Digital transformation is driving a shift in the way organizations operate. According to research, by granting workers greater access to the apps they prefer and need to do their jobs, empowered employees become more productive. They’re making decisions faster, collaborating better, and experiencing higher job satisfaction.
IT needs to support these three things, the flexible work style, the applications that are increasingly everywhere, and the choice of devices that employees are demanding. These requirements have dissolved what used to be the traditional perimeter of the organization. People genuinely want the freedom and flexibility to work from anywhere in the style that makes the most sense.
Workspace ONE Access, (formerly VMware Identity Manager), provides multi-factor authentication, conditional access and single sign-on to SaaS, web and native mobile apps. Workspace ONE access Acts as a broker between identity stores and providers including AD, Azure AD, Okta, Ping, LDAP.
Workspace ONE Access allows you to provide an excellent user experience while maintaining security and control. Workspace ONE can be installed on premises or delivered as a SaaS deployment, according to what is the best for your environment:
- In an on-premises implementation, a Workspace ONE Access virtual appliance is used to handle authentication and provides SSO services to applications and desktops.
- In a SaaS-based implementation, a Workspace ONE Access connector virtual appliance is used to synchronize user accounts from the AD to the Workspace ONE Access service. Applications are then accessed from a browser-based portal. Multiple appliances can be used on-premises for redundancy and scale.
Workspace ONE Access Architecture On-Premises
- Linux based VMware Identity Manager Service: Delivered as an OVA (virtual appliance to be deployed onto vSphere) which provides the app catalog, conditional access, and single sign-on.
- Windows based VMware Identity Manager Connector: Delivered as a Windows installer which Performs directory synchronization and authentication between on-premises resources such as Active Directory, VMware Horizon, and the Workspace ONE Access service.
- Database: Workspace ONE Access can be set up with an internal or external database to store and organize server data and user accounts.
Workspace ONE Access Cloud-Based Architecture
Workspace ONE Access as-a-service to address use cases around user and device authentication, SSO and conditional access across various types of apps (for example applications could be either Web, SAML across the globe. Unlike the on-premise environment, Workspace ONE Access as-a-service only need outbound connectivity from the connector to communicate with the cloud services.
- Workspace ONE Access tenant: Hosted in the cloud and runs the main Workspace ONE Access service.
- Workspace ONE Access Connector: Delivered as a Windows installer which Performs directory synchronization and authentication between on-premises resources such as Active Directory, VMware Horizon, and the Workspace ONE Access service.