Workspace ONE UEM Reviews

We use it for device management. We have an on-premise environment, we are looking to go to cloud, and we want to manage the device, manage the applications of the device, manage the contents, and of course, manage e-mail on the device.

There are various MDM vendors, and I've used at least five of them. The reason I prefer AirWatch is simply because it helps me to think more in terms of a future perspective. It has given me the right tools for my enterprise. That's the key thing. It aligns with our IT strategy in a very good way.

For me, the integration of AirWatch with various enterprise components is something I like. The way they are partnering with various services, like security services, or some of the big guys like Google, Android, Apple, and including Microsoft; that's really awesome. And the way they look at providing functionality to create self-service and automation, that's really usefully and beneficial. That's where I see they differentiate themselves.

AirWatch has all the features. One of the things that I want them to improve on, if possible, is the management of Mac devices, MacBook Pro, for example. They do it, but they have scope for improvement, in my opinion. It's not that it's that bad, it's just a small need. They have set the bar very high already so that's the expectation.

It's absolutely stable, no issues.

We have a large instance. We have tens of thousands of devices already, and I don't think there are any issues at that scale. We are probably one of the top-10 customers in terms of scale.

Technical support is really awesome. They follow up, they have it 24/7, they handle things in multiple regions. It's not like just one person will be there and they're not responsive. They are responsive, they ensure that they give the right priority to their customers. If it's a critical item, which means it's a showstopper, they do help us immediately and ensure that there is proper follow-up among the team members. It's not like they leave you hanging there. There are very good documented records in terms of what actions have been taken, and what the next engineer is going to come in and do.

I was the one who set it up. It was not complex, it was an appliance-based setup and it was pretty easy. AirWatch was there, but I was the one who was there from day one.

It's important to understand your requirements: What is important, what is your environment, and what are you looking for? If you are a government company, that means you are looking at a lot of data protection, security is the highest priority. If your back office is Microsoft and you are looking at an integration with your Microsoft products, that would be a different thing. If you are a salesperson, with Salesforce and you're application oriented... it all depends. Each organization has different needs. It depends on your priorities, what you need in terms of making sure your productivity, your top line and the bottom line, grow. It's nothing like one size fits all.

When selecting a vendor, there are multiple things to consider, there is not just one. But one of the things I would really look at this moment, because so many vendors already give that, is the ability to do discovery/self-services analytics: How the solution is going to help. It should give some kind of a blueprint in terms of what's happening in an enterprise, so that you can take an informed decision. I would make analytics a key decision point.

I rate AirWatch at about nine out of 10. I would not give them 10 because there is always room for improvement. I have had no issues and it has been really awesome for me. I have been using it for five years, and I have seen how they have moved up on the ladder, how they've integrated, how they have gone forward moving into the enterprise, and the rate of change, of transformations. It's really excellent.

We use it against security breaches. We have a lot of corporate information, which is highly confidential. We don't want that information to be leaked. We have AirWatch to avoid allowing everybody access to all the information and using it. Once an employee's device is enrolled, everything is under security, so there won't be any opportunities for security breaches.

We are sending emails from one person to another person in the same domain. This falls under security. We need there to be no security breaches, when we are sending emails which are confidential. There can be no points of leakage. If an outside person tries to track or hack information, it is not possible without us being notified.

1. Application management: Apply application to users via a catalog or app store.
2. Content management: Attachments, documents, PDFs, etc. and emails should be encrypted.
3. Device management: Basic troubleshooting.
4. Email management: Avoid email hacks.

The console comes bunched together as a package and inbuilt. Its called Workspace ONE. Whenever we have an issue, we contact the service provider, and instead of a fix, we are just getting the next version of Workspace ONE.

It is stable.

My customer is a Microsoft and Apple site, 99 percent of the system in Windows Servers, and the company gives every manager an iPad or iPad Pro (500-plus devices).

We deployed the MDM functionality of AirWatch to control all devices and MEM is the next step. We are struggling in MBM/MAM because all the applications are IE compatible.

The company used DEP to manage all devices previously. Now, with AirWatch (Workspace ONE Advanced) they can manage all devices and apps more easily. Among the most important improvements is the ability to set up different groups with different deployment policies.

MEM is valuable because all push emails can be monitored.

MBM/MCM could be improved. MBM can support specific versions of development tools. If VMware would let the customer know this more clearly, we would not need to waste time explaining this and delaying the project.

