Learning Hub

Microsoft and VMware then daylight, in Gartner's 2020 UEM Magic Quadrant

Written by Michelle Lewis | Sep 8, 2020 2:00:00 AM

Only eight vendors made the Gartner 2020 UEM Magic Quadrant, and two of them - Microsoft Intune and VMware Workspace ONE - have stolen a significant advance on the rest of the field.

In 2019 there were 11 vendors included in the UEM Magic Quadrant, including six in the Leaders quadrant. A year later that number has dropped to eight with only three appearing in the Leaders quadrant and Microsoft and VMware well ahead of third-placed IBM.

Microsoft and VMware steal a march on competition

The gap between Microsoft and VMware has grown significantly over the past 12 months. Last year the pair were neck and neck at the head of a chasing pack but in 2020 Microsoft is the clear leader for Ability to Execute, though remains marginally behind VMware on the other axis, Completeness of Vision.

 

Microsoft on top of the world

With the establishment of Microsoft Endpoint Manager (MEM), Microsoft has the most used UEM tool on the global market, with significantly more devices under management than its competition. Microsoft Endpoint Manager (MEM) combines Intune and Configuration Manager and is available with an Enterprise Mobility + Security (EMS) license. Microsoft’s operations and clients tend to be geographically diversified. 

Strengths 

Gartner highlights three strengths of the Microsoft offering:

  • Marketing and product strategy: Microsoft continues to invest in improving end-user and IT admin experience, integration with endpoint security and identity systems, and expanded use of analytics, AI and machine learning (ML). Although Microsoft have more work to do with defining its MEM, Configuration Manager and Intune relationship, there has been a rising awareness of how MEM combines Microsoft's offerings into a single console at no additional cost. Gartner cites online references in 4Q19 increasing by 278% as the construct gains traction.
  • Microsoft native integration: Deep integration across Microsoft products offers security capabilities that are difficult to replicate piecemeal. MEM’s integration with Azure Active Directory, Defender Advanced Threat Protection (ATP) and Microsoft 365 app protection offers improved security and user experience through ZTCA.
  • Co-management: Improved Intune and Configuration Manager integration, along with the pandemic, have accelerated adoption of co-management and modern management. Pre-pandemic, clients were too focused on replacing Windows 7 with Windows 10 to adjust their endpoint management strategies.

Cautions

Although Microsoft is getting ever closer to the top right corner there is still room for improvement with Gartner citing caution in three areas:

  • Limited third-party integrations: Clients frequently struggle with limited integration with third-party identity, service and asset management, and endpoint security products. Additionally, organisations seeking advanced macOS management and remote control are required to use third-party integrated solutions.
  • Lacking for IoT, wearables, rugged frontline devices: MEM currently lacks robust management capabilities for IoT, wearables, rugged frontline devices and UNIX/Linux operating systems as well as required controls for highly regulated use cases where containerisation and integrated VPNs are more common. 
  • Difficult to use: Clients’ most common concern is that using MEM is not easy. Reasons include the overhead required to architect, build and maintain Configuration Manager and integration between on-premises Active Directory (AD) and Azure AD. Clients also frequently voice frustration with staying abreast of product updates and finding documentation and best practices across the various websites, communities and blogs.


 

VMware retain the 'completeness of vision' crown

VMware's Workspace ONE product is focused on providing improved employee experience through UEM, virtualisation, analytics, apps and workflows says Gartner. VMware continues to invest in helping customers drive workplace modernization, implement zero trust and improve employee experience, anchored by Workspace ONE Intelligence and Carbon Black endpoint security integration. Its operations and clients tend to be geographically diversified.

Strengths 

  • End-to-end solution: VMware enables remote work and a seamless, device-agnostic user experience through its deep integration of UEM with single sign-on (Workspace ONE Access), remote access (Workspace ONE Tunnel), endpoint security (Carbon Black), and desktop and application virtualisation (Horizon); and support for many third-party solutions. Social media analytics highlight satisfaction with the remote onboarding feature, which has taken on increased importance during the COVID-19 pandemic.
  • Ease of use: VMware offers seamless integration of traditional and modern PC and mobile management techniques through the same console, in addition to in-console templates and wizards to empower IT admins to maximise value. VMware also curates a vast online knowledge repository that includes product information, videos, labs, blogs, implementation guides, learning activity paths and reference architecture in its Tech Zone portal.
  • Flexibility: VMware’s flexible architecture enables customers to operate exclusively on-premises, exclusively in SaaS, or a hybrid of the two where customers decide on a component level what model is a best fit. Standard and customisable connectors can enable complex integrations. VMware also offers several integrations with third-party identity, endpoint security, IT operations and IT service management tools.
Cautions
  • Value proposition: To maximize the unique value of VMware’s Workspace ONE platform (e.g., employee experience, risk-based conditional access [zero trust], automation, intelligence and analytics, etc.), clients will need to purchase the Enterprise license tier.
  • Microsoft 365 limitations: VMware customers committed to Microsoft 365 must rationalise the incremental cost of paying for Workspace ONE and Microsoft Endpoint Manager, or should look for advanced Workspace ONE capabilities to complement Endpoint Manager. The Workspace ONE integration to MEM offering is currently in limited beta.

