Duration 45:38
16+
Play
Video

Citrix Synergy TV - SYN135 - Geek's guide to the workspace (part 6): managing WinRaspAppRoid devices

Frank Srp
Senior Technical Marketing Engineer at Citrix
  • Video
  • Table of contents
  • Video
Citrix Synergy Atlanta 2019
May 23 2019, Atlanta, GA, United States
Citrix Synergy Atlanta 2019
Video
Citrix Synergy TV - SYN135 - Geek's guide to the workspace (part 6): managing WinRaspAppRoid devices
Available
In cart
Free
Free
Free
Free
Free
Free
Add to favorites
276
I like 0
I dislike 0
Available
In cart
Free
Free
Free
Free
Free
Free
  • Description
  • Transcript
  • Discussion

About speakers

About the talk

Topic: IT

The desktop may still rule the corporate world; however, it’s not the only corporate-managed device your users need. Smart devices simplify work, automating repetitive tasks and allowing users to better navigate their environment. In this session, learn how Citrix Workspace enables you to expand your management to incorporate Raspberry Pi, Apple, Android and other platforms in addition to Windows. Note: This session will be live-streamed during the event and available for on-demand viewing post-event on Citrix Synergy TV.

Share

Hello and welcome to Part 6 of the geek's guide to the work space today. We are going to be talking 00:05 about managing my win Raz pydroid. It's a new device that were bringing out. So just so everybody knows it's massive. 00:15 I'm Running Springs syrup and I am a senior technical marketing engineer architect. I've been on the sales side. I've 00:25 been on the technical marketing side. I have a background in Learning and Development and I even have a bachelor's in elementary 00:35

education. So Not sure where that falls into this, but that's something unique about me and I am here 00:45 presenting with I guess I'm like nebraski. I am one of RCM domain specialist. I'm on the Southside for in point management solution phenylacetic 6 00:54 years and similar to Frank. I have a degree that is not related to any of this as well. So happy to be here. All right. So as we move forward 01:04 as I said, this is a 10 part series. We are part 6 so previously on the geek's guide which ties very nicely into 01:14

this session. We talked about the endpoint management side of the house, but more importantly the application and the 01:24 data, so we talked about keeping your hands off my BYO. D-sol today, what 01:34 we're going to talk about is a little bit more around. The actual device side management because we 01:44 realize that you know, we can do everything we can to control the data, but there will be data on the devices and there's certain things you just 01:53 can't do if you're not utilizing MDM in your endpoint management. plans, so one of these is going to be 02:01

the Dinette Dynamic endpoint optimizations and we'll talk a little bit more about that. So with a little bit of an overview 02:11 of how does device management fit into the workspace? I'm going to go ahead and introduce you to. What 02:21 does endpoint management and how does it fit into the workspace number one? It enables your it. 02:30 to enhance the security without affecting user experience while how does MDM not affect user experience 02:41 it all depends on how you deploy it so you can be user-friendly and still have a device under enrollment, 02:50

but you could also be very security conscious and have End-user X capabilities 03:00 suffer, so it's about that balance of those two. I'm BYO, it allows for freedom, but it also leaves you 03:10 partially exposed. So you want to make sure we're you know handling that information Citrix endpoint management secures your corporate data 03:20 and mobilizes your Workforce for productive productivity. It allows us to use shared devices and applications 03:29 and most importantly it should be your single point for managing all your work space than they build endpoints. 03:38

Because if it's a physical and point or virtual endpoint management has the capabilities to manage that device. 03:48 So, you know mobile devices at the workplace. They're here to stay, you know, businesses have developed a plan. to manage them before but 03:59 depending on the path you go, you know, there's a lot of times where either security gets their way. 04:09 Or the end users get their way and we've come to the realization now as we become more mature. Since you know almost 10 04:18

