Forum Discussion

ThomasP's avatar
ThomasP
Icon for Altostratus rankAltostratus
Sep 17, 2024

APM : is VMware Workspace One supported as an Endpoint Management System?

Hello,

In the past, we added our on-premises Airwatch server in the Endpoint Management Systems list. We used this feature to check if the smartphones connecting to the VPN were properly enrolled. We used this feature only for a few users.

We migrated to VMware Workspace One in SaaS mode but we forgot about this feature. 

Is VMware Workspace One supported as an Endpoint Management System? Could F5 APM connect to WSO API? 

When adding our WSO instance as Airwatch, we got a "General configuration error".

Thank you

Thomas

airwatch
APM
security
workspace one
  • ThomasP's avatar
    ThomasP
    Icon for Altostratus rankAltostratus
    Oct 11, 2024

    Hello Lucas_Thompson

    Thank you for your reply

    Sorry I didn't take the time to answer.

    This seems a good idea. 

    But it looks like Android10+ doesn't send IMEI number to APM any more (https://my.f5.com/manage/s/article/K15146650). So i don't know if I can make it work. The intune integration seems to rely on a device ID stored in a client certificate. 

    Airwatch integration was officially part of the F5 documentation. Does still work with new Android devices?

    I saw that someone wrote new documentation about different topics with Omnissa : 

    I would great if F5 could create a new documentation about Omissa Worksace One integration.

    Thomas

    • Lucas_Thompson's avatar
      Lucas_Thompson
      Icon for Employee rankEmployee
      Oct 11, 2024

      Right, exactly. The lack of an SDK from mobile OS makers to give an authentic device UUID has been the primary problem for all app vendors who try to fingerprint individual mobile devices, including us. This is why client certificate or other MDM-deployed solutions are commonly used.

  • Lucas_Thompson's avatar
    Lucas_Thompson
    Icon for Employee rankEmployee
    Sep 17, 2024

    If this product has a REST or other kind of HTTP API, APM can query it with whatever information it knows using the generic "HTTP Connector" agent. Typically an endpoint management system has to have some kind of UID for endpoint devices. So you'll have to answer:

    1- How can APM learn the endpoint device IDs?
    2- How do the end users authenticate to APM?
    3- What logic is used to make authorization decisions?
    4- How does the API work that you want APM to communicate with?