Unification has been a trend in IT for a long time, whether it’s communications, storage, data management or other technologies, and the trend hasn’t escaped cybersecurity either, as products converge into more comprehensive platforms like XDR or SASE.
Endpoint technologies are the latest to join the unification craze, as endpoint security and mobile device management are getting folded into unified endpoint management (UEM) solutions.
Also see the Top Endpoint Detection & Response (EDR) Solutions
- What is Unified Endpoint Management?
- UEM Benefits
- UEM Trends
- Top UEM Vendors
What is Unified Endpoint Management?
UEM is an attempt to bring together all of the different endpoint management and protection tools into one integrated console. As such, it encompasses areas such as antivirus, anti-spam, malware protection, ransomware protection, and mobile device protection.
Gartner sees such consolidation as an overall trend. And UEM is entering the mainstream, according to Gartner, having reached a market penetration level of 20% to 50%, with large organizations and certain verticals the biggest adopters.
“Unified endpoint management tools provide agent-based and agentless management of computers and mobile devices through an employee-centric view of endpoint devices running Windows, Google Android and Chrome OS, Apple macOS, iPadOS, and iOS,” said Gartner analyst Dan Wilson. “UEM tools apply data protection, device configuration and usage policies using telemetry from identities, apps, connectivity, and devices. They also integrate with identity, security, and remote access tools to support zero trust.”
Given UEM’s focus on mobile device management, Enterprise Mobility Management (EMM) vendors have been among the early leaders in the UEM market.
Gartner lists benefits of UEM such as:
- Eliminating many manually intensive tasks and processes across multiple endpoints
- Location-agnostic endpoint management and patching
- Reducing the total cost of ownership of managing endpoint devices
- Simplified device management and support
- Lowered risk due to covering more device types and operating systems (OSes)
- Stronger policy management
- Better integration with identity, security, and remote access tools
UEM is a hot area of IT. As such, a number of trends are impacting this space. Aditya Kunduri, director of product marketing for end-user computing at VMware, drew attention to cloud-native modern management of endpoints. This makes it possible to deploy, manage, and support off-network and remote users, primarily their desktops and laptops.
Automation, of endpoint tasks using data driven and no- and low-code automation is another UEM innovation. It enables admins to simplify and automate these complex and mundane administrative tasks.
The digital employee experience (DEX) is also being integrated into UEM platforms.
“We are seeing endpoint management teams ask for DEX capabilities that are tightly integrated with UEM to provide customers with the means to deliver and measure rich telemetry, analyze using data science, and proactively remediate user experience issues across endpoints, apps, network, and access,” said Kunduri.
Ashley Leonard, CEO of Syxsense, called attention to the fact that Gartner is now calling out security functionality as a key product ingredient in its latest UEM Magic Quadrant (MQ).
“In an effort to narrow down the attack surface that comes from multiple agents and multiple consoles, customers are looking for solutions that provide both functions,” said Leonard. “That means more intelligence on filtering through the haystack of incoming security telemetry into a meaningful subset, better threat prioritization, and automation that can automatically maintain an endpoint in a desired state.”
The Internet of Things (IoT) is an area that is gradually coming under the UEM banner, according to Apu Pavithran, CEO and founder of Hexnode.
“IoT has entered almost every enterprise, and just as with every mobile device and PC, the need to manage IoT will soon be predominant,” Pavithran said.
Rex McMillan, vice president of product management at Ivanti, also stressed the integration of DEX features and its raised profile in an increasingly remote workforce.
“UEM is key to enabling security and productivity in the hybrid and remote workplace,” McMillan said. “The need for remote-access capabilities, mobile management tools, and visibility of all endpoint devices has never been greater.”
Top UEM Vendors
eSecurity Planet evaluated multiple vendors in the UEM space. These stood out from the pack in our analysis.
VMware Workspace One
VMware delivers UEM through VMware Workspace One. It offers a single solution for management of all device types, including desktops, mobile, rugged, wearables, and IoT, and across all use cases along with single sign-on (SSO) access, a consistent user workspace, DEX management, risk analytics, and plenty of features for workspace security.
- Cross-platform support and management capabilities in a single pane of glass, including rugged device types and use cases, point of sale (POS), augmented/virtual reality (AR/VR) headsets, mobile printers, peripherals, kiosks, and digital signage.
