Multiple components of Workspace ONE are build using the Java platform. I’ve received several questions from customers this week regarding the nearing EOL of Oracle Java and the related licensing changes. I hope this post will be useful to others having this issue.
(more…)VMware UAG (Unified Access Gateway) is a cool little security appliance, deployable on vSphere, AWS, Azure etc that hosts a lot of Workspace ONE edge services: Horizon Proxy, Web Reverse Proxy, Tunnel VPN Gateway, Content Gateway and (since 3.6) the Secure Email Gateway. The challenge is that the thing was built to be headless and super-secure, which means it is almost bare inside. And this is not helpful when troubleshooting.
While watching a VMworld 2019 Session (links at the bottom) I’ve found out that there is actually a hidden tcpdump and ethtool installer, which was first made for our own support services, but is generally available for everyone now.
All you need to do is invoke /etc/vmware/gss-support/install.sh command from the UAG CLI. Of course, it is highly advisable to remove the tools once the troubleshooting is done via /etc/vmware/gss-support/uninstall.sh !
In case you need a refreshed on TCPdump and ETHtool:
With TCPdump I usually prefer capturing everything into a PCAP file and then loading in WireShark for analysis. Now we only need NetCat to be able to stream it conveniently to a remote host.
That is it for today – enjoy, and let me know if it was helpful!
I’ve been planning and preparing and researching for my Android 10 Overview post for a while now, and then I found this monster of a review from Ron Amadeo on Ars Technica (instant subscribe!)
https://arstechnica.com/gadgets/2019/09/android-10-the-ars-technica-review/
Basically, I have very litte to add. The review is huge, though and will take a while. If you want to focus, read these enterprise-relevant sections:
And then the official Android Enterprise changelog from Google, which had still not been added to the TOC on the release notes page 🙂
Once we get those new features supported in Workspace ONE (and I get an extra Android10 device) I’ll post something more detailed.
In the last several weeks a number of bugs were found in Apple’s iOS, MacOS and protocols. This had coincided with a partner workshop last Friday, where the decisive argument was “Have you ever heard of an Antivirus for an iPhone“.
Apple is well known for refusing to publish any details behind the inner workings of its solutions, locking everything that may be locked down and suing all those who try to work around those limitations..
Despite all that, flaws are being found, iOS was jailbroken again (because Apple unpatched a fix they implemented in 12.3) and malware on App Store is just as common as everywhere else.
A few weeks ago, like many others, we were hit by an O365 Exchange outage. What does usually an admin do, when something is down? -Send an email! But what do you do when email is also down? Ring/Text everyone? Blast it in Teams/Skype/Slack/etc? Pigeons?
This is what happened in our case with Workspace ONE Notifications API for Intelligent Hub.
Workspace ONE has a ton of features built specifically for Samsung: KNOX OEM Extensions (modern and legacy), KNOX Service Plugin support (OEMconfig), E-FOTA, KNOX Mobile Enrollment, Legacy containers etc etc. There are a few switches controlling the end result. Today I want to discuss a few ones, that pop up in my practice every few months: License Key and Enable Containers, and how they make (or break) your Android Enterprise Samsung deployment.
Friday is here! First, credit goes to where credit is due – to my UK colleagues. Subscribe to their Twitter and blog – they are useful, and they don’t spam nonsense!
Now, let’s figure out why it didn’t work for the first time…
(more…)