11 years ago when the iPhone disrupted the whole endpoint management situation. That we have to kind 04:28 of come to the middle and let security have their wins. But also let the end-users have their wins. So for both company and 04:38 personal devices, there is a happy medium and MDM and a BYO strategy can meet in the middle and have a very very beautiful child 04:48 with endpoint management. So we're going to talk a little bit about some advantages today and I'm going to pass this over to Mike and he is 04:57

going to discuss those things Frank. So looking at certain point management and some of the advantages. I know you guys have probably seen us talk 05:07 about single sign-on at the keynote another session, but I'm sure that either in your corporate or personal life. You have a number of applications 05:15 that have a number of different passwords. You're like me reset at least one per month. So the benefit of using Citrix endpoint Management in 05:22 conjunction with your workspace app is that you have the ability to leverage a true single sign-on experience. What does it mean for an end-user is 05:30

fewer clicks? Let's windows and we're switching between apps to get a code or to go find a reset password link. You give your users the ability to log 05:38 into all of their applications went on a managed device using the Citrix single sign-on applications and the Integrations that were working on to work 05:47 space. So and you haven't seen the sections around these parts 1 or season part 2 and 3 of this Guide Series Synergy, 12131 and 132 05:55 respectively cover this a lot around both single sign-on and Integrations into other stats applications highly recommend that you check out the 06:05

content that's going to be posted on my synergy. Hey, guess what? We do some breaking news Straight Out of The Newsroom. 06:12 It was announced during the keynote that Conditional access which does require MDM enrollment because 06:22 we're getting device-based. Analytics and user-based analytics will be coming to IOS 06:32 and Android. So Microsoft has opened up those apis there not tying. My hands behind my back and only allowing that for Windows 10. We do have 06:42 the ability to report a compliance to Microsoft is your ad and what does that do for some of 06:52

you? Most importantly it gives you the ability to add conditional access to your Office 365 07:02 Suite of applications. So right now if a user wants to login on a device they can log into any device 07:11 login to Office 365. If you don't have some additional controls in place and have access to that information, even if the device isn't 07:21 managed or corrupted in some form or fashion, this is going to allow us to use a lot of the things that we saw on that last session where we were 07:31

running Powershell scripts to get information on services for Windows 10 devices will be able to get jailbroken and root detection on IOS and Android 07:39 but now will be able to go ahead block the access at the sign-in. For that so we don't have to put anything in the middle. 07:48 To try to intercept that traffic we can let the normal user experience happen and if their device is not compliant when they login to the Microsoft 07:58 login page, they will actually see that their devices out of compliance and then they'll be able to reach out to you guys 08:08

or your support teams to find out some information. So this is really big for Microsoft open that up but it's even bigger for us because it 08:16 makes that entire story about securing the data in the workspace that much more impressive. So 08:26 with all that we've been talking a lot about endpoint management and even Frank just a moment ago, and I'm sure another second other conference. Is 08:36 that a contact of endpoint management? You hear? It called MDM, which is really mobile device management. How many of you guys exclusively work from a 08:44

mobile device or smartphone probably know we have to I'm impressed. So your average user has between two and three 08:51 devices. So with Citrix endpoint management, you get a unified console that you can manage a PC a Macbook a Chromebook Citrix enable Raspberry Pi 09:01 or even iot devices. So no longer are you only restricted to those mobile devices and managing those but you get to take that management 09:11 and place it be on just the mobile atmosphere mobile devices are here to stay sure but we still work from other devices as well. So with that you get 09:20

the ability to restrict and push updates out in Frank bedeviling this here in just a moment to think like when 10 devices or Chrome OS devices. You 09:30 can also look through it and make sure that your devices that your users are using are within compliance for your corporate standards. In addition to 09:38 that. We have the ability to lock and wipe devices based on security actions that you can figure if a user disabled if a device leaves the defensive 09:47 perimeter that you guys don't want them to be using it in we can lock these route of those devices and that goes for more than just a mobile device. 09:55

So with that I'm going to pass it over to Frank and we're going to run through a quick demo for you guys. Alright, so hey Mike quick question for you. 10:02 Do you know what happened while we were here at Cinergy this week? I do not know Frank. What does anybody out there know what happened this 10:11 week? We're at Cinergy. Yes. Yes Windows release their spring release 1903 10:21 and if you have a number of Windows 10 machines out there, they're being prompted to install that and if you're not utilizing endpoint management or 10:30