- Advanced support is available for attended or unattended shared devices, COPE (corporate-owned, personally-enabled) architecture, and BYO (bring-your-own) policies.
- Improved visibility and security, and the multi-tenant architecture supports complex deployments at scale.
- Integrated identity and access controls, app and multi-platform endpoint management, analytics and automation (including purpose-built dashboards for frontline deployments), and cross-platform remote support (with integration with ServiceNow).
- Low-code IT orchestration and automation platform that can streamline app deployments, device onboarding, and device state management.
- Zero-trust security features include risk analytics, auto-remediation, SSO and multi-factor authentication (MFA), integrated mobile threat defense (MTD) and VMware Tunnel for device and per-app VPN, integrations to third-party security tools via Trust Network and to VMware Secure Access cloud-hosted zero trust network access solution.
- It can pull inventory data and device or system attributes with sensors and deploy scripts to query inventory data or make configuration changes as well as enable scripts to be triggered on-demand by end users in self-service catalog.
- Offers provisioning of devices with business-approved settings, apps, and resources before they ship directly to end users, adding and updating what you want provisioned over the air (OTA) with zero touch from IT.
Microsoft Endpoint Management
Microsoft Endpoint Manager was graded as the only vendor in the Leaders category in this year’s Magic Quadrant for UEM. It is a cloud-enabled platform for unified and secure endpoint management that provides risk-based conditional access for apps and data as well as support for diverse corporate and BYOD scenarios.
- Microsoft Endpoint Manager automates and prioritizes tasks.
- Microsoft Endpoint Manager offers built-in security analytics.
- Azure Active Directory Conditional Access is available.
- Endpoint security is available courtesy of Microsoft Defender ATP.
- Microsoft Endpoint Manager provides Apple, Android, Windows, and ruggedized device management.
- Microsoft Endpoint Manager provides a productivity score for users.
- Microsoft Endpoint Manager combines Intune and Configuration Manager.
- The platform is available with an Enterprise Mobility + Security (EMS) license.
- Microsoft Endpoint Manager offers integration with Azure Virtual Desktop, Windows 365, Defender for Endpoint, and Azure Active Directory (AD).
Syxsense Enterprise brings together UEM and unified endpoint security (UES) to create what the company terms a unified security and endpoint management (USEM) solution. It delivers patch management, mobile device management, real-time vulnerability monitoring, and instant remediation for endpoints as well as IT management across all endpoints.
- Syxsense brings everything needed for endpoint management and protection onto one console.
- It offers automatic detection and remediation of vulnerabilities and missing patches.
- Syxsense scans for all vulnerabilities on any device, blocks communication from an infected device to the internet, isolates endpoints, and kills malicious processes before they spread.
- The platform automatically prioritizes and deploys operating system (OS) and third-party patches to all major operating systems as well as Windows 10 feature updates.
- Remediation is done using a security orchestration, automation, and response (SOAR)-like product called Syxsense Cortex that allows for drag-and-drop remediation workflows with no coding or scripting required.
- A single agent automates the management of endpoints, secures the business, reduces the attack surface, and simplifies management.
- Deep scanning is done for known security flaws, and IT is provided with a list of misconfigurations that require remediation.
- Syxscore is a scoring methodology that reports on discovered threats and how prevalent they are in environments.
- The security research team provides prebuilt workflows and playbooks that accomplish key IT management functions, such as setting up new laptops and rolling out new software, as well as remediating security flaws.
- Syxsense provides proof of compliance against industry standards such as HIPAA and PCI.
IBM Security MaaS360
IBM Security MaaS360 with Watson earned a Challenger rating in the Gartner UEM MQ. It is an AI-enhanced UEM and endpoint security platform that tends to focus on the midsize market in verticals such as technology, retail, and manufacturing. It is available as a software-as-a-service (SaaS) solution and not for on-premises deployments.
- Watson Analytics helps users identify, prioritize, triage, and resolve security while identifying risk or performance and configuration issues on devices managed by MaaS360.
- IBM Security MaaS360 offers customizable, automated reporting.
- There is a large catalog of templates with a wizard-like interface.
