We will begin with configurations on Workspace One Access admin portal first. With the pre requisite met, lets start with the integration process. Ensure these test users are present on G Suite.Create some test users on Workspace One for entitling them G Suite post integration to test SSO.To integrate a directory with Workspace One Access you can refer this tutorial.An example could be Microsoft Active Directory. A directory integrated with Workspace One Access (Optional).Workspace One Edition Comparison can be accessed here.A valid license to Workspace One which entitles Workspace One Access.Test Users in G Suite for testing the SSO flow, you can start with one single user as well. An administrator account to setup SSO settings in G Suite Admin portal.You can sign-up for 14-day G Suite trial on this link.A valid subscription to G Suite & access to admin portal to configure SSO.You can use VMware Verify for MFA in Workspace One Access post enabling SSO in G Suite.If you are using 2FA from G Suite, after enabling SSO, the Google 2FA will not work.One approach you can take here is to configure & enable SSO for a test tenant of G Suite before rolling out to production.It is recomended you get the SSO flow configured correctly for your organization before turning ON SSO in G Suite admin panel.There is no Organization Unit based SSO enablement in G Suite.Currently in G Workspace, if you enable SSO, it will route all authentication to your IdP OR SSO provider. This will lead to enabling the remaining use cases which I will cover in the next parts of the tutorial. This part will cover the first 2 use cases to enable Single Sign On (SSO) to G Suite and enabling Workspace One App Catalog via Intelligent Hub. In this tutorial, we will look at integrating Workspace One Access component from the VMware Workspace One Solution platform with G Suite. User & Group Provisioning – Centralize User & Groups provisioning to G Suite via Workspace One Access.Data Protection – Prevent Data Leakage by enabling DLP controls with Workspace One.Leverage Workspace One Conditional Access to restrict user access based on:.Visibility of all devices accessing Corporate Apps.Block Compromised Devices (Rooted, Jailbroken) Restrict Google Workspace access to only Corporate Managed or Workspace One managed devices (Mobiles & Desktops/Laptops).Provide Secure Corporate Email Access to Corporate Managed (Workspace One Managed) endpoints only.Provide a universal App Catalog via Intelligent Hub (Part of VMware Workspace One).Provide Single Sign On (SSO) to Google Workspace & other Corporate Apps.General VMware Workspace One & Google Workspace Use Cases:.Here is a quick architecture of what we are going to follow for the Workspace One Integration with G Suite:.Workspace One allows IT teams to secure access to users by enabling Conditional Access policies to filter out unmanaged devices, compromised devices, step up authentication, require Multi Factor Authentication (MFA), risk based conditional access & more.ĭisclaimer: Views expressed are my own & not my employers. Workspace One to begin with provides a central app portal across all devices that allows users to login with a consistent Single Sign On (SSO) to all their apps & provides a great self service portal to users to reduce the number of help desk tickets by allowing Password Resets, People Search, Device Management tasks & more. Traditonal ways of accessing these applications include bookmarking all the apps or listing down the apps one by one which is cumbersome for end users. This creates the need to manage multiple URL’s, applications & credentials to access these applications as an end user. With digital transformation picking up pace & Work from Home (WFH) being popular, you might have multiple applications like web applications built in house, SaaS applications like G Suite, Salesforce, Workday & Mobile Apps. While Google Workspace offers some great benefits for organizations, VMware Workspace One offers integrations with G Suite for simplifying access to G Suite for end users & also to ensure the users are accessing corporate data securely. For storage & collaboration, Google Drive & Meet is also offered as part of the solution. It offers a corporate Gmail experience for business users along with a bunch of productivity tools like Google Docs, Sheets & Slides. Google Workspace is one of the best collaboration & messaging solutions out there in the market.
0 Comments
Leave a Reply. |