some other form of management tool users may have install that update without you testing it to see how it affects some of your line of business 10:40 applications are other applications. So what we're going to do here is we're going to actually look at a quick video and we're going to talk about how 10:49 endpoint management can manage that individual Update so what we're here. We're going to click on our control OS policy. We're 10:57 going to edit it. We're going to actually go into the Windows desktop and tablet section. We're going to scroll all the way down and we set up some 11:07

parameters already and we're going to see the 1903 update. We are not ready to approve that yet because we haven't tested it, but we are going to 11:14 approve a Update that we've already tested we're going to apply that we've marked it as approved. We're going to save it. We're going to deliver 11:24 push that out to our employees were going to flip over to an individual device. We're going to check this device to see if that update is available 11:34 to be applied and we're going to see if it's available to install pending and reboot toys. We flip over to our end-user device. 11:44

Now the end-user device traditionally this would happen you during the window for the update to take place, but we're forcing it. It sees at the 11:54 updates available. It's going to download it. I've spent this up to this. It doesn't really happen this fast. I'm it's going to 12:03 apply it it's going to check if there's any additional updates since that update was applied there isn't so we're going to come back to our Windows 12:13 10 machine. We're going to shelmore and we're going to actually be able to see in this console that that was actually 12:23

applied and now installed so now we have the ability to not only see what can be installed. What options are available 12:32 depending on OS we also have the ability to see if those were installed or if they failed for one reason or not. So this is the 12:42 modern way of handling. Those patches and OS updates on the Windows 10 device now on iOS Android 12:52 Chrome, we can either Force updates to happen or we can actually hold updates back for a set. Of time. 13:02 So we're going to look at some enrollment choices because enrollment due fall within the device management section Mike. So 13:12

let's talk a little bit about enrollment never fun, but it can be easy. So there a number programs out there for the different devices that you may 13:21 use or that you may be distributed amongst your organization to help make this easier for both the admins and the end-user. So if you're looking at 13:28 Apple, I'm sure a few of you are part of the device enrollment program or volume purchase program with her now called Apple business manager Apple for 13:36 education. There's also Android Enterprise which supports the number of enrollment at Days Inn in we're going to talk through these programs a little 13:44

bit more in the future but things like for existing devices going through with an emm token using a QR code or also talking about 13:50 going through with an NFC bump devices an admin or fournette new devices. You can do zero-touch out-of-the-box enrollment for your end users so that 13:59 when they have their device they open it up and it's ready to go. So in addition to that while I've been talkin here, I've been going through a 14:07 demonstration of using auto-discovery service. So you no longer have to distribute that 60 page document was 17 different links to your end user for 14:15

them to enroll. They can just go into the secure Hub app on their device put in their email address and go through the enrollment process step by step 14:22 and it guides them right through. So if you're already doing auto-discovery, then 14:30 what's with the other automated device enrollment. What does that do that auto Discovery doesn't the great question Frank so that gives you the 14:39 ability to have these devices out of the box pre-enrolled with secure settings and put them into things like supervised mode, which will talk about it 14:48

more when we're talking about Apple devices or a lock him down and do further app configurations on some of the mobile devices with either Android 14:56 Enterprise for Apple business manager. So what we're talking about what these enrollment process these is not just helping your end-users experience, 15:03 but it's also making your admin experience a lot better because oftentimes when we focus on the end-user as Frank mentioned, we lose a lot of that 15:12 security. We also want to increase the security keep that user experience positive, but also help the admin experience to keep things moving along 15:19

with your business. So I did a great job of explaining a lot of the 15:26 types of automated enrollment that we have through the Android Enterprise in zero-touch an Apple devices with 15:36 Apple dep and some of the name of those are things where you purchase the device it gets placed into a console that console 15:45 recognizes that it's a corporately-owned device and now it's being pointed to your MDM. So upon power up it knows where to go to do the 15:54 enrollment. That's what autopilot does. So the difference with autopilot is you can take your existing devices that are out there 16:04

today and put them into autopilot. So if they're ever needed to be a device reset when it comes back online and it can take advantage of the autopilot 16:14 and have a fully managed. In a modern way enrollment experience and that's what we're going to see here. 16:23 So as we go ahead the user gets the device you shipped it out to them. They power it on. And we're going to get 16:33 the traditional. Hey, I'm Cortana. If you want to meet me click on the new button already did that from there? It's going to feel do 16:42

