We are delighted to be able to share that eG Innovations has become one of a very small number of partners to have achieved the AWS “Digital Workplace Competency” award following a lengthy and rigorous technical audit process. The designation differentiates eG Innovations, alongside EUC vendors such as Citrix and VMware, as having a solution that meets AWS’s own standards for enterprise software.
Today, Karthik Ganesan, Systems Manager at eG Innovations covers his experiences of the validation process in his role as the lead engineer on the competency application.
Q: What is the AWS Digital Workplace Competency?
A: The AWS Digital Workplace Competency is a designation given to AWS Partner Network (APN) members who have demonstrated technical proficiency and have proven customer success in delivering solutions for digital workplaces. This competency recognizes APN Partners who have deep experience helping customers implement and manage a digital workplace solution that allows employees to securely and easily work from anywhere, using any device.
To achieve this competency, partners must undergo a rigorous validation process that includes a technical assessment of their solution, customer references, and a review of their AWS expertise. AWS Digital Workplace Competency Partners are also required to have a proven track record of delivering successful customer outcomes.
AWS Digital Workplace Competency Partners offer a wide range of solutions that enable organizations to build and manage secure, scalable, and cost-effective digital workplace environments. These solutions include virtual desktop infrastructure (VDI), enterprise mobility management (EMM), desktop as a service (DaaS), collaboration and communication tools, and more.
By working with an AWS Digital Workplace Competency Partner, organizations can leverage their expertise and experience to accelerate their digital workplace transformation, improve employee productivity and engagement, and reduce costs.
To learn more, see: AWS Digital Workplace Competency Partner Solutions.
Q: Is eG Enterprise “AWS Qualified Software”?
A: Yes, it is. As part of the competency validation process AWS Architects undertook a technical review of the solution. This status means eG Enterprise is allowed to use the “AWS Qualified Software” badge.
This badge is an indication that a vendor solution adheres to AWS’s well-architected principles and criteria and has been assessed and reviewed by AWS as such.
Q: Which vendor solutions have achieved the “AWS Digital Workplace Competency”?
A: eG Enterprise joins a small number of enterprise grade vendors and solutions who have achieved the AWS Digital Workplace Competency. As of May 2023, the software solutions that had achieved the competency are:
- Auth0 – Auth0
- Bluescape – Bluescape
- Citrix – Citrix Virtual Apps and Desktops
- CodeLathe – FileCloud
- CTERA – Enterprise File Services Platform
- CyberArk – Endpoint Privilege Manager
- Druva – inSync
- Hyland – Hyland
- IOanyT Innovations – Techmentor Plus
- Kaltura – Meetings and Video Management Platform
- Liquidware – ProfileUnity and FlexApp
- monday.com – monday.com
- Nasuni – Nasuni
- Nutanix – Nutanix Frame
- Okta – Okta Single Sign On
- OneLogin – OneLogin
- PrinterLogic – PrinterLogic
- SailPoint – SailPoint IdentityNow
- Smartsheet – Smartsheet
- SOTI – SOTI MobiControl
- Teradici – Cloud Access Software (now known as HP Anyware)
- VMware – Horizon
- Whispir – Whispir
A full live list of AWS Digital Workplace Competency verified solutions is available, at https://aws.amazon.com/products/end-user-computing/partner-solutions/ (note: service providers are included by default and to view available software you can use the “Software” checkbox to filter the lists).
Q: What are the requirements and criteria for the AWS Digital Workplace Competency?
The requirements are linked to from the “Use Case” tab on the AWS Competency Program homepage at AWS Competency Program (amazon.com).
There is document called “AWS Digital Workplace Competency Validation Checklist (Technology)” available to partners listing the full criteria.
I was mostly involved with ensuring that we met, and also demonstrated that we had met, the “Common Technical Requirements” for the competency. Other members of the team had to collate and submit evidence for other criteria such as:
- Details of the support package included with our solution. AWS verify that vendors include adequate support
- Customer facing documentation
- Details about customers already using our specific Digital Workplace solution. Having been proven in the field to joint customers is a key criteria
- Public case studies
- That our AWS landing pages adhered to AWS standards and contained the level of information AWS expect for customers to have access to
- Appropriate marketing materials
The Common Technical Requirements categories cover:
- Support level: We had to have business level support agreements in place with AWS so that our joint customers on AWS are certain they are fully supported.
- Documentation: Our documentation is verified to meet AWS’s standards and nomenclature align. Certain types of documentation have to be available to customers and we have to provide AWS architecture teams with internal documentation of our architecture, so that any customer issues are fully understood.
