Duration 40:11
16+
Play
Video

Citrix Synergy TV - SYN148 - Enhance the security of your Office 365 apps with Citrix Endpoint...

Michael Bowlin
XenMobile Cloud Architect - Rapid Deployment Team at Citrix
+ 1 speaker
  • Video
  • Table of contents
  • Video
Citrix Synergy Atlanta 2019
May 21, 2019, Atlanta, GA, United States
Citrix Synergy Atlanta 2019
Video
Citrix Synergy TV - SYN148 - Enhance the security of your Office 365 apps with Citrix Endpoint...
Available
In cart
Free
Free
Free
Free
Free
Free
Add to favorites
416
I like 0
I dislike 0
Available
In cart
Free
Free
Free
Free
Free
Free
  • Description
  • Transcript
  • Discussion

About speakers

Michael Bowlin
XenMobile Cloud Architect - Rapid Deployment Team at Citrix
Alex Rubio
Principal Product Manager, Enterprise Mobility at Citrix

Over 19 years of experience leading a wide variety of functional teams in a software engineering organization delivering strategic and profitable product releases. A proven track record leading market analysis, product planning, and product releases.

View the profile

About the talk

Most organizations use Office 365 in some form today and many others are exploring Intune for managing their devices. Learn how Citrix Endpoint Management helps secure Office 365 apps and complements Intune. We will cover the various options you have for mobile device management and mobile application management, and address why you should consider using Intune and Citrix Endpoint Management side-by-side to deliver a secure workspace to your end users.Note: This session will be available for on-demand viewing post-event on Citrix Synergy TV.

Share

Hello, everyone. How's it going? Good. I'm still waiting like a hundred more people to show up, but we'll just hang out. Good news is the first time I've ever had a meeting room with bathrooms in it. So if you guys feel the need to go to the bathroom the doors hope it you're not going to miss the show. We're good here. Well, my name is Alex Rubio product manager for endpoint management. This is Mike Boland. Remember, they employ management rapid deployment team and I think we've both been here really long time and point management.

If you have any other questions after the meeting feel free to come up and and asked us and we'll we'll we'll make our best to answer for you today. We talkin about how we enhance Office 365 with endpoint management, right? And we get asked this quite a bit. Right? Why do you need endpoint management when you have Office 365 and into play so we have this conversation probably on a weekly basis with customers and we figured we get some high-level pointers, you know, so as level as you know, there's a high-level session to too kind of, you know help you guys as your decision,

you know, we've talked to a couple of you and there's like twenty past you could take you know, which between endpoint Management in InTune and Office 365 and the the number of device. Cuz you have if you're doing MGM if you doing ma'am, there's a lot of options today. We're to cover some of those but if you still feel like, you know, you have a particular question is what we are going to have time at the end. I'm trying to make this probably around 30 minutes. We have time to fur to have a discussion with a little help us out. So in the event of time, we have a 5 top reasons, you know when

you want to talk about how we want to add value and how are Citrix adds value with an Office? 365 number one is workspace integration. Obviously, you know, we were workspaces is our our new you know from last year. We announce that we we're all we're doing we're doing a lot of adding value to work space and we want to make sure that's the best experience for you with with endpoint management. That's one of our big goals is is making sure that that experience that you have and the ability to manage your urine points with with Citrix workspace is the best that we have in the industry.

Number two is our internet into integration rights. We've done a lot of work with Microsoft and we have some, you know, very unique offerings that we do and we'll go get into that. If you want to use Entune Azure endpoint, you know device management solution again, we are the best EDM for Citrix workspace and am I going to go through some of the Windows 10 policies in IOS and Android policies that you want to set up for securing Office 365 Answer to me again one of our big, you know Flagship product write everything starts in with your mail. And we want to make sure that that

is is clear when we're going through these, you know, when you're going through these decisions is which is going to be your mail client right again use Outlook and you use melee can use native. So you want to make sure that you have that that data in on hand for that and lastly we have is our content collaboration solution. Which again we bring this up a lot when it when I get there when I talk to customers around, you know, what what is you know when drivers what is one thing right you get that but there's still a lot of other things you have to take into account. So we'll talk a

