BACKGROUND IMAGE: DrHitch/stock.adobe.com
Many companies have deployed one management system for employees working with desktops and laptops and another for smartphones and tablets, resulting in duplication, inefficiencies and added costs. VMware and Microsoft recently joined forces to connect their systems so organizations can streamline endpoint management through a product called Workspace ONE UEM.
IT groups have struggled to run autonomous management systems that create redundancies, slow troubleshooting and diminish system performance. In response, suppliers have started providing unified endpoint management (UEM) systems capable of overseeing a variety of end devices from a central console.
VMware and Microsoft's UEM beginnings
VMware has had strong offerings in the mobile device management market. Its Workspace ONE, for example, provides employees with an intelligent hub -- a digital workspace that houses company information, delivers actionable notifications and includes self-service capabilities.
Microsoft, meanwhile, has led the desktop and laptop management field. Its System Center Configuration Manager (SCCM) and Intune manage 175 million laptops and desktops, according to Microsoft. In November, the company announced Microsoft Endpoint Manager, which integrated the two products and migrated them from an on-premises to a cloud-based deployment. Cloud systems are easier to manage because a central system can perform updates once and make them available to all end devices. On-premises-based endpoint devices are more challenging to upgrade all at once.
Microsoft and VMware teaming up
Organizations generate a lot of endpoint data showing how their systems perform, their security profile and whether their software is up to date, said Shannon Kalvar, a research manager of IT service management at IDC. When problems arise, pinpointing the source can be time-consuming, frustrating and productivity-draining.
Chris SilvaResearch vice president, Gartner
In November 2019, VMware and Microsoft decided to try to change that situation, teaming up to create Workspace ONE UEM. This product enables VMware admins to more easily pull management information from Microsoft Windows 10 devices.
Integrating the two systems frees up IT help desk personnel. They spend less time bouncing from screen to screen to see how specific devices perform and more time analyzing how system resources work. They're more proactive and less reactive to system changes. They can see, for example, when a network connection's spare capacity is diminishing and upgrade the link before it becomes a bottleneck.
The missing pieces
Tying management systems together is a major undertaking. The VMware and Microsoft UEM partnership doesn't solve all system management problems and work remains to be done. VMware plans to add the following Microsoft system management capabilities over the course of 2020:
- Microsoft Security Baselines for Windows 10 will be available by the end of the first quarter of 2020 as turnkey templates within Workspace ONE. As a result, admins will have the ability to audit usage baselines and ensure that users follow company policies when they work with corporate assets.
- Microsoft Teams support, which enables collaboration, will likely roll out as a tech preview -- basically, a beta test -- in the first half of 2020.
- Horizon Cloud on Azure will support Windows Virtual Desktops by the fourth quarter of 2020.
- Conditional access for Microsoft 365 apps and services via Workspace ONE and integration with Microsoft Endpoint Manager and Azure Active Directory Premium for any device should also become available in the fourth quarter.
Finding a differentiator
VMware and Microsoft both vie for the top rung on the management ladder. Historically, they haven't always played nice with one another. For example, in the past, Microsoft didn't provide VMware with access to its configuration management data. It's possible, even amidst this team-up, they might look for opportunities to promote their self-interests at the expense of their customers' best interests.
The two vendors must find new ways to differentiate their combined service from those of competitors. They collect management information and, now, can layer on analytics to correlate that data, get a clearer idea about how their management systems work and streamline inefficient business processes, according to Kalvar.
In the past, VMware has focused on helping companies provide new employees with Windows 10 devices. It hopes to extend its management capabilities to other systems and add a unified app catalog, analytics, automation, multi-tenancy, a virtual desktop interface and a zero-trust security framework to Workspace ONE. Increased security measures in Workspace ONE mean that, for example, a company can now see a smartphone that doesn't follow company security policies when it downloads data and immediately force its user to make a change.
"Security and security analytics may be another area where VMware tries to differentiate its products," said Chris Silva, research vice president at Gartner, a research and advisory firm based out of Stamford, Conn. VMware already extended its security line with the purchase of Carbon Black in October 2019.
Endpoint management has created challenges for organizations. The VMware and Microsoft partnership will address some of those customer pain points. New features for Workspace ONE UEM are on the docket, but they won't resolve every issue as this complex area continues to evolve.