Unified Endpoint Management (UEM) tools are important for helping infrastructure and operation (I&O) leaders manage and secure the workplace. In 2022, UEM tools saw increased adoption and product advancements.
UEM tools provide agent and agentless management of computers and mobile devices through a single console. Modern UEM tools give you a view of devices across different platforms. They also let you manage devices without agents, through native Windows 10, macOS, and Chrome OS controls. Additionally, they can collect telemetry and signals from identities, apps, connectivity, and devices to inform policy. They can also integrate with identity, security, and remote access tools to support zero-trust, contextual authentication, and vulnerability management. They are also capable of managing non-traditional devices like wearables and IoT (Internet of Things) devices.
Leading UEM tool vendors
Gartner predicts that by 2027, UEM and digital employee experience (DEX) tools will together drive autonomous endpoint management and reduce human effort by at least 40%. Over 90% of clients will use cloud-based UEM tools by 2025 for managing most of their estate.
Here is the list of UEM tool vendors I&O leaders can consider.
IBM Security MaaS360 with Watson offers AI-enhanced UEM and endpoint security. It has operations across the globe, and its clients are usually midsize enterprises (MSEs) in technology, retail, and manufacturing that are based in the Americas and Europe. IBM is still working on Watson to improve security and DEX, deeper integration with identity and security products, and OS and application patching for reducing vulnerabilities.
IBM’s Watson provides analytics to identify, prioritize and resolve security, identity, performance, and configuration issues faced by the devices managed by MaaS360. Security intelligence and automation are its strengths. IBM is building upon rich integration with QRadar and other identity and security tools to reduce risk by dynamically adjusting policies. It has a broader partner ecosystem and offers more integrations than its competitors.
Clients often report a lack of product capability awareness about MaaS360. Its pricing exceeds that of some of its competitors with broader capabilities. It is available only as a SaaS solution and does not provide on-premises management options.
Ivanti Neuron offers broad support for almost all endpoints. Its clients are enterprise organizations. Ivanti continuously adds intelligence and automation via the Ivanti Neurons platform, to improve discovery, automation, self-healing, patching, zero-trust security, and DEX. Ivanti Neurons also supports integration with IT service, asset, and cost management tools.
Ivanti Neuron provides active and passive discovery of all devices. Apart from OS management capabilities, Ivanti offers management of Linux distributions and server OSs, OEMConfig and Android Open Source Project (AOSP) devices, as well as wearables. It offers a range of solutions for the healthcare, education, logistics, public-sector and retail markets.
Ivanti website navigation, bundling, and pricing have become challenging owing to the continued expansion of its offerings, migration to the cloud, and addition of Ivanti Neurons capabilities to each product. Features and extended capabilities like advanced discovery, intelligence, and automation from Ivanti Neurons are not available on-premises.
ManageEngine is continuing to invest in endpoint analytics, automation, and enhanced capabilities for MSPs. It is also expanding its focus on endpoint security, remote access, and zero-trust capabilities.
In addition to OS management capabilities, ManageEngine offers the broad capability to manage Chrome OS, Linux distributions, servers, and Android OEMConfig devices. It has one of the most affordable and highly flexible UEM offerings with email, phone, and chat support included at no additional costs.
The licensing model of ManageEngine is more difficult to understand and administer than its competitors. Users have raised concerns about the quality of product releases, the performance of products and the difficulty in upgrading the on-premises hosted platform. It also lacks generally available VPN and zero-trust capabilities.
The Matrix42 Secure UEM (SUEM) product supports basic endpoint management and security use cases. Its clients are MSEs located in the Germany, Austria, and Switzerland (DACH) region. Matrix42 is investing in capabilities to inventory, manage and patch devices. It also aims to enhance IT asset and service management (ITAM/ITSM) and behavioral dynamic policy enforcement.
Matrix42’s capabilities suit the endpoint management needs of MSEs extremely well. Its entire workspace platform is built on an extensible, low-code workflow platform using a centralized configuration management database (CMDB) and allows customers to customize the solution to their needs.
Growth in other markets has been challenging due to limited brand awareness. Organizations with a CMDB, ITAM/ITSM, or endpoint security tools may have to pay extra for capabilities they already have. Matrix42 requires third-party tools for completing its zero-trust and remote-access capabilities.
Microsoft Endpoint Manager is a combination of Intune and Configuration Manager. It can be licensed through Microsoft’s Enterprise Mobility + Security (EMS) SKU. It aims to improve the IT administrator experience and endpoint analytics and automation and supports core frontline worker devices and integration using its Azure Virtual Desktop, Windows 365, Defender for Endpoint, and Azure AD.
Improved security and IT administrator experience is achieved with deep platform integration with Azure AD, Defender for Endpoint and Microsoft 365 suite of products is offering. The growth of Microsoft 365 makes Endpoint Manager dominate the UEM market share. It is rolling out new features and fixes based on customer demand.
It has a very basic dashboard and reporting capabilities. The Endpoint Manager lacks capabilities to manage Chrome OS and Linux endpoints compared to competitors. It does not support specialized vertical-specific use cases like wearables, rugged frontline devices, and IoT.
VMware’s Workspace ONE platform offers improved employee experience via UEM, extensive virtualization, comprehensive security, analytics, remote access, apps, and workflows. VMware is continuously investing to help customers drive workplace modernization, implement zero trust as well as improve the digital employee experience and reduce digital friction.
It offers a complete package of device management, single sign-on, remote support, remote access, endpoint security, analytics, automation, and virtualization. It uses intelligence and automation to take action on devices and applications based on triggers from UEM events and data, gives insights and reports, and adds use-case focused solutions to measure and improve DEX.
Most of the advanced Workspace ONE capabilities require the use of its SaaS offering and are highly-priced.
I&O leaders with separate mobile device and PC management tools must use these insights to plan UEM investment and consolidation.
Image and source credits: Gartner