Integrating Workspace ONE Access with Horizon 8 using the new 21.08 Access Connector

If you wish to have a single portal where you offer your staff virtual desktops, web applications, remote desktop applications, you may wish to leverage Workspace ONE Access. Workspace ONE Access offers a friendly application portal as shown below: This example Workspace ONE application catalog is available from VMware TestDrive which clients and partners can try out … More

Setting up Single Sign-On (SSO) to Workspace ONE UEM Self Service Portal (SSP) and Admin Console

Workspace ONE Access is an integral part of the Workspace ONE platform and supports Workspace ONE Intelligent Hub, Workspace ONE Unified Endpoint Management (UEM) and VMware Horizon. Many administrators like the ability to then provide a Single Sign-On (SSO) capability into the Workspace ONE UEM console for both admin (console) access and the user self … More

Setting up iPad’s for Field Workers using Workspace ONE

Many organisations need to deploy iPhone or iPad devices to their field workers, so they can perform their job whilst on the move. Apple devices allow them to access corporate information quickly and easily, using the easy to use iOS operating system. iPad devices can also be configured as kiosk terminals, so only selected mobile … More

Getting Started with Horizon Cloud on Azure

The VMware Horizon Cloud Service delivers feature-rich virtual desktops and applications using a purpose-built cloud platform that is scalable across multiple deployment options, including fully managed infrastructure from VMware and public cloud infrastructure from Microsoft Azure. The following article highlights a number of existing resources and tips and tricks, so you can quickly trial the … More

Getting Started with Horizon 8

VMware Horizon is a modern platform for secure delivery of virtual desktops and apps across the hybrid cloud. You can deploy Windows and Linux desktops using Horizon from either on-premises and from other cloud services such as VMware Cloud on AWS, Azure VMware Solution (AVS) and Google Cloud VMware Solution (GCVE). The purpose of this … More

Disable Windows Hello with Autopilot using Workspace ONE UEM

Workspace ONE UEM fully supports Microsoft Autopilot. For those who are not aware, Windows Autopilot provides setup and preconfiguration services for new devices so they’re ready to use right out of the box. My colleague Pete Lindley (VMware EUC) has written an excellent article on how to setup and test Autopilot with Workspace ONE UEM. … More

Getting Started with Workspace ONE UEM

VMware® Workspace ONE™ is an intelligence-driven digital workspace platform that simply and securely delivers and manages any app on any device by integrating access control, application management and multi-platform endpoint management. Workspace ONE has a range of capabilities, but how do you quickly get up and running and try out it’s many capabilities ? Well … More

AuthN/AuthZ nuances when integrating Workspace ONE and Azure AD

Workspace ONE provides a great way to provide a seamless experience when accessing Office 365.  I’d previously written how you can integrate Workspace ONE Access with Azure AD in this blog post. Matt Williams (End User Computing Product Manager at VMware) published three detailed articles on how you can integrate Workspace ONE Access with Azure … More

Integrating Workspace ONE UEM and Access with Okta

At Oktane in May 2018, VMware and Okta announced a strategic partnership to deliver advanced identity capabilities for the Digital Workspace. By integrating VMware Workspace ONE and the Okta Identity Cloud, our customers can easily and securely move to the cloud, adopt best-of-breed technologies and simplify IT management. Since this announcement, VMware and Okta have … More

Deploying the Workspace ONE Intelligent Hub via Active Directory GPO

The Workspace ONE Intelligent Hub (previously the Airwatch Agent) provides a range of flexible options to get deployed to your Windows 10 PCs. The VMware Techzone article Onboarding Windows 10 Using Command-Line Enrollment details this for various deployment options. I then came across two excellent videos created by Rob Kelley (VMware).  Rob created two videos … More

Federating Microsoft Azure with Workspace ONE Access and Office 365

Workspace ONE provides a great way to provide a seamless experience when accessing Office 365.  I found configuring this wasn’t too complex, however there were a number of settings you needed to get exactly right for this to work. The purpose of this article is to provide you further details on how to enable this … More

Setting up Workspace ONE Single Sign-on (SSO) and Conditional Access

Workspace ONE Access as part of Workspace ONE, provides Single Sign-On (SSO) capabilities for iOS, Android, Windows 10 and macOS. The following guide details how to set this up for all four operating systems.  Mobile SSO is also required for leveraging Workspace ONE UEM (aka Airwatch) device compliance.  This allows the administrator to ensure that … More

Setting up VMware Horizon on VMware Cloud on AWS

Organisations of all sizes are increasingly relying on desktop and application virtualization to deliver their business-critical applications to any device. Since the announcement of Horizon on VMC in May 2018, there has been a large interest in clients looking to extend their existing on-premises Horizon platforms to the cloud, or build a new Horizon 7 … More

An exciting new role at VMware

It’s been a privilege to work with wonderful people and the various organisations of IBM. Initially I worked for many years in IBM Services (ITS projects team on VMware, Microsoft and Citrix solutions), then Systems (Systems Management) and more recently in Security Software. My last six years working in IBM Security allowed me to work … More

Don’t Drown in a Sea of Cyberthreats

Security teams can be overwhelmed by a sea of vulnerabilities–without the contextual data to help them focus their efforts on the weaknesses that are most likely to be exploited. Cyberthreats need to be stopped before they cause significant financial and reputational damages to an organization. You need a security system that can detect an attack, … More

