by: VMware Senior Director, Colleague Experience and Technology Pam Cocca; VMware Director, Client Foundation Services Orlando Diaz; VMware Senior Director, Information Systems John Drummond; VMware Information Systems Senior Engineer Dane Tadsen; and VMware Senior Information Systems Engineer Cy Whitfield
Imaging and delivering Dell laptops with the latest Windows operating system to VMware colleagues traditionally involved a very labor-intensive, time-consuming, and costly process employing Microsoft’s System Center Configuration Manager (SCCM). As an agile and dynamic enterprise, this approach was ultimately impacting VMware in a variety of negative ways.
With the advent of Windows 10 and the knowledge that more than 15,000 PCs would require configuration, VMware IT took a different tact—provisioning via modern management (MM). This method enables IT teams to create a solid yet flexible foundation ideal for a world of remote employees, cloud-based applications, and all-new security threats.
The long and winding road to get a new laptop
Get with the times
MM provisioning instantly eliminated high-touch IT support imaging processes that were a drain on resources, replacing them with the Dell Provisioning for VMware Workspace ONE process that preloads core applications in the factory via a collection of application installers (called a provisioning package, or PPKG) and configuration file (called a Windows Unattend.XML) exported from VMware Workspace ONE® UEM. Dell performs asset tagging in the factory and inserts instructions on how to get started with their new device. Colleagues are up and running in minutes after first boot without having to wait for core applications to download and install. Customization and/or other requirements are easily accomplished via provisioning applications, and settings via self-service or over-the-air (OTA) configurations. Onboarding new colleagues is equally seamless, as they are immediately able to get to work rather than spending hours interacting with IT support, and are no longer required to be on the company network to sign in.
IT realizes significant benefits, too. The vast majority of support tickets were dramatically reduced after implementation, and support teams are now able to focus on mission-critical colleague issues. There is no longer a need to maintain images or a pre-login VPN, freeing up compute resources for more important tasks. And since all configurations are provisioned, even requested software and permissions can be seamlessly configured remotely.
Traditional imaging contrasted with MM Windows 10 provisioning
Delivering the future, today
The process starts by IT support uploading the requisite apps to Workspace ONE, determining which ones should be preloaded at the factory and which should be delivered OTA. Then a PPKG file generated from the Workspace ONE UEM console is submitted to Dell for final assembly.
Behind the scenes, Azure Active Directory (AD) is combined with an out-of-box-experience (OOBE) in order that colleagues are immediately enrolled into Workspace ONE. Upon first start-up no VPN is ever required since everything is based in the cloud. Also incorporated is Windows Hello for Business (WHFB) as it delivers superior security via PIN/biometric log-in procedures and certificates.
Workspace ONE offers colleagues a one-stop-shop for all apps, including web, on-premise, Win32, and others. In addition, it automatically provisions applications, configurations, security, profiles, and certificates. This allows remote colleagues to enjoy the same seamless access as their onsite counterparts. Geography, time zones, and other factors are no longer barriers as in the past with imaging.
The advantages of MM were obvious from the start
So far, so great. What we’ve accomplished with Windows 10 MM provisioning
- Colleagues are up and running 80% faster than before
- 20% overall IT savings thanks to OOBE and DFP
- IT support eliminated the one-to-three hours spent imaging per machine normally associated with SCCM
- OTA updates ensure zero downtime when upgrades are performed
- Colleagues simply employ an easy-to-use app with single sign-on (SSO)
- Overall app security is substantially enhanced, systemwide
- Colleagues can self-administer, further reducing IT/Helpdesk burden
VMware on VMware blogs are written by IT subject matter experts sharing stories about our digital transformation using VMware products and services in a global production environment. Contact your sales rep or [email protected] to schedule a briefing on this topic. Visit the VMware on VMware microsite and follow us on Twitter.