Category: VMware (page 1 of 1)

VMware Mobile Threat Defense – Part 1

In my last blogpost I talked about VMware SASE, click here if you missed it!

With more and more people using their mobile devices to access corporate data, the device needs to be secure. And while we are used to add security on top of a MDM platform such as VMware UEM, this is not yet the case for mobile devices. Not enough anyway.

This post tells you what it is and how it looks. Do you want to implement it? Wait for Part 2!

Today’s mobile threat landscape is diverse, and mobile workstyles call for specialized protection from phishing and application, device, and rogue network originated threats. VMware Workspace ONE Mobile Threat Defense was created with comprehensive mobile protection in mind. Through integrations with the Workspace ONE platform, mobile security is easy to deploy and manage, and offers enhanced protection designed to secure your workspace and enhance Zero Trust initiatives.

With Mobile Threat Defense, it is now super easy to add a great security product to mobile devices.

So what does it do? It checks the devices beyond what a MDM tool can do. It can find Man-In-The-Middle Attacks, Zero-Days, Vulnerabilities, bad apps and much more. Connecting it to a MDM tool like Workspace ONE UEM, it’s possible to automate actions when a threat is found. Like quarantining the device or denying access to applications and networks.

From a basic setup perspective, it will only take between 10 and 15 minutes and this guide shows all the steps to do it.
The products needed:

  • VMware Workspace ONE UEM
  • Mobile Threat Defense (Lookout Console)
  • A mobile device to test.

The console is easy to understand and looks as follows:

The main dashboard shows how many devices in your fleet are secured and what kind of threats are present. On the left, the console shows the different categories. This way it’s easy to see threats from a device, issue or app perspective.

On the end user side, there are two ways to deploy.

  1. Intelligent Hub app integration.
  2. Lookout for Work app

The Intelligent Hub is the easiest as it does not require more apps to maintain for IT. And it’s easier for the end user as well, one app for both management and securing devices. While the Lookout for Work app is able to see a bit more, such as phishing emails, more and more features are implemented in the Intelligent Hub.

This is how a secure devices versus an unsecured device looks like:


Besides showing that an issue has been found, the user is also shown how to resolve the issue, like removing an application or disconnecting from a network. Relieving the strain on IT again.

While this post gave a brief overview, part 2 will show how to set it up.

VMware SASE Explained, Part 1.

SASE. What is it?

In this post I’ll explain what it is, what it does!
Want to configure it yourself? That will come in Part 2.

So, what is SASE? Secure Access Service Edge. Now you know exactly what it is right? No? I had the same thought when I first started looking into it.
It basically means you can connect to a Server/PoP (Point of Presence), that can check your internet traffic and make cool decisions based on the content. Here is a picture of how the flow looks from left to right:

You, the user, connects to a VMware SASE PoP. From there it could connect you to the cloud, websites and internal resources. VMware SASE then decides whether this is allowed or not, based on rules created within SASE.

Still no clue what it means? Let me explain with an example:
You get an email with a malicious link in it, you click on it and it’s magically blocked. How? Because VMware SASE saw that it was a malicious link and blocked it before it could affect your device. Great right?

The cool thing with VMware SASE is that it can block or check the things you do online, without interfering with user experience. It can even improve user experience, as it integrates with Velocloud SD-WAN. This all means, as a company, you can make sure you keep your digital estate safe. And users can browse while being safe (or safer at least).

Through VMware SASE, multiple services are offered:

  • Secure Access is a Zero Trust Network Access (ZTNA) platform that provides encrypted tunneled access between any entity and internal applications (DC, IaaS or PaaS).
  • Cloud Web Security is a Secure Web Gateway (SWG) platform based on proxy architecture that provides security services for Internet or SaaS traffic.
  • SD-WAN is a software-defined overlay network virtualisation technology for transporting WAN communications that ensures the best possible performance and security.

The great benefit that VMware offers, is a tightly integrated and efficient platform with one management plane for both the Security and Networking sides of SASE. And you can also start with just the networking or security functionality and add more over time.