the tree. This is something that users have seen before, you know, they're used to this if they have a personal machine. Yes. Yes. Skip now it's going 16:52 to talk to and get some important information and some updates. It's going to connect to our Network and said see what's new and one of the things 17:01 that's going to be new here is that it's going to ask me to enroll into my workspace. So now I type in my username and these are my company 17:09 credentials cuz I'm doing a synchronization synchronization to is your 80 entering my password. And now I begin that enrollment process that 17:19

enrollment process says here's my terms and conditions. Let me accept those. If I do not accept those it dies right on the vine. I accepted the terms 17:28 conditions now. It's going to get my environment Ready for Me based off of the organization's policies that have been pushed out now it is going to 17:38 utilize. Windows hello, and it's going to ask me to set up a pin prior to setting up the pin. It's going to say hey, we need to verify who you are. 17:47 In this case. It has the multi-factor. I approved it on my mobile device I enter in my pen. Now it's all set. I hit. Okay, and I see my device 17:57

now after a reboot, you'll notice that my background has changed and I log into the device. I have my Citrix files here. I have 18:07 my workspace Hub. So I mean workspace app when I click on that. One of the things are going to notice. It's going to launch in the upper right hand 18:17 corner. It's protected by Windows information protection. I can log into this it was already pre-configured with an ATM X policy. So the user 18:25 didn't have to put anything in but their credentials and now I'm going to log into my workspace and as you've seen in others, I'm going to have access 18:35

to my desktop my apps and my files the same files apps and desktop that I have available. In 18:44 all my devices now, I don't want my employer to play Solitaire. So I went ahead and block that and I also locked down the business the 18:54 store to Microsoft store for business. In this case. I search for Facebook. And in that case it is 19:04 no longer available. And then as you can see here, I have specific applications and I've customize my start menu. One thing I did was push 19:13

Citrix files and here I have the Citrix files pre-configured with an ATM X policy and I see that those same files that I had in my 19:23 personal folder are available here in my odd look like when a 19:33 nine Explorer so now I can go ahead and I can right-click and do a check-in check-out. I 19:43 can do a synchronize for offline access, but most importantly these are the same files and I'm seeing in the application available locally on my 19:53 device and I got the name the file folder and give it a drive letter. So that was all pre-configured for the 20:02

user. So there was nothing that user had to do but reboot their machine. What do you guys think? 20:12 Good anybody here using autopilot today? This match your experience. Just want to make sure it's real. 20:22 Alright, I'm going to go ahead and pass this off to some additional platforms. We're going to talk about and when we talked about the platforms were 20:31 going to look at why in those individual platforms. Should we have management happening Mike? Unfortunately, we did not have a winner. 20:41

Skip me a win a prize Freud to test today. So we're just going to dive into each of those individually, but once we do have that will be sure to share 20:50 that with you guys. So we're going to start off with Android. So I'm sure if you guys made be enrolled with the Android Enterprise programme pour some 20:58 still on the device. Admin API. So a few reasons why you should switch to Android Enterprise. Will Google said so and I'm sure that you guys have 21:07 either have kids and have used that or and I'm pretty sure everyone in this room was a child in because I said so was a good enough answer when you 21:17

were younger, but in reality Google That they are going to start appreciating the device. Admin API. So what that means is for existing devices 21:24 Citrix is still going to support through the migration to Android Q. We're still going to you in the coming months to Port the device. Admin API, but 21:34 for net new devices, we highly recommend that you start using Android Enterprise for the uniformity of this solution. So some of the benefits of using 21:43 Android Enterprise is exactly that the uniform it. So all of the devices are going to have the same exposed apis for you to leverage when using 21:52

endpoint Management Solutions. It gives you the ability if you were in for a part for season part 5 just a moment to go around the mobile app 22:01 management. They just went through a lot of the work profile. It gives you the separation of work and personal life. Our lives are on our mobile 22:08 devices. And if you're anything like me, you don't want work wiping off all of your personal photos or anything that you have stored on your device. 22:16 So what does gives you the ability to do is create a separate profile that manage on those devices or you could enroll for single-use if you need 22:23