little bit about that. The moving into work space, you know, the biggest thing that we're moving towards right is a unified user experience. I'm sure you've seen this in a lot of other slide, but everytime I talk to a customer and I talked about workspace. I'm asking what is it workspace to you? Right and everybody has something different to say and I and it may be that we are not the best at naming this cuz overloaded term but when I talk about work space I'm talking about the workspace mobile experience. And that means that you have work space as a platform write your old store Front

server is running on the cloud rice. You have your new workplace service and what endpoint management is doing is integrating with that, right? So you have your workspace app locally on your device and secure Hub. And your and your MDM solution right is is integrated with that. So you have a single page where you have your native apps your sass Ops your virtual ass and desktops and your files right to Destin. Experience. So when you hear me talk about worst days. This is what I'm talkin about. We still have secure we still have our stand alone and play management

solution, which is a secure Hub in the App Store and app store inside of that and that's still there today in the end. Most customers are still using that but we're talkin about a solution that's going to integrate directly with Citrix workspace. And again, that's what we're selling today. Right? We're selling Citrix workspace premium and premium plus SKU, right? It's in our employ management SKU is not really so stand alone anymore. Right? It's all part of the Citrix workspace week. So this is what we want to do. We want to integrate and and make this Valley that that you have and I'm

sure a lot of you are virtual app and desktop customers and you want to see how you can easily integrate your your your management off of mobile devices and mac and and and windows as part of this right as a quick show of hands. How many of you guys have are using endpoint management today? Okay, have you guys are using InTune as well for managing office apps yet for Mobile in K anything anyone using Windows 10 or Mac management? Now you just milk out. All right, and so, you know

all the different options that you have to come up with an and think about as as you're going through this one of the other things in here, you know is single sign-on. So we've done a lot of work when we talked about work space. We redesigned the way that are authentication works from the mobile side to allow for a better single sign-on experience with our secret identity platform, right? So we're using Citrix Cloud we can now a fennec 8 with work space app with secure Hub with Citrix files with Citrix us so app and they all share the same SSO token. So as long as you have one of those

apps installed and you have the workspace experience enabled those apps will will will single sign and I'll talk a little more about one more a future coming through that for that. And that's mobile SSL. So when we are so, you know, I just mentioned all of our first party apps or Citrix apps are signed with the same certificate. So it's easy for us to single sign-on across those devices. Right? It's shared. So so iOS makes it easy what is not easy is being able to use the same, you know, sam'l token that we have an authenticated with other third-party

apps like work day and and sap in all of those. So that's what this this feature is about, right? It is on your mobile device you want to be able to install native apps that are public app store apps and be able to single sign on to those with our work space credentials. And as well that feature is pick preview. We just announced it this week is going to be Tech preview. So if you guys are interested in that, please reach out to me after and we can set up a tech preview in and get you going to try it out. It'll be GA soon. We want you no more make sure that he

will have to try it out and give us feedback before we release it out of her Dann. So this just so you know about this requires the workspace experience to be turned on so have endpoint management integrated with work space as well as using are SAS apps, right? So any app that today we have with part of art are Gateway service with our staff solution. We you can have the native third-party support. so intern immigration Yeah, so, you know when when we talk to

customers that have done work with InTune. They've got Office 365 out there. They're trying to put on her mobile devices, you know, this on Prime access is probably the number one reason that you know, Microsoft want to partner with us. The customers want to talk to us about it is because Microsoft doesn't have a good answer for their applications coming in. So rather whether you are a Entune customer in this gone all-in tune and you need on Prime access that's an option for you if you're a customer, but it started a look at this probably a year-and-a-half

ago. You probably looked at it with rndm with InTune mam in play and recently this year. A lot of people aren't aware that we can do our full Enterprise in point management solution with InTune as well. And so regardless of the mode you're running in we have a way to help you address some of these challenges. And so, you know like how to send secure mail is one of the big drivers, right? That's the key application everyone's using so you have an option in your deployment of do I put secure mail in the into container or do I put in a secure mail

in the MDX container? And so your your business requirements will determine where that goes but you have options with that and what's that you have the InTune managed browser. So if if you're a secure web user right you if you go to the into space you would use the Microsoft managed browser. I'm not the one that has the VPN pre compiled into it. So it's ready to go when you get that on Prime access and if you got your internal apps that you need to put in the container as well. You can wrap those apps and bring them into the space and get on Prime access for those as well.

