Product Review: Citrix XenMobile 10.3
“Employees want access to apps and data from any mobile device, including personal devices,” begins a 2015 white paper from Citrix. Workers want to be able to access much more than work email from personal devices these days, creating a substantial security challenge for IT departments. Enter Citrix XenMobile, a leading Enterprise Mobility Management (EMM) solution that includes both Mobile Device Management (MDM) and Mobile Application Management (MAM), among other features. XenMobile is perhaps the most comprehensive of EMM tools on the market today; in addition to MDM and MAM, the XenMobile suite includes enterprise apps, desktop virtualization and multi-factor single-sign-on (SSO).
“XenMobile is a comprehensive solution for managing and protecting mobile devices, apps and data, and giving users the freedom to experience work and life their way.”
Due to its abundance of features and pieces of software, XenMobile is not the least complex EMM solution ever designed. But there is a lot to like about XenMobile, and Citrix is not stretching the truth by saying their solution is one of the EMM market leaders. As its website notes, Citrix was placed in the top quadrant of the 2015 Gartner Magic Quadrant for EMM Suites, a report published in June of that year. (A graph of this Magic Quadrant is shown below.) Additionally, XenMobile was listed as a Visionary Innovation Leader by research firm Frost & Sullivan. While other companies also have competitive EMM solutions, it is worth examining Citrix’s offering in the EMM market space.
Related: Server and Application Monitor, monitors/alerts on the health and status of servers and their applications
XenMobile MDM is the device management platform used by Citrix IT to perform a number of important security-related tasks. These include device configuration, provisioning access, remote security, and device support. New devices and corresponding users are added either directly through an administrative console, or by importing from Microsoft Active Directory, which is integrated tightly with XenMobile. In the console, IT administrators use a configuration wizard to setup new devices. Both corporate-owned and user-owned devices can be added with multiple configuration options, including platform/OS-specific settings for devices that use Windows 10, Mac OS X, or others. For security certificates, the XenMobile MDM acts as a client that makes requests to a central certificate administrator, such as Microsoft Certificate Services. Citrix IT has the authority to employ a certificate directly if desired, as well as set and restrict default applications and device resources.
Related: Storage Resource Monitor helps administrators manage resources, capacity and troubleshoot storage environments
IT administrators are also in charge of other security settings and features. One of these is device access provisioning, by delivering user profiles that are created in the configuration stage. There are several user enrollment methods, including personal invite by email or SMS, or by self-enrollment through the Worx Home agent. This agent allows the user to enroll via a setup wizard-style of accepting their profile and security certificate information. It is also possible to grant the user access to a self-help portal, that allows them to locate a lost device and lock or wipe the device contents if necessary. A device can also be selectively wiped if it was user-purchased and not owned by the corporation. This selective deletion process only removes the corporate profile and apps associated with that profile, rather than setting the device back to factory default settings.
Related: Virtualization Manager, helps administrators manage resources, capacity and performance in the virtual environment
Another key feature of the Citrix XenMobile solution is its Worx Home app and related applications. Worx Home provides a single application that can be used for managing all MDM and MAM policies, as well as an app store for other members of the Worx product suite, including WorxMail, WorxForms, WorxChat, and more. In particular, the WorxMail application (for secure email) has been critically acclaimed, particularly since the XenMobile 10 release. Gartner mentioned WorxMail as a “strength” in their Magic Quadrant report, and the 10.3 release provided new enhancements to its calendar feature. Another notable application in this suite is WorxForms, a workflow automation tool introduced in the 10.3 release. The WorxForms Desktop Composer allow users with no programming experience to create digital forms, and those forms are made available through a WorxForms mobile app.
Related: Network Performance Monitor monitors/alerts on the health and status of network nodes and interfaces
For all of these applications, keeping the data secure is an important consideration. For XenMobile MAM, the use of MDX technologies allows corporate apps and data to be stored in a separate container from that of the user (even on a BYO device). In conjunction with the Worx App SDK, this allows IT to implement comprehensive security policies for mobile devices, as well as create a micro-VPN to access the organization’s internal network. (This is as opposed to a device-wide VPN, which is considered less secure.) The XenMobile 10.3 release features multiple improvements to MDX, such as increased support for Touch ID and the ability to remove user access to third-party MDX-enabled apps.
There are even more features to XenMobile and related products; an entire coverage would be too exhaustive for this product review. This article shows some of the ways in which Citrix attempts to cover all bases in their EMM solution. While the comparison chart above, courtesy of citrix.com, shows a list of their most important features, there are other competitors that also provide sound EMM solutions. The Gartner report (above the “key features” sections of this article) shows that the other products on this chart are not as far away from the Citrix XenMobile offering as one might think. Two of these worth mentioning are the AirWatch by VMWare and MobileIron offerings. Though AirWatch is mostly operated independently from VMWare, it has started to become more integrated with existing VMWare products and, as a result, has added many new features over the last two years. The good news for this is that it is a comprehensive EMM solution with a feature set on part with the XenMobile; the downside is that there are occasional product quality and stability issues that one might expect from this rapid product development. MobileIron, on the other hand, is “one of the few stand-alone EMM vendors” (according to Gartner) that is a challenge when competing against giants in the IT industry; yet, MobileIron customer growth has been solid. MobileIron is becoming known for its growing array of mobile applications and its impressive scalability with no architecture issues to speak of. One issue for the MobileIron offering is in monitoring and reporting, which is more difficult for them than for some of their competitors.
Related: Network Traffic Analyzer, provides the “who, what and when” of traffic flowing on the network
The race to provide the best EMM solution will continue for years, but Citrix has taken a solid step forward with its 10.3 release. Integration with Windows applications in particular is best-in-class and its user experience is generally top-notch. Upcoming trade shows to feature the XenMobile 10.3 include Citrix TechEdge and the massive Citrix Synergy conference, both of which are held in Las Vegas in late May.