something like a kiosk mode. This also gives you a lot more configuration possibilities and locks down the applications that you're deploying up to 22:31 your users do custom at config policies within Android Enterprise. In addition to that you have the ability to silently put out the apps and restrict 22:38 what have to use their can provide through things like then manage Google Play Store, which leverage Google Play scuse me leverages Google Play 22:47 protect to keep your devices and applications safe from vulnerabilities. So when we look at the different provisioning methods, I know we talked about 22:54

enrollment just a little while ago, but there are different ways to go through an enrollment for a device into managed mode with Android Enterprise. 23:03 So for existing devices the first three here would require a factory reset and you can use an emm token ours is afw hashtags in Mobile and that will 23:10 bring you through a initial setup into corporate-owned mode of that device that will begin in a managed mode. You don't necessarily need a personal 23:20 Google account to access in addition to that. You can push out a QR code for users to go through that set up or setup a device for NFC bump the last 23:27

one again for net new devices. I mentioned a moment ago we recommend going through the Android Enterprise program because you can use zero-touch and 23:35 use that automation that we talked about to have those devices enrolled and nowhere to go straight out of the box when I use it as first launch. 23:43 Becky Frank, alright so modern manager. We kind of talked a little bit about this modern management thing and what we see is we have the traditional 23:53 management and then we see hybrid in the middle and we have modern management through the cloud services. So this is where is your active directory 24:01

information protection CM Office 365 Windows store for business live. We realize that you're not going to pick everything up and 24:11 dump it into endpoint management tomorrow that there's going to be a time where we're going to live in this middle section. However, as 24:20 we begin that migration to the Windows 10 devices Microsoft is making a lot of those Legacy pieces. 24:30 Available in modern management through a Citrix endpoint management. And what does that look like? They're taking a lot of those old 24:40

group policies and active directory configurations and making them available as csps. Some of those csp's are built 24:49 natively into the endpoint management. Some of them are available on Microsoft website and can be imported into endpoint management via an XML policy 24:58 and we saw some of that in the last section and that gives us the ability to that'll move from the traditional GPO policies to 25:08 the new modern and is we saw on the Windows autopilot that machine was shipped right to the end user. It was never connected to the 25:18

domain. It's connected to your organization via as you're a d Which is tied to your domain, but the physical machine is not 25:27 physically tied to your domain. So we have to begin that move from traditional to Modern especially if we're starting to 25:37 ship out brand new Windows 10 devices that may never touch our domain. So why well because you care about 25:46 identity. There's a lot of devices out there. You know, I mean Windows 10 is not the apple of the 25:56 worlds. It's not like apple made the hardware the software in the only can get it from one place. There's different Hardware out their customers have 26:06

choice and if you are opening up the choice to the end-users, they're going to be bringing in different types of devices and modern management will 26:14 cover those different types of devices. There are Enterprise built-in security capabilities that we want to consider as well and 26:24 most importantly it makes it employment in management. Within a hybrid environment a little bit easier for you because 26:33 you can move those gpos over to the endpoint management via replication today 26:42

and in the future. We'll see what happens. How about some apple and 26:51 sure think so, I know what all you guys are thinking. How can we talk about MDM without talking about the superior devices? Right? So 27:00 we have to discuss Apple in this conversation. I know I probably lost some fans in here. So enjoy device 27:10 management with apple Solutions. There's a lot of different pieces that go into that and if you're using things like apple business manager to deploy 27:20

your devices you can put those into a supervised state which restricts what the user has the ability to do what networks are able to connect to in and 27:28 also allows you to push out custom app configuration policies through are in point management system to lockdown. Emm solutions that are out there in 27:36 the public App Store using those probably exposed apis. Not only that but when we talked about Apple devices, they're all built on the same operating 27:44 system. So you again have that uniformity the same thing that we talked about with Android Enterprise. So you get that uniform customization going 27:53

across the board for all of these devices and it allows you to public scuse me Publix out applications to those devices through the volume purchase 28:00 program using the public App Store to deliver those silently to your end-users similarly to what we do with the MDM side. You can also leverage the 28:08 app management side on Apple devices and again highly recommend you guys check out part 5 of the geek's Guide Series that focus on that management. So 28:18 outside of all those you get the ability to leverage the tools that Apple provides to really hone in on a specific 28:26

