VMware Workspace ONE overview and VMworld 2017

This post has already been read 28525 times!

To start, what a great week it was in Barcelona during VMworld 2017. I have met awesome people, had nice conversations and attended some very good sessions.

In this blog post, I like to start with one of my two favorite topics during VMworld: VMware Workspace ONE.

Workspace ONE

I will kick-off with one of my most favorite products at the moment and try to explain why is this one is my personal favorites:

VMware Workspace ONE is a solution that exists of two main components, Identity Manager & AirWatch. Combining these technologies together gives us the following advantages:

  • Unified Application Catalog with Single Sign-On
  • Unifies End-Point features
  • Many security features

Unified Application Catalog

In many organizations, we have to deal with a very diverse application landscape. Users can have a Virtual Desktop environment, consume SaaS applications, Web links, virtualized applications with ThinApp, App Store apps and natively installed applications. Bringing these altogether within one single interface sounds impossible, right? Well, not if you are using Workspace ONE. With Workspace ONE all applications are presented within a single application catalog, depending on device type and OS applications might be visible within the catalog. For example, if I am accessing the application catalog on my MacBook I have a different set of applications then looking at my iPhone. This is because it recognizes the OS and doesn’t present applications that are incompatible with it.

Workspace ONE user interface


Having different SaaS applications from different vendors could result in having multiple Username & Passwords for the end-user to remember. Hence, when the user leaves the company the IT admin must disable multiple accounts for a single user. With Workspace ONE, resources such as a Published Application or SaaS application, can be enabled for Single Sign-On with SAML authentication which results in a single set of credentials for a user for different kinds of resources. For more information regarding SAML, please visit https://code.vmware.com/web/workspace-one/core-capabilities/Single-Sign-On-SAML

Unifies End-Point management for all your devices

The days that 99% of corporate users are working with a Windows desktop is already a long time behind us. As a result, we do see a mix of Android, iOS, MacOS, Chrome and Windows devices and these can either be a BYO or corporate-owned device. So how do we manage this? With the typical enterprise tooling, we are limited to a certain OS, devices must be connected to the network, and Windows devices are typically Domain joined. With Workspace ONE we have the possibility to manage devices within a modern approach, meaning we manage all devices in a Mobile way. All types of devices can be managed from within a single console with the help of Airwatch Unified Endpoint Management (UEM) for their entire lifecycle: Easy enrollment (onboarding) → manage → off boarding (i.e. wiping corporate data).

Combining the power of AirWatch with Identity Manager example.

Security Features

A few good examples to secure the environment:

Compliance rules

With Compliance rules, we are able to check conditions such as Firewall status, Anti-Virus status, etc. and when a certain condition is violated we can create actions (remediation) to notify and solve the problem before allowing access to resources.

Access policies or conditions

Based on access policies we can define how an application can be used, for example, we might allow applications access on the LAN, but when working from home disable the usage of the application or set restrictions.

Per-App VPN

With the use of Per-App VPN, we are able to provide the application access to the corporate LAN without providing the whole user environment access to the corporate environment.

VMware Workspace ONE @VMworld 2017

Although there were many great sessions about Workspace ONE, I like to mention the announcement of VMware Workspace ONE Intelligence. With VMware Workspace ONE Intelligence we have a tool for digital Workspace analytics. It provides three core capabilities to extend Workspace ONE:

  • Insights
  • Planning
  • Automation

A great article from Nicolas Rochard, explaining these features can be found on:


in Addition: VMware announced their partnership with Google to improve management of Chrome devices, some examples:

  • Easy enrollment with out-of-the-box experience
  • Deployment of apps & policies
  • Enable computing modes for standard, kiosk, and multi-user

Final thought 

For me, VMware Workspace ONE is a real enabler towards a Modern Management approach. With Workspace ONE the user benefits with a consumer simple access to all business applications, while the Business improves security, manageability and the lowers the time to market for their applications.

Although there will be a lot of difficulties during the road, especially with Corporate Owned devices when we try to be less depended on Active Directory, it is a real workspace aggregator bringing everything together in a single Workspace Solution. I am very excited to work on all these cool projects!

 In the next blog if will focus on my other favorite topic during VMworld, VMware Horizon Cloud on Azure! Stay tuned!