MDM tools: Features and functions compared

Looking for an enterprise mobile management suite? Look here first.

Computerworld |

Mobile device management tools are transforming into veritable "Swiss army knives." But while all cover the basics when it comes to hardware management, there are differences when it comes to some of the extended features you may require.

This checklist is a good first step for assessing which products you might want to focus in on. But experts caution that there can be big differences in how features are deployed and work in the real world, so be sure to do extensive testing prior to deployment.

This chart accompanies our story, "Mobile management morphs," which explores the trends in MDM tools and how customers are using them.

To see the various features and functions available, just click on the gray line with the +/- sign. To minimize that section of the chart, click on it again. You can have as many sections open as you wish.

Deployment options ( + / -)

Vendor	Airwatch B2	BlackBerry	BoxTone	Citrix	Good Technology	IBM	Fiberlink (an IBM company)	MobileIron	SAP	Soti	Symantec
Product Name(s)	AirWatch Enterprise Mobility Management	BlackBerry Enterprise Service 10	BoxTone	XenMobile	Good for Enterprise	IBM Endpoint Manager for Mobile Devices	MaaS360 by Fiberlink	MobileIron	SAP Afaria, SAP Mobile Documents, SAP Enterprise Store	MobiControl	Symantec Mobile Management Suite
On premises	Yes	Yes	Yes	Yes	Yes	Yes	No	Yes	Yes	Yes	Yes
Cloud/SaaS	Yes	Version in development	Yes	Yes	No	Yes, through partners	Yes	Yes	Yes	Yes	Yes

Mobile platforms supported (+ / -)

Vendor	Airwatch B2	BlackBerry	BoxTone	Citrix	Good Technology	IBM	Fiberlink (an IBM company)	MobileIron	SAP	Soti	Symantec
Product name(s)	AirWatch Enterprise Mobility Management	BlackBerry Enterprise Service 10	BoxTone	XenMobile	Good for Enterprise	IBM Endpoint Manager for Mobile Devices	MaaS360 by Fiberlink	MobileIron	SAP Afaria, SAP Mobile Documents, SAP Enterprise Store	MobiControl	Symantec Mobile Management Suite
iOS	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Android	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Extended Android APIs	Yes (KNOX, SAFE, LG Gate, Kindle Fire HD and Kindle Fire HDX, NOOK HD and NOOK HD+, tablets, HTC One, Nokia Lumina, Pidion and Panasonic)	Motorola	Yes (SAFE)	Yes (KNOX, SAFE, Kindle)	Yes (3LM)	Yes (SAFE)	Yes (SAFE, KNOX, 3LM, HTC, LG)	Yes (KNOX, SAFE)	Yes (KNOX, SAFE)	SOTI API stack	No
BlackBerry	Yes	Yes	Yes	Yes	Requires BoxTone for Good	Yes	Yes	Yes	Yes	No	Yes
Windows Mobile	Yes	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Windows Phone 7	Yes	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Windows Phone 8	Yes	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Other (name)	Mac OS X 10.7 and higher, Windows 8 and RT					Windows RT	Amazon Kindle Fire, MAC OS X, Windows XP, 7, 8	Mac OS X, Windows		Windows Desktop, Windows Mobile	Support Web OS and Symbian via Exchange ActiveSync

Mobile device management ( + / -)

