VMware User Environment Manager 9.1: Continuing to Enhance Profile & Policy Management

Sep 15, 2016
Sachin Sharma

Author:

Sachin Sharma is a senior product line marketing manager for VMware’s End-User Computing business unit, specializing in security.

Share This Post On

Released earlier this year, VMware User Environment Manager 9.0 introduced several new features to help customers simplify management of user profiles and policies in any virtual, physical or cloud environment. The release showcased tighter integration with VMware Horizon 7 using VMware Horizon Smart Policies. Application authorization, or what’s commonly referred to as app blocking, gave IT administrators a simple but powerful capability in blocking or allowing access to applications a user may try to access from their virtual or physical desktop.

With User Environment Manager 9.0, administrators could also now configure folder redirection for user data, such as My Documents or My Videos. These were just some of the features that made User Environment Manager 9.0 a release that our customers were highly anticipating—and it delivered! Today, we’re even more excited to announce User Environment Manager 9.1, which continues enhancing some of the key features in 9.0.

New Policies with User Environment Manager 9.1

The first iteration of Horizon Smart Policies in Horizon 7 leveraged the power of User user-environment-manager-policy-configuration-demo-videoEnvironment Manager to help administrators easily enforce user policies in a Horizon environment. Admins can use Horizon Smart Policies to allow or block simple functionality like copy/paste or client drive access on a virtual desktop or published application. Dynamic contextual policies also allow administrators to set triggers on policies, based on conditions. These capabilities were a great first step in integrating User Environment Manager with Horizon 7. Now, customers look for even more policies.

With User Environment Manager 9.1, we added new policies, including setting up bandwidth profiles for VMware Blast Extreme and HTML access file transfer, just to name a couple. (If you’re looking for more policies added to the Horizon Smart Policies, let us know in the comments.)

New Hash-Based Authorization with User Environment Manager 9.1

App authorization was a feature that many customers anticipated. As soon as we released it in User Environment Manager 9.0, we received immediate positive feedback. We continue to user-environment-manager-technical-demo-videoenhance this feature, now adding “hash-based” authorization. This gives administrators the ability to allow or block apps based on the hash of the app executable, instead of just path-based blocking. The hash can be generated automatically by browsing to the executable.

With hash-based authorization, admins can now decide whether or not to run an application based on the application’s digital signature. By using that digital signature, admins can allow or disallow users to run only specific, authorized applications. This alleviates the worry that users will rename a disallowed application on the white list of apps allowed. Configuration also becomes easier, because admins do not need to know where the app is installed. Admins can check any app being launched, no matter where it comes from. Some customers also use different drive letters for launching apps. They also allow a specific app to launch from a USB drive as long as the hash that is allowed is safe, because no other app can be launched from that USB drive.

Speeding Deployment without GPO or Active Directory

One reason customers prefer using User Environment Manager over other user profile and policy management solutions is the light requirements for backend infrastructure. Databases are not required with User Environment Manager; a central share is the only core needed. No database requirement is great, but what about customers who do not use Active Directory?

In User Environment Manager 9.1, the Active Directory dependence is no longer required. The User Environment agent can now be configured without GPO. User Environment Manager hooks into log-on processes, and then exports the user’s setting when the user logs out. This allows for faster deployments in virtual, physical and cloud desktop and app environments. Note that this is just an alternative way of configuring User Environment Manager, and the traditional way with GPOs is also still supported.

Those are just a few of the enhancements we’ve released in User Environment Manager 9.1. User Environment Manager continues to evolve, but is even more powerful when combined with VMware App Volumes and Instant Clone Technology to provide just-in-time desktop delivery.

For more information on User Environment Manager 9.1, please refer to the release notes. And for those who are new to User Environment Manager, check out this new overview video.

468 ad