Mobile Device Manager Plus is available both as an on-premises edition as well as an on-demand/cloud edition. Based on several factors, either of these deployment types can prove right for your organization. However, the basic difference is essentially where the hardware and software components reside. The complete differences between MDM on-premises and cloud are listed below.
NOTE: ManageEngine Mobile Device Manager Plus cloud is powered by Zoho. Names like "Zoho" and "ManageEngine" are used interchangeably, however both Zoho and ManageEngine are divisions of Zoho Corporation.
In an on-premises setup, the MDM server is available within your organization just like any other server in your network. It is your own responsibility to setup the required infrastructure and ensure that the MDM server is secured, maintained, up and running with minimal down-time. Optionally, you can configure a Secure Gateway to prevent your MDM server from being directly exposed to the Internet. MDM also lets you configure a Failover Server, which is a paid add-on to eliminate server down-time.
Whereas, in the case of MDM cloud, the server is remotely hosted on Zoho cloud services and is accessed over the Internet using appropriate login credentials. ManageEngine holds responsibility for the server, its uptime, and costs incurred in setting up and maintaining the required infrastructure.
In order to setup MDM on-premises and start managing devices, a set of ports and domains must be allowed in your organization's firewall. Subsequently, manual configuration of these initial settings are required, out of which NAT, proxy, and Mail server settings are mandatory. Whereas, MDM cloud is completely hosted on Zoho cloud services; gives you complete access from anywhere, at anytime. You can start managing devices right after signing up using your Zoho account without any initial configuration steps, since MDM cloud leverages Zoho's mail servers.
With regards to server upgrades, MDM on-premises ensures service packs and hotfixes with brand new features are available time to time. Users must upgrade their MDM servers manually when an upgrade is available. With MDM cloud, servers are automatically upgraded and subsequently, the latest features will be available to use.
NOTE: Upgrading the MDM server will neither affect the devices under management nor make any changes to the configured policies, apps, and other settings.
Additionally, MDM uses Zoho Assist to facilitate Remote Control. With MDM on-premises, you need to sign up and create an account with Zoho Assist to remotely troubleshoot devices. Whereas, this is not the case with MDM cloud. Since MDM cloud already uses a Zoho account, you need not create any additional accounts as such. Similarly, MDM facilitates integration of on-premises as well as Azure Active Directory for either of the deployments. With MDM on-premises, you can simply integrate by providing your AD domain, but MDM cloud requires you to install an application to sync Entra ID(formerly Azure AD) or on-premises AD.
With MDM on-premises, sensitive data such as employee details, mail server information, inventory details, location details, enterprise application details, etc., are within your control. In institutions or organizations where compliance is an issue; whose regulations don't allow sensitive data to be on cloud, MDM on-premises would prove right by offering greater control and security. With MDM cloud, the aforementioned organizational data is securely present within Zoho's servers. Sensitive data present within the cloud servers are encrypted to provide top-grade security standards. Click here to learn more about our security practices, policies, and infrastructure.
MDM on-premises and MDM cloud integrate with a variety of specialized software applications ranging from App development to Help desk solutions. MDM by itself, is a comprehensive mobile device management solution; integrating other software applications amplifies the benefits of deploying MDM in your organization. Click here to learn more about Mobile Device Manager Plus' integrations, for either of the deployments.
In a nutshell, with MDM cloud you need not worry about setting up the server; It can be accessed over the Internet unlike the one-time setup process which MDM on-premises requires. But, it doesn't necessarily mean MDM cloud is better than MDM on-premises when your organization has the required hardware and software setup in prior. Both MDM on-premises and MDM cloud has its set of features; choosing between the two is completely based on your business requirements.
Additionally, Mobile Device Manager Plus MSP is available as a standalone product, exclusively for Managed Service Providers. Similarly, MDM MSP is available as an on-premises edition and an on-demand/cloud edition.
Supported Platforms for both Mobile Device Manager Plus On-Premises and Mobile Device Manager Plus Cloud
Note: Both Mobile Device Manager Plus On-premises and Mobile Device Manager Plus Cloud have their own unique set of features; choosing between the two is completely based on your business requirements.