Vendor	Airwatch B2	BlackBerry	BoxTone	Citrix	Good Technology	IBM	Fiberlink (an IBM company)	MobileIron	SAP	Soti	Symantec
Product Name(s)	AirWatch Enterprise Mobility Management	BlackBerry Enterprise Service 10	BoxTone	XenMobile	Good for Enterprise	IBM Endpoint Manager for Mobile Devices	MaaS360 by Fiberlink	MobileIron	SAP Afaria, SAP Mobile Documents, SAP Enterprise Store	MobiControl	Symantec Mobile Management Suite
Password protection	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Password reset	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Remote device wipe	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Selective wipe	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Remote lock	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Set VPN, Wi-Fi, APN, proxy/gateway settings	Yes	VPN, Wi-Fi, proxy	Yes	Yes	Yes, for iOS and for Android via Boxtone/3LM	Yes	Yes	Yes	Yes	Yes	Yes
Disable Wi-Fi	Yes	Yes (for BlackBerry)	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Disable carrier data connection	Yes (for SAFE); restricts data when roaming for iOS	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Configuration monitoring/auditing	Yes	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Automated provisioning/enrollment	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Disable camera	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Disable Bluetooth	Yes	Yes, for BlackBerry devices only	Yes	Yes	No	Yes	Yes	Yes	Yes	Yes	No
Manage mobile-attached devices (e.g printers, scanners)	Yes	No	Yes	Yes	No	No	No	No	Yes	Yes, for supported manufacturers including Zebra, Intermec, Breezy, Honeywell	Yes
Support multiple users per device (auto-configure device settings based on the currently logged in user)	Yes	No	Yes, by using multiple containers	Yes	No	Yes, with Maas360	Yes	Yes	Yes	Yes	No

Application management ( + / -)

Vendor	Airwatch B2	BlackBerry	BoxTone	Citrix	Good Technology	IBM	Fiberlink (an IBM company)	MobileIron	SAP	Soti	Symantec
Product name(s)	AirWatch Enterprise Mobility Management	BlackBerry Enterprise Service 10	BoxTone	XenMobile	Good for Enterprise	IBM Endpoint Manager for Mobile Devices	MaaS360 by Fiberlink	MobileIron	SAP Afaria, SAP Mobile Documents, SAP Enterprise Store	MobiControl	Symantec Mobile Management Suite
User self-service app delivery	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Full-featured enterprise app store	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Containerization/sandboxing	Yes, via AirWatch Workspace. Support for KNOX, Email Client for Android, and iOS	Yes	Yes	Yes	Yes	Yes, for data. Requires Nitrodesk TouchDown	Yes, withMaaS360 Secure Productivity Suite	Yes	Yes, using SAP Mobile App Protection	Yes, when used with Mocana	Yes
App containerization using developer SDK/toolkit	Yes	Yes, for BlackBery devices only	Yes	Yes	Yes	No	Yes	Yes	No	Yes	No
App containerization using app wrapping	Yes	Yes	Yes	Yes	Yes	No	Yes	Yes	Yes	To be made available in a future release	Yes
Block copy/paste between apps	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Block copy/paste from email	Yes	Yes	Yes	Yes	Yes	Yes for iOS; Android requires Nitrodesk TouchDown	Yes	Yes	Yes, using NitroDesk for Android phones.	Support planned.	Yes
Restrict which apps can open a given file	Yes	Yes	Yes	Yes	Yes	No	Yes	Yes	Planned for Q2	Yes	Yes
App inventory tracking	Yes	Yes, for BlackBery devices only	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
App usage monitoring	Yes	No	Yes	Yes	Requires Good AppCentral	No	No	Yes	Yes	Yes	Yes, using App Center
Apple volume purchase program integration (decrements volume purchase agreement quantity available as users download apps from store)	Yes	No	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Remote desktop access (access to apps and data on desktop from smartphone or tablet)	No	No	No	Yes	Yes. Requires Splashtop for Good.	No	No	Yes, when intergrated with Splashtop	No	Yes	Yes, but requires integrated tools from partners

Security ( + / -)

