhen prompted for a
Google account
Provision work managed device out of the box by
scanning a QR code
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
Make the Most of Simplified Enrollment Methods
31
KNOX Mobile Enrollment
Turn OnDevice
Wi-Fi SetUp
Finish SetWizard
MEPPop-up
EULA andAirWatchPrompts
Device isEnrolled
• Simplified and automated end user enrollment process
• Streamlined administrator staging process
• Helps reduce cost and increase adoption
VMworld 2017 Content: Not fo
r publication or distri
bution
Simplify the End-User Experience
32
Automatic Ownership
Enrollment Customization
Branding
Self-ServiceVMworld 2017 Content: N
ot for publicatio
n or distribution
Simplify the End-User Experience
33
Automatic Ownership
Enrollment Customization
Branding
Self-ServiceVMworld 2017 Content: N
ot for publicatio
n or distribution
Optimize the BYOD Enrollment Workflow
34
Clear and concise privacy information for your users
ADAPTIVE MANAGEMENT
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
Optimize the BYOD Enrollment Workflow
Groups and Settings All Settings Devices & Users General Privacy
35
Deploy the Privacy App to proactively inform your users
Configure privacy per device ownership type
Determine what is being collected on end user devices
VMworld 2017 Content: Not fo
r publication or distri
bution
Customize Your Terms of Use
Groups and Settings All Settings Devices & Users General Enrollment Terms of Use.
Enable the setting to Require Enrollment Terms of Use Acceptance.
Create different terms of use settings for different OG’s and device ownership types.
36
Tailor the terms of use to the enrollment OG
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
Simplify the End-User Experience
37
Automatic Ownership
Enrollment Customization
Branding
Self-ServiceVMworld 2017 Content: N
ot for publicatio
n or distribution
Simplify the End-User Experience
38
Automatic Ownership
Enrollment Customization
Branding
Self-ServiceVMworld 2017 Content: N
ot for publicatio
n or distribution
Create a Consistent Experience Using Branding
39
Provide a consistent experience for IT and end users
VMworld 2017 Content: Not fo
r publication or distri
bution
Create a Consistent Experience Using Branding
40
Now with Workspace ONE branding!
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
Simplify the End-User Experience
41
Automatic Ownership
Enrollment Customization
Branding
Self-ServiceVMworld 2017 Content: N
ot for publicatio
n or distribution
Implement Self Service to Reduce Help Desk Calls
• Clear Passcode
• Send sound to locate
• Lock Device
• Push Profiles
Accessible on any device!
42
Help your users help themselves
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
How To Be a Power Admin43
Admin Workflows
Grouping
Console
Automation
Reports and Analytics
Rest API
Automatic Ownership
Enrollment Customization
Branding
Self-Service
End-user Experience
#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
Like What You See?
Check out myAirWatch for how-to knowledgebase articles
44#UEM1859BE CONFIDENTIAL
VMworld 2017 Content: Not fo
r publication or distri
bution
VMworld 2017 Content: Not fo
r publication or distri
bution
VMworld 2017 Content: Not fo
r publication or distri
bution
top related