VMware AirWatch Unified Endpoint Management: Google Chromebook Factsheet

VMware AirWatch Unified Endpoint Management: Google Chromebook Factsheet

This post was originally published on this site ---

Are you ready to hear the facts about Google Chromebook unified endpoint management with VMware AirWatch? Between the announcements at VMworld, and the longstanding partnership with Google, it’s likely you’ve heard some buzz about Chromebook management. If you haven’t, here’s the scoop: VMware AirWatch will be the first UEM provider to manage Google Chromebooks. Today’s post explains the facts around the buzz, focusing on the bevy of new features VMware AirWatch Enterprise Mobility Management will support for Chromebooks.

What does Chromebook Unified Endpoint Management Mean?

Good question. In a nutshell, unified endpoint management refers to a single-platform solution for managing endpoint identity and security. Endpoint is a blanket term that refers to mobile devices, laptops, desktops, and IoT. Management refers to the settings and policies an IT administrator configures. The piece that makes this “unified” is the single-platform nature of the solution.

For device security, VMware AirWatch UEM pulls the settings for available solutions into the AirWatch Console using APIs. This aggregates configurations into a single view, eliminating the need to navigate to an admin console for each supported platform. Therefore, the announcement of unified endpoint management for Chromebooks means that managing the Google OS laptop just got a lot simpler.

For adding all apps to the unified catalog and integrating identity for SSO…

  Workspace ONE apps + VDI Console functionality Consolidate into the Workspace ONE Console

For configuring granular policies, viewing fleet insights and remotely troubleshooting devices…

AirWatch Console + Chrome Extension Level-up  with the AirWatch Console + Chrome Enterprise APIs

To remove the need to use the Chrome Device Management Console…

Chrome Device Management Console Use the Chrome Enterprise APIs in AirWatch Console to manage Chromebooks.

Requirements

To get the unified endpoint management experience, you’ll need to meet some minimum requirements.

  • Workspace ONE license
  • Chrome Device Management license
  • G Suite Identity for Chromebook users

Additionally, you’ll need to sync your G Suite users into the unified endpoint management platform.

New Features

Now that we’ve covered the introductory stuff, here’s the meat and potatoes of the new features that you can leverage with VMware AirWatch Unified Endpoint Management for Google Chromebooks.

Enable Access to Apps and Extensions

  • Push Chrome extensions, Chrome apps, and Android apps
  • Configure automatic or on-demand application delivery
  • Apply a blacklist or whitelist to apps

Configure Network Policies 

Specify how devices connect to the internet by configuring Ethernet, Bluetooth, Cellular, Wi-Fi and VPN policies. Use the data collected from these policies to track and filter activity.

Specify Power Management Settings

 

 

 

 

 

 

Configure different policies for devices running on AC power and for devices running on battery. Once configured, end users will not be able to edit these policies on their devices.

Configurable settings include:

  • Idle Time – Specify the idle time in minutes
  • Idle Action – Specify which action to perform on the idle time out. Actions include, putting the device to sleep, signing out the user and shutting down the system
  • Idle Warning Time – Specify the length of time since the last user interaction until a warning dialog is shown
  • Screen Dim Time – Specify the length of time since the last user interaction until the screen is dimmed
  • Screen Off Time – Specify the length of time since the last user interaction until the screen is turned off

Customize the Browser Experience for Users

•       URL- Based Access Policies – Blacklist or whitelist access by defining URLs.

Blacklist Whitelist
Defined URLs Blocked from access Allowed access
Undefined URLs Allowed access Blocked from access

Whichever policy type you choose to configure; be sure to format the URLs correctly:

– Provide a URL with a valid hostname, IP address, or an asterisk (*) in place of the host.

– Optionally, include the URL prefixes http://, https://, ftp://, or a valid port.

•       Incognito Mode Policies: Enable or disable the use of Incognito Mode.

•       Single Sign-On Policies: Enable or disable SAML-based single sign-on.

•      Managed Bookmark Policies: Create a list of bookmarks that push to Chrome. Create a hierarchical folder structure of bookmarks to group them into relevant folders.

 Device Access

  • Single Sign-On Policies: Enable or disable SAML-based single sign-on. If enabled, users redirect to a SAML SSO IDP for device login. Additionally, configure SAML SSO cookies to transfer to a user’s session.
  • Restriction Policies: Configure device-based access permissions. These policies compliment conditional access, which provides user based access to internal resources.
    • List the users who can access the device using wildcard characters
    • Enable/disable guest mode access/
    • Disable guest mode
    • Restrict sign-in to a specific domain
  • Remove User Data Upon Log Out: Enable Ephemeral Mode to remove all user data from the device when the user logs out
  • Deploy Kiosk Apps: Turn any Chrome OS device into a single-app kiosk for interactive kiosk or digital signage use cases

Configure Updates Settings

  • Chromebook Auto-Update Policies: Enable or disable automatic updates for Chromebooks.
    • Specify the target OS version.
    • Delay the download of an update for up to 14 days after the it first pushes to the server.
    • Configure if the device automatically reboots after an update.
  • Chrome OS Policies: Specify the maximum Chrome OS version

 

 

 

 

 

The post VMware AirWatch Unified Endpoint Management: Google Chromebook Factsheet appeared first on VMware End-User Computing Blog.

Leave a Reply

Your email address will not be published. Required fields are marked *