VMware Extends Its MDM Solution to Windows 10

VMware now lets organizations connect Windows 10 PCs to their enterprise networks using its AirWatch mobile device management (MDM) system.

Users of AirWatch, an integral component of VMware's Workspace One platform, can now enroll their Windows 10 PCs into corporate networks by entering their enterprise credentials, just as they would when connecting their Android and iOS mobile devices. VMware announced the update this week during its VMworld conference in Las Vegas.

Essentially, organizations can now apply the same security polices and MDM capabilities they use to manage their mobile devices to Windows 10 PCs. VMware said it plans to bring the capability to Macs and Chromebooks later this year.

VMware claims it's the first to provide a unified approach to enrolling and managing PCs, Macs and Chromebooks, as well as mobile devices, using the same MDM capabilities. If organizations embrace this new approach to desktop deployment and lifecycle management, it could accelerate a shift away from the traditional approach of creating and deploying images.

The unified MDM capability is now possible because Microsoft earlier this year released the Intune portion of its Graph APIs, and Apple has provided device management APIs that will be available in its fall macOS Sierra upgrade. VMware and Google announced last week a partnership to enable Chromebook management with Workspace One.

"Within VMware, we have leveraged those public APIs extensively," said Sumit Dhawan, senior vice president and general manager of VMware's end user computing business, in a VMworld presentation Monday. By "extensively," Dhawan explained that their use goes beyond just enrollment and providing policy management; it's about integrating identity management and applying context, while striking a balance between providing user control and privacy and ensuring corporate data remains secure.

Dhawan said Workspace One has evolved to meet VMware's mission of bringing mobile, desktop and application management together in a "holistic" manner. The company has added the VMware Identity Manager into its AirWatch console, which it said will provide a common interface for managing devices, context and identity. It also has a simplified mobile single sign-on interface, and using the Microsoft Graph API, it can apply Office 365 enrollment and management, as well as support for other SaaS apps. The new Workspace One release will manage and enforce security polices and provide Office 365 data loss prevention (DLP) upon release of the Office APIs by Microsoft.

"It gives you one way of unifying the experience across all applications, one place to unify your management across all devices," Dhawan said. "This we believe this is a massive change, and we think it is a great opportunity for you."

Workspace One will enable administrators to control how policies, patches and upgrades are pushed out to branch offices using the Adaptiva OneSite tool that VMware licensed earlier this year. By distributing the updates on a peer-to-peer basis using a content delivery network (CDN), organizations don't need to have servers at those branch locations, said Jason Roszak, VMware's Windows 10 director of product management.

In addition to enabling PCs, Macs and Chromebooks to be configured and managed like mobile devices, VMware also said that the Workspace One Horizon 7 virtual desktop infrastructure (VDI) and virtual application platform will be available on Microsoft's Azure cloud service in October. VMware first announced its plans to offer Horizon 7 on Azure back in May and released the technical preview last week. The company, which first extended Horizon beyond vSphere to the IBM Cloud earlier this year, said the Horizon Cloud service running on Azure will start at $8 per user per month.

VMware also plans to enable automation of Windows desktops and applications using its Just in Time Management Platform (JMP), which includes Instant Clone, VMware App Volumes and User Environment Manager, by bringing them into a single console. That will let administrators more easily design desktop workspaces based on users' needs, said Courtney Burry, senior director of product marketing for Horizon at VMware, who gave a demo of the new capability during the keynote.

"The underlying JMP automation engine [will] build those desktops for you," she said. The integrated JMP console is now in preview.

About the Author

Jeffrey Schwartz is editor of Redmond magazine and also covers cloud computing for Virtualization Review's Cloud Report. In addition, he writes the Channeling the Cloud column for Redmond Channel Partner. Follow him on Twitter @JeffreySchwartz.


  • The 2021 Microsoft Product Roadmap

    From Windows 10X to the next generation of Microsoft's application server products, here are the product milestones coming down the pipeline in 2021.

  • After High-Profile Attacks, Biden Calls for Better Software Security

    Recent high-profile security attacks have prompted the Biden administration to issue an executive order aiming to tighten software security practices across the board.

  • With Hybrid Networks on Rise, Microsoft Touts Zero Trust Security

    Hybrid networks, which combine use of cloud services with on-premises software, require a "zero trust" security approach, Microsoft said this week.

  • Feds Advise Orgs on How To Block Ransomware Amid Colonial Pipeline Attack

    A recent ransomware attack on a U.S. fuel pipeline company has put a spotlight on how "critical infrastructure" organizations can prevent similar attacks.