Artificial Intelligence (AI)
Big data analytics with Starburst
Secure from Code to Cloud
MITRE ATT&CK (tactics, techniques, matrix, IDs)
Prisma Cloud in 60s
Changed focus – The world of…
Horizon – Brokering
Horizon Golden Master – Best practice
Horizon Cloud on Azure
Horizon Cloud on Azure – How to start with subscription

Modern Workplace and Management with the efficiency of pure Cloud (Overview)

Today after a lot of work, I want to share with you folks a pretty good experience I´ve made with the implementation of a modern management approach, a real cloud based management and device enrolment. No on-premise infrastructure and the agility of several Cloud solutions but including security aspects as well.

In this scenario, I´ve implemented the solutions of VMware Workspace ONE UEM, Workspace ONE Access (formally Identity Manager), Okta, Microsoft Azure and Windows 10. At the end the user are capable to enrol their device into Workspace ONE with their Okta Universal Directory accounts and into Azure AD if they want to for Windows 10. All in one smooth enrolment process. The approach is to enable the customer and their users to use one single account to work across all devices they will have and with different OS through the complete solution stack.

Leading Identity Provider will be Okta with the Universal directory where you can create your user accounts manually, import from a csv file or another source (Workday as HR tool for instance has a direct integration). Windows 10 devices will be enrolled via Out-of-the-Box-Experience (OOBE) with Factory provisioning or Microsoft Autopilot and additionally you have the choice of workgroup, local Active Directory, Azure AD Premium or Azure AD without Premium join.

To have a short overview what will be the architecture and workflow at the end of this implementation, see the picture below.

If you want you can have a device trust check as well additionally to the identity check of the user.

I will divide it into a series because of the complexity, easier to consume and you can pick the parts you want to. In the several parts you will find step by step instructions to implement it and potential issue you got or thing you should be aware of.

At the end of the whole series, I will share a short video as well how the user provisioning and device enrolment will look like in case of Microsoft Windows 10 with Azure AD Premium. Video will be added soon

Here a content list of the series for quick access:

1766 Total Views 5 Views Today
twitterlinkedinmail

Leave a Reply

Your email address will not be published. Required fields are marked *