And part of the beauty of this is that you know, rather than having as an admin trying to figure out what console do I go in for the configuration of an app for a given set of User. It's all built inside the citrus cloud and we use the graph API to ride that information into InTune. So unless you're doing some really complex things are some you think unique things inside of InTune for a lot of customers. There's no need to even go into the end Basra portal to even do things with the entombed console. So as as a customer for you,

a lot of you guys are in point management customers already today, you've probably got some experience with a netscaler already. You set the environment up the good thing for you is he knows secure mail policies the UI looks a little different because there's some slight changes between in TuneIn endpoint management, but the policy settings that you see or what you're used to seeing today. And if you need to use the technology to look similar to you they're so if you're in the Entune space, right the same SDK to provide the VP and capabilities for your MDX

applications does the same thing in into so that same learning that you've done of getting an Eskimo off the ground and making a VPN work is going to fill almost exactly like what you're used to seeing in the past. So it simplifies our life there and if you're a customer that's integrated some things like Casey D or things like that to do single sign-on if you've already got that on your MDX container Gateway the same thing will apply. Directly crossover and can be lovers on the same netscaler. So a lot of that work you've already put in for some of those things directly translates

when you bring into an end to the Gateway as well. And by the way, it uses the same wrapping tools. So the same MDX tool kit that you use to wrap your applications and your Enterprise apps that same toolkit as leverage when you're doing things in InTune is well-used. There's some additional pieces to use for in tuned for the same components are there in love red. So there's a commonality of what you're doing there as well. So if you look at this, right, this is where things get simple right? Because if you've already got your point management place with looks like a lot of you guys do that

netscaler the submarine IP and all those things that are passing through it right or already open you open up a new 4/4 report for the Gateway in a certificate and now the traffic is coming in and just greatly simplifies your life. It has the ability to add the Microsoft authenticator to it. So you got absurd trying to pass through that login of just tapping the app and accepting the authentication and help you transition from some of these modern off technologies that you got him play. There's the capabilities inside the netscaler. Transition from the OA autocannon come into your network

here Lego Systems. So Mike and you know, it starts getting confusion cuz there's like 20 different the point of methods you can use right if you want to use Entune side-by-side with with MDX you want to come by and I'm in one container. You want to use us a sew in the back ends. There's a lot of things. So what I tried telling customers is what are your high? What is the highest use cases you want to stall today? Right? And those are the ones we should focus on first and then you'll see how it lays out. Right? Cuz we weave I've mentioned

this to a lot of customers and eventually they're like, well, you know, I really just want these use cases where Office 365 I just want to make sure that the data and there's no data leakage there, but I really low secure mail and MDX send a secure web works really well might want to keep that right and then we can we can help you schedule that you know, like you lay that out for you so you can have that type of a deployment right other customers are like I am moving to in tune in to Disney by MDM right? I really just want the key remote access. I that's my biggest use case right now

that I'm missing. So we we we go down the route of having secure mail and into mode and then having into managed browser as part of that with Mike Rowe VPN to connect your own Prime resources, right? So those are the types of things and conversations. We want to have it at the beginning you were here. This is a top use cases for mobile that that that I want to tackle for this right? Cuz there is a lot of different ways I can figuring this and you can get lost and and frustrated if if you don't have that that kind of priority list and play. Yeah. I think it take away is is not perfect. Right

and it ghetto is Utopia that would be the case but their unit will need to consider use cases and then plan out. What makes the best sense for you, you know, so I think a nice take away here is if you're an existing customer you want to add this on it's a trivial thing for us to go do that in the cloud and in a matter of minutes you can extend that out in due. As radiant aggression into so it's pretty simple to get that off the ground. Alright, so one of the things that we want an ounce today, so there's a couple new things coming with with InTune today with we're announcing the

ability to wait when you do conditional access. This is something customers ask about they're already using conditional access and they have a option to a do at base conditional access today is really only Microsoft apps are in there. So what we're doing is we added secure mail. We are they got approved it to be on the on top of that that white list of apps for for bass conditional access. So with part of 1955, which is an ER we have the ability to do at base conditional access siamese, if you have secure mail running inside InTune, right, you can check that box inside conditional

