VMware Workspace ONE Web admin guide highlights the features and capabilities of Web application. It describes the Workspace ONE UEM console settings that apply to Web and provides a brief explanation of how the settings impact the behavior of the application.
What is VMware Workspace ONE Web?
Workspace ONE Web is a mobile application that securely connects users to corporate networks and enhances their browsing experience across Intranet, Internet, and other web applications. It provides your organization with a manageable and secure alternative to device native web browsers. Workspace ONE Web runs on iOS and Android devices. You can deploy and customize Web through the Workspace ONE UEM console. The configurations set by you determine the behavior of the application when deployed on the users’ devices.
Why VMware Workspace ONE Web?
Workspace ONE Web separates business data from personal data and manages security policies while keeping individual information private. With this application, users can:
- Instantly access your company’s intranet without manually configuring a VPN.
- Find information quickly with pre-configured corporate bookmarks and home pages. Users can also edit and remove bookmarks or add them on their own.
- Scan QR codes.
- Securely access web links given in the business emails.
- Eliminate challenges with manually entering passwords to internal websites with built-in single sign-on.
How Secure is VMware Workspace ONE Web?
Workspace ONE Web offers a secure browsing experience by providing complete encryption of data at rest and in-transit with AES 256-bit encryption. It uses disk level encryption to protect the downloaded files and Web settings. You can configure Web to allow or disallow users to access specific web pages, enforce restrictions on copying or pasting content, enable or disable cookies.
Workspace ONE Web works on the following configurable levels.
- Application Level – Secure Web at the application level by requiring end users to authenticate with a passcode, biometrics, or Active Directory credentials. You can also enable single sign-on.
- Tunnel Level – Use the VMware Tunnel certificates to encrypt traffic. Only enrolled and compliant devices are given access to VMware Tunnel.
- Website Level – Disable integrated authentication to require end users to authenticate when they access internal sites.
Requirements to Deploy VMware Workspace ONE Web
- Supported Platforms:
- iOS 10 and later.
- Android 8 and later.
- Supported Broker Apps:
- VMware Workspace ONE Intelligent Hub
- AirWatch Container
- Hardware requirements:
- Samsung DeX (S8 and higher, Note8, and S9 and higher)
- SDK settings requirements
Prior to configuring the SDK, install VMware Tunnel, or integrate an existing third party equivalent with Workspace ONE UEM. Please see Choosing an App Tunnel more information on meeting this requirement.
- iOS 8 supports Workspace ONE Web only through version 5.10.2. To take advantage of new features and versions, devices must update to iOS 9 or later.
- Workspace ONE WEB for Android does not support Kerberos authentication over HTTP. For more information, see Workspace ONE Web for Android withdrawal of support for Kerberos over HTTP.
Workspace ONE UEM supports the following technologies for app tunneling using the Settings and Policies configuration.
|Standard Proxy||Enables devices to rely on an existing HTTP or SSL Proxy to determine which content the Workspace ONE Web or other web can access.|
|VMware Tunnel - Proxy||
Accesses corporate content from within your network such as an intranet site. With the VMware Workspace ONE Tunnel enabled, you can access internal corporate content on your device.
For information on configuring the Workspace ONE Tunnel, please see the VMware Workspace ONE Tunnel Admin and Install Guide.
Enables app-tunneling to both SDK-built applications and applications managed on MDM enrolled devices across major platforms.
VMware Tunnel provides better speed and performance over VMware Tunnel - Proxy, more secure authentication and encryption utilizing certificates, TLS 1.2, and tighter network access control through domain filtering.
|F5 Proxy||Use to access your internal network as an alternative to the Workspace ONE Tunnel.|