During the Day 2 general session VMware brought an interesting project they are working on together with Microsoft. Project A2 it’s called secretly, and this project (currently in Tech preview) will be able to manage Windows 10 endpoints (workstations) via App Volumes and AirWatch (hence the name Project A2). Those endpoints can be physical or virtual and in conjunction with App Volumes, which are able to deliver applications to those endpoints.
We all know that App volumes can assign hundreds of application in literary just few seconds to a user. Last year’s demo of Cloud Volumes that I recorded during VMworld has finalized with App Volumes standalone product.
Fast deployment of many applications at the same time was was previously difficult and time consuming with products like Thinapp, or via deploying those apps via GPOs. App volumes are simply a revolution when it comes to speed of deployment. In conjunction with full management suite (which is Airwatch), which can manage All devices (smartphones, tablets, chromebooks…) it’s global solution for EUC. Windows 10 has quite good start so far.
Screenshot of Project A2 . (Image courtesy of VMware.)
I remember last year, or few years back, there was “bring your own device” …. Now it seems that finally there will be single console to manage all devices. -:). For more information on Project A2 and VMware’s Windows 10 strategy, visit the VMware End-User Computing product blog.
Few months back I enroled for a trial of Airwatch and I was able to document few basic things.
What is AirWatch?
Shop for vSphere licenses at VMware Store:
- vSphere Essentials Plus – vMotion, HA… 3 Hosts, vCenter
- vSphere Essentials – 3 Hosts, vCenter
- vSphere Standard – Per Physical CPU license
Airwatch has an offer which enables mobile devices management by separating the enterprise content from user’s personal content. What’s usually happening is that users often uses their own personal phones for work and the proliferation of enterprise documents (often with sensitive information) on the personal phone causes security problems for the enterprise.
After the first connection you need to enroll a device(s) in order to get started. There are three different methods possible for enrolling new devices (login/pass, QR code, )
Example of a mobile phone I enrolled through an AirWatch portal:
Administrator by using products like Airwatch is able to define via policy which content and applications can be stored on the device, for how long and what happens if the device is declared stolen or lost. There is also an option to encrypt the device. But we’ll take a look at the UI when we get more familiar with it.
AirWatch can be deployed as a cloud offering or on your own datacenter, OnPremise. You can always migrate to the cloud environment if necessary or if you feel that the OnPrem environment is not gonna evolve and you’re going more and more “hybrid”…
After you first connect to the environment you must enroll at least one mobile device. You’re presented with a screen where an assistant shows you the steps you have already done by accessing the portal and steps which are to be done in order to fully configure the AirWatch solution.
The Getting started page looks like this:
3 Sections are presented:
Mobile Management – manages the enrollment of new mobile devices. Configure compliance rules for all your enrolled devices and make sure that that those rules has been respected. You can do an enterprise wipe.
Content Management – In this section you can actually deploy the content from your file servers by using a content locker application. You can see logs how often the content is accessed or see a reports.
Application Management – by using the application management tab you’re able to manage applications which are accessible to your group of mobile devices. The big thing is the possibility to deploy a catalog from where users are able to search and deploy the applications they need. Those applications can be public or private (company’s) applications. You are also able to deploy purchased applications.
The AirWatch Console Menu
On the left hand site there is a vertical menu where you’ll find different sections to work with. Under the Getting Started button you’ll see Hub, Devices, Accounts, Apps & Books, Content, Email, Telecom….
In fact It’ a double menu where by clicking the first colon you’ll get access to the second colon.
The second (internal) menu has different options which allows you to take actions. In my example on the left you can see the Content locker which allows to configure the content which will be synchronized with the devices in the group.
You can upload a sensitive or important files and those files will be managed via policies.
It’s also possible to configure existing content from file server repository etc.
As an example of settings you can specify if a file can be opened Online or Offline. Or whether this file can be (or rather not) joined to an e-mail message.
Airwatch suite is composed from few applications which has to be installed on the mobile device as well. Those apps can be installed from the Air-Watch marketplace (https://marketplace.air-watch.com or admin can pre-configure those apps through catalog which end user can self-deploy on the device.
AirWatch Container – The role of Airwatch container is to “split” the device in two where the enterprise data are separated from peronal data. The user, once identified through the container app, he(she) can only access corporate e-mail, browse the web with corporate browser etc.
Airwatch Agent – The Airwatch Agent’s role is to make sure that you can enroll your device in Airwatch. From the AirWatch Agent, you can view device details, read messages from IT, verify your compliance status and request support from your IT administrator. The AirWatch Agent will report device details and compliance status to the admin console. Through the agent users can also self-deploy their apps.
Airwatch Inbox – this is secure corporate container client. There is AES 256-bit encryption in place to protect the corporate messaging, calendar and contacts.
Airwatch Content Locker – this app allows the document distribution in secure way. All user’s generated documents stays in secure container. Allows a centralized access to corporate resources, user content stored in the cloud/OnPremise/hybrid location. Manages access rights to the content and synchronizes the content with the corporate space.
Note that the Airwatch portal is in constant evolution, so future releases will possibly adds much more content possibilities especially when expecting to manage Windows 10 desktops. Enjoy… -:)