What Is Workspace ONE Unified Endpoint Management (UEM)?

Device management made easy!

Omnissa Workspace ONE Unified Endpoint Management (UEM) is a single solution that manages all device types on all platforms in all use cases. It incorporates modern device management, application management, and security to give IT teams control over the highly diversified device deployments found in so many organizations today.

A diagram of software update Description automatically generated

Figure 1. Cloud-Native Desktop and Mobile Modern Management

Omnissa Workspace ONE UEM offers the most comprehensive spectrum of controls, it breaks modern management down into 5 pillars.

  • Onboarding – How do you get the device undermanagement.
  • Configuration – How do you set the right controls on the device.
  • OS updates – How do you patch a device from anywhere.
  • Software - Get apps to your people.
  • Support-Reporting and analytics.

It’s important to note that security is baked into all these pillars.  Everything Omnissa does is designed to make the device more secure, while maintaining a best-in-class user experience.

Now that you have a high-level overview of what Workspace ONE UEM can do for you and your organization, read on to learn about the key features and architecture.

Key Features

  Today's modern workforce expect IT to offer technologies that help them work from anywhere, any time, and on any device. That means that IT needs to manage multiple device platforms, whether that be Windows, MacOS, iOS, Android, ChromeOS, and to allow access to work and data across all of those devices. This makes it challenging for IT to provide a consistent and seamless user experience. Workspace ONE UEM meets that challenge.

A logo with a purple and blue design Description automatically generated

Unified Endpoint Management

With Workspace ONE Unified Endpoint Management (UEM), you can manage devices used in the field and even in low-bandwidth environments. You can manage the full lifecycle of any endpoint – mobile (Android, iOS), desktop (Windows, macOS, Chrome OS), rugged and even IoT – in a single management console.

  • Bring your own. Supports every type of device that your end users might use: Choose-your-own, Corporate Owned, Locked Down, and more.
  • Supports full life-cycle management. Workspace ONE UEM supports full life-cycle management of a wide variety of devices: phones, tablets, Windows, and rugged and special-purpose devices.
  • Provides numerous enrollment options. Provides you with a wide variety of enrollment options, including auto-enrollment, QR code enrollment, sideload, in bulk, barcode enrollment like Zebra StageNow, and Honeywell Enterprise Provisioner.

Assurance and Productivity

You can deliver a great employee experience that is consistent on any device, no matter where your end users are located, by combining an easy login experience via Intelligent Hub with SSO, a self-service unified app catalog, and more.

  • Single Sign-On. Utilizes certificates to establish trust, providing a password-less, single sign-on (SSO) experience. Your end users log in once. They don’t have to remember a bunch of credentials or type in the same password every time they access another app.
  • Easy Login via Intelligent Hub. End users can login to the Intelligent Hub to seamlessly launch the apps they need. And if they try to access an app with confidential data, the Hub prompts them to elevate management on their device.
  • Self-Service Access to Apps. Provides your end users with self-service access to the apps they need to get their jobs done. The App Catalog displays an individualized menu of applications and virtual desktops that each end user is entitled to. They can organize their options and select favorites to customize the catalog for easy use.

Automation and Analytics

You can leverage intelligent insights and rule-based automation to optimize the end-user experience, ease the strain on IT, and allow proactive management and security. Workspace ONE UEM provides visibility and key analytics.

  • Automatic deployment. Provides automatic deployment or self-service application access for end users.
  • Device tracking. Provides you with the ability to track a device in the Workspace ONE UEM Console after it is enrolled, and to gather critical data such as system diagnostics, network information, certificates, apps, custom attributes, and more.
  • Customizable dashboards. Provides you with the ability to customize dashboards in infinite ways to provide the data that matters most, as well as analytics that help resolve issues that can impact user experience.
  • Dynamic policy engines. Provides you with the ability to set dynamic policies to automate routine processes that minimize manual tasks. For example, configuring a policy to proactively update drivers based on data retrieved during a vulnerability scan, or to optimize firmware settings that improve performance and stability.
  • Self-service capabilities. Provides you with the ability to grant self-service capabilities to end users, which reduces support requests. For example, recommending action based on data suggesting a battery is about to fail.

Corporate Data and App Protection

You can defend against modern-day security threats with the rich set of customizable controls that Workspace ONE UEM provides. You can address security on multiple fronts by customizing security and compliance policies, conditional access, device posture checks, and more. Workspace ONE UEM offers a comprehensive security approach that encompasses user, endpoint, app, data, and network.

