VMware Horizon

What’s New in the Horizon Workspace Reviewer’s Guide?

By Cindy Heyer, Technical Writer, End-User-Computing Technical Marketing, VMware

The latest updated VMware Horizon Workspace 1.5 Reviewer’s Guide is now available. The Reviewer’s Guide was originally released shortly after the release of the Horizon Workspace product, and it has just been expanded.

The Reviewer’s Guide is designed for VMware customers and partners who want to use Horizon Workspace to access their Horizon View desktops, ThinApp virtual applications, SaaS-based applications, and data shares within secure company systems. The Reviewer’s Guide gives you the low-down on the new features of the 1.5 release, and describes how to set up a Horizon Workspace instance and examine the features. You can use the Reviewer’s Guide to explore the functionality in step-by-step exercises, or even as a training tool to familiarize yourself with a sample Horizon Workspace deployment.

vmware-horizon-workspace-reviewers-guide-cover

The Reviewer’s Guide has a section about the mobile management module of Horizon Workspace and corresponding use cases. This section illustrates how IT administrators can apply control without undue constriction by configuring a workspace in any mobile device used within the company enterprise. Outside the secure workspace, end users enjoy unrestricted use of their mobile devices. But within the workspace, IT administrators can use granular whitelisting and policy settings to provide controlled and secure access to specified company assets. If the relationship between the company and the end user changes, or is terminated, the workspace can be deleted without affecting the data and settings saved on the personal side of the mobile device.

Here’s what the Horizon Workspace Administrator’s UI looks like when installed and enabled.

vmware-horizon-workspace-1-5-admin-ui

The Reviewer’s Guide provides a series of exercises that describe how–as an IT administrator–you can use the mobile management module to manage files, mobile applications, and web applications, even on mobile devices that you don’t own. You can set policies that control what your end users can do within their mobile workspaces, while leaving the rest of the device unrestricted. First, you create a group, and add your end users to the group. Then you apply the policy settings to the group. You can set policies for data containment, workspace lifetime, passcode, and secure network access functionality within the secured workspace environment. You can also establish security measures such as password strength and expiration dates.

To give you an idea of the kind of exercises the Reviewer’s Guide provides, here is an example of access control via policy settings applied to the workspace of a VMware-ready Android device. In this use case, the IT administrator limits access to copy-and-paste, camera, and workspace lifetime functionalities:

1. We’ll start by creating a data-containment policy. First create your new policy by clicking the Policies tab in the Horizon Workspace Administrator Web interface, and then + Data Containment Policy Set.

vmware-horizon-workspace-1-5-policies

2. Next, give the new policy an easy-to-remember name, enable the settings, and Save. In this case, the policy is named Disable Clipboard and Camera, since the policy restricts access to the copy-and-paste functionality and the camera. You’ll see this in action later on.

vmware-horizon-workspace-data-containment-policy-set

3. Now, put this new policy to work: Click the Users & Groups tab, and then the group that you want to apply the new policy to.

4. Click Applied Mobile Policy Sets > Select Mobile Policy Sets.

5. Select the newly created policy from the drop-down menu, and then click Save.

Your policy has now been applied to the workspace of every end user in the group you named. Next, let’s take a look at the policy from the end user’s perspective.

1. On your VMware Ready Android device, tap VMware Switch to switch to the enterprise workspace, the area that is controlled by Horizon Workspace.

vmware-horizon-workspace-1-5-android-switch

2. Tap the Apps icon to list the available applications in the secured workspace, and then tap the Camera app.

3. You can see by the display that the camera has been disabled by the Disable Clipboard and Camera policy described earlier.

vmware-horizon-workspace-1-5-android-no-camera-allowed

That is all: Your policy has been applied to the workspace of each and every end user in the named group, and within each workspace, the end user has controlled access to company assets.

For more detail on this and similar exercises, see the latest VMware Horizon Workspace Reviewer’s Guide. You can also