Remote work for the purposes of business continuity during the COVID-19 pandemic is giving way to hybrid work as the preferred way of running your business going forward. With this shift, IT priorities are pivoting to support anywhere workforces in a more secure, scalable, and sustainable way, while delivering exceptional user experiences that keep users productive and engaged no matter where they work.
VMware has been on the journey to enable the anywhere workforce for many years, starting with VMware Horizon for desktop and app virtualization, a popular method for many regulated or security conscious organizations to enable secure access to corporate resources and applications. Horizon does this by providing virtualized access to corporate applications running in the datacenter or cloud, and can prevent direct access to the application servers and files, leaving the corporate network and its data under organizational control, and keeping infrastructure better protected from security risks.
Later, we incorporated Horizon with VMware Workspace ONE, the leading digital workspace platform combining unified endpoint management across iOS, Android, Windows 10, macOS and Chrome OS devices with identity-based single sign-on and access control to applications from a central app catalog. From a single console, Workspace ONE UEM enables IT to apply a broad range of device and OS security policies, enforce risk-based conditional access controls, and enable data loss prevention across corporate and BYO devices.
Workspace ONE also provides VMware Tunnel, a cross platform per-app VPN, and VMware Unified Access Gateway, a multi-service proxy providing more secure edge services for Workspace ONE, including support for Tunnel, Horizon, and other services. These components all work together to enable devices to be managed, more secure and compliant before accessing networking and application services, enabling the Workspace ONE employee experience our customers love.
With today’s announcement of VMware Anywhere Workspace, these end-user computing technologies are combined with VMware Carbon Black Cloud Endpoint and VMware SASE to provide an unmatched end-to-end security solution for organizations aspiring to support a long-term distributed workforce.
Extending secure connectivity to physical and virtual endpoints
VMware SASE uses a cloud-native architecture that sets the gold standard for edge security. Delivered through cloud-based points of presence (PoPs), these networking and security services can be delivered to branch edges, mobile users, or entire campuses. Not only are connections better secured, but service levels are guaranteed so that remote employees and distributed teams on corporate-owned, BYO or virtual endpoints get the access to corporate resources and applications needed in the moment, even if these are high latency applications like video conferencing, collaboration or graphics intensive applications.
Workspace ONE integrates with VMware SASE through VMware Secure Access. In this solution, the tunneling headend capability of VMware Unified Access Gateway is hosted in the VMware SASE PoPs. Workspace ONE customers can use SASE deployments to offload management of a self-hosted UAG, and leverage traffic steering capabilities of the platform for faster application access and an optimized employee experience. This integration also provides the ability to carry over the context of user and device activity to the network, and to optionally layer in additional network and cloud web security capabilities for end-to-end security.
Optimized integration between endpoint protection and anywhere workspaces
VMware Carbon Black provides cloud-native endpoint security that leverages behavioral analytics to identify and stop emerging threats before a potential cyberattack affects your business. Based in the cloud, Carbon Black analyzes more than 1 trillion security events per day and proactively determines attackers’ behavior patterns.
Through the integration with Workspace ONE Intelligence, known as VMware Workspace Security, Carbon Black can work together with Workspace ONE as a “unified endpoint security” solution combining device configuration and health attestation with real-time cybersecurity threat detection and response in a single platform.
Carbon Black Cloud and Horizon have also been integrated to support persistent virtual desktops since VMworld 2020. Subsequently, we released a unique integration with VMware Horizon Instant Clones, enabling cybersecurity threat detection immediately upon creation of non-persistent Horizon desktops. By including the Carbon Black sensor on a Horizon master image, both the persistent and non-persistent clones inherent the policies and protections of the master. The Carbon Black sensor on the clones is able to register with the Carbon Black console in a unique manner to VMware that minimizes performance hits and optimizes end user experience.
We also have similar Carbon Black Cloud integrations for our Desktop-as-a-Service offering, Horizon Cloud on Microsoft Azure.
Empower your organization with VMware Anywhere Workspace
With VMware Anywhere Workspace, you can help your organization’s security team better secure its distributed edge while delivering a better remote work experience with a proven and integrated platform.
To learn more about VMware Anywhere Workspace, please see our announcement blog post from Shawn Bass, the VMware press release, and today’s blog post from Sanjay Poonen.
On May 5 and 6, VMware is hosting a free online event, Leading Change: Build Trust with the Anywhere Workspace.
You can hear from our customers and industry experts and learn more about Anywhere Workspace, as well as the latest in Workspace ONE, VMware SASE, and Carbon Black. Don’t miss out – register today!
For more information, reach out to your VMware representative, find a partner, or check out the following resources:
- VMware SASE microsite
- VMware TechZone: Integrating Workspace ONE Intelligence and VMware Carbon Black
- VMware TechZone: Mastering VMware Horizon Guide