use for your devices. So similarly to how you can do kiasmos than others you can use this to customize a single-use device for an Apple iPad Air iOS 28:36 device in that case as well. I meant not just for the iOS side of things. We can also publish our policies to Mac OS devices and then in addition to 28:46 the mobile site and AFE. So ABM is Apple business 28:55 manager, so we touch them at just a little while ago. It's now the combination of the device enrollment program or death and volume purchase program 29:05

or vtp. Apple for education is your AFP which is the education version of Apple isn't manager cuz you know, we love acronyms. So if we didn't throw 29:13 some in there wouldn't be Citrix. So these next two parts that were going to cover your finger probably my favorite part because with 29:22 croman and what you're going to cover shortly after that, you have the ability to distribute out low cost in points with a robust user experience. So 29:32 one of the benefits of using the endpoint Management Service at Citrus provides is again it reaches out to all these different operating systems that 29:40

you are using today. What a Chromebook does is it gives you a low-cost then point that you can put out and you can integrate with Citrix workspace to 29:47 push your users into that secure digital perimeter leaving zero data residue on the actual device similar to what we showed with the windows up that 29:54 you can push out or hold back OS updates to the Chrome OS devices as well. And then you can also add restrictions policies and enroll those devices 30:01 through the endpoint Management console out of the box using the Google Solutions. So and then I'm going to pass it 30:09

over to you Frankie or 4 for our last piece around the Raspberry Pi before we get there. We're going to actually see how 30:19 some of this happens on a chrome machine. So before I dive into this demo, I saw some people kind of shake their head when we mentioned Chrome. I saw 30:28 some people, you know pick out their phones and start taking some pictures of the presentations will be available. You'll be able to watch this again 30:38 cuz you know, You're on the edge of your seat cuz it's so exciting, but you'll be able to also get this information. So you 30:47

don't have to take pictures. I appreciate you taking pictures cuz I know you're engaged but most importantly when I was in the field not too long ago, 30:57 but long enough, I had a customer who was using Chromebooks and I asked why are you using Chromebooks? 31:07 They're like well there for our Executives and that got me thinking why are your Executives using Chromebooks and they 31:17 said well, they travel out of the country often and some of the countries that they travel to when they come home. 31:27

They just say we're taking that. I said they're taking that they just physically say 31:37 thank you for visiting but you're going to leave us a parting gift and that's your computer. And we wanted to give them something that was Secure 31:46 low-cost, but also didn't leave any of our proprietary information on that machine for 31:55 That foreign entity to utilize cuz it's costs a lot of a mean it cost hours and some time to hack and companies are getting very 32:05 very no companies are getting better at securing their organization from malicious entities. It's a lot easier if you just take the machine 32:15

and then you could hack it from the back room at the airport. So we're going to take a look at how 32:25 we can have this information come out and most importantly keep that data secure. So in this case, we're going to start off we're going to go into our 32:35 Chrome OS policy. We're going to install an application. We're going to make sure that it's allowed we're going to push the Citrix workspace 32:44 application down to our Chrome device this way. We don't have to have the user go find it and install it and then we're going to also pin it on the 32:53

machine as well. So we're going to go ahead and they're going to say that this is Allowed we're going to name it we're going to get the app ID and 33:01 we're going to say that it's allowed install and we're going to pin that and then we're going to set some restriction. We're going to block images. 33:10 We're going to disable deleting the browser history. We're going to disable printing we're going to disable the task manager to 33:19 Ender and processes. These are not necessarily the best examples that you're going to let you know, you don't you may want to allow deleting the 33:29

history so that the end-user delete the history before they leave the country so that there's nothing really nothing left on the device, but these are 33:38 easy to show in a demo. So that's why they're turned on. And then we're going to go in and we're going to see some device policies were going to 33:45 disable guest user mode and are also going to set the time zone. So here we are with our Chromebook and we're going to start 33:53 our demo here. We're going to launch our work space as we can see it spin to our task bar and an ass going to automatically launch and when that 34:03