access that says only allow app approved apps Might mobile apps to to to be proved that link is there they can go and check that out. So I enjoy it would be probably a few Sprints a few new releases and it'll it'll come through as well. That's something that that that's new. Secondly part of the same area there when you're using InTune MDM as as you're into Nazareth MGM when you log into company portal and you install in tuning their right the first time that into launches you have to login again, so we fix that. So now when you

using secure mail inside into in the first time I logged in if you have Microsoft authenticator Microsoft calls of the broker enablement, you can it'll flip over to Microsoft authenticator and single sign you on so you don't have to have that to sign-in process in there. So those two features that kind of joint and that's being released soon. We have a couple of customers and waiting for that to to do the true single sign-on scenario in that use case and lastly was the one I want to talk about was our announcement today at the key know where Microsoft's opening up the into an API. So

allow us to use our MDM. So we're using our employ management MDM solution we can then send Using Intergraph apis send that data it over to conditional access so we can determine if you have if using device-based conditional access, you can determine if the device to complain or not based on that potato ricer feature that I think I don't know if someone is either here, but they really been jumping up and down and asked you for this cuz you know, we've had a lot of customers that that use conditional access today and they want to be integrated with Citrix. So this is huge for

us. So we're very happy to get this work going again that there's no time left on that yet. We're still working on that so that we will we will have they won support when that those apis are available. Yeah, I would say 75% of the customers I speak to and I'm the team lead for EMS integration in my group and almost everyone asked about that capability right specially as they start rolling out into their security team starts pushing those sorts of conditional access rules and not having that. What was a bit of a hole so closing at home. the big thing for us

so the best unified endpoint management, right? So when you look at this, right? The breath of the platform that we are able to cover from raspberry pies for the workspace hubs to mactac Rome to iOS to Android, right? There's an extensive amount of work and time has gone in this gone into this. And so when you look at other platforms out there, there's very few that come close to what we do and it's because it takes time to build the mindset of the endpoint

provisioning in configuring, you know, you see this in the what the new workspace is doing and how it integrates together and brings you're really the endpoint management her or unified employment rights, bring me and receiver and all of your company ass and not just the mobile pieces to it, right? This is big and it's what Gardener has been saying has been coming, you know about four or five years ago. They started telling us this is coming right in he's a lot of us looked at him and said, they're a little crazy but you know, it's obviously happening. And so there's a lot of work that

goes into plug. Name of the various vendors like Samsung that let you Control operating system updates right in those are some big things for some of our banks and and healthcare companies that need to be able to control that wouldn't make sense is that we plug in and handle a lot of the key use cases here. So I thought I'd take a moment and talk about automated actions in this is something has been around for a long time. Right and a lot of people using but people coming from the engine World tend to forget about some of this if you've ever tried to do things with conditional access,

especially in large organizations. It can be very challenging to try and figure out what conditional access rule is stopping something from working. The number of the customers that I've worked with him in doing some of our integration you the worst it just wouldn't let an app run and so we go with them and say okay we need to go figure out what this is and they come back 5 days later. We are we finally figured it out. Right and so decorate some real challenges and what we found is some of the conditional access rules we can do with our automated actions and part of the benefit of that is

understanding the resulting set of policy is being applied to a client are all that information is deployed. Do you say it in the delivery groups in our console? So it's easy to go see what rules are applying to a given user. And then we stand Beyond what's in the things they can to do in tune can do by being able to things like when he a t account is disabled it automatically wipes the device. So when HR. Your terminate someone or someone leaves the companies you're in point management. All the date on those devices is now protected automatically as opposed to someone in in the endpoint

management team having to know that that happened get the communication take the action took. This is a very common things people do and conditional access good at looking at things like the Microsoft approved list, but when you have things that deviate outside of that I can start getting complexo the number exclusion rules and things like that so we can be very very unique and specific about some things that were doing with filter. I'm just a quick thing. I pulled out of kind of in TuneIn what you can do on their side of the house riding income the extensions that we can

do on ours. I don't know. I see some of the people in the room that I've done some work with automated actions. So being able to have one user this testing. The real policies are going out for a set of users and filter out Alex or Mike or whoever maybe and be able to say what happens when these rules apply to the Caesar don't apply to see the surface. It's a really allows you to build some really calm complex rule sets. It makes sense for you as opposed to just kind of global policies apply to everyone and then when you try to need them, you need to pull someone out. It's very challenging.