Setting up IBM BigFix Compliance for PCI DSS

Payment Card Industry Data Security Standard (PCI DSS) is a well know IT security standard for organisations that handle credit card data.  The PCI standard is actually mandated by the Payment Card Industry Security Standards Council, and the potential fines for non compliance and ramifications for a business if they hacked can be significant. For example in 2013 Target … More

Setting up BigFix Inventory 9.2

IBM BigFix (Endpoint Manager) has released a new Software Usage Analysis (SUA) module. This release includes a number of new capabilities, specifically SQL support.  BigFix Inventory (or SUA) also provides IBM sub-capacity measurement capability. IBM has provided a number of installation and administration guides here.   In the following article, I’ll step you through the key … More

IBM BigFix (Endpoint Manager) Windows 7 Migration Cookbook

IBM BigFix can not only provide software distribution but also Operating System Deployment (or OSD).  OSD includes the ability to upgrade operating systems (such as Windows XP to Windows 10) but also perform bare metal installations.  I’ve recorded two edited video’s of OSD in action for an upgrade and bare-metal installation. OSD is a feature of IEM’s … More

IBM BigFix for Managed Service Providers (MSPs)

IBM BigFix is popular with Managed Service Providers (MSPs) for it’s ability to manage hundreds of thousands of endpoints via a single multi-tennant architecture.  BigFix provides MSP’s the flexibility for either centralised or delegated administration models. Overall Architecture Bigfix is typically installed in a centralised architecture as show below.  A single Bigfix server is installed at the … More

Keep calm with IBM BigFix

It was recently reported that a Microsoft Windows and Office vulnerability was already being targeted by criminals.  If you search on Google for keywords such a Windows and zero day exploit, it’s interesting to summarise the respective web pages mentions: Windows – Approximately 7 Million web pages Mac – Approximately 500K web pages Linux – Approximately … More

Manage Amazon (AWS), Azure or IBM Cloud instances with IBM BigFix

IBM BigFix provides clients with the ability to manage hundreds of thousands of endpoints from a single console.  These can be a range of operating system types such as Windows, Linux, Apple Mac OSX and Unix.  Oh, don’t forget mobile devices too! You can install your BigFix environment with an relay running in your DMZ, … More

Using Trusted Certificates with IBM Endpoint Manager for Mobile Devices

IBM Endpoint Manager for Mobile Devices requires a certificate to manage iOS devices – through Apple’s Push Notification Service (APNS).  This APNS certificate allows the Management Extender to establish a secure, trusted channel of communication with the iOS devices.  This setup is straightforward and is detailed here.  Our MDM evaluators guide provides step by step instructions with screen … More

Setting up IBM Endpoint Manager, Software Usage Analysis (SUA) 2.0

I’d previously detailed how you can get up and running with IBM Endpoint Manager, Software Usage Analysis 1.3.   SUA 2.0 is a new release that extends IEM’s software analysis capabilities to Linux/Unix systems and more IBM software products.   The following article details the differences between 1.3 and 2.0 in more detail. In the following … More

Setting up IBM Endpoint Manager, Software Usage Analysis (SUA) 1.3

IBM Endpoint Manager Software Usage Analysis (otherwise known as IEM SUA) allows you to easily determine what software is deployed across your organisation and how actively it is being used on each computer.  With SUA you can easily determine whether you’re effectively using more expensive software such as Microsoft Project or Visio on all of … More

Installing IBM BigFix in less than 15-Minutes

My brother (who is a chef) tells me I can’t cook.  I assemble food.  So I’ve really enjoyed Jamie Oliver’s 15 minute meals and trying new ideas at home.  So in the spirit of cooking a meal in 15 minutes, I thought I’d document how easy it is to install the latest release of IBM BigFix in less … More

Enabling the Self Service Portal with IBM Endpoint Manager for Mobile Devices

Following my post last month on Enabling Authenticated Enrollment,   I’ve also detailed below the process for enabling the Self Service Portal (SSP).   The IBM Mobile Devices Self Service Portal is a web-based method that allows you to manage your personal device without logging onto the TEM console. Enabling the Self Service Portal The SSP … More

Deploying your IBM BigFix Agents

IBM BigFix Agents are installed on every computer that you want to manage. They access a collection of Fixlet messages that detects security holes, improper configurations, and other vulnerabilities.   These intelligent but small agents are typically less than 10MB in size.   IBM offers a range of agents for Windows, macOS, IBM AIX, HP-UX,  CentOS, Solaris , VMware ESX … More

IBM VIBs for VMware ESXi 4.1U2 and 5.0

IBM has released the IBM VIBs (vSphere Installation Bundle) for ESXi 4.1U2 (Update 2) and 5.0 so customers can now create there own custom ESXi images. vSphere 5.0 The IBM providers for 5.0 are now posted to Fix Central – here  (updated link July 2012) Otherwise you can also find them by: Going to Support … More

IBM’s customized ESXi 5.0 FAQ’s

Since the release of IBM’s customized ESXi 5.0, there’s been a number of queries on what it contains and how you use it to upgrade to vSphere 5.0.    One of my colleagues, Wayne Wigley in the US has compiled this useful FAQ, which I’ve published below: Q)  When will vSphere 5 ESXi be available on an IBM USB … More

How to migrate your endpoints to a new Systems Director 6.3 server

If you’re currently running Systems Director 6.2.x in your environment, you can perform an in-place upgrade to 6.3 as outlined here.  However, there are many customers who might also like to install some new hardware or even virtualise their existing Director server at the same time. The following steps outline the process to migrate your … More