公开(公告)号：US20220229666A1

公开(公告)日：2022-07-21

申请号：US17191835

申请日：2021-03-04

Applicant: VMWARE, INC.

Inventor： Gaurav Verma ,  Ashok Kumar ,  Abhijeet Padole ,  Amogha Varsha Annegowda ,  Karthikeyan Palanisamy

IPC: G06F9/38 ,  G06K7/14 ,  G06F9/54 ,  G06F9/4401

Abstract: Disclosed are various embodiments for managing deployment model migrations for enrolled devices. A client application can transmit a capability status to a management service in an instance in which a plurality of device conditions of the client device are validated. The client application can obtain and execute instructions that cause the client application to manage a migration of the client device from a first configuration to a second configuration. A user interface can be pinned on a display of the client device in an instance in which an enterprise environment endpoint is identified and a migration interface on the client device executed. The client application can transmit samples of device conditions of the second configuration of the client device to the management service.

公开(公告)号：US20190149405A1

公开(公告)日：2019-05-16

申请号：US15892415

申请日：2018-02-09

Applicant: VMWARE, INC.

Inventor： Gaurav Verma ,  Suchit Shivashankar ,  Karthikeyan Palanisamy

IPC: H04L12/24 ,  H04L29/08

Abstract: Disclosed are various examples for facilitating enrollment of a client device into more than one management framework. A client device can be enrolled with a management service as a fully managed device, the client device can also be enrolled with the management service as a personal or bring-your-own-device (BYOD), which causes a workspace to be created on the device that is segregated from the rest of the client device. Both enrollments can be managed by a remotely executed management service.

公开(公告)号：US12149520B2

公开(公告)日：2024-11-19

申请号：US17499639

申请日：2021-10-12

Applicant: VMware, Inc.

Inventor： Gaurav Verma ,  Karthikeyan Palanisamy

IPC: H04L9/40 ,  G06F8/61 ,  G06F16/955 ,  G06K7/14 ,  G06K19/06 ,  G06F9/445

Abstract: Systems and methods are described for enrolling a user device in a Unified Endpoint Management (“UEM”) system over a closed network. After an initial boot or factory reset of a user device, a user can scan a Quick Response code, or other scannable code, that is embedded with enrollment configuration data that includes configuration settings for communicating with a UEM server in the UEM system. Using the enrollment configuration data, the user device can retrieve an installation file for a management application. The user device can install the management application and give the management application access to the enrollment configuration data. The management application can disable hardcoded open network endpoints on the user device and configure the user device for UEM communications on the closed network. The user device can connect to the UEM server over the closed network and request enrollment in the UEM system.

公开(公告)号：US20230246837A1

公开(公告)日：2023-08-03

申请号：US18132008

申请日：2023-04-07

Applicant: VMware, Inc.

Inventor： Karthikeyan Palanisamy ,  Arvind Maan ,  Ashok Kumar ,  Amit Kumar Singh

IPC: H04L9/32 ,  G06K7/14

CPC classification number: H04L9/3213 ,  G06K7/1417

Abstract: Examples described herein include systems and methods for contextually providing automated device enrollment into a management system. A management application on a user device can receive network settings for connecting to a local server. The network settings can be preconfigured by an administrator. The management application can cause the user device to send an enrollment request and a device identifier to the local server. The device identifier can be used to validate the device and provide a security token to the management application. The management application can use the security token to complete enrollment of the user device.

公开(公告)号：US20210409454A1

公开(公告)日：2021-12-30

申请号：US17473372

申请日：2021-09-13

Applicant: VMware, Inc.

Inventor： Gaurav Verma ,  Manjunath Subramani ,  Suchit Shivashankar ,  Karthikeyan Palanisamy

IPC: H04L29/06 ,  G06F21/62 ,  G06F21/51

Abstract: Examples herein describe systems and methods for application-specific compliance enforcement. An example method can include receiving, at a user device, profiles containing application-specific restrictions. When a first application is opened, a management agent compares the corresponding application-specific restrictions with current device settings. This can be done with a checksum comparison where the checksums are created based on a hash with an application- or profile-specific identifier. If they differ, the management agent stores the current device settings and prompts for, or automatically changes, the device settings to new compliant values before allowing the first application to operate in the foreground of the user device screen. If the first application is closed or minimized, the stored device settings can be restored. The management agent can compare those against application-specific restrictions of the second application before allowing the second application to run in the foreground.

公开(公告)号：US20230161860A1

公开(公告)日：2023-05-25

申请号：US17572675

申请日：2022-01-11

Applicant: VMWARE, INC.

