Best-in-Class Platform Architecture

The AirWatch platform architecture is designed to meet the deployment complexities, security requirements and mobile growth your organization is facing today. Our comprehensive suite of solutions, developed on a single codebase, can be easily deployed in the cloud or on premise to fit your evolving needs, supporting hundreds, thousands, to tens of thousands of mobile devices. The AirWatch platform is built with industry leading technology to facilitate seamless integration with existing enterprise systems, services and applications. You can configure the AirWatch platform in highly available environments and fully support disaster recovery to minimize downtime. AirWatch mitigates risk by isolating external facing services from internal networks, ensuring your corporate data is out of reach of unauthorized access points. Our architecture is the same whether deployed in the cloud or on premise.

The AirWatch platform is built with security at its core, running on a hardened Windows OS in a least privileges model that disables unnecessary services and connects all communications through web server binding. Device communications are MTLS authenticated and encrypted with unique device identity certificates that are issued during device enrollment. AirWatch operates on an open platform that permits customers to perform their own OS security, antivirus and malware, and monitoring updates alongside AirWatch services, ensuring servers are secure and compliant with your corporate image.

Designed to easily support any mobile deployment, from 10 to tens of thousands of devices, the AirWatch platform is highly scalable. This allows you to support an unlimited number of devices without sacrificing management capabilities. AirWatch application servers are stateless by design and operate behind a network load balancer for instant and infinite horizontal scaling. These features help to reduce the upfront investment cost and allow for additional remote capacity when needed.

Our unparalleled multitenancy provides your organization with management capability across all internal sub-groupings, whether by geographies, business units, divisions or other segmentations, in one, single administrative console. You can also define administrators and delegate management of your entire mobile deployment to local IT teams, business unit leaders, and global IT operations, aligned to your organizational structure.

Role-based Access
The AirWatch platform features role-based access and authentication capabilities that allow your organization to delegate administrative roles based on relevance to end user job function. Role-based access permits you to choose from 2,000 unique security permissions to define custom roles, including the option to assign multiple roles to a particular administrator. Role-based access functionality allows automatic assignment of roles to individual users or groups with LDAP integration as well as automatic syncs of any changes, all from a single console.

APIs and Partner Ecosystem
AirWatch has developed an extensive API framework that integrates with existing enterprise systems and services, as well as third party applications. The AirWatch API framework allows external programs to invoke core AirWatch product functionality, extending security measures, and strengthening your enterprise infrastructure as a whole. AirWatch architecture incorporates RESTful and WCF SOAP enterprise APIs to enable automated, real-time event notifications to integrated solutions.

Automated Monitoring
Automated monitoring of your AirWatch deployment and components is available through monitoring tools. This capability allows your organization to log all administrator, device and system events and configure logging settings based on appropriate severity levels. Automated monitoring allows events to be viewed by type, severity level, category, or module in a single administrative console and communicated to external systems via Syslog for ultimate flexibility.

High Availability and Disaster Recovery
AirWatch features active-active configurations for high availability and redundancy with all components made to failover with minimal downtime. Load balancing capabilities are deployed across multiple data centers to ensure immediate server pick up, ensuring zero end user downtime. AirWatch also incorporates replication technology featuring SQL log shipping or network SAN byte replication to prevent data loss. AirWatch fully supports disaster recovery configurations and can be setup in a remote data center and enabled in the event of a data center failure. Because AirWatch synchronizes data to this remote data center, no information is lost during the failure and your entire mobile device fleet continues to operate uninterrupted.

Global Deployment
With AirWatch, enjoy access to superior customer service and support from data and support centers worldwide, ensuring your continued and optimal performance. Physical presences and dedicated resources in EMEA, Asia Pacific and South America, in addition to our global headquarters in North America, ensure that your organization will receive the support it needs to operate on a global scale.