Within Cloud Web Security, several protections are offered:

  • SSL decryption: 80% of web applications are SSL encrypted. By decrypting the traffic, CWS can see what data is inside the traffic so it can make decisions. It’s also possible to bypass SSL decryption when needed, such as specific websites.
  • URL filtering helps IT control which websites users can access based on categories or threats.
  • Content Filtering helps control the type of document and file that can be uploaded or downloaded.
  • Anti- Malware helps protect users when they download emails, documents or access active web sites against known viruses.
  • Sandbox. New viruses continue to get introduced daily and it is imperative the solution can respond to Day-0 malware attacks. CWS uses a Sandbox to offer protection from those Day-0 attacks by unpacking in a sandbox.
  • Cloud Access Security Broker enables IT teams to get visibility into sanctioned and unsanctioned SaaS applications. This helps IT determine what activities can users undertake when they access these applications. Can employees login, upload and download files from Drop Box? Should summer interns only be allowed to upload documents to Drop Box? Can contractors who are allowed to download files from Drop Box attach that file to the LinkedIn email? CASB helps with this.
  • Data Loss Prevention. CWS ensures sensitive company data does not leave the enterprise perimeter, such as phone numbers or bank details. This is possible for both HTTP as HTTPS data, and for files that contains the data.

With all these features, you can keep your data and users safe. Integrating it with UEM, it can be easily deployed too.

That explains the what, the how comes in Part 2!
Questions? Let me know in the comments.

VMworld 2021, 5 must watch EUC sessions

The VMworld 2021 catalog is online and there is a lot to choose from. If you are looking for sessions related to the Anywhere Workspace, check out these EUC sessions.


The first session I recommend you should watch is all about our EUC Vision and announcements with Shawn Bass. This session shows how we move forward with the Anywhere Workspace solution and will include the most important updates. If you are looking for one session that covers the updates without going into depth, this is the one for you.

Solution Keynote Part 1: Vision and Announcements [EUS2470]

Building on the Anywhere Workspace keynote, Shawn Bass, CTO for VMware EUC, will go in-depth on the vision and announcements for VMware Workspace ONE and Horizon. Part 1 cover the critical relationship between employee experience and zero trust security, as well as the role of automation.

Following up on the previous session, Shawn Bass will go into the weeds on SASE and Horizon. After the first Keynote, there is still be a lot to be told. So if you are looking to learn more about enabling Multi-Cloud Virtual Desktops & Application Delivery, this is the one for you.

Solution Keynote Part 2: Technical Deep Dives on SASE and Horizon [EUS2467]

The EUC Solution keynote continues with a deep dive into two important topics. First, Shawn Bass will talk about VMware SASE, VMware Secure Access, and what they mean for end-user computing strategies in a world of distributed work. Next, we will take look at what’s new in Horizon, and a deep dive into what’s coming next.

Ever wondered where the “Extreme” bit from Blast Extreme is referring to? In this session, seeing is believing. Johan Van Amersfoort, who recently wrote his second book VDI Design Guide Part II, will share his knowledge and expertise in this technical session. With demo’s, usecases and customer experiences, Johan, together with Matt Coppinger and Spencer Pitts, will blow you away.

It’s also one of the sessions that got the VMworld People’s Choice Award, so make sure you check this one out!

Blasting your way into the Extreme with VMware Horizon [EUS1834]

You will witness VMware Horizon hosting insanely intensive workloads, from cloud gaming and immersive VR training to movie making and warfighting simulation. We will show what it takes to extend VMware Horizon beyond your typical VDI use cases and into the realms of media production, gaming, simulation, training and more. You will also learn how customers are utilising VMware Horizon, Blast Extreme and more to deliver next generation services during a global pandemic. Oh, and did we mention that we will show you some demos which will blow you away? This is a must-see session for any EUC enthusiast!

Matt Coppinger, Director, Product Management, EUC, VMware

Spencer Pitts, Chief Technologist, VMware

Johan Van Amersfoort, Technologist EUC, ITQ

If you have a Tech+ Pass for VMworld then you should definitely check this on out: “Meet the Expert” for End-User Computing.
You can ask any question and the expert will answer it the best they can, as long it has something to do with EUC 🙂

Ask Me Anything from the End-User Computing Experts [EUS2636]

Meet the End User Computing experts, bring your questions and ask us anything. These experts are prepared to answer your toughest questions spanning from virtual desktops and apps, unified endpoint management, security, to practical tips and tricks, successful implementations…the list goes on.

