For Many Companies, Unified Endpoint Management Is Still A Long Way Off
Unified Endpoint Management tools is still used in many companies exclusively to manage mobile devices such as tablets and smartphones.
One year ago, Gartner’s Magic Quadrant for Client Management Tools (CMT) and Enterprise Mobility Management (EMM) gave up the first time a market overview for Unified Endpoint Management tools was introduced.
The background to this was that the analysts found that the possibilities of the tools previously known as EMM and even earlier as MDM (Mobile Device Management) tools have increased significantly and allow uniform management of all endpoints Unified Endpoint Management – UEM.
most companies still use UEM tools exclusively to manage mobile devices such as tablets and smartphones.
In addition, companies often use the solutions to execute part of the Windows and macOS fleet – for example, when it makes sense to make these devices more efficient.
Contaminated sites make it challenging to switch to Unified Endpoint Management.
However, Gartner says there are growing numbers of companies considering migrating to UEM. Specifically, the analyst company predicts that with the introduction of Windows 10, Google Chrome OS, and Apple macOS, the need for a combined management console will increase to over 70 percent of technology companies by 2024.
However, the changeover is very costly if legacy applications and processes are available and modernized to enable a UEM scenario with a single console for managing all end devices.
Because of these difficulties, a uniform management platform for all devices is still a vision of the future for many companies, according to Gartner, which is why they decided to co-manage or coexist with CMTs and UEM tools.
From the analysts’ point of view, this is likely to affect even more companies. For one, some platforms require additional infrastructure outside of Unified Endpoint Management to manage the devices needed.
Second, process requirements such as the desire to continue distributing images to PCs (a feature that not all UEM tools support) make to transition to Unified Endpoint Management as the sole management tool.
Unified Endpoint Management market: Migration workers are in demand
Gartner says vendors differ most in the transition process. Although the UEM tools are very similar in terms of the features for managing mobile devices, there are significant differences in the functions for migrating policies, applications, and endpoints from classic client management to Unified Endpoint Management.
Last year Gartner predicted that the importance of these functions would decrease over time. In the meantime, however, the analysts have concluded that most companies are still about to migrate.
For this reason, Gartner considered and weighted the existence of CMT functions or integration options in the current market overview (available from some UEM vendors upon registration) much more strongly than in the 2018 Magic Quadrant.
Specifically, the manufacturers must provide evidence that they either
- offer a complete client management toolset with their UEM license,
- Offer functions or a product to support CMT migration to modern management methods or
- allow the turnkey integration of a third-party CMT (e.g. BigFix or Microsoft ConfigMgr).
Strengths and weaknesses of the providers
The changed requirements meant that the providers NationSky, Sophos, and SOTI dropped out of the current market overview because they did not meet the required CMT criteria.
Otherwise, the positions in the Magic Quadrant have changed relatively little – although Gartner advises against making a comparison with the previous year’s results due to the modified criteria and weightings: Ivanti remains the only player in the Challenger Quadrant, but the position shifted a little more to the right towards “completeness of vision”.
The analysts noted positively that the merger of Landesk and Heat software Established CMT offerings combined with extensive mobile management functions to enable a user-oriented view of devices, guidelines, and status information.
However, the provider rarely appears on UEM shortlists of companies. Many customers still associate Ivanti with the Landesk solutions for client management and less with the mobile device or IoT management.
Provider for special niches
Matrix42, ManageEngine, and Snow Software, on the other hand, retained their place in the niche provider sector despite minor changes in their positioning. According to Gartner, both ManageEngine and Matrix42 had limitations in their CMT functionality.
The Frankfurt workspace management specialist’s migration path initially requires a migration to Matrix42 CMT if a company is not ready to migrate devices directly from CMT to UEM.
From the analysts’ point of view, the provider ManageEngine, based in the USA and India, addresses some traditional CMT functions. However, the entire UEM offering is still primarily aimed at customers who have already migrated to UEM and does not provide comprehensive bridging technology to support migration.
The Swedish supplier Snow software fills a niche by combining device management with self-service functionalities around employee onboarding / offboarding, lifecycle management, and license management.
Here, too, Gartner found gaps in the CMT functionality. Snow offers a tool within its solution for migrating to current management options for Windows 10 and macOS. From Gartner’s point of view, however, the agency is rather rudimentary compared to the competition.
In addition, despite previous improvements, the Snow Device Manager (SDM) management console looks outdated, and it lacks some essential management functions.
Citrix can grow
Big news in the 2019 Magic Quadrant for UEM Tools is Citrix moving up from Visionaries to the Leaders quadrant. The virtualization expert markets Citrix Endpoint management as a standalone UEM offering that supports many applications and includes direct integration to provide virtualized applications via Citrix Virtual Apps and Desktops.
In addition, Citrix is also promoting the solution as a supplement for customers who use Microsoft’s UEM product Intune / EMS and want additional functions (e.g. micro VPNs). The Citrix portfolio also includes a wide range of tools that support customers in converting to modern management of CMTs.
As Gartner explained, the company has been able to catch up with the competition by offering new advanced features such as machine learning and analytics to adjust device policies dynamically.
However, the analysts indicated that Citrix Endpoint Management is typically sold as part of a more comprehensive Citrix infrastructure solution and is rarely sold as a standalone UEM product.
Because of the tight integration of Citrix products and licenses, customers without a Citrix infrastructure should first consider other providers before evaluating them.
Microsoft: Co-managed by Intune and ConfigMgr
At the same time, the five previous leaders in the quadrant – MobileIron, Blackberry, IBM, Microsoft, and VMware – maintained their position. Microsoft offers Intune as a core component of its Enterprise Mobility and security suite (EMS) and as the basis of its UEM strategy.
