The digital workspace of today starts with a mobile interface.

As traffic shifts from desktops to mobile, security needs and security measures, as a result, need to evolve. This opens up new opportunities, as well as new risks. We could easily blame the demographic shift in the consumption model on millennials, except that would be a false premise. And I can prove it.

For starters, I’m a millennial and I disagree (that should settle it right?) But also, and more importantly, consumer technology adoption is making a huge impact on setting consumer expectations of productivity and experience much higher than ever before. I would argue this is a phenomenon that is laying the foundation of a modern workplace.

At VMworld, you’ll likely hear a lot of exciting announcements around the “Future of Work.” Let me save you some time by saying, in no uncertain terms, that the future of work is already here. Citrix Workspace — which includes Citrix Endpoint Management (CEM), formerly XenMobile — is leading the charge with a vision that includes secure access to apps, device management and content collaboration. This is a broad and deep set of offerings.

Citrix Endpoint Management is a market-leading unified endpoint management solution (UEM) that offers a consolidated platform to manage a fleet of iOS, Android, Mac, Windows 10 and 8 Phones, Symbian, Chrome, and IoT devices. Chances are, if you have a smart device, we can manage it. Yes, even those Alexa-enabled Amazon Echos. No kidding. Check out CEM’s platform and device support here.

Anyone who has deployed a UEM solution will tell you that simply supporting a plethora of devices and platforms doesn’t make a UEM solution great. So, let me share with you what makes Citrix Endpoint Management great and hence, the one you should choose over the competition:

Powerful productivity apps with integrated workflows. Period.

Secure Mail and Citrix Content Collaboration (formerly ShareFile) are among the best-rated enterprise productivity apps on Apple and Google app stores. Citrix is making major investments in time, talent, and resources to ensure that these apps provide an unmatched experience, powered by years of research and AI-based capabilities. Read this blog post about Secure Mail for more on that topic, as well as this one on Secure Mail features.

If they don’t talk to each other, individual apps can only go so far in enhancing productivity. That’s why Citrix products (and by virtue of which, all Citrix apps) and services are designed to work together to enhance the value to our customers and productivity of our end users.

  • CEM and Citrix Content Collaboration have integrated workflows at the server level, as well as the app level enabling Zero Touch SSO, device compliance information sharing, Secure Mail one touch ShareFile attach, and ShareFile inbuilt one touch email with Secure Mail. The list goes on and on. You get the idea. Check out this video for cool capabilities.

  • CEM enables SSO onto Citrix Virtual Apps and Desktops (formerly XenApp and XenDesktop) for compliant devices. Read here for more.

Seamless Integration with Office 365

Enterprises are opening up to Office 365 and the consumption is rapidly changing to mobile. Citrix is always closely aligned with Microsoft to make sure end users get a delightful experience. This time, we partnered with the Microsoft EMS team to make sure that our apps work natively with Office 365 apps regardless of whether or not Data Loss Prevention (DLP) policies are enforced. Unlike other providers, we don’t need a bridge app to intermediate the data transfer between productivity apps (eg. a mail app) in a convoluted manner. For more details, read this blog post.

Better scalability with lower TCO

CEM offers on-premises as well as cloud deployment models. Whether on-prem or cloud, we work hard to ensure that Citrix’s footprint and, hence, TCO (total cost of ownership) in your data center is minimal (i.e. the least number of servers or firewall configuration changes). Unlike competitors that may have Windows-based servers, CEM on-premises runs on Linux-based VM installs. This has the following benefits:

  • Fewer number of servers required
  • Lower cost of SSL certs, no cost for Windows licenses
  • No cost of server hardening or anti-virus
  • Better scalability than Windows-based servers
  • No need for third-party CA or VPN provider
  • Per our estimates, the on-prem TCO of our competitor’s offering is more than three times that of CEM, due to the sheer number of windows-based servers required and the fact that the competitor solution doesn’t have the benefits listed above.

Stronger Security with Micro VPN

If there could be one take away from this post, let it be understanding the mechanism of micro VPN and how it’s different from device VPN or per-app VPN. Micro VPN establishes app tunnels that are different micro-tunnels for MDX- (CEM proprietary MAM) based apps or MDX-wrapped apps.

Instead of opening up the whole device to the VPN and then enforcing per app restrictions, using policies on Unified Access Gateway (as our competitor’s solution does), the micro VPN is a tunnel on an app level.

Here is what our competitor’s per-app VPN looks like:

Naturally, there are following concerns:

  • AirWatch Tunnel is still a full-device VPN with a per-app VPN profile to allow only few apps access to internal resources
  • Security depends on how well the Unified Access Gateway filters out apps
  • Requires full MDM: No MAM only per App VPN
  • Requires a separate Linux Installer in the DMZ and Internal network. (2 + 2 for scaling up to 25,000)
  • Could potentially cause battery drain

Here is how Citrix Micro VPN works

  • The Citrix MicroVPN is an app-level VPN enabled only for selected apps within the Citrix MDX container
  • Malicious apps sitting, undetected, on the device will not have access to this MicroVPN
  • No need for full-device VPN
  • No battery drain
  • No need for device enrollment (MDM).

Finally, customers don’t typically use UEM in isolation. Organizations tend to have a solution for virtual apps and desktops, as well as one for managing enterprise data. This calls for a holistic approach wherein IT admins can minimize the time and effort required to provision apps, desktops and files to their end users from a single administration console. Similarly, end users love the idea of getting access to everything (I mean everything) in one app: the Citrix Workspace app. They could not care less about whether the apps are mobile, SaaS, web, virtual or if the data resides in the customer data center, in a network drive, or in the cloud.

There is an ongoing paradigm shift wherein end-user productivity and security are guiding the way for technology evolution. Citrix is proud to lead this revolution with the announcement of Citrix Workspace.

I strongly encourage you to check it out here.