Registered mode is a capability in UEM that allows IT to deliver a secure way for Employees to access corporate data using Workspace ONE without having to manage their devices. While the core philosophy behind Registered mode is the same across different platforms, the problem it addresses on various platforms are slightly different. Understanding its origin will shed some light into how you can effectively utilize this capability and provide seamless access to your Employees Evolution of Registered Mode As a technologist that’s been following and absorbing all the progress that’s been happening this space, I wanted to start this post by covering the evolution of Registered Mode with Workspace ONE over the last 4-5 years.
Demystifying Technology for those that strive to thrive
CLOUD TEKKI® aims to explore new ideas and their implementation techniques that make Digital Transformation possible. Topics will be focussed around Cloud, Cloud Native Technologies, Automation Technologies, End User Computing and the synergy between People, Process and Product
DISCLAIMER: All opinions are Author's own. Content will evolve. Please remember to link and credit
Edge Services Observability" Edge Services Observability Unified Access Gateway (UAG) is a key component in most VMware End User Computing deployments, including Workspace ONE and Horizon. The UAG hosts various Edge Services like VMware Tunnel, Content Gateway, Secure Email Gateway, Reverse Proxy and Horizon Secure (External) Access. Additionally, the UAG can also provide DMZ Authentication and Identity Bridging. These services play a pivotal role in providing Zero Trust Network Access to corporate resources.
Migration?…Migraine?… When it comes to migration scenarios, the most involved and difficult migration within the EUC lineup (that I can think of) is the WS1 Access tenant migration. It is equivalent to adopting a new IDP solution as you’ll have to re-federate all the apps in order to successfully complete a migration. And this is case regardless of where you are trying to move from - On-Premise to SaaS As Cloud is picking up steam and as features are developed with a cloud-first mentality, tt makes sense to offload the management of the Access Service to VMware This scenario is also getting more common as Access and Hub Services are FedRAMP certified as of CY Q4 2020 SaaS to SaaS This is a not very common use case but few situations demand them nonetheless predominantly due to issues arising from high customization entertained early in the product adoption lifecycle Another use case for is populating a UAT or a DEV tenant with Apps from another tenant Path to Migration First and foremost, a migration is possible as documented in @williamsmt blog which provides a detailed walk through of the entire migration approach.
In this post, I’ll be covering how you can automate the process of building a Windows 10 images on your Lab. As a part of my daily job working with Workspace ONE Unified Endpoint Management, I work with a lot of Modern Management use cases and this requires testing various use cases on various versions of Windows 10. To always start with a clean image, I use Packer to build and enroll the device for me into my lab UEM tenant thus speeding up the process and reducing the probability for errors.
I’ve talked about why everyone needs a homelab in my medium article but never had the courage to submit my homelab to the community homelab list maintained by William Lam Follow. Mainly because I wasn’t sure how my lab would stack up against everyone elses' submission. With my latest post covering my experience enabling Tanzu with vSphere in my homelab, I feel like I’ve gone through the checklist of best practices and I’m proud of my minimalist(if i can say so myself) homelab setup!
For most folks that have been involved with SDDC for some time, this is going to be a lot of basic and obvious. As a quick disclaimer, I’ve to add that when i started down this path back in April, 2020(which was around the time vSphere 7.0 was released), I was (and still am) pretty new to the world of Home Lab and SDDC. As someone who has primarily worked on the application/software layer, I have been oblivious to the underlying infrastructure that made it all possible.
Reflecting on 2020 Now no matter where you are located geographically or how old you are, I’m going to take a wild guess and assume that we can agree how brutal 2020 was. Personally looking back, the year 2020 has been crazy, challenging and definitely packed a punch.. A year with mixed fortunes, 2020 was a year that I’ve never imagined in my lifetime. Timeline Here is a look at how I experienced 2020…
What are Organization Groups in Workspace One UEM? What are the best practices with how to set Organization Groups up for our use case? Can we insert an OG between OGs? Do we have the right setup? These are very common questions on Organization Groups which is a very foundational element within Workspace ONE UEM. Over the several years of working with Workspace ONE UEM (formerly AirWatch), no one has tried to provide a complete picture of what an Organization Group is.
Evolving Access through APIs Workspace One Access is VMware’s Product Line that helps provide seamless single sign on and conditional access for Applications from End User’s client devices. It is built using technologies such as SAML (RFC 7522) OAuth (RFC 6749) and Open ID Connect If you are new to the Product, you can find more details about WorkspaceONE(WS1) Access Product Page - here Documentation - here In this post, I’m going to cover a neat trick that will help you find and build on the APIs that are available with WS1 Access.
This is not going to be an eye-opening new post about bootstrapping Kubernetes - a lot of people have done it and several blog posts already exists. I’m hoping to capture the information here to serve as an easy documentation for myself and other beginners in the area of Kubernetes and Cloud Native Getting Started As a baseline, here are my assumptions about those following along or to my future self
Info This post was originally published in Medium - pkblah.medium.com/self-service-for-your-datacenter-part-i It doesn’t have to be Business vs IT anymore! Either sides’ needs while well-intentioned may seem to be at conflict with each other.. Business aims to innovate and promote new capabilities for their consumers with the goal of improving services delivered or user experience to retain existing users or acquire new users. IT as true partners to the Business want to provide the right platform and infrastructure but need to ensure that they guaranteeing the right security guidance, conformance to standards and best practices.
Info This post was originally published in Medium - pkblah.medium.com/publicly-trusted-tls-for-vmware-eventing-platform Vmware Event Broker Appliance (VEBA) continues to gain momentum and as Enterprise Customers start adopting the Appliance, we continue to broach Enterprise Features such as gauranteeing High Availability or the ability to upload/bootstrap the appliance with Internal CA signed or Public TLS certificates. While I had previously covered in part how the default self-signed TLS cert that is bound to OpenFaaS gateway can be updated through our documentation below, In this short post, I wanted to provide an end to end overview of obtaining a public certificate and binding it to the Ingress Gateway.