Workspace ONE Trust Network Walkthrough

The following guide walks you through showing the Workspace ONE Trust Network setup in TestDrive.

Contents


Before You Begin


Before you begin this walkthrough ensure you have the following:

  • A valid account in the VMware TestDrive environment, sign up here if you do not yet have an account.
  • Optional - Either a Windows 10, Android, or iOS device enrolled into Enterprise - EMM Demo (corporate owned) OG.
  • Reference the Workspace ONE Intelligence guide.

Overview


VMware Workspace ONE Trust Network gives organizations a comprehensive and modern enterprise security approach to secure their users, apps, endpoints, and networks.  To manage risks related to modern-day cyber threats, Workspace ONE Trust Network combines insights from Workspace ONE, an intelligence-driven digital workspace platform, with trusted security partner solutions to deliver predictive and automated security in the digital workspace.
 
Existing security tools provide IT with only limited visibility, focusing only on silos of security that provide legacy functionality. This results in a band-aid approach that impacts organizations with high-costs due to complexity and manual tasks involved in trying to secure a digital workspace. Workspace ONE Trust Network provides a set of capabilities to protect, detect and remediate threats across the evolving digital workspace, based on a framework of trust and verification. Workspace ONE Trust Network:
  • Removes security solution silos to give IT an action-based framework that provides an aggregated view across the digital workspace.
  • Is the only solution that combines access, device and app management with insights and automation across an end-user computing ecosystem
  • Uniquely leverages an open and trusted partner ecosystem so customers can continue to use existing investments.

Workspace ONE Trust Network capabilities are available to Workspace ONE customers who have Workspace ONE Intelligence. Workspace Intelligence is available in Workspace ONE Enterprise, Workspace ONE Enterprise for VDI, and as an add-on to Workspace ONE on-premises editions.

Navigating to Workspace ONE Intelligence


There are two different methods to navigate to Workspace ONE Intelligence within TestDrive. First, you can navigate to the Workspace ONE UEM (formerly VMware AirWatch) Console from the TestDrive Portal. Alternatively, you can navigate directly to the site url.

To launch into the Workspace ONE UEM Admin Console from TestDrive:

  1. Log in at portal.vmtestdrive.com with your TestDrive account.
  2. Locate Workspace ONE UEM in the Secure Digital Workspace tab under Ready to Use Experiences...click the Launch button.

    Alternatively, you can navigate directly to the Workspace ONE UEM console by browsing to the following URL: https://testdrive.awmdm.com

  3. From the Workspace ONE UEM console, verify you are using the proper role.  In the top right, click your username to view your Account details. Set your role to:

    Intelligence & Tenant Administrator at TestDrive

    mceclip0.pngAfter the role is selected, the page will reload and you may see an admin error. This would happen if you were previously viewing a page that is unavailable with the new role.  Simply navigate to Monitor > Intelligence.   Click Launch.

    mceclip1.png

Trust Network Dashboards


PLEASE DO NOT MODIFY PRESET DASHBOARDS.
 
Integrations between Workspace ONE and partner security solutions to support Workspace ONE Trust Network are currently rolling out.  In TestDrive, the following Trust Network partner integrations are operational:
 

mceclip0.png Carbon Black
Devices: Windows

   

blobid0.png Lookout
Devices: Android, iOS

   
 

Filter your Intelligence dashboards view by "staged" to see the configured dashboards.

mceclip0.png

Pick a dashboard then click view.

Trigger Trust Network Automations


PLEASE DO NOT MODIFY PRESET AUTOMATIONS.

The automation and workflow engine allows the admin to take action directly on the data in real time across any of the data sources as well as take action, using Workspace ONE actions via integrations with the various Trust Network partner tenants.

mceclip0.png Carbon Black

Select Automations on the left menu bar.  Find the Ransomware Threat Detection automation and view it.

This particular sample automation is set to push a profile to update controlled folder access policy, send email to the affected user(s), create a Service Now ticket and approve patch to remove the OS vulnerability.

mceclip0.png

Automation in Action

Find the STAGED Carbon Black Terminate VPN automation and view it.

This enabled automation is set to remove the Per-app Tunnel VPN profile on a Windows 10 desktop upon Carbon Black's detection of a specific threat.

mceclip0.png

Warning: The following demo cannot be readily repeated after it's completed.

For demonstration purposes, Windows Fax and Scan has been set up in Carbon Black as a threat.  On the enrolled Windows 10 machine, attempt to launch wfs.exe.

...observe the instant Carbon Black Defense notification in Windows.

Screen_Shot_2019-08-15_at_1.57.01_PM.png

A few moments later, in the Workspace ONE UEM console, check your device's details > profiles for the removal of the WWE - Windows - Tunnel profile.

mceclip1.png

...and the removal of the Per-app Tunnel profile from the Windows device itself (< 2 min).

Before Intelligence Trust Network automation:mceclip2.png

After Intelligence Trust Network automation:
mceclip4.png

Per-app VPN, while it's exposure to the device and a corporate network is greatly reduced compared to device VPN, is still a pipeline to the internal network.  The 'Carbon Black Terminate VPN' automation has removed the Per-app Tunnel profile from the device, greatly reducing the threat's chance to spread to internal systems.

 

blobid0.png Lookout

Coming Soon

 

Device Deployment


Workspace ONE UEM all but eliminates administrative overhead by installing the Trust Network partner apps (agents) on your mobile device fleet. Windows, Android, and iOS devices enrolled in the Enterprise - EMM Demo (Corporate Owned) OG will have the appropriate agent automatically installed by Workspace ONE UEM.

Log in to the console and change your admin role to Device Administrator at World Wide Enterprises.

Next, validate the Trust Network partner's app is successfully installed on the device.  Drill into your device and go to Apps.

  • Carbon Black (Windows 10) should look like this (version may be different).
    mceclip2.png
  • Lookout (Android and iOS) should look like this (version may be different).
    mceclip1.png

 

 

 

Have more questions? Submit a request

Please sign in to leave a comment.