The following guide walks you through showing the Workspace ONE Trust Network setup in TestDrive.
- Before You Begin
- Navigating to Workspace ONE Intelligence
- Trust Network Dashboards
- Trigger Trust Network Automations
- Device Deployment
Before You Begin
Before you begin this walkthrough ensure you have the following:
- A valid account in the VMware TestDrive environment, sign up here if you do not yet have an account.
- Optional - Either a Windows 10, Android, or iOS device enrolled into Enterprise - EMM Demo (corporate owned) OG.
- Reference the Workspace ONE Intelligence guide.
- Removes security solution silos to give IT an action-based framework that provides an aggregated view across the digital workspace.
- Is the only solution that combines access, device and app management with insights and automation across an end-user computing ecosystem
- Uniquely leverages an open and trusted partner ecosystem so customers can continue to use existing investments.
Workspace ONE Trust Network capabilities are available to Workspace ONE customers who have Workspace ONE Intelligence. Workspace Intelligence is available in Workspace ONE Enterprise, Workspace ONE Enterprise for VDI, and as an add-on to Workspace ONE on-premises editions.
Navigating to Workspace ONE Intelligence
There are two different methods to navigate to Workspace ONE Intelligence within TestDrive. First, you can navigate to the Workspace ONE UEM (formerly VMware AirWatch) Console from the TestDrive Portal. Alternatively, you can navigate directly to the site url.
To launch into the Workspace ONE UEM Admin Console from TestDrive:
- Log in at portal.vmtestdrive.com with your TestDrive account.
- Locate Workspace ONE UEM in the Secure Digital Workspace tab under Ready to Use Experiences...click the Launch button.
Alternatively, you can navigate directly to the Workspace ONE UEM console by browsing to the following URL: https://testdrive.awmdm.com
From the Workspace ONE UEM console, verify you are using the proper role. In the top right, click your username to view your Account details. Set your role to:
Intelligence & Tenant Administrator at TestDrive
After the role is selected, the page will reload and you may see an admin error. This would happen if you were previously viewing a page that is unavailable with the new role. Simply navigate to Monitor > Intelligence. Click Launch.
Trust Network Dashboards
PLEASE DO NOT MODIFY PRESET DASHBOARDS.
Filter your Intelligence dashboards view by "staged" to see the configured dashboards.
Pick a dashboard then click view.
Trigger Trust Network Automations
PLEASE DO NOT MODIFY PRESET AUTOMATIONS.
The automation and workflow engine allows the admin to take action directly on the data in real time across any of the data sources as well as take action, using Workspace ONE actions via integrations with the various Trust Network partner tenants.
Select Automations on the left menu bar. Find the Ransomware Threat Detection automation and view it.
This particular sample automation is set to push a profile to update controlled folder access policy, send email to the affected user(s), create a Service Now ticket and approve patch to remove the OS vulnerability.
Automation in Action
Find the STAGED Carbon Black Terminate VPN automation and view it.
This enabled automation is set to remove the Per-app Tunnel VPN profile on a Windows 10 desktop upon Carbon Black's detection of a specific threat.
Warning: The following demo cannot be readily repeated after it's completed.
For demonstration purposes, Windows Fax and Scan has been set up in Carbon Black as a threat. On the enrolled Windows 10 machine, attempt to launch wfs.exe.
...observe the instant Carbon Black Defense notification in Windows.
A few moments later, in the Workspace ONE UEM console, check your device's details > profiles for the removal of the WWE - Windows - Tunnel profile.
...and the removal of the Per-app Tunnel profile from the Windows device itself (< 2 min).
Before Intelligence Trust Network automation:
After Intelligence Trust Network automation:
Per-app VPN, while it's exposure to the device and a corporate network is greatly reduced compared to device VPN, is still a pipeline to the internal network. The 'Carbon Black Terminate VPN' automation has removed the Per-app Tunnel profile from the device, greatly reducing the threat's chance to spread to internal systems.
Workspace ONE UEM all but eliminates administrative overhead by installing the Trust Network partner apps (agents) on your mobile device fleet. Windows, Android, and iOS devices enrolled in the Enterprise - EMM Demo (Corporate Owned) OG will have the appropriate agent automatically installed by Workspace ONE UEM.
Log in to the console and change your admin role to Device Administrator at World Wide Enterprises.
Next, validate the Trust Network partner's app is successfully installed on the device. Drill into your device and go to Apps.
- Carbon Black (Windows 10) should look like this (version may be different).
- Lookout (Android and iOS) should look like this (version may be different).