Intune / EMS can be used as a standalone tool for managing Windows 10 and macOS (using modern management techniques). According to Gartner, the focus is increasingly on the “co-management” of Windows through bidirectional integration with the System Center Configuration Manager (ConfigMgr; also licensed as part of EMS).
This co-management makes it easier for companies to gradually transition from the traditional Windows management approach to modern management by moving workloads to Intune.
In addition, one of Intune’s greatest strengths, according to Gartner, is its cross-product integration into the Microsoft universe. As a result, Enterprise Agreement customers who are fully committed to Office 365 find it challenging to replicate the possibilities offered piece by piece with third-party solutions.
For example, with the mobile Office 365 apps, Intune must implement Access to the complete list of data leakage functions at the app level, such as the control of “Save as” or the restriction of “Copy / Insert”.
However, the analysts point out that Microsoft still lags a bit behind some competitors in macOS management and currently does not support the management of ChromeOS devices.
In addition, companies that have made significant investments in some popular IAM products such as Ping Identity or Okta should carefully consider their use, as Intune does not fully support the identity management functions, especially not on mobile devices.
VMware: Additional functions as a driver of innovation
The Dell subsidiary VMware is active in the UEM market with the product Workspace ONE, which, however – depending on the license – also offers solutions for client and application virtualization, identity & Access Including management (IAM) and other applications.
According to Gartner, as the UEM market matures, these add-on products and functions make up the innovation in this area, while the core functions become a commodity. From the analysts’ point of view, Workspace ONE AirLift is such an innovative add-on product.
This is a comprehensive set of features for migrating groups of PCs and PC management policies, such as porting Group Policy Objects (GPOs) from tools such as Microsoft’s ConfigMgr on the UEM console of Workspace ONE.
Gartner said the ability to fill critical CMT feature gaps in UEM without the need for a separate CMT console makes VMware a good choice for organizations planning a complex migration of PCs, policies, and workloads from CMTs to UEM.
However, the analysts point out that despite significant investments by VMware in technologies to support field workers, the market is just emerging.
IT decision-makers should invest carefully in such use cases and carefully examine the end devices, platforms, and integrations required for their specific environment.
In addition, VMware has achieved success in educating users that, in addition to Unified Endpoint Management, virtualization solutions can also be used to provide users with customized workstations. Most customers would still be interested in pure UEM licenses.
MobileIron: Security is the key
MobileIron, like VMware (or earlier AirWatch), already a regular guest in Gartner’s leader quadrant with MDM and EMM, has expanded its original solution to include modern management functions for various platforms.
The UEM offering also benefits from integrating individual functions to bridge the gap between CMTs and UEM, which were offered as separate products in previous years.
In addition, the company tries to differentiate itself from the competition by focusing on security and authentication features for managed and unmanaged devices.
Therefore, the Gartner experts see MobileIron as a good choice for companies looking for a comprehensive range of functions for managing mobile and non-mobile devices and for companies looking for new features to secure their end devices.
Thanks to the integration of security and authentication functions for unmanaged devices, customers could save themselves from purchasing other security infrastructures.
However, Gartner warns that most – mostly satisfied – customers still rate MobileIron as an MDM specialist and that the company is only growing slowly outside of its installed base.
IBM: AI predicts problems and security risks
IBM, in turn, takes advantage of its extensive software portfolio to combine the EMM solution MaaS360 with related products in areas such as Mobile Threat Defense (MTD Security Information and Event Management ( SIEM ) and Identity as a Service (IDaaS)) into a single product.
Big Blue also uses its Watson AI solution to predict potential problems or security risks based on the UEM data it collects. It’s a feature that Gartner says is very useful for many IT teams who want to manage endpoint devices without hiring additional staff.
As a specialty, IBM used the deep integration with the CMT solution BigFix to include a broad set of client management functions in MaaS360.
Following the sale of BigFix to HCL earlier this year, IBM continued to develop the procedures in-house to enable coexistence with other CMT products beyond BigFix.
According to Gartner, MaaS360 is a good choice for customers looking for a SaaS-based UEM tool with built-in mobile security functions and, thanks to preconfigured policy templates, can automate some of the steps needed to achieve the ideal compliance and Determine and maintain the management status of all devices.
However, customers should be aware that there is no on-premises version, only a local access gateway for e-mail and other applications.
Blackberry: I’m buying a UEM portfolio
MDM veteran Blackberry has also recognized the signs of the times. It has created an excellent UEM offer over the past few years with the help of numerous investments and acquisitions in areas such as analytics, collaboration, and IoT.
The Canadians built on their excellent reputation for providing highly secure mobility solutions for regulated industries and added modern management functions for Windows 10 and macOS.
In addition, wearables and many IoT devices can now also be managed with the UEM product.
According to Gartner, BlackBerry’s UEM offering is suitable for companies interested in highly secure mobility, collaboration, IoT, and modern management for Windows 10 and macOS.
The highly expandable secure (Product Information Management, PIM) container and the long list of certificates, brand awareness, and presence in regulated vertical markets made Blackberry a severe competitor in this area.
In addition, the partnership between Blackberry and Awingu in the provision of virtual applications in its access workspace tool enables an integration that only a few other providers offer in this area.
The analysts also rated it positively that companies could jointly manage container apps from Blackberry Dynamics and Office 365 applications with the help of BlackBerry Enterprise BRIDGE, Intune, and Microsoft’s Graph API.
However, Blackberry’s UEM offering lacked core client management functions such as device imaging and standard patch management features. However, it now supports coexistence with Microsoft System Center Configuration Manager (ConfigMgr) and offers tools for gradual migration to modern management methods.