So this has been really, you know of a kind of reminds people the features that are here that that are are are meaningful. So let's step back for a second think about the real world and what it takes to push an application out. And so there are three types of applications out there that you're going to manage their the public apps are on the App Store. They they're not programmed to accept configuration settings are not programmed to run in a container. So what do I do with those right? How do I manage those apps in the best way possible

and then there's apps that support configuration policy. So those are apps that take apple configuration or Android Enterprise policies and can figure them for you. And then the Nexus apps that play inside the container and the variations in those applications create challenges for the the the deployment team and listen to let's talk a little bit of what that is right soap from our perspective in tune be at our side of the house windows iOS Android Mac OS I think they come and take away are here. Is it in point management can help you manage these? There's different types of

technology and policy to push but there's a single location to go and configure all these things and we can attack it out of Windows 10 here at the end because a lot of people view that is a kind of space that we've not played. Well in a lot of people are well aware of what we can possibly do there. So let's take the person Area Public ass that there's you know, it is what it is. I got to make the best of it. There is some critical things that you want to do here and part of that is important and forcing device encryption, right? If you can't wrap it you can't put it in a

container you got to make sure the device is secure and there's some exclusions for things like open insecure male, right? If you don't have Entune maybe the office at start as secure as you'd like from the beach umbrellas, you can do some exclusions and only limited to go to those specific applications, right so you can put exclusion for whatever a secure mail needs to open. You can control that. And then over the last column over there is something to Alex pointed out to me recently that I didn't realize was there and that's the ability with a iOS restriction policy. Taxi say that

you can only only unmanaged apps can read information or transfer back and forth between manage Ave. So what day did he come into? This is a policy of the OS will control that allows you to specify if the app is considered man made from an Indian perspective. I can control the data between the two flows. So one of the challenges as bad that into is a container and Citrix has a container for the two aren't consider trusting of each other. This will help you establish a trust between the two. Okay. So this is big a hole they need to be closed and it

helps right? Cuz if you're managing it, then the OS will help you manage those and it's not just office African the other apps that you pushed out as well. Yeah, I mean, I think the one thing he write the one got to hear is that it does require MDM, right? Cuz that's the base layer 3 to control the device when you want to have you know, two different separate areas. So if you want kind of a man solution, then you have to go at the next layer which is the opening exclusions or have everything inside one container like in tune right and have secure mail in there. So that like we start

talking about all these options, but that's where you have to make that decision. Like, you know, can you use men p.m. For most of your users then you have a pretty good solution, right? Yeah, I know what the ad that's something that we don't do a lot these days but it is something that's there that a lot of meaning of healthcare companies tend to limit access based on if you're on the company Network or not, right? So there's always the option to establish a VPN right outside of the MDX container, right? You can do an on-demand / a VPN and then if the Apple come through your

network and then it looks like you're coming from your network. So depending on how your application is deployed and what other rules you have for desktops in various things that made me an answer for you to be able to manage that and secure it a little bit better. Take the next step of apps that don't blame the container but Haskins configuration settings so that you can do so it allows you to go in and configure the app and so on iOS there is the Apple app config option that allows you to push out some XML to configure it

from Android Enterprise actually come in a little later to the game actually does a little bit better job here. They give the option the console can go read from the Play Store. What options are available to configure and present those to you. So now if I get a UI to edit this information as opposed to kind of getting down into the weeds of XML and configuring it but one of the reasons why you needed to start thinking about Android Enterprise and some of these capabilities that the device administrator option that we use when we do MDM on Android today is being deprecated. So you

need to start looking at that process of moving off device administrator and in on to some mode inside of hand. Enterprise in some of the benefits is ability to start pushing these policies as well. So what was the next step and go on into apps inside the InTune container? And so this is the back graphic here is an option for you to go in and look and see what it looks like in the Central Library in this is where you can go and add apps into in point management. You can manage the App Store in TuneIn the your sass and class

and desktops are managed in situ here as well. So there's a common UI for you to go and look at it. It's a common place where you go to add applications so that process that you're doing just starts repeating for you. And then once you pick one, they ask that you want to hear you pick it for your platform and you go and configure policy just like you would in the endpoint Management console. So there's about depending on the app somewhere between 14 and 70 some-odd plus policy options for you and secure mail really extends. Well beyond what into can do now I'm going to

do about 14 to 16 policies we can do in the neighborhood of 70. So depending on the app you get more features and capabilities. police are and then one of the nice things about this is when you look at your security teams and auditing and things like that when you go in a Dan after doing is an InTune administrator, so the activities that you do are audited inside of azure as that users identity. So there's not just one Citrix service account that is doing all this work writing in you've got auditing of whatever user did inside your organization. And that's all just push me a graph API.