Also, the Content Locker cannot inherit permissions for the Windows Public Folder. If they could integrate with Microsoft on this point, it would be the perfect functionality.

We use it for managing BYOD devices and also for government-furnished devices - we support the Department of Energy. We use it for about 1500 devices.

It makes us more efficient in managing these devices, in lieu of not having it, that's for sure. We can also impose cybersecurity requirements.

For the most part it works, that's valuable to us. 

We're unhappy with the quality of support we get for it. We're unhappy with how upgrades occur, so we are migrating away from it. We have an on-premise AirWatch solution and for us to do upgrades we have to call AirWatch to be able to perform the upgrades. They're busy, and scheduling it is not timely enough for us.

There are features that we want like the ability to use Derived Credentials and things like that, which we can do with AirWatch, but doing so we move up into a different tier of licensing and the cost increases dramatically. To get the features we want, we can do the same thing with Microsoft Intune and we're going to see a product savings of over $70,000 a year.

We use it for handheld devices that have been corporately issued. They can include recognized devices whether they are connected to inventory, sales, or route delivery.

The benefit is that it helps our remote connections be as secure as possible. Also, being able to issue mobile devices increases productivity.

• Antivirus 
• The ability to push security policies down to the device

I think the stability is adequate, but I don't know for certain because we haven't actually stress tested it.

In terms of scalability, it has served our purposes, but I don't know if we go larger enterprise if it would be as satisfactory.

Our licensing is coming up, so we want to make sure that we either renew our current license or we go in another direction.

The most important criteria when selecting a vendor include reliability, the ease of obtaining technical support, and responsiveness. And of course, price.

I rate it at seven out of 10 because it doesn't fit perfectly into our framework.

My advice would be, look for the right sizing and the right use cases. It may be that the solution we're using is perfect for another vertical.

• Easy to navigate interface for admins
• Integration with Cisco ISE and other third party applications utilizing REST and SOAP APIs.
• AD/SMTP/Certificate Integration (SCEP/DCOM)
• Feature-rich, including integration with other VMware products (Content Management/Mail/VPN/SandPit).
• Zero day support for new Mobile OS firmware – fast to market on new API’s available.

By allowing us to centrally manage cross-platform mobile devices for corporate and BYOD.

• QA – better code execution
• Apple Mac management is troublesome
• Documentation prerequisites often leave out important information.
• Support in general; We have many issues that have never been fixed.

I've used this solution for six years.

• On-premise comes with challenges with upgrades and new features (SEG/Powershell)
• Many bugs with every version release of both the console and AirWatch Apps/products. Often bringing back old documented issues in new releases.

Yes. Way too many servers needed for additional functionality which becomes very complex.

If you want decent support mechanisms, expect to pay and pay well. Otherwise, the process is time consuming often covering the same processors multiples times. The first point of contact takes notes of the issue with no product knowledge.

The next escalation is slow and often just asks for logs and is not helpful. If you are implementing a new service or upgrading expect to be charged for professional services even if you believe this is a support issue.

I have used many solutions over the past five years. They all have pros and cons and, unfortunately, no silver bullet.

Setup is complex in a large or on-premise environment. Recommend SaaS model for most scenarios, but still complex once you start plugging in the additional features.

VMware is expensive and continues to raise licensing costs year on year. Business model is to separate services so you need more servers which if you are a VMWare customer cost you more in licensing costs.

Also, I've noticed that the minimum hardware specs for your servers continue to be raised.

I have evaluated the other main players. MobileIron is built by engineers, not sales teams. Infrastructure is relatively simple and does what it says on the tin well.

AirWatch has many more features but is not always implemented well. The rest are all trying to catch up or are specialized for particular use cases.

Scope out your functional requirements, HA and DR. You will need to plan for upgrades continually to any on-premise infrastructure. Lots of bad code so never go latest releases. If you want support, expect to pay. Managed services can be a good option. Test, test and test.

AirWatch has one of the best User Interfaces and it's quite easy to figure out where particular items are within the menu system.

They have good functionality across all the major platforms, too.

It has allowed employees to access their apps from their mobile or tablet while on the go, essentially freeing them from their old desktop workstations.

There is a lack of a real developer community. AirWatch doesn't seem to empower IT admins to try new things or get creative with implementations. They are more happy to sell you one of their support subscriptions.

