VMware Identity Manager is the identity and access management component of Workspace ONE. Alongside Workspace ONE UEM and VMware Horizon, VMware Identity Manager can deploy a universal application catalog that includes web, native, and virtual applications.

VMware Identity Manager is also crucial to deploying mobile single sign-on (SSO) and conditional access which includes device management and compliance checks. VMware Identity Manager is available both in shared SaaS and on premises deployment models.

This guide describes how to deploy VMware Identity Manager for Windows in an on premises environment, including high availability and load balancer configurations. Recommended deployment patterns and how to size your database, connector, and VMware Identity Manager servers based on the size of your organization are described in the Preparing to Install VMware Identity Manager chapter.

The VMware Identity Manager for Windows Deployment Model figure shows the high-level deployment pattern for Workspace ONE. The Workspace ONE UEM device service and VMware Identity Manager service are deployed in the DMZ where devices can access the services directly. The VMware Horizon service is deployed in the internal network.

The VMware Identity Manager Architecture Diagram for Typical Deployments figure shows a detailed diagram with the load balancer configuration required for clustered VMware Identity Manager.