Vendor	Airwatch B2	BlackBerry	BoxTone	Citrix	Good Technology	IBM	Fiberlink (an IBM company)	MobileIron	SAP	Soti	Symantec
Product name(s)	AirWatch Enterprise Mobility Management	BlackBerry Enterprise Service 10	BoxTone	XenMobile	Good for Enterprise	IBM Endpoint Manager for Mobile Devices	MaaS360 by Fiberlink	MobileIron	SAP Afaria, SAP Mobile Documents, SAP Enterprise Store	MobiControl	Symantec Mobile Management Suite
Secure Web browser	Yes	Yes	Yes, via partners	Yes	Yes	Yes, with Trusteer, Mass360	Yes	Yes	Yes	Yes	No
Application blacklisting/whitelisting	Yes	Blacklisting only	Yes	Yes	Yes	Yes (SAFE only)	Yes	Yes	Yes	Yes	Yes
Data loss prevention (DLP)	Yes, via advanced device security features and AirWatch Secure Content Locker	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Email attachment data loss prevention	Yes	Yes	Yes	Yes	Yes	Yes (SAFE only)	Yes	Yes	Yes; also supports Nitrodesk TouchDown secure mail client for Android	Yes	Yes
Device compromise detection (jailbreak/rooting)	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes (from wrapped apps and via MDM and MAM agents)
Device-level encryption	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes
Encrypted folder	Yes	Yes	Yes	Yes	Yes	No	Yes	Yes	No	Yes	No
Encrypted email attachments	Yes	No	Yes	Yes	Yes	No	Yes	Yes	Yes. Requires Nitrodesk TouchDown	No	No. Available via Symantec PGP Mobile
Encrypted email message body	Yes	Yes	Yes	Yes	Yes	No	Yes	Yes	Requires Nitrodesk TouchDown	No	Available via Symantec PGP Mobile
Geofencing	Yes	No	Yes	Yes	No	No	Yes	Yes	Yes	Yes	No
Time fencing	Yes	No	Yes	Yes	No	No	Yes	Yes	Yes	Yes	No
Mobile VPN	Yes	Yes	Yes	Yes	Yes, for iOS; Android requires BoxTone/3LM	Yes using IBM MobileConnect	Yes (using native device MDM settings)	Yes	Yes	Yes	Yes (using native device MDM settings)
App-level micro VPN	Yes	No	Yes	Yes	Not needed; uses dedicated NOC-based connection and requires no open inbound ports	No	Yes, through app wrapping and SDK	Yes	Yes	Yes	Via SSL and URL whitelisting
Multifactor device/app authentication (token-based, facial recognition, client access card support, etc.)	Supports token-based enrollment, client certificate authentication, CAC card and directory system authentication	No	Yes, using Kerberos and common access cards	Yes	Yes, token and common access card	Yes, using IBM AccessManager	Integration with CAC/PIV cards	Yes	Yes	Yes, on supported OEM/model	Yes
Malware detection	Yes, via App Reputation Scanning for Android and integrations with F-Secure and others	No	Partners with Appthority for behavioral analysis	No		Yes, with IBM Trusteer	Yes	No; offers third party integration	Yes	Yes	Yes
Includes firewall	Yes, virtual firewall using managed profiles	No	Yes	Yes, for email traffic	Uses dedicated NOC-based connection; requires no open inbound ports	No	No	No	Yes	No	Yes (only for Windows Mobile)
Single sign-on support	Yes	Yes	Yes	Yes; (On device, online for intranet/Web, external SaaS apps)	Yes	Yes, using IBM AccessManager	Yes	Yes	Yes	Yes, on supported OEM/model	Yes

Document/content management ( + / -)