I've used this solution for six years.

Some features like the AirWatch Launcher on Android can be very quirky.

The enrollment process on Android devices has always created challenges with scalability.

Scalability on iOS is seamless if you have developed a try zero touch build via AirWatch's integration with Apple's DEP and VPP deployment programs.

A three out of 10.

I manage Mobile Iron environments as a professional service. Through previous roles, I also have had exposure to InTune, SOTI MobiControl, and IBM MaaS360.

Not particularly, they are all evenly matched here.

Don't make compromises when enticed by enterprise license agreements for other products that may include their own MDM for a substantially low price.

You should take out a dedicated license agreement of your MDM fleet and invest heavily in innovating in this space. I've seen many companies that buy into MDM and don't make a continued investment in evolving their use cases.

Zen Mobile, Good, Silverback, and MobileIron.

Have a long term plan in place and spend more time on designing the solution before rolling out. Never lose sight in what your key motivators are, whether it's enablement, scalability, security, or governance.

We find this solution allows us to deploy apps more efficiently. We have a vendor that developed an app for their software for use in our company. We were able to deploy this custom built app easily.

We also find the Secure Email Gateway very useful. Active-Sync email routes through that server to the exchange server. With this configuration, we were able to lock down Exchange to only allow active-sync email from this server. We were able to configure the email settings within AirWatch to choose which extensions can be allowed on the email on the mobile device, as well as what app can be used to view attachments. There are alot of other options such as forwarding and screenshots that can be disabled, or restricted. We have implemented this with AirWatch Inbox to further lock down the email functionality and secure the email. We have also been able to deploy outlook settings to Windows desktop OS by using AirWatch.

I also like the ability to enroll devices in shared mode, which allows devices to be "checked out" by users by entering their username/password in the AirWatch app. Once they do this, their email is configured, and any apps, etc are downloaded. When they are done, they sign out, and the email and apps are removed.

I do like the remote wipe and how it allows you to locate a device if it is missing and delete the enterprise data, however these are limited on apple devices due to apple policies and cannot be changed by AirWatch. This will be the same on any MDM provider and isn't limited to just AirWatch. For example, if a device is stolen, you can't wipe it if they have it turned off. It will need to phone back home in order to be wiped. Now you can set a wipe after up to 10 passcode failed attempts which will help keep your data safe if it's stolen. You also can't force location services to be enabled by AirWatch. When enrolled, location services has to be enabled (or enabled later in the settings). AirWatch cannot force location services to be turned on due to Apple policies (and this will be the same for any other MDM provider). If the device is stolen and is phoning home, you can't locate it if location services was disabled or never enabled.

Jabber and other applications used often are easily able to be deployed and configured, as is e-mail. Email can also be secured more effectively with their product.

More functionality has been added for Windows desktop devices, and the options for Android and IOS has been fairly extensive already. The only recommendation I could make right now is continuing to add more functionality

We have had this deployed and in production for around 4 years now

No. The deployment is fairly simple.

We encountered an issue with the renewing of the APN certificate, which was due to a bug in the version we were running and was resolved in an update. We have had a need to move the database, and that was fairly difficult as documentation was sparse, and the first support technican said AirWatch would need re-installed. However the next support technician pointed me to the configuration file in the install path that I needed to change settings in.

This has functioned as we expected in scalability.

When we have worked with Customer service, they have most often been helpful, knowledgeable and timely. There have been some instances where they weren't great such as when I needed to move the database. The first technician stated we would need to re-install AirWatch, however I opened a case up again and the next technician pointed me to a configuration file that I just needed to update. There have been other moments when one technician states something isn't supported or possible, but the next technician would state it is and provide information on how to do it.

When we have worked with Technical Support, they have most often been helpful, knowledgeable and timely. If we got one that wasn't, we give it a day and open another case in hopes of getting a better technician.

We used the default exchange settings to manage e-mail however the settings for security and deployment are limited there compared to AirWatch. We also tried to Use Vipre MDM but it was very limited as well when compared to AirWatch.

The setup of AirWatch itself was performed by AirWatch, however the setup of groups, policies, apps, etc. was straightforward.

We implemented this product on our own. It was straightforward and fairly easy to implement.

This product is effective and simple to manage. It has more options that stand-alone products such as Anti-Virus or Exchange.