New and Improved macOS Native Software Management

Naveen Pitchandi

Author: Naveen Pitchandi

Naveen Pitchandi is a Product Line Manager leading the Workspace ONE UEM Product Management team for the Apple Platform in VMware End-User Computing (EUC). His team is responsible for building solutions powered by AirWatch technology for the Apple platforms – iOS, macOS and tvOS

Share This Post On

Managing software and applications on managed endpoints in most cases is a primary requirement for any IT organization. Source and form of these software and applications are constantly morphing. We’re definitely seeing a shift in more organizations adopting cloud-hosted services and SaaS applications in lieu of traditionally packaged software. While a solution is necessary for effectively managing access and distribution of SaaS-based applications, the vast majority of users and their roles still demand the need for native software on the machine for their day-to-day. Deploying and managing native software (.pkg, .mpkg, .dmg) for macOS have been a perennial challenge for IT admins.

De-centralized Distribution

Distribution of desktop software has long been a de-centralized concept with the individual software vendor hosting and distributing the necessary installer and activation license/key from their own website for the respective software. Much was expected from Apple’s native digital distribution platform for macOS apps – Mac App store – to solve this challenge. With the Volume Purchase Program (VPP), Apple even made it extremely simple for organizations to purchase bulk licenses and distribute app store applications to MDM managed devices silently. Nevertheless, on the downside, the app store today only has a handful of applications that users and organizations care to use which makes VPP yet to be the primary application deployment model on macOS, unlike iOS. Sandboxing restrictions to submit apps have prevented a majority of the developers to publish applications to the app store and have continued to distribute from their websites instead.

Inconsistent Packaging

Due to the decentralized nature of software distribution, every software developer packages the application for installation in many different ways. While some developers might create disk images of the application itself, others create a disk image of a package installer which in turn installs the application and other necessary binaries. This convolutes the problem for IT admins when it comes to managing installation and updates to these software across managed device fleet.

Update Management is very challenging

Another challenge that comes as a by-product of de-centralized distribution of software is managing updates. There is no easy way to find when there’s an update available, other than keeping track of the individual software developer’s release page.

Introducing new and improved native software management for macOS

On speaking with many mac admins in the community to get feedback on the tools that they use today and expectations from a tool to solve the challenge of managing the complex lifecycle of such native software installers, we received resounding feedback about one such open source tool that a large number of school, universities and enterprise organizations use today – Munki (Courtesy : Greg Neagle). Greg Neagle and the countless number of admins in the community who contributed to this open source project built a truly remarkable tool to make it easy to manage macOS software with true Desire State Management. In response to the customer feedback for a solution like Munki, our architects researched extensively into Munki and architected a best-in-breed solution by integrating the open-source library into our client application – VMware AirWatch Agent – for a robust management client. We also decided to enhance the administrative experience of managing such software by building a wizard for customization and dynamic assignment within the Workspace ONE UEM console.

With VMware Workspace ONE solution, we make it simple and secure to deliver and manage the entire gamut of applications, regardless of its source and format. We provide seamless single sign-on into SaaS-based applications, tunnel through the corporate network for internal corporate apps, App-Store applications, even virtualized windows applications that do not have a native form on macOS using our Horizon technology. We’re happy to announce that with the VMware Workspace ONE platform [UEM console v9.3+ and Agent v3.0+], we can now make it extremely simple for mac admins around the world to customize deployment and installation of native software installers over CDN with desired state management.

End-user experience is paramount for success for any IT organization, and to get the best experience of providing a unified catalog of applications we decided to build a native macOS application for Workspace ONE that end-users can use as a One-Stop-Shop for all their corporate needs thereby building a digital workspace

 

The unique architecture and implementation have allowed us to expand additional capabilities not present with traditional Munki such as pause/resume downloads during network disconnects, thereby smartly resuming downloads from the point of network disruption versus starting from scratch again every single time. This becomes extremely important while distributing large packages like Office and Adobe Suite over the air.

macOS-NativeSoftware-Distibution-Catalog

 

This integration with Munki also opens up opportunities to integrate with other open source tools that the community has developed and maintained to handle software patches – like AutoPKG. In combination with the rich set of APIs for the new software management solution for macOS, mac admins can automate the deployment of patches based off of community created recipes.

We plan to iteratively deliver value-add capabilities to continue to simplify complex workflows and improve end-user experience with Workspace ONE.

Stay tuned for updates on VMware Workspace ONE by subscribing to our blog, and following us on Twitter and Facebook.

468 ad