VMware Identity Manager Enables Identity Management for the Mobile Cloud Era

Identity Manager is an Identity as a Service (IDaaS) offering, providing application provisioning, self-service catalog, conditional access controls and Single Sign-On (SSO) for SaaS, web, cloud and native mobile applications.

(1:42)

Identity Management and the Mobile Cloud Era

What Identity Manager Does

Enterprise Single Sign-On

Simplify business mobility with included identity provider (IDP) or integrate with existing on-premises identity providers so you can aggregate SaaS and Native Mobile and Windows 10 apps into a single catalog.

Identity Management with Adaptive Access

Establishes trust between users, devices and the hybrid cloud for a seamless user experience and powerful conditional access controls leveraging AirWatch device enrollment and SSO adaptors.

Self-Service App Store

Build a branded self-service app store so employees can subscribe to applications across devices with automated or manual provisioning.

Enterprise-Grade Hybrid Cloud Infrastructure

Identity Manager leverages the same identity management solution as vCloud Air and the vCloud Suite, used in the most advanced data centers and private clouds.

SPOTLIGHT 

Identity Manager and AirWatch Cloud Mobile App Delivery

VMware Identity Manager and the state of SSO mobility

Noah Wasmer and Ashish Jain talk about VMware identity manager and the state of SSO mobility in this podcast with BrianMadden.com

Listen to the Podcast

FEATURES

Simplify Business Mobility with One Touch from Any Device

Identity Manager is a service that extends your on-premises directory infrastructure to provide a seamless Single Sign-On (SSO) experience to web, mobile, SaaS, and legacy applications.

Enterprise Single Sign-On

Enable users with single sign on while saving on service desk calls and protecting against data leakage. Aggregate SSO apps into one convenient catalog and launcher across any device type through the included identity provider or token generator or integration with an existing identity provider.

Industry-leading support

Support a wide range of web, virtual desktops, published applications, Windows packaged apps, and native mobile apps, all from one place.

Preintegration with many enterprise apps

VMware works with a range of enterprise SaaS vendors leveraging the SAML standard to provide pre-defined integrations including automated user provisioning.

Empower Employees with a Self-Service App Store

Manage the complete user lifecycle across the hybrid cloud complete with a custom brandable launcher and app store application provisioning, and user analytics to monitor and manage resources.

Self-service app catalog

Employees can simply search and select applications that they want to subscribe to and kick-off automated or manual provisioning as required.

Responsive HTML5 app launcher

Support anydevice through a responsive and skinable web app that includes simple sorting by category and favorites.

User analytics

Easy to use analytics help you understand usage trends, capacity planning and licensing management powered with rich and detailed information.

Custom-brandable web portal

Identity Manager customization tool allows you to transform the self-service app store and launcher with your colors, logos, backgrounds, textures and design elements.

Application provisioning

Once a new application is placed in the app catalog, administrators may auto-provision to users by group, or enable self-subscription. Permit subscription events to kickoff approval workflows through existing partners like Remedy.

Optimize User Experience & Security with AirWatch

Identity Manager leverages the same core identity management solution that may be seen powering VMware vCloud Air and the vCloud Suite in the world’s most advanced datacenters and enterprise-class infrastructure clouds.

Conditional access

Apply conditional access policies by user security group, network, and authentication strength.

Conditional access by device

Distinguish between managed and unmanaged devices to allow broad access to low risk apps and then enforce device management with encryption and wipe controls for apps that contain sensitive data.

Native integrated app launcher

Adding AirWatch EMM integrates subscribed applications into the AirWatch catalog where they can be “installed” directly onto the native springboard as just another application icon, ready for use.

Device analytics

Beyond app usage analytics, device analytics supplied through AirWatch enrolled devices permit IT to understand the intersection of apps and devices to make intelligent decisions about capacity planning and new service development.

Trusted VMware Enterprise-Grade Hybrid Cloud Infrastructure

Identity Manager was designed for the mobile cloud world for AirWatch enrolled devices providing a seamless consumer-grade user experience.

Directory integration and federation

Supports multiple Active Directory domains, multiple forests and different trust configurations offering extreme flexibility for integrating with existing environments.

Hybrid deployment model

Identity Manager is built from a single multi-tenant code base whether deployed on premises, or in the cloud. Cloud-based and on-premises instances of Identity Manager may federate for added flexibility.

COMPARE

Identity Manager is available in two editions. The Standard Edition is packaged in Horizon 6 Advanced and Enterprise and provides SSO across Horizon RDSH Apps, desktops, ThinApp and SaaS apps and is ready for integration into AirWatch environments for mobile and SaaS apps. The Advanced Edition includes AirWatch Device and Registration and the AirWatch Console to manage certificate-based authentication and provide the device-specific adaptors for Identity Manager. VMware Identity Manager is included in AirWatch Blue and Yellow Enterprise Mobility Management Suites and VMware Workspace Suite.

VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced
AirWatch Blue / Yellow Management Suite
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only) On-Premises Only
VMware Identity Manager Advanced Cloud Hosted or On-Premises
AirWatch Blue / Yellow Management Suite Cloud Hosted or On-Premises
Identity Federation (SSO) with AD Integration
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced
AirWatch Blue / Yellow Management Suite
SAML Identity Provider and Provisioning Framework
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced
AirWatch Blue / Yellow Management Suite
Authentication Broker for Third-Party Strong Authentication
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced
AirWatch Blue / Yellow Management Suite
App Reporting and Analytics
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced
AirWatch Blue / Yellow Management Suite
Conditional Access
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced
AirWatch Blue / Yellow Management Suite
Catalog (Native and HTML5)
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced
AirWatch Blue / Yellow Management Suite
App Types
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only) Public/SaaS Internal, Thin App, Citrix, Horizon
VMware Identity Manager Advanced Local, Public/SaaS Internal, Thin App, Citrix, Horizon
AirWatch Blue / Yellow Management Suite
Passcode Management
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced
AirWatch Blue / Yellow Management Suite
Device Enrollment
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced Basic
AirWatch Blue / Yellow Management Suite Full (Email, Container, etc.)
One Touch Single Sign-On (SSO)
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced
AirWatch Blue / Yellow Management Suite
Device Registration
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced iOS, Android for Work, Win 10, OSX ONLY
AirWatch Blue / Yellow Management Suite Any AW supported devices
Device Organization Group Management
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced One Group Only
AirWatch Blue / Yellow Management Suite Unlimited
Device Restrictions / Compromise Protection
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced Monitor Only
AirWatch Blue / Yellow Management Suite Monitor and Automate Compliance Actions
Device Configurations
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced Email, Exchange, Passcode, Credentials, SSO, VPN
AirWatch Blue / Yellow Management Suite All payloads, all platforms
Remote Wipe
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced Enterprise Wipe Only (Partial)
AirWatch Blue / Yellow Management Suite Enterprise Wipe and Full Wipe
Mobile app wrapping and SDK for Containerization
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced
AirWatch Blue / Yellow Management Suite
GPS and Geofencing
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced
AirWatch Blue / Yellow Management Suite
Inbox and Email Gateway
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced
AirWatch Blue / Yellow Management Suite
Content Locker (View)
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced
AirWatch Blue / Yellow Management Suite
Telecom Tools and Content Locker Collaborate
VMware Identity Manager Standard (Horizon 6 and Horizon App Management Bundle Only)
VMware Identity Manager Advanced
AirWatch Blue / Yellow Management Suite Yellow Only

HOW TO BUY 

On-Premises Software Purchase

  • Delivered as a virtual appliance.
  • Requires VMware vSphere and VMware vCenter for appliance management.
  • Internal database makes deployment simple.
  • Built from the same release train as cloud version. (Updates are distributed less often.)
  • Simple to build out highly available environment.

VMware Identity Manager is always licensed on a per user basis.

AirWatch Support Services Options

Support contracts are available for all VMware Identity Manager products through the AirWatch support organization globally. One year of maintenance is required.

Software as a Service (SaaS) Subscription

  • Operates on vCloud Air in three regions (US, EU, and APAC).
  • Massively scalable multi-tenant environment.
  • Three “9s” SLA based on redundant physical data centers.
  • Requires installation of an on-premises connector.
  • Fastest way to receive new features and updates.

GETTING STARTED

VMware Identity Manager is available as part of VMware Workspace ONE Standard, Advanced and Enterprise Editions. It provides secured access to corporate applications across all devices and platforms, and a single sign-on experience to cloud apps, single portal access for employee work applications, and conditional access control to apps based on device, network, and user.

Activation

 

To begin deployment and configuration of VMware Identity Manager, make sure you have the URL, Username, Password, and Activation Code included in your activation email. Your activation code is used to establish communication between your tenant and your connector instance. The VMware Identity Manager Connector virtual appliance OVA will be required for set up (download Connector OVA).

Deploy the Connector OVA and use the Setup wizard to activate your tenant. Once completed, you will use the administration console to configure your Active Directory information and setup your authentication methods.

*VMware vSphere server virtualization platform and vSphere client is required to deploy the OVA file. For more information please see the Installation guide. To know more about vSphere, and how to make a purchase, click here or contact your VMware or Airwatch account manager.

Catalog

 

The catalog is the repository for all resources that you can entitle to users. In the catalog tab, you can add web applications from the cloud application catalog, create a new application, group applications into categories, and access information about each resource.

Integrating with LDAP

 

VMware Identity Manager uses your Active Directory infrastructure for user authentication and management. Using the administration console, configure the information to connect to your Active Directory. You can select users and groups to sync with the VMware Identity Manager directory. This will enable you to provide SSO to all SAML compliant apps creating a seamless end user experience.

The Active Directory connection can use Active Directory over LDAP, or Active Directory Integrated Windows Authentication. Active Directory over LDAP connection supports DNS service location lookup by default. With Active Directory Integrated Windows Authentication, you configure the domain to join.

Identity & Access Management

 

The Identity & Access Management tab contains the manage and setup screens.

The Manage screen allows you to set up your directory connection to Active Directory and sync users and groups to the directory. You can also configure a third-party identity provider, recover passwords for users, enable/manage authentication methods and set policies.

Use the Setup screen to setup the connector service, apply customer branding, define user attributes, and define network ranges.

Console Management

 

The VMware Identity Manager administration console provides the management interface for your tenant. You can use the administration console to configure your directory sync to Active Directory, managing users and groups, add resources to the catalog, and set up and manage authentication and access policies. The tasks in the administration console are organized by tabs.

Dashboard - The user engagement dashboard can be used to monitor user and resource usage. This dashboard displays information about who signed in, which applications are being used, and how often they are being used. You can create reports to track users and groups activities and resource usage.