Recent updates
-
Lab 01 - Accessing the Environment
Updated onArticleThere are 3 environments you'll need to access as part of the lab:
- A Horizon Desktop - You will perform all lab tasks from this desktop. Although some tasks might work fine from your Personal Computing device. It is important to note that others wouldn't, where as the VDI desktop has access to the entire lab environment
- Below is a table listing the logins for these environments:
Multi-Cloud Management Day 1
-
LAB 05 - Restrict Unwanted Apps
Updated onArticleYou can use application groups (app groups) and compliance policies to protect resources in your Workspace ONE UEM environment. Application groups identify permitted and restricted applications so that compliance policies can act on devices that do not follow protective standards.
You can configure app groups for several platforms but you cannot combine all of them with compliance polices. For those platforms that you cannot combine with compliance policies, apply an application control profile.
EUC Day-1
-
LAB 04 - Create and Assign an application
Updated onArticleWorkspace ONE UEM offers Mobile Application Management (MAM) functionality that helps you manage mobile applications, deploy them to the devices, and secure the applications with the compliance policies. Mobile Application Management solution is a management console that takes the control of selected applications on the end-user mobile device.
Workspace ONE UEM supports various app types and deployment scenarios on your devices. Workspace ONE UEM classifies the applications as native (internal, public, purchased) and Web applications. The information in this section describes the types of apps that you can deploy using Workspace ONE UEM and the various platforms or the operating systems that Workspace ONE UEM supports for each of the application types.
EUC Day-1
-
LAB 03 - Limit/Prevent non-compliant devices
Updated onArticleThe compliance engine is an automated tool by Workspace ONE UEM that ensures all devices abide by policies that you define. These policies can include basic security settings such as requiring a passcode and enforcing certain precautions including passcode strength, deny-listing certain apps, and requiring device check-in intervals.
Once devices are non-compliant, the compliance engine warns users to prevent disciplinary action on the device by addressing compliance errors.
In addition, devices not in compliance cannot have device profiles assigned to it and cannot have apps installed on the device. If corrections are not made in the amount of time specified, the device loses access to certain content and functions that you define. The available compliance policies and actions vary by platform.
EUC Day-1
-
LAB 02 - Restricting Device access in Secure Facilities
Updated onArticleProfiles in Workspace ONE UEM are the primary means to manage and configure your Windows devices. Find information about various profiles that connect to and protect resources, that restrict and control devices, and that are specific to the user and/or device
You can think of profiles as the settings and rules that, when combined with compliance policies, help you enforce corporate rules and procedures. They contain the settings, configurations, and restrictions that you want to enforce on devices.
A profile consists of the general profile settings and a specific payload. Profiles work best when they contain only a single payload..
While profiles can be used to manage any device (Windows, Android, iOS) in this lab we focus on creating profiles for iOS and Android devices. You can however, create profiles for other devices if you choose to.
EUC Day-1
-
LAB 01 - Workspace One Console Access
Updated onArticleIn this task you will log into the Workspace One console for the first time. We have provided a table below with your respective username and password to the UEM Console. Please save this information or refer back to the table if needed for subsequent login events.
This section explains steps needed to access UEM Console. We will:
- Login to the Workspace One UEM Console
- Set your restricted actions security pin
EUC Day-1
-
Workshop Content
Updated onArticleEUC Day-1
-
Lab 05 - Lab – Hybrid Linked Mode
Updated onArticleHybrid Linked Mode allows you to link your VMware Cloud on AWS vCenter Server instance with an on-premises vCenter Single Sign-On domain.
If you link your cloud vCenter Server to a domain that contains multiple vCenter Server instances linked using Enhanced Linked Mode, all of those instances are linked to your cloud SDDC.
Using Hybrid Linked Mode, you can:
- View and manage the inventories of both your on-premises and VMware Cloud on AWS Datacenters from a single vSphere Client interface, accessed using your on-premises credentials.
- Migrate workloads between your on-premises data center and cloud SDDC.
- Share tags and tag categories from your vCenter Server instance to your cloud SDDC.
Hybrid Linked Mode supports on-premises vCenter Server systems running 6.0 Update 3 patch c and later with either embedded or external Platform Services Controller (both Windows and enter Server Appliance). vCenter Server systems with external Platform Services Controller instances linked in Enhanced Linked Mode are also supported.
You have two options for configuring Hybrid Linked Mode. You can use only one of these options at a time.
- You can install the Cloud Gateway Appliance and use it to link from your on-premises data center to your cloud SDDC. In this case, SSO users and groups are mapped from your on-premises environment to the SDDC.
- You can link your VMware Cloud on AWS SDDC to your on-premises vCenter Server. In this case, you must add an identity source to the SDDC LDAP domain.
For this lab, we'll use the Cloud Gateway Appliance (Option 1). This is the favored option as it doesn’t require you to expose your AD infrastructure to the cloud and open multiple firewall ports
Archive Default chapter
-
Lab 11 - Deploy Tanzu Services and Application
Updated onArticleVMware Cloud on AWS enables your IT and Operations teams to add value to your investments in AWS by extending your on-premises VMware vSphere environments to the AWS cloud. VMware Cloud on AWS is an integrated cloud offering jointly developed by Amazon Web Services (AWS) and VMware. It is optimized to run on dedicated, elastic, bare-metal Amazon Elastic Compute Cloud (Amazon EC2) infrastructure.
By running VMware Tanzu within the same infrastructure as the general VM workloads organizations can immediately start their modern application development strategy without incurring additional costs. For example, you can use SDDC spare capacity to run Tanzu Kubernetes Grid to enable next-generation application modernization, or compute power not used by disaster recovery can be used for Tanzu Kubernetes Grid clusters
VMC on AWS Labs Day 4
-
Lab 10 - Working with Containers
Updated onArticleContainers are semi-isolated environments in which applications, or parts of applications, can run. Unlike VMs which run entirely separate OSes, containers directly share resources with the OS of the server that hosts the containers. This makes containers more efficient than VMs because each containerized environment does not require a complete guest OS.
Moreover, containers are isolated at the process level from other containers, as well as non-containerized processes that run on the server. This isolation makes containers more secure than multiple applications that run directly on a host server. Each container can have different environment parameters, rather than all containers sharing a common configuration.
Technology to deploy applications inside containers has existed since the introduction of the Unix chroot call in the 1970's. Containers became massively popular in the mid-2010s with the introduction of Docker and Kubernetes, which provided tooling that made it easier for developers to create and manage containerized applications.
VMC on AWS Labs Day 4