VMware Unveils Horizon App Manager

Open service aims to unite public and private cloud services, enabling the consumerization of IT in the enterprise.
Targeted squarely at the consumerization of IT trend exploding in workplaces worldwide, VMware Tuesday unveiled its Horizon App Manager.
The management service, priced at $30 a user, is the first component to ship as part of the unified, virtual workspace vision the company unveiled as "Project Horizon" last summer.

At a private briefing with InformationWeek, VMware execs said the Horizon App Manager aims to unify private and public cloud resources for IT and users. Essentially, the new offering is a service hub extension for Microsoft Active Directory and other directory services, they said, adding that it gives IT more control over users' public and private cloud service access than other offerings on the market today.

"It extends and it federates," said Noah Wasmer, VMware director of advanced development. For IT administrators, he said, Horizon App Manager enables real-time control and unification of enterprise-provided and public-cloud services within security assertion markup language (SAML) and open authentication (OAuth) guidelines. For users, it brings single-sign on (SSO) capabilities for corporate and personal cloud apps over a wide range of devices via a secure portal.

"This really helps [enterprise] customers to embrace cloud applications," Wasmer said. With corporate users increasingly bringing in unapproved personal devices like tablets and accessing services like, there's no turning back.

"What we're seeing is significant change in the enterprise," he said. "End users are using more and more [software-as-a-service] based applications ... and going through all different types of devices." Though some IT pros have a problem with it, the trend is here to stay. And IT managers "are really trying to find ways to secure and manage those applications in a unified way.

"We're going live with the first service to really help customers embrace cloud-based computing," Wasmer said.

In an hour-long demonstration, Wasmer showed Horizon App Manager running on a Macbook Air and from two distinct perspectives--for IT manager and end user.

Addressing the IT perspective, Wasmer showed how IT managers would use Horizon App Manager to quickly add and remove user access to such public cloud apps as,, WebEx, and Google, together with in-house corporate services.

The idea is to get rid of the silo separating enterprise apps from the public cloud and bring them together within secure and easy-to-maintain standards.

The benefit to enterprises, he said, also includes keeping Active Director passwords behind the firewall and allowing access to third-party cloud apps without requiring new federation software or net gateways.

Screenshot VMware

From a user perspective, the system reveals public or private apps with a single log-in. The Horizon App Manager will operate across most mobile devices and browsers, including Safari 5, Firefox 3.5, and Internet Explorer 7 and higher.

Screenshot VMware

VMware will be providing monthly updates to this service and others along the Horizon virtual workspace vision, he said.

IT pros on BYTE's launch team were generally enthused about the newly announced product. Of course, the proof will be in the reviewing, but VMware is on track with initial messaging, they said.

"Cloud computing ... is introducing interesting and difficult problems," said senior BYTE contributor Peter Baer Galvin, a CTO at Corporate Technologies in Burlington, Mass. "Horizon App Manager [is] trying to solve some of those problems in a reasonable way." Enabling login credentials that work with current frameworks and enabling SSO to private and public cloud apps "could be very useful, if done right. Using standards--as VMware says it is--is the right way ... overall, this seems like a good step by VMware, solving next-generation cloud computing problems at reasonable pricing, across platforms, and using standards."

Senior BYTE contributor Rob Maxwell, lead incident handler at the University of Maryland, commented that the Horizon App Manager "looks to be an ambitious undertaking ... It seems like a good idea at first blush. Everyone loves the idea of a single sign-on, and the federation allows you to keep the passwords inside the enterprise while still granting access to these [public] cloud services. But it is a very complex undertaking. One hopes that great care has been taken with its construction."

Will the right outside cloud vendors support it? "Convincing cloud service providers to open their APIs for this ... is the big unknown," pointed out Jeremy Lesniak, another senior BYTE contributor and president of Vermont Computing, in Randolph, Vt. "Cloud services [are popular] because users can manage them without the permission or assistance of formal IT support. In many enterprises, these same reasons have hindered adoption. VMware is setting out to allow organizations to have the cost savings and flexibility of cloud services but still maintain control over security."

VMware's Wasmer said the firm is actively working with cloud vendors and big enterprise customers to create just that. More announcements are forthcoming, Wasmer said. Today's announcement is the first step toward the creation of a virtual workflow and workplace available for enterprises.

"Giving the tools to administrators is step one ... and making it easy and very controlled," he said. The system's app-store like "application catalog" gives IT "a way of on-boarding applications--and it's free for third-party providers to be in our catalog, (providers that) are based on SAML and OAuth. End users can request new apps (but) under the covers, it's all still SAML federated with security in place."

The Horizon App Manager, at $30 a user, "really helps IT start to embrace different third-party cloud applications that, to date, they've tried to keep away. The delivery is through a secure browser. It helps with users (who) bring their own devices and want to get access, (but) through a secure portal," he added.

There's no question many IT pros are fighting the consumerization of IT, he said, adding that this product is VMWare's way of addressing that.

"What we hear from administrators is they have a directory service onsite--like Active Directory--and that's one of the last services they're going to let go of. They want passwords behind the firewall. They want to hug that server for quite awhile longer, and we completely understand that," Wasmer said. "So what we're trying to do is find lightweight ways to help extend that to the cloud--to help bridge the private cloud into these public cloud services."

Gina Smith writes regularly for InformationWeek. She is the launch editor of the upcoming BYTE, which focuses on the consumerization of IT and deep technology news, reviews, and how tos. Follow her @ginasmith888 and @BYTE.