So the next faces Windows 10 and we will bring this up a because it's pretty cool. You can do be a lot of people aren't aware that we did this when we've heard this on a lot of calls. It kind of surprised is a bit. So he knows a lot of people think with Windows 10 you get Wi-Fi VPN password policies some basic things like that right in the end then you're done and and that's actually not true. If you see any of the other sessions, right? You'll see some more about this but there's ability to control what a given task and read create update and where they can save it. For example, can

this application run on that gaming desktop? You can limit depending on the application there's times when you can specify what IP ranges and domain names that it can access then gives you ability to audit all this information, right? So this is just a simple example of a document and it's stopping the user from saving it and there's different ways you can kind of audit it and not tell the user that it happened. You can block it or you can Warn them and give them the option to move on but this is stepping Way Beyond what a lot of people understand can can can happen here. So this is just

an example of a policy we can figure it in one of our test systems where it's kind of looking at what are the desktops apps in the app from the store. What versions are supported? Right? And then debility is this app allowed to run on this device or not? Right? So you got some controls there. And like I was talking about just another option down to bottom is what's my enforcement level here. Do I block it? Do I warn the user? So I just saw it in the background what domains are allowed for this application to communicate for example. So for me, this is a bit of a surprise while back when I

realized it hold. I've been thinking about this wrong and communicated it wrong to our customer. So it's a lot of power here. School so number 4 on the list is Sakura me a little bit about it at the beginning there. Really I want to emphasize right this is app is designed exclusively, exclusively for Enterprise use cases, right one of the things that we look at right is every policy that we had every new feature that we had. How is it controlled by the Admin right 10th Ave and turn it off. Can they use it how do they deliver to the user? We've we've heard it loud and

clear right? Every little change that happens to a user some companies have to write, you know article on it or explain it to users cuz I know they get confused. So we try to take very clear, you know measures as we add new user experience features that they get delivered in a timely matter and allow the admin to control it. Again, we know we already talked about it. But you know this app does working in InTune and it's in an ads on from Exchange Server access that's still one of the key use cases that that you know feels want to do that. People are moving over to exchange online

Zine on the using hybrid modes as well. So that's easily migrate of all is well. So once you're ready you can start moving users to that. So there's a lot of information they are a lot of a flexibility for secure mail. I think I might mention it but you know, I went through and I looked and we have about 50 features that are controlled by policy just for the app that's not counting MDX right? I'm the ex still has like maybe another bunch of other features as well. So, you know, we have that and it was in terms of future, please don't try reading this is just a high-level slides that First

Column is is secure mail will we have all these Enterprise specific features I can go in there. Are you can download the slide later. It's part of his part of us outside ounces. Dot-com they can go in and look at this but it does show that this is a feature-rich client that that does provide, you know, a lot of Valley for the Enterprises. So the last thing you want to talk about is such as content collaboration the one of the things that you get right with offices one drive, right? So you have Office 365 you're all set right know. Where are

your files score today? Right? I haven't met a customer yet that he just completely happy with one drive and that they use that for everything and it's great. Right? I'm sure there are people out there. I haven't haven't found one yet, but there is a lot of places today that you have access that your father still stored at right in there all their on-prem their local you have network drives or in your inbox. So there's a lot of places that you still have to deal with right and I think this is one of the area's I always talk to customers about is that we have the ability with Sheriff all or

sorry constant collaboration to to go in and and help you manage. This thing's right. So one of the things we do is we have we can do a hybrid environment. We don't really care if your files are actually stored on our server we have Ability to do connectors that allow you to connect to these different areas, right? There's a lot of people with box anything else right one Drive Unit. There's a there's a huge list of things here. As you progress. You probably want your new files. It's tough to be stored it in a in a new location and that's unit slowly migrate. You can't do that from

