VMware Workspace ONE Reference Architecture: Validated Integration Design White Paper

Sep 19, 2016


Kevin Sheehan is an End User Computing Architect on the VMware Customer Success Team. His focus is on Identity Management, Enterprise Mobility Management and emerging EUC technologies. His current product focus includes Identity Manager, AirWatch and Workspace ONE.

Share This Post On

We have seen business mobility rapidly evolve from “I need my email on my phone” to “I need access to all my apps, data, and services, from any device, anywhere.” While end users have demanded that access, IT concerns about security, compliance, and complexity have made implementation of this goal difficult until now.

VMware Workspace ONE combines identity and mobile-device management to

  • Provide simple and secure access to all of the applications, data, and services that employees need on their personal or corporate-issued devices
  • Meet IT security requirements

The VMware Workspace ONE Reference Architecture: Validated Integration Design white paper provides a reference architecture for implementing the Workspace ONE product. The reference architecture is based on key business requirements such as enabling business mobility for employees, and identifies use cases, such as mobile knowledge workers.


Figure 1: VMware Workspace ONE Logical Architecture Overview

In the white paper, Workspace ONE and the services that address business requirements are based on a unique hybrid-cloud architecture. Enterprise mobility management and identity services are delivered by way of VMware AirWatch and VMware Identity Manager cloud-hosted offerings. These services, combined with the Workspace ONE app, deliver unified and smooth access to SaaS-based applications, public native mobile applications, and on-premises virtual applications or virtual desktops based on VMware Horizon 7.

From an end user’s perspective, Workspace ONE provides simple access to the tools that end users need to do their jobs, such as:

  • Single sign-on – To take advantage of the features of their chosen mobile devices
  • Collaboration tools – Such as email, document storage and sharing, and chat capabilities
  • SaaS apps – Such as conferencing, CRM, and travel-and-expense tools
  • Native mobile apps – To provide mobile access to business tools
  • Virtual apps and desktops – To extend access to legacy systems on modern mobile devices

In addition, Workspace ONE gives IT control of security issues with the following:

  • Conditional access to ensure devices are compliant with IT policies before users access sensitive apps and data
  • Adaptive management that provides access to some apps on unmanaged devices, yet requires device management for more critical apps and data
  • Data loss prevention controls to manage which applications can access what data
  • Simple multi-factor authentication technology to provide additional security beyond a basic user ID and password

To deliver these capabilities, the Workspace ONE components are deployed in varying combinations and configurations to meet specific user requirements. The reference architecture details the configurations needed to integrate the Workspace ONE components and corporate end-user services.


Figure 2: Workspace ONE iOS App

If you are an IT architect, consultant, or administrator involved in the early phases of planning, designing, and deploying Workspace ONE and mobile solutions, the VMware Workspace ONE Reference Architecture: Validated Integration Design white paper can help you.

468 ad