- Security – Identity and Access Management: There is a collection of criteria around access keys and ensuring authentication, plus some requirements to have processes in place to handle security incidents. AWS logins have to be integrated with Single-Sign on, and MFA enforced. Each login must be configured with conditional access to allow access only from the authenticated corporate devices. All corporate devices must have encryption enabled.
- Security – Operating System and Application: AWS requires that hardened configurations are defined for operating systems and containers used to host the solution and certain mechanisms to ensure they are applied. E.g., we use CIS benchmarks and continuously monitor them. Access to production systems must be from secured systems and each session has to be logged and audited periodically.
- Security – IT Operations: Covered IT security operations best practices including logging, monitoring, incident response, and data classification. There were many specifics such as appropriate use of encryption, key handling, certificate management and so on. Some of the proactive monitoring requirements around anomaly detection and automated alerting were easily fulfilled by eG Enterprise itself.
- Tenant Isolation: There are specific criteria associated with tenant segregation and secure access. Independent VPCs must be set up across deployments.
- AWS API Integration: Beyond verifying our use of the API is correct and standard checks are in place to ensure vendor usage is appropriate – avoiding unnecessary polling, rate limit measures are in place, throttling prevention and so on.
- Reliability: Verified solutions are expected to have high availability and reliability akin to AWS’ own standards. A lot of this criteria focuses on having comprehensive monitoring and alerting in place – so this was a fairly easy one for eG Innovations to meet 😊. There were also some requirements around automation (using CloudFormation and Terraform) for deployment of the product to ensure consistency for customers by process.
- Performance Efficiency: Requirements to have testing and quantitative KPIs in place such as “the roundtrip response latency for API methods X, Y, and Z must be less than 200ms as measured by the TargetResponseTime AWS CloudWatch metric”.
- Operational Excellence: This section was mostly about demonstrating that we use best-practice processes to develop and release eG Enterprise. There were requirements around runbooks, build automation, having formal issue ticketing systems in place and so on.
The criteria in general align with the 6 pillars of the AWS well-architected framework, outlined in The 6 Pillars of the AWS Well-Architected Framework | AWS Partner Network (APN) Blog (amazon.com).
Q: What is the process to achieve success in the AWS Digital Workplace Competency?
A: I was impressed by the thoroughness of the process and how many solution architects and engineers were involved. This very much was an engineering rather than marketing process and included code reviews of our product.
A large part of the technical review was security focused, and it made it easier for us having recently been through a successful SOC 2 type audit as some of the audit covered similar areas.
The process is very much an iterative and collaborative process and at points the AWS engineering team made suggestions as to how we could improve certain processes which we took on board and adopted.
To the best of my recollection, we first completed a rather lengthy Self-Assessment Spreadsheet, prior to submitting the program application. This was done in conjunction with our AWS Partner Manager over several weeks to ensure it contained the level of technical detail required. Once completed, we had to submit an application in APN Partner Central.
Shortly after this we had to complete an AWS FTR (Foundational Technical Review), this is a review process which AWS encourages all SaaS and software vendors across all sectors to undertake. For customers it’s the bare minimum you should require an AWS hosted or compatible product to demonstrate for assurance of best practices by vendors offering products on AWS.
The non-technical elements were also reviewed and finally there was the competency audit, although we were well prepared it is always a little daunting to be the one responsible if anything is missed. Thankfully, all went ok.
Beyond the achievement of passing the audit though. The process was very beneficial as the AWS architects, auditors and engineers that we had access to in the process have a wealth of best practice experience. We picked up a few tips to optimize our workflows and process documentation. All our team now have a very good understanding of the support processes and engineering liaison routes with AWS so I am confident that this work benefits customers and the level of service we can offer.
Q: What are the customer benefits from eG Enterprise being certified as an AWS Digital Workspace Competency partner?
AWS outline many of the benefits to customers if they choose a competency partner, see: https://aws.amazon.com/products/end-user-computing/partner-solutions/. In summary AWS describe the program thus:
“The AWS Digital Workplace Competency helps customers find highly specialized AWS Partners who offer solutions on AWS that effectively support remote workers and business continuity.
AWS Digital Workplace Competency Partner offerings free your end users from the office, allowing them to work securely on any device, from anywhere, and at any time. These Partners help reduce security risks and meet compliance and business requirements while allowing you to effectively support remote workers and implement business continuity plans.”
There is also a brochure outlining the program which contains certain statistics and an overview that maybe helpful to an organization who is considering whether to use a specialized partner, see: AWSDigitalWorkplace_PartnerCompetencyBrochure.pdf (awsstatic.com).
Having a close active partnership and engineering relationship with Amazon, allowed us early access to monitoring APIs for the NICE DCV remoting protocol and we were the first monitoring solution to implement support, see: Performance Monitoring for AWS NICE DCV VDI Protocol (eginnovations.com).