Features | Mobile Device Manager Plus On-Premises | Mobile Device Manager Plus Cloud | |||||
---|---|---|---|---|---|---|---|
General Specifications | |||||||
Support for Samsung Knox devices | |||||||
Support for Shared iPads | |||||||
Guest Mode for Shared iPads | |||||||
Support for modern management for Windows PCs | |||||||
Support for Windows Surface Pro | |||||||
Managed Guest Session for ChromeOS | |||||||
Real time dashboard for audit reports | |||||||
Remote troubleshooting | |||||||
Custom branding | |||||||
Device Enrollment | |||||||
Self Enrollment | |||||||
Enrollment through Active Directory | |||||||
SMS Enrollment | |||||||
Enrollment via E-mail invites | |||||||
OS independent enrollment invites | |||||||
Bulk Enrollment | |||||||
Apple DEP (Apple Business Manager/Apple School Manager) | |||||||
Apple Configurator | |||||||
NFC Enrollment | |||||||
EMM Token Enrollment (QR code Enrollment) | |||||||
Samsung Knox Enrollment | |||||||
Android Zero Touch Enrollment | |||||||
Windows ICD Enrollment | |||||||
Windows Entra ID(formerly Azure AD) Enrollment and Autopilot | |||||||
Chromebook Enrollment | |||||||
Multi factor device authentication | |||||||
Profile/Policy Management | |||||||
Device restrictions (Camera, Safari, etc.) | |||||||
Restrict app installations | |||||||
Device restrictions (Camera, Safari, etc.) | |||||||
Managing iCloud, document sync, backup, etc. | |||||||
Enforcing password for iTunes | |||||||
Restricting iCloud Private Relay | |||||||
Privacy Preferences Policy Control (PPPC) for Mac devices | |||||||
Kernel and system extensions for Mac devices | |||||||
Advanced Wi-Fi configuration | |||||||
Department based device grouping | |||||||
VPN configuration | |||||||
Per-app VPN | |||||||
Custom configuration | |||||||
OEM-specific configurations | |||||||
Security Management | |||||||
Passcode protection | |||||||
Enforce encrypted backup | |||||||
FileVault Encryption | |||||||
Firmware password/ Recovery Lock | |||||||
Lost mode support | |||||||
Remote Lock | |||||||
Corporate data wipe | |||||||
Complete device wipe | |||||||
OS update management | |||||||
OS update management for rugged devices | |||||||
Geo Location Tracking | |||||||
Location History | |||||||
Detect Jailbroken and Rooted devices | |||||||
Remove Jailbroken and Rooted devices | |||||||
Geo-fencing | |||||||
Samsung Knox container support | |||||||
Containerization for Non-Samsung devices | |||||||
Web content filtering | |||||||
Global proxy setting | |||||||
Single Sign-on | |||||||
Enterprise Factory Reset Protection (EFRP) | |||||||
SafetyNet Attestation | |||||||
Asset Management | |||||||
Track information on device details, certificates | |||||||
Unmanaged devices notification | |||||||
Application information | |||||||
Out-of-box asset reports | |||||||
Announcements | |||||||
Unified, single map view of all devices | |||||||
Battery level tracking | |||||||
Bulk remote restart and shutdown | |||||||
App Management | |||||||
Silent installation of Enterprise/ In-house apps | |||||||
Silent installation of Store apps (including paid apps) | |||||||
Publish apps on App Catalog | |||||||
Managed App Configurations | |||||||
Manage app updates | |||||||
Automate Store app updates | |||||||
Multi-version support for enterprise apps | |||||||
Status of the deployed apps | |||||||
Allow/prevent app data backup | |||||||
Apple VPP (ABM/ASM) | |||||||
App removal | |||||||
Kiosk support/ App Lock | |||||||
Device Lockdown (Multi App Kiosk) | |||||||
Autonomous Single App Kiosk Mode | |||||||
Home Screen Layout customization | |||||||
Blocklisting apps | |||||||
Google Play for Work | |||||||
Windows Business Store | |||||||
Chrome Web Store | |||||||
Office 365 MAM Policies | |||||||
Conditional Access to Office 365 apps | * | ||||||
Email Management | |||||||
Configure enterprise e-mail accounts | |||||||
Secured viewing of e-mail attachments | |||||||
Microsoft Exchange ActiveSync, Office 365 configuration | |||||||
Conditional access to Exchange | |||||||
Content Management | |||||||
Remote sharing of documents | |||||||
Document Viewer | |||||||
Copy/Paste restrictions from Workspace to personal apps | |||||||
Data leakage prevention (DLP) policies for distributed content | |||||||
Restrict sharing of corporate data with unmanaged devices | |||||||
Certificate Management | |||||||
Trust and client certificates | |||||||
SCEP certificate authority | |||||||
DigiCert certificate authority | |||||||
Auto renewal of client certificate | |||||||
Integrations | |||||||
Integration with Active Directory | |||||||
Integration with Entra ID(formerly Azure AD) |
|||||||
Integration with G Suite | |||||||
Integration with Okta | |||||||
Public APIs for integration | |||||||
Integration with desktop management software | |||||||
Patch management | |||||||
Software deployment | |||||||
Asset management | |||||||
Remote control | |||||||
Integration with helpdesk software | |||||||
Integration with app development software | |||||||
Integration with analytics software | |||||||
Implementation | |||||||
Separate app to be installed on device | |||||||
System Requirements | |||||||
Windows | |||||||
Linux | |||||||
Browsers Supported | |||||||
Internet Explorer | |||||||
Firefox | |||||||
Chrome | |||||||
License Type | |||||||
Annual/Recurring | |||||||
Perpetual | |||||||
Pricing | |||||||
Free/Standard Edition | |||||||
Professional Edition |
Note: On Mobile Device Manager Plus Cloud, Self Enrollment is only supported after integrating with Active Directory and Entra ID(formerly Azure AD). Self Enrollment using Okta or G Suite is currently not supported. For any additional requirements and assistance, kindly contact support.
Website: https://www.manageengine.com/mobile-device-management/
Sales team email: sales@manageengine.com
Support team email: mdm-support@manageengine.com
mdmcloud-support@manageengine.com