VMWare WSO on AWS is undoubtedly one of the best options available in the market for best-in-class endpoint management. Some of the goals that can be achieved using this solution:

1. End-point Assessment and Management
2. Remote Application Management
3. File level Anti-Virus Integration
4. Minimum Baseline Security Standard enforcement
5. Identity and Mobility Management
6. High Level of scalability and availability
7. Cost and resource efficiency and optimization

AWS Services Used:

• AWS EC2
• AWS Direct Connect
• AWS IAM
• AWS Guard Duty
• AWS Security Hub
• AWS Config
• AWS CloudWatch
• AWS CloudTrail

Other Services:

• Fortinet NGFW
• Microsoft SQL Server 2016
• Windows Server 2016
• VMWare WSO Bundle

Assessment, Analysis and Design:

1. There was no endpoint management system in place, as such; we just understood the requirement from the client.
2. We analysed and assessed the requirements, dependencies and the solutions ability to leverage AWS services.
3. We designed the architecture based on our assessment
4. We validated the functionality of the architecture by discussing with the client team and deploying the VMWare Workspace ONE Solution on a UAT environment.

Implementation:

1. Deploy the production infrastructure
2. Start by deploying the VPC and configuring the Subnets, Security Groups and Route Table appropriately.
3. Then deploy one instance of Microsoft Servers 2016 and install VMWare WSO Console and Assist Servers on the same instance.
4. The Configure auto-scaling
5. Next, the connection was established from the endpoints to the WSO Server on AWS via AWS Direct Connect.
6. Then, we installed the Assist Client on all the end points and established the connecting with the server on AWS
7. After that, the solution is tested.
8. Furthermore, we launched the Fortinet NGFW to allow the servers to securely communicate to the internet. Also, to securely connect to the infrastructure
9. One EC2 instance is also launched as a Jump Host.
10. Next, we configure GuardDuty, Config and Security Hub, CloudWatch and CloudTrail appropriately for effective security posturing and management.