Weekly highlight: Using VMware Cloud Services to access Workspace ONE services for existing customers - Workspace ONE customers will have single sign-on (SSO) access to all Workspace ONE services through the VMware Cloud Services console. More email communications will be sent on timelines and steps for when this SSO path is made available. The steps for completion are shown below in the “What does a customer do?” section.
For first-time login, customers need to register a VMware account within VMware Cloud Services. Thereafter, they use this account to log in to Workspace ONE Cloud Admin Hub, which is a centralized administrative portal to access all Workspace ONE services like UEM, Horizon Cloud, and Access. Customers can access the services directly from Workspace ONE Cloud Admin Hub, without having to sign in again. - While the existing accounts will still be available, this new SSO login experience helps administrators to centrally access their Workspace ONE services, without having to maintain multiple accounts or service URLs. This change does not impact customer configurations, policies, or data within any Workspace ONE services.
Over the next quarter, Horizon Cloud administrators will be enabled with VMware Cloud services followed by other Workspace ONE services, in a phased manner. You will receive a notification with more information on how to get started, when the opportunity for SSO is available. - KB-Reference: https://kb.vmware.com/s/article/89945?lang=en_US&source=email
VMware Workspace ONE Intelligent Hub, Assist, SDK, and Launcher will end support for Android 6.x & Android 7.x, in 2023 and 2024 respectively (90127) - In order to focus on incorporating functionality available in newer versions of the Android operating system, Workspace ONE Intelligent Hub, Assist, SDK, and Launcher for Android will drop support for devices using Android OS 6.x upon release of Android 14 (expected in Q3 2023) and Android OS 7.x upon release of Android 15 (expected Q3 2024).
- Upon Android 14’s release (expected in Q3 2023), new releases of Workspace ONE Intelligent Hub, Assist, SDK, and Launcher will no longer support Android 6.x.
- Upon Android 15’s release (expected in Q3 2024), new releases of Workspace ONE Intelligent Hub, Assist, SDK, and Launcher will no longer support Android 7.x.
Android 6 and Android 7 were originally released back in 2015 and 2016, and to maintain the most robust security posture it is strongly recommended to stay on more updated operating system versions.
End of Support Life notice for macOS Intelligent Hub versions 22.03 and below. (90075) - VMware is working on essential security updates to the People tab in macOS Intelligent Hub. This would require us to end the support for the People tab specifically in macOS Intelligent Hub versions 22.03 and below as the Hub Catalog People tab would cease to work on these Hub versions after this change. Other areas of Intelligent Hub will continue to function such as Apps. The support period will end on January 15, 2023, and the Intelligent Hub versions 22.03 and below will reach End of Support Life. Following this date, the Workspace ONE product team will not be servicing these versions of Hub People tab in any fashion. There will be banners in Hub to notify users as we approach end of life.
- KB-Reference: https://kb.vmware.com/s/article/90075?lang=en_US&source=email
Deprecation of the Insecure HTTP connections in Workspace ONE Boxer for Android effective 1st March 2023 (90138) - Workspace ONE Boxer for Android is going to deprecate HTTP support starting effectively from 1st March 2023. This article describes which KVPs needs to be checked if used for such a connections so that they can be replaced on time.
- This is considered as minor security vulnarability.
- Based on their configs, some clients could still have insecure URLs set up for different things. There are no HTTP URL checks for them and those could stop working when we remove the support for legacy HTTP connections
- If there are organizations still using HTTP connections they need to replace them with secure ones.
- More info in KB https://kb.vmware.com/s/article/90138?lang=en_US&source=email
External HTML Access via UAG results in the error : "failed to resolve proxying route for request" (90155) · - Cannot connect to a HTML5 session externally via UAG
- Users receive the error "Failed to resolve proxying route for request" when using Blast with VMware Unified Access Gateway
This issue can be seen in the bsg.log on the UAG Appliance.
Reference: Collecting Logs from the Unified Access Gateway Appliance
Sample Log Line of an Incorrect Configuration: [2022-11-16 19:33:30.668] [INFO] 7304 [absg-master] - Added route D6D23E36-*** to target 192.168.0.201|8443 Note: - The IP address and port in the above Logline matches a broker IP and port.
- When you see the target as the Connection Server IP and a port of 8443 this is wrong and an indication that the BSG gateway is enabled on the Connection Server.
Sample Log Line of a Correct Configuration:
When the Blast Secure Gateway is disabled on the Connection Server, the log line you see in bsg.log indicates a route being prepared to the virtual desktop or RDS host address on port 22443 as seen here. This is correct. [2022-11-17 16:42:10.603] [INFO] 7304 [absg-master] - Added route C425F277-*** to target 192.168.0.36|22443 Highlighting High Priority KBs - HW-156875 - Patch instructions to address CVE-2022-22972, CVE-2022-22973 in Workspace ONE Access Appliance (VMware Identity Manager) (88438)
CVE-2022-22972, CVE-2022-22973 have been determined to impact Workspace ONE Access (VMware Identity Manager). These vulnerabilities and their impact on VMware products are documented in the following VMware Security Advisory - VMSA-2022-0014 , please review this document before continuing - Announcing end of support for device administrator (Android Legacy) in Workspace ONE UEM (80971)
To align with Google’s strategy and ensure VMware’s investment in the right long-term solution for Android, as of March 31st, 2022, VMware will no longer support device administrator-based management on Android (referred to as Android (Legacy) in the Workspace ONE UEM console). - VMware Tunnel Proxy End of Support Life Announcement (87345)
VMware is announcing End of Support Life for the Tunnel Proxy component of the VMware Tunnel solution. This will be effective January 30, 2023. - VMware Workspace ONE UEM New Control Plane SaaS Deployment Schedule (86243)
Workspace ONE UEM has undergone a complete re-architecture to modernize the platform using microservices and containers to enable increased scalability and performance and increase the rate of innovation. Now after having conducted significant and careful testing, these architecture updates, including a new control plane, will be deployed to UEM SaaS environments over the next several weeks, with options available to on-premise customers after this roll-out (Later in 2022).
Recently updated or added KBs (Links) Digital Workspace Techzone, Blog and YouTube Updates 3rd Party Blog Updates & Industry News Patch & Seed Script Updates Week 46-2022 - OS Updates Seed Script
- Seed Script for latest Device Model Information
|
Comments
Post a Comment