one day to the next right now people have terabytes to petabytes of information out there that you want to slowly start migrating over maybe you want to restrict one you still have access to that. So we have the flexibility of having that layer of management in there that allows you to do that. Right? And when you connect that with some of the other things we talked about it does become a great solution all the stuff we talked to today right is all part of the workspace premium solution, right? So you still have access to this you don't have to buy anything extra to get this working. So

those are the things that we want to you know, emphasized that there is still a lot of things to think about as you're moving as your Giving access to mobile devices. How are they can access our files right? Are they going to connect through an app? Are they going to use OneDrive are they going to is your files on Prim? You know, do you need a non-prime connector to connect through that is it is it you know, it is a private piano key using secure SSL solution there. So once you have that list of information that you can make it and you know that the decisions but that's one thing that we've

seen and and usually, you know, cuss words come back saying yeah, this is this really helps us and it helps us improve our Office 365 adoption and and you search with right? So that was kind of the Lehigh and we have a things nine minutes left if you want to have any questions here. Feel free. I'm not sure on that. We'd have to check with a lot of chocolate, collaboration the PM's on that. Do you know? If you if you ask me I could tell you who the right person is, and we can get you in contact with them.

anyone else Yeah. Correct. So if you go to the app store today in 2 minutes browser for IOS and Android both have the micro VPN installed. So all you have to do is go to our Citrix Library. I mean when you have the in tune in all that stuff set up you go when you publish the after their we take our micro VPN policies and push it to InTune so that way when InTune comes up it'll it'll see those policies against download it and it turns on the VPN for you in the policies are on there. You will never know it's there right? We just were dormant so that that's It's pretty useful

that when they're testing the Microsoft managed browser does not get policies out of the gate when it launches an office app has to launch first to get policies to update that out. Play around. men's browsers one of those used to work the way you think right you like that thing would come up and then Apple rejected our application. So just be aware. That's if it doesn't matter if you're using our stuff for using Microsoft, that's the way it works. Right? So people test that and they think

it's not working. So that's just the second something one out of you want to mention that we keep hearing is the when you guys are testing and you're changing policies on iOS. It's very hard to take into a passel policies. So sometimes get to do a factory reset other device to to reach out to make sure those policies are are enforced does it take away is do not change users from device to device Riley, you know, don't test with my ID today and use Alex on the same device tomorrow right specifies how to divide us cuz it's just and you don't use your personal phone on Android is a lot easier.

They say it's an easier way to to reset it and nobody use Android store testing cuz you're changing policies and getting it. All right. It's easier for iOS sometimes at the 2 Chainz doesn't get refreshed if using mam only you have issues. So these are just things that we've learned from experience and from customers is trying to help you out. Sorry, I couldn't hear that. Those are these are just things that we've learned from experience. I don't think there's anything and it's all Microsoft stuff. So it's not really

are, you know code like for us it's just we put the policy there and it gets download is winter in right? So as long as policies is there where you know, it's all into downloading that stuff. So we don't have anything in our docks on it, but I have like recently got to have Googled it and there's forms with other people talking about it. The integration so the indeed direct integration requires a cloud version because we do the direct calls to Entune and the circus Cloud Library,

although although you why is in such a cloud is not in the same console, right? So you require the Citrus clouds the endpoint Management Service for that. Cool guys. Love you. Everything else. Thank you. If you want to come up and ask questions. Thank your time. Thank you.

Cackle comments for the website

Buy this talk

Access to the talk “Citrix Synergy TV - SYN148 - Enhance the security of your Office 365 apps with Citrix Endpoint...”
Available
In cart
Free
Free
Free
Free
Free
Free

Access to all the recordings of the event

Get access to all videos “Citrix Synergy Atlanta 2019”
Available
In cart
Free
Free
Free
Free
Free
Free
Ticket

Interested in topic “Software development”?

You might be interested in videos from this event

September 28, 2018
Moscow
16
157
app store, apps, development, google play, mobile, soft

Buy this video

Video

Access to the talk “Citrix Synergy TV - SYN148 - Enhance the security of your Office 365 apps with Citrix Endpoint...”
Available
In cart
Free
Free
Free
Free
Free
Free

Conference Cast

With ConferenceCast.tv, you get access to our library of the world's best conference talks.

Conference Cast
551 conferences
21655 speakers
8015 hours of content