After I published the article regarding the enrollment of Android devices in closed networks, the hottest question was how to apply it for China. The answer is as usual “it depends”. If you want to know more – read on! What’s the problem?What options are available?What is the optimal approach? What’s the problem? Problem is... Continue Reading →
Remediate the Pixel4 and Galaxy S10 biometric security flaws with Workspace ONE
I am pretty sure you've heard already about the issues with Samsung Galaxy S10 fingerprint sensor and Google Pixel 4 Face Unlock. Both companies have acknowledged the issues and committed to releasing the patches "soon" (Samsung is said to be testing fixes in certain countries already). What can you in the meantime? With Workspace ONE... Continue Reading →
Hidden TCPdump and ETHtool on VMware UAG
VMware UAG (Unified Access Gateway) is a cool little security appliance, deployable on vSphere, AWS, Azure etc that hosts a lot of Workspace ONE edge services: Horizon Proxy, Web Reverse Proxy, Tunnel VPN Gateway, Content Gateway and (since 3.6) the Secure Email Gateway. The challenge is that the thing was built to be headless and... Continue Reading →
Workspace ONE Notifications in Intelligent Hub – a real-life use case
A few weeks ago, like many others, we were hit by an O365 Exchange outage. What does usually an admin do, when something is down? -Send an email! But what do you do when email is also down? Ring/Text everyone? Blast it in Teams/Skype/Slack/etc? Pigeons? This is what happened in our case with Workspace ONE Notifications API... Continue Reading →
Is Mobile in your comfort zone?
A colleague of mine shared this post on LinkedIn, about his recent mobile work experience. Conceptually, nothing in that post was really new - we could do the same 10+ years ago. So why are we still hearing then "I'll get this info to you when I get to the office" or similar replies? My... Continue Reading →
Custom login URL for cloud WorkspaceONE Portal nice and easy
With WorkspaceONE deployed, many users begin their day at the main page of the WS1 Portal. Which, if you are using a cloud version, is usually hosted at a URL like <yourname>.vmwareidentity.eu (or com/etc for other regions). Many don't like this and want something like login.mycorp.com instead. Here's a short note on how to make... Continue Reading →
Google Play Managed iFrame in Workspace ONE UEM (AirWatch) – Web Apps
In the previous post I have covered adding Private apps via the Google Play Managed iFrame for Android Enterprise. This time let's deal with the Web Apps (links, web clips). Honestly, it is much quicker to add a web application to WorkspaceONE Identity Manager and expose via the WS1 Intelligent Hub, but if you really... Continue Reading →
Apple iOS Update Management with WorkspaceONE UEM (AirWatch)
This practical entry briefly outlines how to force or defer OS Update for Apple iOS devices (iPhones, iPads). There are two completely opposite use cases for this: Critical 0-day vulnerability - must force push OS Update to patch the devicesBusiness critical apps not tested with the latest iOS update - must delay/disallow update before testing.... Continue Reading →
WorkSpace ONE Intelligence Custom Reports available + Free Trial of other features
Legacy AirWatch reports are being deprecated, and replaced by the next-generation Workspace ONE Intelligence Reporting. The point of this quick post is to provide a bullet-style quick overview and resources for further reading. TL:DR they are cool, customizable, and free* (=included in all UEM v9.2.3+ license types , cloud and on-prem). There are even cooler features... Continue Reading →