WavebreakMediaMicro - Fotolia

Tip

Get to know Workspace One for Microsoft Endpoint Manager

VMware's Workspace One can now connect with the new Microsoft Endpoint Manager to provide IT pros with more tools at their disposal for workspace, desktop and endpoint management.

Many modern device management tools rely on integrations with other products to deliver enhanced features. Two major vendors, Microsoft and VMware, formed a partnership to offer integration between two device management suites.

That integration is called VMware Workspace One for Microsoft Endpoint Manager. Announced at VMware 2019, it focuses on a combined approach to device and workspace management.

Organizations should understand what these two products, VMware Workspace One and Microsoft Endpoint Manager, can accomplish and what the integration between these products provides Microsoft and VMware customers.

What is Microsoft Endpoint Manager?

Microsoft announced the Endpoint Manager offering at Microsoft Ignite 2019. Endpoint Manager combines Microsoft System Center Configuration Manager, a traditional client management tool, and Intune, a unified endpoint management (UEM) tool, to comanage devices. It also includes a new web-based management interface called Device Management Admin Center.

Microsoft Endpoint Manager Admin Center
A fleet of managed devices in Microsoft Endpoint Manager Admin Center within the Azure portal.

Other important features in Microsoft Endpoint Manager are Microsoft Productivity Score, Windows Autopilot and Desktop Analytics.

What is VMware Workspace One for Microsoft Endpoint Manager?

Since Microsoft opened up the modern management APIs in Windows 8.1, it has been possible to manage a Windows device from a different perspective outside of Microsoft's native management tools. This move pushed for self-service, the possibility of staying in contact with the device from anywhere in the world, and introduced different types device of ownership so IT and the end user can coexist on the same device.

[While] Microsoft opened up the modern management APIs in Windows 8.1 … Microsoft expanded the publicly available modern managemet APIs with Windows 10.

VMware Workspace One, a digital workspace offering, relies on these APIs and offers consumers a single secure location where they can access all their apps and services from numerous different device types and models. The context of the user dictates how strongly secured the access to the apps is. For example, if someone works from inside the company's premises, then Workspace One can apply a different security policy than a policy for a user working from a public Wi-Fi connection at a coffee shop.

Microsoft expanded the publicly available modern management APIs with Windows 10. Microsoft also added new features in Microsoft Endpoint Manager to take advantage of the Windows 10 modern management capabilities. By integrating VMware Workspace One with Endpoint Manager, IT pros can build these features into VMware's UEM platform.

Benefits of VMware Workspace One for Microsoft Endpoint Manager

Application integration. Applications that IT pros manage with Microsoft Endpoint Manager can fully integrate with the Workspace One Intelligent Hub app. This provides users a single portal in which they can find all their work-related applications.

Employee onboarding. VMware Workspace One for Microsoft Endpoint Manager customers can use the employee onboarding experience from Workspace One in combination with the user identity management of Microsoft Endpoint Manager.

Conditional access. Both Microsoft and VMware have their own processes to add conditional access policies to enterprise applications. With VMware Workspace One for Microsoft Endpoint Manager, it's possible to combine these or just use one or the other. The apps aren't tied to either console for management. IT can use Workspace One's conditional access policies with Microsoft Office 365 apps and handle them through Microsoft Endpoint Manager.

Security baseline for Windows 10. Workspace One enables IT professionals to audit certain elements of an endpoint for compliance with regulations or company policies. These compliance checks could verify password change requirements, active firewalls, antivirus updates and other measurable security metrics.

These compliance policies enable IT to revoke access to certain apps in case a device is noncompliant. With VMware Workspace One for Microsoft Endpoint Manager, IT can use security baseline templates for Windows 10 as a compliance item.

Editor's note: Workspace One for Microsoft Endpoint Manager isn't generally available yet, and it's running in an early access beta at the time this article published.

Dig Deeper on Unified endpoint management