Q: Are there any customers using eG Enterprise for AWS EUC?
A: Yes, many. Only established solutions can apply for the AWS Digital Workplace Competency and established reference customers, case studies and active customers are key criteria validated via the audit.
Q: Do these types of audit changed how you work?
A: Undoubtedly, the expectations placed on engineering teams have changed over the last decade. Modern expectations include that we need to continually document and perform work traceably often using automation for repeatability and consistency.
The AWS audit was particularly enjoyable as it gave the systems teams a good insight into the expectations of the overall product and working together on the competency submission the team got a better understanding of the support, marketing and documentation customers expect and an opportunity to work with those teams on a common project.
Q: Is eG Enterprise available on the AWS Marketplace?
A: Yes, eG Enterprise is available as SaaS as eG Enterprise Express Cloud on the AWS Marketplace, see AWS Marketplace: eG Enterprise Express Cloud (amazon.com).
Customers can also choose to self-deploy eG Enterprise on AWS or any other public cloud or on on-prem infrastructure to suit their need. See: Deploying IT Monitoring – SaaS or On-Premises (eginnovations.com).
Q: Can I use AWS credits to purchase eG Enterprise from the AWS Marketplace?
A: Yes, you can.
Q: What AWS services can eG Enterprise monitor?
A: Beyond Amazon WorkSpaces and AppStream 2.0, eG Enterprise also supports monitoring of other AWS services, billing and subscription; as well as over 250+ technology stacks that may be run on AWS or be used in hybrid scenarios in conjunction with AWS services, see: End-to-End Monitoring: Applications, Cloud, Containers (eginnovations.com).
Q: What does eG Enterprise offer beyond Native CloudWatch capabilities?
A: AWS CloudWatch anomaly detection does not provide forward-looking, predictive alerting which eG Enterprise does – this can help partners meet AWS MSP Partner Program Validation Audit standards on anomaly detection. For MSPs looking to monitor multi-tenant services eG Enterprise’s out-of-the-box support for multi-tenancy offers advantages over CloudWatch.
An overview of the differences between CloudWatch and eG Enterprise is covered in, AWS Cloudwatch Alternative: eG Enterprise (eginnovations.com), this page covers the many use cases where eG Enterprise is used to provide capabilities beyond CloudWatch or is used to accelerate / simplify the implementation of monitoring for Amazon’s EUC technologies.
CloudWatch requires significant manual configuration and skills. eG Enterprise provides out-of-the-box metric thresholds and alerting with no need for manual configuration or scripting.
eG Enterprise supports end-to-end monitoring of any on-premises infrastructure that AWS deployments integrate with, such as Active Directory, as well as monitoring of third-party cloud services and SaaS applications.
Estimating CloudWatch costs can be complex and data retention is by default limited. eG Enterprise simplifies the costs of monitoring and customers in regulated industries have enhanced data retention options suitable to their compliance needs.
Q: Can eG Enterprise support multi-tenant MSP (Managed Service Provider) deployments of Amazon WorkSpaces or AppStream 2.0?
A: Yes, eG Enterprise is a fully featured multi-tenant solution. eG Enterprise provides a multi-tenancy architecture with a wealth of tenant self-service features that allows MSPs delivering managed service deployments of Amazon WorkSpaces opportunities to offer premium monitoring and troubleshooting diagnostic services.
eG Innovations works with Managed Service Providers (MSPs) across the world, who use eG Enterprise to deliver value-added services to improve their customers’ resilience and business outcomes. Many of these service providers choose eG Enterprise for its secure and granular role-based multi-tenancy support. The MSP does not have to configure and maintain one instance of eG Enterprise for each customer. Instead, they can deploy one eG Enterprise instance to which agent-based and agentless monitoring provides deep diagnostics and analytics for multiple customers (tenants).
The distinct advantage of multi-tenant configurations for MSPs is that they can use a single unified interface to monitor multiple customers. MSP admins do not have to shift through multiple consoles, one for each customer. Additionally, by amortizing cloud, software, and storage costs across customers, the MSP can drive further cost savings, which in turn improves competitive advantage for themselves and their customers.
- Find out about our monitoring and root-cause diagnostic tools for Amazon WorkSpaces, see: AWS Monitoring Tool for Amazon Workspaces | eG Innovations
- For information on monitoring and troubleshooting Amazon AppStream 2.0, see: AWS AppStream Monitoring & Troubleshooting | eG Innovations
- To understand different use cases for, and the differences between Amazon WorkSpaces and AppStream 2.0, please see: AWS AppStream 2.0 vs Amazon WorkSpaces (eginnovations.com)