launches it's going to give me access to login and you're going to see I have access to the same apps desktop and files 34:11 inside here so I can go ahead and launched those use them and then close that out. I can go ahead and launch Chrome here 34:20 and I'm going to go to Citrix text Zone. We have stickers plenty of stickers grab them while you can and then I'm going to go to our Tech briefs and 34:30 I'm going to look at our access control and you're going to notice something strange here. I blocked images in the browser. So if I go ahead and start 34:38

scrolling through you'll see that these images do not show up because I have a policy that's restricting images inside the browser. 34:48 So I've restricted my images now if you go ahead and you click on that, I'm going to see my history. I can actually go into my history and we're going 34:59 to see that the clear browsing data that actual clear browsing history is deleted. So now I no longer have the 35:08 ability to do that so I can go ahead and cancel this out. I can go ahead and click on my browser. I can't even come over 35:18

to my prince and that's great out as well. So now I no longer have the print capabilities. If you look at the bottom, I am set to 2 Pacific time 35:27 cuz it is not 9:15. It is a different time. It is at a different time. I'm going to go ahead and sign out of this machine 35:37 and then as I sign out on this machine, I no longer have guest mode. So this machine was to be captured taken 35:47 commandeered. I can one they need to know my password is a hacked my password if they launch the Citrix workspace app 35:55

and might in all the right timeouts or set. There it'll ask me to put in my username password and they would need to know my 36:05 company credentials to get into that. And then that could also include multi-factor one one-time pins with whatever you want to use the secure that 36:15 so that's our Chrome management. So let's look at the workspace Hub who here has a workspace Hub in their place of business. 36:24 Workspace hubs. Tiny tiny little things there's multiple different styles and types. They do support 36:37

dual monitors, but they do a number of different things and there's only a few ways 36:46 to manage. These one is Citrix endpoint management. The other is a separate Management console through strato desk. Now 36:55 I will be the first to admit strata desks console has lots of bells and whistles lots of options 37:05 but most importantly Citrix endpoint management. I think has the couple of options that most of us need 37:15 like controlling the OS pushing out an a configuration file setting 37:24

The Wi-Fi capabilities Prudential so cut, you know, the basic things that we need. So as we go ahead and we look at the workspace Hub. It's 37:35 cost-effective. This could be a workspace Hub that I can have in a conference room. It could be a thin client that I have somewhere in my office 37:44 is a number of different things I can do with it. I can do Citrix casting so I can walk into a conference room scan the QR code and send the session 37:54 up to the conference room I can also Roma session to the work space, but I don't want to cast something 38:02

in particular. I would ask you to stop by The Innovation Center inside the 38:12 solutions Expo. They're doing some really cool things with work space hubs and hot desks. If you haven't seen it. Somebody can come over. They have a 38:22 workspace Hub. You scan a QR code you say that who knows who you are, you set your profile and the desk lowers the light changes little 38:32 digital picture frame has my vacation photos. They're so now you don't have to assign a workspace to individual users. You can have generic 38:41

workspaces. Somebody comes up clicks scans and starts their day. So it's kind of an interesting thing but most importantly They go ahead 38:50 and they are optimized for HDX, but they are much more robust than you would think in this little box. So let's go ahead and 38:59 take a look at my work space Hub. So what we're going to see here. Maybe we're going to see how to enroll this. 39:09 It's very simple. I'm going to go to my enrolled devices. I'm going to click on device whitelist, and I'm going to click on ADD. When I add the 39:19

device, I'm going to select the device platform, which is a workspace Hub. I'm going to pick the MAC address a sign the MAC address. This is the 39:28 Lan Mac address. Not your What not your wireless? Mac address just so when you're in with you have these 39:37 you want to make sure you decked you dictate that because when it talks to the auto-enrolment service, it's going to be looking at that Mac address. 39:47 I'm going to assign it a user in this case. This is going into conference room. And this is in the US and I'm taking a local user and I'm assigning 39:55

that user. That's how I deployed the specific configuration files. And that's what you see here. I had a gold image. I 40:05 uploaded that gold image to a server now post that URL save it when the device first connects. It's 40:15 going to say hey this Mac address belongs to this endpoint management system. And then it's going to recognize that 40:25 reboot. It's going to be enrolled with a conference underscore us and then it's going to say here's my configuration file. You'll see the 40:34

