未加星标

MobileIron Bridge breaks through the MDM wall in Windows 10

字体大小 | |
[系统(windows) 所属分类 系统(windows) | 发布者 店小二05 | 时间 2016 | 作者 红领巾 ] 0人收藏点击收藏

I wrote just after VMworld that while I love the concept of windows management via EMM tools, we can’t just switch overnight. There are so many domain-based resources and incompatible applications that the move will require a lot of operational re-factoring before we ever actually touch the endpoints. And that’s just the infrastructure! Jack wrote about UEM earlier in the year, saying that when it comes to viability of UEM management of Windows, “ the devil is in the details .” He went on to note that while EMM was geared towards newer types of desktop apps that come from app stores, it’s generally not great at traditional applications.

For the vast majority of companies, keeping traditional management around is done specifically because of these domain-based resources and traditional applications. You can also throw in security for good measure. For those companies, the concept of UEM is little more than a pipe dream, which is why we’re starting to see products that are chipping away at that huge mountain that stands between 20 years of Windows management and a future where we manage everything the same way.

VMware debuted their first attempt at VMworld, and now MobileIron is getting into the mix as well with MobileIron Bridge .

MobileIron Bridge, to put it succinctly, is a framework built upon MobileIron’s existing platform that gives you the ability to perform traditional Windows management tasks such as script execution, policy enforcement, and application installation that go beyond what you can do with the MDM APIs that are built in to Windows 10.

Using MobileIron Bridge means you first need to enroll the desktop in MobileIron MDM. This gets you the baseline MDM capabilities that the Windows 10 MDM API allows. This includes the ability to deploy .appx apps and MDM-based configurations and policies. With Windows 10, it also means that you can deploy MSI-based applications, but not legacy apps. That’s where Bridge comes in.


MobileIron Bridge breaks through the MDM wall in Windows 10
MobileIron Bridge

Bridge is installed as an MSI file, “bridging” the gap between the modern side of OS and the traditional side. It runs as an agent on the traditional side, communicating with MobileIron and its configuration/policy engine. By creating the bridge to the other side of Windows, you can now manage and deploy any script that you would normally run on a traditionally-managed desktop via MobileIron MDM.

This opens up the capabilities beyond what you can normally do with MDM on Windows 10. You can tweak the filesystem and registry, fully corporatizing the look and feel as if you were using GPOs. You can run de-crappification scripts (my word, not theirs) to remove all the junk from the device. You can also install legacy Win32, non-MSI applications that are otherwise off-limits. End users choose and install these applications from the MobileIron enterprise app store as they would any other application.

What’s cool about this is that the desktop where these traditional apps live doesn’t need to be on the same network or domain to run them anymore. As part of setting up the application in MobileIron, you can specify per-app VPN settings like you would with any other application. You’re not exactly adding functionality to the application this way, but you are removing a roadblock that would have otherwise existed.

That said, this doesn’t do anything to help assign domain-based resources to end users. If you have those (think file shares & printers), you’ll need to come up with something to deal with that first. This is one of the major things that needs to be addressed before UEM takes off. (To be clear, I’m not saying it’s the entirely the responsibility of the UEM vendors to facilitate this, but as an industry it domain-based resources present a challenge that needs to be overcome.)

It’s important to understand that this is a first step for MobileIron, as are the offerings from any other EMM company that’s getting into the UEM market (AirWatch, for example, which has been making their own waves recently ). Their ultimate target is to create a platform that can fully bridge the gap and give companies a migration path from the traditional ways of managing desktops to the new ways, but that kind of thing can’t happen overnight. What we have here is a framework that MobileIron can build upon to get closer and closer to that target as time goes by.

Currently, MobileIron Bridge isn’t trying to convert your entire desktop management platform to UEM. Instead, they’re focusing on certain device types, like Microsoft Surface tablets (these have been coming up a lot lately), or scenarios that require faster onboarding and offboarding procedures. Typically, this is the “contractors, temps, and seasonal workers” use case that we lean on so much for other new technologies like DaaS. (Boy, we sure do like to stick all the new, unproven stuff on those groups!)

As companies begin to use UEM, those features that need to be added in order to facilitate a migration will be prioritized and put on the roadmap. In a few years, we may look back on these early days and laugh at how primitive UEM was. The more we try this stuff out now and provide feedback, the faster we can get there.

本文系统(windows)相关术语:三级网络技术 计算机三级网络技术 网络技术基础 计算机网络技术

主题: WindowsVPN
分页:12
转载请注明
本文标题:MobileIron Bridge breaks through the MDM wall in Windows 10
本站链接:http://www.codesec.net/view/481371.html
分享请点击:


1.凡CodeSecTeam转载的文章,均出自其它媒体或其他官网介绍,目的在于传递更多的信息,并不代表本站赞同其观点和其真实性负责;
2.转载的文章仅代表原创作者观点,与本站无关。其原创性以及文中陈述文字和内容未经本站证实,本站对该文以及其中全部或者部分内容、文字的真实性、完整性、及时性,不作出任何保证或承若;
3.如本站转载稿涉及版权等问题,请作者及时联系本站,我们会及时处理。
登录后可拥有收藏文章、关注作者等权限...
技术大类 技术大类 | 系统(windows) | 评论(0) | 阅读(38)