• Workspace ONE


  • Document


  • Overview


  • Technical Overview


  • Design

What Is Workspace ONE?

A common question among IT professionals is “What is Workspace ONE?” 

The question is not surprising. In VMware's End User Computing Business Unit, there are literally tens of thousands of customers using products such as Workspace ONE Unified Endpoint Management™ (UEM) powered by AirWatch® and VMware Horizon®…products that have been around for quite a few years. In comparison, Workspace ONE is a relatively new offering. However, before you start thinking about Workspace ONE as a brand new product offering, you should know that many customers, perhaps even you, are probably already using some of the components that make up the Workspace ONE platform.

So, What Is It?

Workspace ONE is a digital workspace platform that delivers and manages any app on any device by integrating access control, application management and multi-platform endpoint management. Workspace ONE is built on the unified endpoint management (Workspace ONE UEM) technology and integrates with virtual application delivery (VMware Horizon) on a common identity framework. The platform enables IT to deliver a digital workspace that includes the devices and apps of the business choice, without sacrificing the security and control that IT professionals need.

workspace one frameowork

Workspace ONE delivers on critical needs that organizations are having today and will have in the future. Think about it. Today, end-users have multiple devices, with various form factors and operating systems. Many of these devices are not managed by IT, which makes it difficult to secure access, when you cannot trust the device. Think about the apps you have to support today. In addition to the legacy apps that you’ve supported for the last 10+ years, you have modern apps (SaaS, mobile, etc) that sit in the cloud somewhere, outside the realm of the corporate network.   

IT has struggled to keep up with the needs of the business and because of that, we see many business units and employees going around IT policy, a trend commonly known as “shadow IT”. Organizations are facing the critical decision to either ignore these trends at the peril of unintended security breaches or embrace the new way of work leveraging a new management framework. That is why in 2016 we introduced VMware Workspace ONE.

What are the key capabilities / features of Workspace ONE?

As an IT admin, you want to know about the features right? This section summarizes the key features of Workspace ONE, and outlines a few key examples/use cases of when you would use each one. 

Consumer-simple access to cloud, web, mobile and Windows apps
With Workspace ONE, end-users can get password-less single sign-on to a catalog that provides them access to virtually any mobile, web, cloud, or Windows app. Once signed-in, end-users can self-service select the applications they need to be productive with no IT intervention. As an IT professional, you control the back end workflow to make this happen, but in so doing you’ve eliminated the deluge of help-desk calls for end-users to get access to applications and services. 

  • Provide easy access to all of the apps your end users need to do their job either through a catalog available through a browser or the Workspace ONE native mobile app.
  • Transform employee onboarding by enabling self-service access to the apps your end-users need. 
  • One-touch single sign-on means your end-users don’t have to remember a bunch of credentials, or type in the same password every time they access an app. Through the use of certificates, Workspace ONE provides a secure and easy way that results in a password-less single-sign on experience. 
    Enabled Through One Touch Mobile SSO


Choice to use any device; BYOD or Corporate Owned
Workspace ONE doesn’t dictate which platforms to deploy in your environment. Our goal is to support any device…even devices that have not yet been invented. From desktop OS’s, to mobile OS’s, even wearables and 3D graphics workstations, we work with it. Beyond that, we also know that  some of these devices may be corporate owned and require IT to configure and manage them through their lifecycle, many will be owned by the employees themselves. VMware Workspace ONE puts the choice in employees’ hands for the level of convenience, access, security and management that makes sense for their workstyle.

  • Desktops OSs, mobile OS, smartphones, you name it, we support it. That means you don’t have to worry about the next big mobile device that comes out. We will support it.
  • Bring-your-own, Choose-your-own, Corporate Owned, Locked Down, etc…there are so many device management types. Workspace ONE supports them all in a single platform.
  • Adaptive management makes the workflow of an end-user logging in on a BYO device super simple. Just launch the Workspace ONE app. If the end-user tries to access an app with confidential data, they will be walked through the steps to elevate management on their device. 


Data Security and Endpoint Compliance with Conditional Access
To protect the most sensitive information, Workspace ONE combines identity and device management to enforce access decisions based on a range of conditions from strength of authentication, network, location, and device compliance. We provide a powerful policy engine so that you can mix and match these inputs to make dynamic decisions on the level of access end-users get. This means that if you need to lock down access to sensitive data from remote users on unmanaged devices, you can do that in just a few clicks. But we go one step further. We provide the end-user workflow for endpoints to get into a state that results in compliance, and thereby access.

  • Conditional Access policies can be applied on a per-application basis to enforce authentication strength and restrict access by network scope or through any device restriction.
  • Advanced data leakage protects against rooted or jailbroken devices, whitelist and blacklist apps, open-in app restrictions, cut/copy/paste restrictions, geofencing, network configuration and a range of advanced restrictions and policies.
  • Get real time visibility with application, device and console events that provide detailed information for system monitoring, and view logs in the console or export pre-defined reports. 

Conditional Access


Real-time App Delivery and Automation
Workspace ONE, supported by Workspace ONE UEM and Horizon virtualization technology, enables IT professionals to automate application distribution and updates on the fly. Whether you’re deploying Windows apps, mobile apps, or even virtualized applications, we automate the application delivery process to enable better security and compliance. This means that whether you need to deploy Windows apps to Windows 10 devices in your organization, or up-to-date virtualized apps to mobile devices, Workspace ONE provides a single platform that keeps you covered every step of the way. 

  • Simplified management and provisioning of devices enables Workspace ONE to eliminate the need for laptop imaging. With dynamic smart groups, which uses device information and user attributes, you can ensure always have the necessary configuration on their devices, including Wi-Fi and VPN.
  • Automatically install, update and remove software packages. Create an automated workflow for software, applications, files, scripts and commands to install on laptops, and configure installation during enrollment or on-demand. You can also set the package to install based on a variety of IT-defined conditions.
  • Horizon provides secure hosted virtual apps and desktops enabling users to work on highly sensitive and confidential information without compromising corporate data. Users can access their virtual apps and desktops from the Workspace ONE app, enabling them the flexibility to be productive wherever they need to.

Watch a demo showing Workspace ONE in action

Why Consider Workspace ONE?

Having read through a high-level overview of Workspace ONE, you now have a good idea of what it can do. Workspace ONE is the only platform in the market that integrates access control, application management and multi-platform endpoint management, giving you a solution that supports the breadth of devices, apps, and workstyles that are prevalent in enterprise organizations. I encourage you to take a look at how Workspace ONE can you help you support existing and new digital workspaces  that require the enterprise security that only an integrated platform can deliver, with the consumer simplicity that your end-users will love.

Call to Action

After reviewing our comprehensive demo video, I encourage you to take the next step in learning about Workspace ONE by taking a look at the article “How does Workspace ONE work?

Filter Tags

  • Workspace ONE
  • Overview
  • Technical Overview
  • Document
  • Design