Christopher Dayton, Director, VMware

Spencer Pitts, Chief Technologist, VMware

And then, last but definitely not least, Johan Van Amersfoort will do an incredibly cool demo, together with CTO of Synterex, Jon Towles. I won’t say too much but you will not be disappointed 🙂


VDI Nerdfest 2021: Demos That Make Admins Drool
[EUS1289]

At VMworld 2020, Johan Van Amersfoort presented The Nerdfest VDI Demo which blew the audience away because of the great demos which involved Horizon, Bitfusion, GPUs, ML, etc. The Nerdfest VDI Demo was an enormous success and deserves a 2021 edition. For The Nerdfest EUC Demo, Johan has teamed up with mobility expert Jon Towles to bring you a next-level, demo-packed session that will combine the slick Day 0/1 onboarding experience, with some custom-built Workspace ONE Intelligent Hub Virtual Assistant (AVA) workflows, and integration into VMware Horizon for modern managed, full clone desktops. This session promises to show you a mix of real-life use cases and some serious “Art of the Possible”

Jon Towles, CTO, Synterex

Johan Van Amersfoort, Technologist EUC, ITQ

Hope to see you there!

New year, New job

This year I am coming up to a 4 year tenure at VMware, I started out as a Graduate in Cork, Ireland and in 2019 I moved back to the Netherlands to join the Field Solution Engineering team. In these past years I always had a special curiosity in the Digital Workspace and was named Subject Matter Expert in this field.

Now during the pandemic most of us need to Work From Home and if you need some insights you can check out my blogpost about it. But if anything it has showed that the Digital Workspace is more important than ever. As I always had great interest in the Digital Workspace and the importance of it nowadays, I decided to join the Digital Workspace Business Unit within VMware.

I am very happy with this opportunity and expect some Digital Workspace related blogposts this year!

VMware Announces Intent to Acquire Nyansa

On 21st January 2020, VMware announced its intend to acquire Nyansa (“knee-ans-sah”) . This announcement does not completely come out of thin air, as it part of the vision VMware announced back in January 2019:

Revolutionising SD-WAN with Network Edge

Network Edge connects and enables critical functions where the customer requirements for transformation reside — at the Edge of the Enterprise — at the branch, in the cloud, and in the data center..’

With this acquisition, VMware keeps building on its belief that SD-WAN has unlimited potential in supporting technological advancements in the networking world.

So, who is Nyansa?

We’re Nyansa (“knee-ann sah”). It’s a word from the Akan language spoken in Ghana that means wisdom from learning. Go figure. Engineers named the company, what do you expect?

Yeah we’re weird––but wonderfully humble. Unlike a lot of folks, we don’t think of ourselves more highly than we ought, but we ARE wickedly smart.

We dig data, I mean REALLY dig. It’s as simple as that. We have a bunch of PhDs from MIT, and MBA types from Harvard, Cisco/Meraki, Aruba Networks, Google guys and so on and so forth. And we’re as diverse as diverse gets. Despite all that, our geeks know how to code, right, the first time, every time. And it shows. We hope. 

https://www.nyansa.com/company/

“The acquisition of Nyansa will accelerate VMware’s delivery of end-to-end monitoring and troubleshooting capabilities for LAN/WAN deployments within our industry-leading SD-WAN solution,” Sanjay Uppal, VP and GM of VMware’s VeloCloud Business Unit. “Nyansa is a proven solution that solves many of the shortcomings of today’s vendor-specific solutions.”

As you can read, VMware keeps investing in technology to suit their customers and give them the best possible products. And with this acquisition, VMware keeps building towards a better and true SDDC (Software Defined Datacenter).

Additional resources to read:

Diary of a Solution Engineer – Remi Schipperus

My name is Remi Schipperus and I am a VMware Solution Engineer for Healthcare & Education in The Netherlands. Two years ago, I completed my Electrical Engineering degree at the University of Rotterdam in The Netherlands. I was ready for a challenge, and the borders of my home country could not stop me. Joining VMware’s Graduate Academy program was the perfect decision! Fast forward and I am working in the field, in my home country meeting customers every week and speaking at events.

With each day bringing new challenges, being in the field can be a tough but also a very satisfying role, allow me to share with you my diary of a typical week.

Read the full blog here!

VMware Sales Academy 2017 Spotlight Series – Remi Schipperus

When I started at VMware in Cork, Ireland, I wrote a blog to share why I joined VMware.

I’ve always been interested in technology and helping people with technical problems. After working part-time in sales and finishing my Electrical Engineering Degree, I wanted to combine both my technical knowledge and the sales experience. Making the decision to enter the SE Sales Academy was easy because it combines both at a company that is on the edge of technology.

Remi Schipperus

Check out the full blog!

© 2022 Schipperus. All rights reserved.