- A large number of integrations are available with IBM and non-IBM software in security, vulnerability, identity, IT service and asset, digital adoption, data analytics, and remote support.
- Microsoft partnership has opened up Conditional Access Device Trust integration.
- Proficiency with IBM Security MaaS360 can lead to security certifications such as FedRAMP, SOC II Type 2, and ISO 27000 II.
Ivanti Neurons for UEM
Ivanti Neurons for UEM enables IT to discover, manage, and secure all devices on a network. In addition, endpoint management tasks are automated. The platform offers real-time device visibility, automated patch and OS deployments, user policies and configurations, personalized workspace environments, and secure access as well as fixes end-user issues.
- A digital user experience score is calculated using AI/ML techniques to understand the user experience and see what facets are impacting the user experience.
- Ivanti Neurons supports Windows, macOS, iOS, iPadOS, Android, ChromeOS, Linux, and IoT devices.
- Ivanti Neurons offers a complete inventory of the environment as the foundation for managing and securing devices.
- Real-time operational awareness coupled with Ivanti Neurons for Healing enables IT to discover and heal issues using automation.
- Patch management, mobile threat defense, secure access, and tunnel are integrated in the UEM platform.
- Ivanti Neurons for UEM platform integrates with other Ivanti products including its enterprise security management (ESM) solutions.
- Application control and device control are included.
ManageEngine Desktop Central UEM Edition provides endpoint detection and response (EDR), endpoint security, remote access, and zero trust. It is available as SaaS and on-premises and provides tight integration with other products from Zoho.
- ManageEngine can manage Microsoft, Apple, and Google Oss.
- Support is available for Ubuntu, Red Hat, CentOS, Fedora, Mandriva, Debian, Mint, SUSE, Pardus, and Oracle Linux distributions.
- Support is available for Samsung, Zebra, Honeywell, Lenovo, Datalogic, Unitech, Nokia, Kyocera, Cipherlab, Seuic, and Spectralink OEMConfig devices.
- Gartner said this was one of the most affordable UEM offerings, with list prices 20% lower than the next-lowest competitor.
- Email, phone, and chat support is available at no additional cost.
Hexnode provides a relatively simple user interface for its UEM platform to provide ease of use for organizations that may lack tech-savvy IT admins. It backs this up with responsive tech support and slants its offering at small and midsize businesses (SMBs). As such, its pricing begins at $1.08 per device per month. It also incorporates plenty of security features within its UEM package, regarding unified endpoint security as being UEM with an additional security layer.
- Hexnode offers support for Android, iOS and iPadOS, macOS, Android TV, tvOS, Fire OS, and Windows.
- The remote view feature helps IT admins monitor and manage devices in real-time.
- A remote-control feature assists the IT admin in troubleshooting and resolving errors without requiring user interference.
- By leveraging Android and Apple containerization techniques, enterprises can currently separate their corporate data from personal files.
- Admins can define the app inventory by dictating mandatory apps and blacklisting applications that can hinder productivity.
- ManageEngine has partnerships with rugged device manufacturers like Honeywell, Kyocera, Zebra, CAT, and Sonim.
- A kiosk management feature restricts publicly placed devices to a single or a set of predefined apps and limits users from accessing other features.
- Security features include password management, restricted access to external media, web content filtering, incorporation of BitLocker encryption and Windows Defender, a firewall, remote locking and wiping, and OS updates.
Matrix42 Secure UEM
Matrix42 Secure UEM provides basic endpoint management and security. Recent acquisitions of EgoSecure, FastViewer, and Firescope have led to big strides in areas such as the addition of ITAM (IT asset management), ITSM (IT service management), and behavioral dynamic policy enforcement.
- Matrix42 Secure UEM offers a low cost and flexibility married with plenty of features.
- Distributed cloud deployment provides country- and market-specific customization to fit with local regulations.
- Matrix42 Secure UEM can scale from 50 to 10,000 devices.
- Additional module options include Browser Security Plus, Vulnerability Manager Plus, Device Control Plus, Application Control Plus, Analytics Plus, and Secure Gateway Server.
- Integration with Fortinet tools adds automated detection and remediation of anomalies and malicious activities.
- The platform is low-code and leverages a centralized configuration management database (CMDB).