  • Security settings. Provides you with the ability to configure security settings for both end users and devices that comply with all security requirements, and yet simplify access at the same time.
  • Troubleshooting. When things go wrong, you can utilize troubleshooting functionality, such as remote assistant or remote logging, to fix issues in real-time.
  • Monitoring and supervision. Provides built-in features for system settings, data protection, apps, device controls, and more, that can restrict actions like sharing sensitive data between apps and syncing with unknown devices to prevent data leakage. Corporate-owned devices can be supervised for higher levels of control.
  • Certificate lifecycle management. Provides a service that can renew certificates automatically or manually.
  • Omnissa Workspace ONE Tunnel. Encrypts traffic from individual applications to the back-end systems they talk to with “least privilege access” through the Omnissa Unified Access Gateway, which proxies and protects the application.

Architecture

As an IT admin, you can use Workspace ONE UEM to handle device enrollment, a customized app catalog, policy enforcement, compliance, and integration with email, social media, and more.

In the following diagram, you can see your end users with their devices accessing a Workspace ONE UEM tenant in the cloud,

The optional components, AirWatch Cloud Connector and Unified Access Gateway can be deployed to connect to internal resources such as, Active Directory domains, web servers, and other content.

A screenshot of a computer Description automatically generated

Workspace ONE UEM Components

Here are some of the key components that make up Workspace ONE UEM:

  • Workspace ONE UEM Console
    Provides you with a friendly and intuitive console where you can configure policies to manage and monitor devices in your environment. The console is a service that is hosted in the cloud and managed for you as a part of the SaaS offering. It provides multi-tenancy, role-based access, profiles, app management options, smart groups, and more.
     
  • Workspace ONE UEM Device Services
    Provides the ability to communicate with all of your managed devices for device enrollment, application provisioning, delivering commands and receiving data from devices, and hosting the self-service catalog.
  • AirWatch Cloud Connector
    Provides you with the ability to integrate Workspace ONE UEM with your back-end enterprise systems. The AirWatch Cloud Connector runs in the internal network, and securely transmits requests from Workspace ONE UEM to your critical infrastructure components. The Cloud Connector integrates with internal components such as email relay, directory services, Email Management Exchange, Syslog, and more.
  • Workspace ONE Tunnel
    Provides a secure and effective method for individual applications to access corporate resources hosted in the internal network. The Tunnel sets up a VPN connection between corporate apps and corporate resources. This provides greater security, especially for apps that contain sensitive data, including encryption, data protection, compliance, and removal of apps when a device is unenrolled.
  • Workspace ONE UEM REST API
    Provides support for developers creating their own applications to utilize the information in Workspace ONE UEM. You can use these APIs in Workspace ONE to query information, take actions, or create new items such as applications.

Here are some of the additional members of the Workspace ONE family that interact with Workspace ONE UEM:

  • Omnissa Access 
    It provides a seamless single sign-on (SSO) experience to web, mobile, software-as-a-service (SaaS), and legacy applications. Omnissa Access provides application provisioning, an intuitive hub catalog, conditional access controls, directory integration, user authentication, and integration with resources such as Horizon.
  • Omnissa Intelligence
    A cloud service built for the Omnissa Workspace ONE platform that provides deep insights into the entire digital workspace, allows smart unified endpoint management (UEM) planning, and delivers powerful automation for the entire digital workspace.
  • Workspace ONE Intelligent Hub
    The Workspace ONE Intelligent Hub application allows end users to access enterprise and Web apps, stay connected with colleagues, and be productive on any device (Android, iOS, macOS, Windows) from anywhere. 

Top 5 things you should know

Now that you’ve got an idea what Omnissa Workspace ONE UEM can do, here the top 5 things you should know about Workspace ONE UEM.

  • Simplified administration structure
  • Single application catalog for all apps
  • Manage all devices with a single platform
  • Comprehensive conditional access
  • Integrated data and analytics

Workspace ONE UEM can manage the entire lifecycle of a wide variety of devices, including phones, tablets, Windows, Mac, Apple, Android, and rugged devices. It supports any device and platform, including corporate-owned hardware and BYOD devices. It can also automatically deploy applications or provide self-service access for employees, and also streamline app deployment and management by automating application upgrades and distribution. Beyond that Workspace ONE UEM can ensure that configuration settings for users and devices comply with enterprise security requirements.

 Finally, Workspace ONE UEM includes productivity tools like an email client, content management tool, and web browser.

Workspace ONE UEM provides a variety of enrollment options, including auto-enrollment, QR code enrollment, sideload, in bulk, and barcode enrollment. 

Learn more

Here are some great places to go to learn more about Workspace ONE UEM:

Learn More About Other Omnissa Products

If you are interested in other Omnissa products, see the following introductions:


Filter Tags

Workspace ONE Workspace ONE UEM Document Announcement Overview Design App & Access Management Business Continuity DEX