What are the most common capabilities for iOS in Workspace ONE UEM?
アプリケーションとクラウド
あらゆるクラウドの価値を最大限に引き出し、モダン アプリケーションの迅速な提供を実現
あらゆるクラウドの価値を最大限に引き出し、モダン アプリケーションの迅速な提供を実現
| WAN、データセンター、クラウドのためのネットワークとセキュリティの仮想化でモダン アプリの運用を推進 |
シームレスな従業員体験を実現し、すべての従業員に場所と時間を問わず作業できる環境を提供
インフラを活用して、あらゆるアプリ、クラウド、デバイスを保護する本質的なセキュリティをすべてのレイヤーで実現
アプリケーション フレームワーク/クラウド インフラ/セキュリティ アーキテクチャに応じたソリューションを提案
VMware が提供するデジタル基盤なら、アプリケーションをあらゆる環境でビルド、実行、管理、接続、保護できます
Workspace ONE Unified Endpoint Management (UEM) technology now powers VMware Workspace ONE, an integrated platform for the digital workspace.
Learn more about the app lifecycle and how apps can be delivered and managed in today’s IT environment.
Access the report and see why we believe IDC positioned us as a Leader.
1) Automated, out-of-the-box device activation and configuration with User Enrollment to keep the user’s personal data completely separate from work data.
2) Unified app catalog enables self-service for users as well as admin-controlled app download and management.
3) Security: Comprehensive certificate lifecycle management, per-app tunnel to encrypt traffic, settings to avoid data leakage and more.
4) Shared device mode allows multiple users to customize experiences via check-in/check-out.
User enrollment is a new BYOD enrollment scenario with an intense focus on user privacy. On a user-enrolled device, organizations can enable the user’s work experience by providing apps, content, and single sign-on, but do not gain access to full device management or device-unique identifying information.
Deploying internal apps can be achieved in two ways with Workspace ONE UEM. The first and preferred method is with Apple Business Manager or Apple School Manager integration. This method allows you to privately publish your apps, called "In-House" apps, to the App Store and install those apps to your users via Workspace ONE UEM. These apps are not visible to users on the public App Store yet take advantage of all the App Store features like TestFlight. The alternative method is to sign your enterprise applications with an Apple Enterprise Signing certificate and upload the .ipa file directly to Workspace ONE UEM. This method offers additional flexibility but comes with more admin overhead to manage.
Workspace ONE UEM offers two options for sharing iOS devices between multiple users.
1. The newest and preferred method is with Apple's Shared iPad through Apple Business Manager. This provides a unique data partition for each user on an iPad and protects each user's data. The second option is using Workspace ONE UEM's Check-In/Check-Out solution through the Intelligent Hub app. This allows users to log in and out of the app which reconfigures apps and policies based on the current user.
2. Alternatively, there are solutions like Apple's Provisioning Utility and GroundControl (acquired by Imprivata) that work with Workspace ONE UEM to perform full device wipes and create user sessions via a tethered connection. This helps ensure all user data is deleted when moving devices between users.
Workspace ONE Mobile Flows are the latest addition to the VMware Workspace ONE platform. Mobile Flows help device users perform tasks across multiple business back-end systems from a single app like VMware Boxer. This eliminates the need for end users to visit multiple websites or apps while performing business tasks.
Users who want to use their own devices for work (commonly called Bring your own device or BYOD) have several options. The newest method is enrolling iOS devices with Apple's User Enrollment. This is a native enrollment method that separates work and personal data automatically on devices. This protects your user's privacy while securing enterprise resources simultaneously. Alternatively, users can gain immediate access to apps, native and SaaS, and other enterprise resources by logging into the Workspace ONE Intelligent Hub.
Workspace ONE Intelligent Hub provides a consistent user experience across all Apple platforms (iOS, iPadOS, macOS) enabling employees to access a unified app catalog – consisting of SaaS, Native and Virtual apps with Single Sign On. Intelligent Hub takes it a step further by creating a one-stop shop for corporate resources through services such as People Search, Support and a customized notification tab for corporate communication
Workspace ONE uses the native iOS Kerberos capabilities along with technology developed in VMware Workspace ONE Access that provides a bridge between SAML and Kerberos for authentication. Check out this whitepaper for more information.
iPads configured to do so can be shared between users by allowing users to check-in and check-out devices. Using the Workspace ONE Intelligent Hub, users can sign-in to an iOS device to use the apps and content to which they’re assigned, and then sign-out when they’re done (making the iOS device ready for the next user). With shared iPad for business or school, integration with Apple Business Manager or Apple School Manager allows a user to sign in with a managed Apple ID and use apps and content to which they’re assigned.