 

Other Winners and Losers

One vendor was added to the 2020 UEM Magic Quadrant:

  • Sophos

Traditionally a mid-market leader, Sophos has streamlined its products, added broader security controls through acquisition and refreshed its marketing. This is evidenced by an increase in its average installed base and deal size bringing it back into the Magic Quadrant after it missed out in 2019. Its Sophos Central product is broadly focused on a combination of UEM with Unified Endpoint Security (UES). Its clients tend to be small to midsize enterprise organisations based in Europe and North America. Sophos is rarely seen on shortlists from Gartner clients for device management. This is often related to lack of brand awareness outside of the traditional endpoint protection platform security space where the company is well known..

Four vendors present in 2019 were dropped from the 2020 Magic Quadrant.

  • 42Gears
  • ManageEngine
  • Matrix42
  • Snow Software

Each of these four vendors were removed because they failed to meet the size criteria of having 10 million devices under management. 

Jamf was also recognised for its robust management capabilities for Apple endpoints and integration with Microsoft Endpoint Manager, however failed to meet Gartner’s inclusion criteria for UEM because of its exclusive focus on the Apple ecosystem.

Gartner UEM Magic Quadrant eligibility criteria

Gartner currently tracks more than 30 vendors in the endpoint management space. The exclusion of a vendor, says Gartner, does not mean that the vendor and its products lack viability. It simply means it failed to meet the criteria and given that one criteria is having 10 million devices under management, that effectively knocked out some smaller regional or niche players. 

To qualify for inclusion in the Gartner Magic Quadrant vendors must meet the following criteria:
 
1. A currently shipping, single license product that demonstrates:
  • Mobile device management:
    • Apple (iOS and iPad OS)
    • Android (including Android Enterprise)
  • Modern management of Apple macOS and Windows 10, which includes:
    • Device enrollment and provisioning (Windows Autopilot and Apple Device Enrollment Program [DEP])
    • Device management
    • Application management and deployment in native format
    • Continuous OS updates (enforce/defer OS updates)
  • Direct inclusion of CMT capabilities or integration with third-party CMTs
  • Ability to directly support migration from traditional client management to modern management
  • Direct integration with the Microsoft Intune Graph API for app and data protection

2. Provide evidence of managing at least 10 million devices

3. The product must be available as a SaaS-based deployment 

 

What is UEM according to Gartner?

 Gartner defines the UEM tools market as a set of offerings comprising mobile device management (MDM) and management of personal computers, via traditional client management tools (CMTs) or modern management, through a single console that also combines the application of data protection, device configuration and usage policies.
 
Modern UEM tools must:
  • provide a user-centric view of devices across device platforms
  • enable modern PC management through native Windows 10, macOS and Chrome OS controls
  • enable MDM through native iOS and Android controls
  • aggregate analytics and telemetry from users, apps and devices to help inform policy and related actions
  • provide insights into user experience through aggregation of telemetry signals, events, logs and synthetic transactions
  • integrate with unified endpoint security (UES) tools to support security policy management, execute administrative actions and improve integration with identity and access management (IAM) tools.
Additionally, UEM offers direct management of non-traditional devices including Internet of Things (IoT) devices and wearables; however, Gartner does not deem these extensions to be core to the market.
 
 

 

MobileCorp UEM managed service

MobileCorp provides management of all leading UEM platforms including VMWare and Microsoft, as well as Jamf EMM for Apple-centric fleets.

From building a UEM instance, through testing and deployment, to ongoing management and service desk, MobileCorp has accredited highly skilled UEM engineers to deliver your UEM environment.

Our managed service includes:

  • audit and remediation of existing instances
  • design and build of new instances, configuration of profiles
  • deployment of environment, enrolling and deploying bulk devices
  • security management including device wipe, kiosk mode, profile sync
  • remote application management
  • proactive monitoring and technical support service desk
  • data and asset management and reporting

Read more

About MobileCorp

MobileCorp is a Sydney-based communications technology company. We support companies by providing managed mobility and ICT services including mobile device security, mobile device management, expense management and managed connectivity solutions.