Inventor： Gaurav Verma ,  Suchit Shivashankar ,  Karthikeyan Palanisamy ,  Sruthi Surendran

IPC: G06F21/35

CPC classification number: G06F21/35

Abstract: Systems and methods are described for accessing a first user device using a digital badge from a second user device. The digital badge can include information that can be used to identify and authenticate a user profile. In an example, the first and second user devices can be enrolled in a system for managing user devices. A user can select to login to the first user device using a digital badge. The first user device can enable a wireless communication protocol and broadcast a digital badge request that is recognizable by other enrolled devices. The second user device can detect the broadcast and send its digital badge to the first user device. The first user device can send an access request and the digital badge to a server. The server can verify the digital badge, authenticate the user, and notify the first user device. The first user device can then grant the user access without the user inputting any credentials.

公开(公告)号：US20230112606A1

公开(公告)日：2023-04-13

申请号：US17499639

申请日：2021-10-12

Applicant: VMware, Inc.

Inventor： Gaurav Verma ,  Karthikeyan Palanisamy

IPC: H04L29/06 ,  G06F8/61 ,  G06F16/955 ,  G06K7/14 ,  G06K19/06

Abstract: Systems and methods are described for enrolling a user device in a Unified Endpoint Management (“UEM”) system over a closed network. After an initial boot or factory reset of a user device, a user can scan a Quick Response code, or other scannable code, that is embedded with enrollment configuration data that includes configuration settings for communicating with a UEM server in the UEM system. Using the enrollment configuration data, the user device can retrieve an installation file for a management application. The user device can install the management application and give the management application access to the enrollment configuration data. The management application can disable hardcoded open network endpoints on the user device and configure the user device for UEM communications on the closed network. The user device can connect to the UEM server over the closed network and request enrollment in the UEM system.

公开(公告)号：US11122090B2

公开(公告)日：2021-09-14

申请号：US16294962

申请日：2019-03-07

Applicant: VMWARE, INC.

Inventor： Gaurav Verma ,  Manjunath Subramani ,  Suchit Shivashankar ,  Karthikeyan Palanisamy

IPC: G06F21/00 ,  H04L29/06 ,  G06F21/62 ,  G06F21/51

Abstract: Examples herein describe systems and methods for application-specific compliance enforcement. An example method can include receiving, at a user device, profiles containing application-specific restrictions. When a first application is opened, a management agent compares the corresponding application-specific restrictions with current device settings. This can be done with a checksum comparison where the checksums are created based on a hash with an application- or profile-specific identifier. If they differ, the management agent stores the current device settings and prompts for, or automatically changes, the device settings to new compliant values before allowing the first application to operate in the foreground of the user device screen. If the first application is closed or minimized, the stored device settings can be restored. The management agent can compare those against application-specific restrictions of the second application before allowing the second application to run in the foreground.

公开(公告)号：US12106113B2

公开(公告)日：2024-10-01

申请号：US17191835

申请日：2021-03-04

Applicant: VMWARE, INC.

Inventor： Gaurav Verma ,  Ashok Kumar ,  Abhijeet Padole ,  Amogha Varsha Annegowda ,  Karthikeyan Palanisamy

IPC: G06F9/38 ,  G06F9/4401 ,  G06F9/445 ,  G06F9/54 ,  G06K7/14 ,  H04W4/50

CPC classification number: G06F9/3836 ,  G06F9/4401 ,  G06F9/541 ,  G06K7/143

Abstract: Disclosed are various embodiments for managing deployment model migrations for enrolled devices. A client application can transmit a capability status to a management service in an instance in which a plurality of device conditions of the client device are validated. The client application can obtain and execute instructions that cause the client application to manage a migration of the client device from a first configuration to a second configuration. A user interface can be pinned on a display of the client device in an instance in which an enterprise environment endpoint is identified and a migration interface on the client device executed. The client application can transmit samples of device conditions of the second configuration of the client device to the management service.

公开(公告)号：US11652632B2

公开(公告)日：2023-05-16

申请号：US16914259

申请日：2020-06-26

Applicant: VMWARE, INC.

Inventor： Karthikeyan Palanisamy ,  Arvind Maan ,  Ashok Kumar ,  Amit Kumar Singh

IPC: H04L9/32 ,  G06K7/14

CPC classification number: H04L9/3213 ,  G06K7/1417

Abstract: Examples described herein include systems and methods for contextually providing automated device enrollment into a management system. A management application on a user device can receive network settings for connecting to a local server. The network settings can be preconfigured by an administrator. The management application can cause the user device to send an enrollment request and a device identifier to the local server. The device identifier can be used to validate the device and provide a security token to the management application. The management application can use the security token to complete enrollment of the user device.