Vendor	Airwatch B2	BlackBerry	BoxTone	Citrix	Good Technology	IBM	Fiberlink (an IBM company)	MobileIron	SAP	Soti	Symantec
Product name(s)	AirWatch Enterprise Mobility Management	BlackBerry Enterprise Service 10	BoxTone	XenMobile	Good for Enterprise	IBM Endpoint Manager for Mobile Devices	MaaS360 by Fiberlink	MobileIron	SAP Afaria, SAP Mobile Documents, SAP Enterprise Store	MobiControl	Symantec Mobile Management Suite
Encrypted document container	Yes	Yes	Yes; partners with Good, Accellion, Box	Yes	Yes	Yes, through partners	Yes	Yes	Yes	No	Yes
Secure email	Yes	Yes	Yes; partners with Good, Accellion, Box	Yes (WorxMail)	Yes	Yes	Yes	Yes	Yes; requires NitroDesk for Android devices	Yes	Yes
File server access	Yes	Yes, for BlackBerry devices only+K85	Yes; partners with Good, Accellion, Box	Yes	Yes	No	Yes	Yes	Yes	Yes	Yes, using integrated tools available from partners
Secure SharePoint access	Yes	Yes, via partners	"Yes; partners with Good, Accellion, Box	Yes	Yes	Yes, using IBM AccessManager	Yes	Yes	Yes	Yes	Yes, using integrated tools available from partners
Integates with enteprise document management software	Offers AirWatch Secure Content Locker; integrates with SharePoint and other file shares	No	Yes; partners with Good, Accellion, Box	SharePoint, CIFS-based network shares; requires Citrix ShareFile	Accelion, Box, iAnnotate, Good Reader, Office Squared, Picsel SmartOffice, GroupLogic, NetDocuments	No	Box	Yes; SharePoint, CIFS-format document management systems	Yes, with any content management interoperability services-compliant system	"Yes, Mobicontrol is compatible with WebDav based repositories."	Yes; Accellion Mobile Productivity Suite, Alfresco Mobile, Asdeqlabs Asdeqdoc, Watchdox Document Management

Network management ( + / -)

Vendor	Airwatch B2	BlackBerry	BoxTone	Citrix	Good Technology	IBM	Fiberlink (an IBM company)	MobileIron	SAP	Soti	Symantec
Product name(s)	AirWatch Enterprise Mobility Management	BlackBerry Enterprise Service 10	BoxTone	XenMobile	Good for Enterprise	IBM Endpoint Manager for Mobile Devices	MaaS360 by Fiberlink	MobileIron	SAP Afaria, SAP Mobile Documents, SAP Enterprise Store	MobiControl	Symantec Mobile Management Suite
Data usage management (restrict where, when and whether downloads occur over Wi-Fi or celluluar)	Yes	For BlackBery devices only	Yes	Yes	No	No	Yes	Yes	No	Yes	No
Roaming cost control (such as auto disablement of data when roaming)	Yes	Yes	Yes	Yes	For iOS only	Yes	Yes	Yes	Yes	Yes	Yes
Device diagnostics	Yes	For BlackBery devices only	Yes	Yes	Yes; requires BoxTone for Good Mobile Service Management	Yes	Yes	Yes	Yes	Yes	No
Usage monitoring	Yes	No	Yes	Yes	No	Yes	Yes	Yes	Yes	Yes	Yes
Block device from accessing email if policies violated	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes	Yes

Service management ( + / -)

Vendor	Airwatch B2	BlackBerry	BoxTone	Citrix	Good Technology	IBM	Fiberlink (an IBM company)	MobileIron	SAP	Soti	Symantec
Product name(s)	AirWatch Enterprise Mobility Management	BlackBerry Enterprise Service 10	BoxTone	XenMobile	Good for Enterprise	IBM Endpoint Manager for Mobile Devices	MaaS360 by Fiberlink	MobileIron	SAP Afaria, SAP Mobile Documents, SAP Enterprise Store	MobiControl	Symantec Mobile Management Suite
Help desk support management	Yes	Yes	Yes	Yes	Yes	Yes, using SmartCloud Control Desk	Yes	Yes	Yes	Yes	No; available as part of Symantec Support Desk
Service monitoring	Yes	No	Yes	Yes	Yes	No	Yes	Yes	Yes	Yes	No
Remote control of device	Yes, for Windows Mobile and Samsung SAFE devices	No	Yes	Yes	No	No	Yes	Yes	Yes	Yes	No
User self-service portal	Yes	Yes	Yes	Yes	Yes	Yes, with MDM and Maas360	Yes	Yes	Yes	Yes	Yes

1 2 Page 1 Next

Page 1 of 2

7 inconvenient truths about the hybrid work trend