VMware aims high with a little help from its friends

Taps little-known hooks in iOS and Android to make BYOD more secure

VMware's extensive ecosystem has been a massive part of its success, as demonstrated by the fact that even when server virtualisation looked like a reason to stop buying servers it created an opportunity for Intel to make virtualisation sing and arguably left Chipzilla making more coin from virtualisation than VMware itself.

It's therefore unsurprising that VMware's again turned to partners to advance its fortunes.

One of its friends is IBM, which had announced it will now offer VMware-Horizon-Air-as-a-service to pipe virtual desktops from the cloud to wherever you want them to tun. Cloudy desktops remain an immature technology, but VMware has anointed IBM/ SofLayer as a critical global cloud partner. So off to the cloud they go, hand in hand.

VMware's also making much of its friendly relations with Apple and Google to help overcome one of the barriers to adoption on managed mobile apps.

Today, the approach VMware and others most often take to deploying business applications to mobile devices is to put that device under management, so red lights in HQ warn when users do dangerous and/or naughty things. Sysadmins buy mobile device management (MDM) servers, often install agents on mobile devices and then enforce deployment of apps into managed sandboxes.

This approach works, but requires the MDM server to drive devices, an effort that is not always appreciated by users who wonder why mission control is resting such a heavy hand on their BYOD devices.

Such complaints are, however, avoidable thanks to recent and quiet adoption of Mobile Application Management (MAM) capabilities in iOS and Android. MAM means that applications can be sandboxed without IT's intervention. Integration between popular cloud services and VMware means that when users log on with an account known to be tied to a business, the apps place themselves in a sandbox that enhances security but is invisible to users.

IT gets control over logins, plus data protection to stop documents and data being emailed out of the business. Users get a phone or phondleslab that behaves as expected rather than splitting into personal and manager islands.

This new MAM capability is the highlight of an upgrade to the WorkspaceOne suite of end-user compute products.

A third friend is Tanium, an early-stage security company VMware likes so much that it has decided to OEM its software, to give it a way to interrogate virtual and physical end-points to understand what software they run and whether it conforms to expected configurations and/or whitelists.

Tanium's code also observes endpoints to learn their patterns of communication. If stray packets start moving in odd directions, security teams can be warned of such threaening oddites.

Tanium's products will be sold as VMware TrustPoint.

Vmware's also added two-factor authentication with the new VMware Verify product, an effort to further induce comfort about BYOD schemes. ®

Other stories you might like

Biting the hand that feeds IT © 1998–2022