AirWatch MDM Integration

The Windows-based User-ID agent has been extended to support a new AirWatch MDM integration service. This service enables GlobalProtect to use the host information collected by the service to enforce HIP-based policies on devices managed by AirWatch. Running as part of the Windows-based User-ID agent, the AirWatch MDM integration service uses the AirWatch API to collect information from mobile devices that are managed by VMware AirWatch and translate this data into host information.
For Android devices managed by AirWatch, this feature supports Android for Work devices, but it does not support other types of Android devices.
airwatch-mdm-integration.png
MDM integration service included with the Windows-based User-ID agent does a full HIP query to the AirWatch MDM server to get the complete host information for a device. When a mobile device running the GlobalProtect app is connected to a GlobalProtect gateway, GlobalProtect can apply security policies with host information profiles.
You configure the MDM integration service to fetch AirWatch device information at regular intervals and push this information to GlobalProtect gateways. In addition, the service can monitor AirWatch event notifications and fetch updated device information when AirWatch events occur (for example, device enrollment, device wipe, and compliance changes).

Related Documentation