screen will blink a couple of times and it will be configured. Now, what does that look like for our end user? We see a configured workspace 40:44 Hub. So now I pushed the background. I named it. I have my QR code so I user can come in and physically see. 40:54 What the conference room would look like I could come in scan my QR code and join the conference room and cast. 41:03 accession now If we go ahead and we look through this that's not really the only thing you can do. You can do a couple of different things and as we 41:13

can see I'm bringing my mouse down and I'm just pointing out the conference room in the QR code. I'm going to actually come over and you can't really 41:22 see it. But there's a little hamburger over here in the bottom left-hand corner, and I'm going to click on that and I'm going to actually exit 41:30 The workspace Hub portion of the Raspberry Pi so as I exit out here, you'll see I have my little start menu, but I'll also have some icons that are 41:40 boat letters on the desktop. Those icons are the workspace Hub, which takes me into where the QR code is, but I could also choose to have other 41:50

options like Firefox. I didn't want Firefox on the desktop, but if I needed to have Firefox and someone who needed to just access a browser and not 41:58 necessarily a full session, they could go ahead and do that when I click on the workspace app What I've done here is it's going to actually take me to 42:08 the login when I click on the login. It's going to ask me for my server information. I type in my server information and then it's going that prompt 42:16 me for my user credentials. Now this user credentials are going to be my traditional domain credentials on that enter Lowe's in put in the 42:24

information and log on and then I'm going to see what we've seen a number of times already. I'm going to access my 42:34 workspace with my apps my desktops and my files so this is something you can put into a kind 42:44 to us a gas station and they can login even if they may not be utilizing your environment. Now in this case, I need to go ahead and do a 42:54 white I go ahead and push the wife we're going to see that this screen is going to go black. No longer under my under configuration. 43:03

It's going to reload and because of that Mac address when it comes back up. We're going to see what the default state is and it's going to begin the 43:13 enrollment process again. So that is a workspace Hub at some of the power behind it and some of the exciting things that we 43:23 can do. So as we look into the next session of the Geeks guy, we're going to see that we're going to talk a little bit more about virtual 43:33 apps and desktops as a service as well. 43:42 So Tex own that's where you can find some great things. There's actually a video on the Chrome management. There's also a number of different Tech 43:53

Insight videos and Tech briefs. We have stickers. I have stickers up here. They're just on the stage graph come up and grab some we also have some 44:02 things before you leave. So before you guys leave a few things that I've learned from both geek and Hitchhiker's Guide always know where your towel is 44:11 don't panic and be sure to write the second. I've got a few other session recommendations up here. All this content will be available June 3rd, and 44:19 you can watch these sessions on demand through your mice energy account shortly after their completed. So with that, please remember to raid our 44:26

sections and be sure to play the Synergy game game on. Thank you very much. Any questions? You do feel 44:34 free to come up to a mic because this is being recorded. If not, and you want to come up after the session feel free and do so, we'll be here for a 44:44 few minutes, but we do appreciate you guys spending some time one last thing before you do leave. This 10 part series was the brainchild of 44:52 one man. And that was Mr. Dan Feller. So if you see him. Make sure you said to let him know what you 45:02

think of this series because it's something that we want to kneel bring value to you guys with but most importantly we want to make sure that it gets 45:12 better over time. So thank you guys and have a wonderful afternoon. I know we're getting to the lunch hour. So enjoy. 45:20

Cackle comments for the website

Buy this talk

Access to the talk “Citrix Synergy TV - SYN135 - Geek's guide to the workspace (part 6): managing WinRaspAppRoid devices”
Available
In cart
Free
Free
Free
Free
Free
Free

Video

Get access to all videos “Citrix Synergy Atlanta 2019”
Available
In cart
Free
Free
Free
Free
Free
Free
Ticket

Interested in topic “IT”?

You might be interested in videos from this event

September 28 2018
Moscow
16
122
app store, apps, development, google play, mobile, soft

Buy this video

Video

Access to the talk “Citrix Synergy TV - SYN135 - Geek's guide to the workspace (part 6): managing WinRaspAppRoid devices”
Available
In cart
Free
Free
Free
Free
Free
Free

Conference Cast

With ConferenceCast.tv, you get access to our library of the world's best conference talks.

Conference Cast
505 conferences
19653 speakers
7164 hours of content