Endpoint Management

Citrix Endpoint Management (formerly XenMobile Service) is a solution for managing endpoints, offering mobile device management (MDM) and mobile application management (MAM) capabilities. With Endpoint Management, you manage device and app policies and deliver apps to users. Your business information stays protected with strict security for identity, devices, apps, data, and networks.

Note about the Citrix unified product portfolio:

If you’ve been a Citrix customer or partner for a while, you’ll notice new names in our products and in this product documentation. The new product and component names stem from the expanding Citrix portfolio and cloud strategy. For more detail about the Citrix unified portfolio, see the Citrix product guide.

Articles in this product documentation also use the following names.

  • Mobile productivity apps: XenMobile Apps is now mobile productivity apps. Citrix-developed mobile productivity apps are a group of enterprise mobile apps offering IT a secure choice for their users’ email, web browsing, and remote access. Mobile productivity apps include Citrix Secure Hub, Citrix Secure Mail, and Citrix Secure Web. The Endpoint Management Store is now the app store.

  • Citrix Workspace app: The Citrix Workspace app incorporates existing Citrix Receiver technology and the other Citrix Workspace client technologies. It has been enhanced to provide end users with a unified, contextual experience. Users can interact with all the work apps, files, and devices they need to do their best work. For more information, see this blog post.

    For Endpoint Management customers with the workspace experience enabled, users who open Secure Hub and click Add Apps are directed to the workspace. For more information, see Secure Hub.

Implementing this transition in our products and their documentation is an ongoing process.

  • In-product content and documentation might still contain former names. For example, you might see instances of earlier names in console text, messages, directory/file names, screenshots, and diagrams.
  • It is possible that some items (such as commands and MSIs) might continue to retain their former names to prevent breaking existing customer scripts.
  • Related product documentation and other resources (such as videos and blog posts) that are linked from this product’s documentation might still contain former names.

Your patience during this transition is appreciated.

Citrix hosts the Cloud environment in data centers located throughout the world to deliver high performance, rapid response, and support. With Endpoint Management, you pay a subscription fee instead of purchasing and managing licenses.

Citrix Cloud Operations handles various infrastructure and monitoring tasks. As a result, you can focus on the user experience and on managing devices, apps, and policies.

Citrix responsibilities:

  • Endpoint Management server nodes
  • NetScaler Gateway initial integration and configuration
  • NetScaler Load Balancer
  • Database
  • Cloud Connector software configuration
  • SAML authentication integration with Citrix Files
  • Endpoint Management site monitoring: Instance, database, enterprise connectivity (LDAP), VPN tunnel (if applicable), public SSL certificate, Endpoint Management licensing

Customer responsibilities:

  • NetScaler Gateway management and updates
  • Machines where Cloud Connectors are installed
  • LDAP/Active Directory
  • DNS
  • Citrix Files: Initial Citrix Files configuration, on-premises StorageZone Controller installation, Citrix Files updates
  • Endpoint Management configuration: Devices, policies, apps, delivery groups, actions, and client certificates

You connect to Endpoint Management through Cloud Connector. Cloud Connector serves as a channel for communication between Citrix Cloud and your resource locations. Cloud Connector enables cloud management without requiring any complex networking or infrastructure configuration such as VPNs or IPsec tunnels.

Resource locations contain the resources required to deliver services to your subscribers. For Endpoint Management, resource locations are your NetScaler Gateway, LDAP, DNS, and PKI servers.

Diagram of resource locations

For more information about Cloud Connector and resource locations, see About Endpoint Management.

Integration with Microsoft Intune/EMS

Endpoint Management integrates with Microsoft Enterprise Mobility + Security (EMS)/Intune. That integration adds the value of Endpoint Management micro VPN to Microsoft Intune aware apps, such as Microsoft Managed Browser. With the integration, you can:

  • Wrap your own line of business apps with Intune and Citrix to provide micro VPN capabilities inside an Intune mobile app management (MAM) container.
  • Manage and deliver Office 365 apps, line of business apps, and Citrix Secure Mail in one container. This management method provides ultimate security and productivity.

Use Endpoint Management MDM or Intune MDM to manage devices. For more information, see Endpoint Management integration with Microsoft Intune/EMS.

Get started with Endpoint Management

Tip

If you’re using XenMobile Server on premises, our XenMobile Migration Service can get you started with Endpoint Management. For more information, contact your local Citrix salesperson, Systems Engineer, or Citrix Partner. These blogs discuss the XenMobile Migration Service:

New XenMobile Migration Service

Making the Case for XenMobile in the Cloud

When you are evaluating or purchasing Endpoint Management, the Endpoint Management Operations team provides ongoing onboarding help. The Operations team also communicates with you to ensure that the core Endpoint Management services are running and configured correctly. This figure shows the onboarding steps.

Diagram of onboarding workflow

To sign up for a Citrix account and request a Endpoint Management trial, contact your Citrix Sales Representative. When you’re ready to proceed, go to https://onboarding.cloud.com.

For a quick overview of Endpoint Management onboarding and configuration, watch this video.

Video icon

Want to learn more before starting? Try these resources:

Endpoint Management documentation: Provides full Endpoint Management documentation, from getting started to administration concepts and procedures. A “What’s new” article describes new features and fixes. Citrix notifies you when that article is available for a new release.

Citrix Endpoint Management Onboarding Handbook: Consolidates all the available information around Endpoint Management, so you can proceed in smoothly enabling and onboarding Endpoint Management. You can use the document to record changes for your internal processes and to document your high-level and functional designs.

Endpoint Management Deployment Handbook: Planning a Endpoint Management deployment involves many considerations. The handbook includes recommendations, common questions, and use cases for your Endpoint Management environment.

Video: Citrix Cloud Connector: Provides an overview of the service and how to install it.

Video: How to set up Netscaler Gateway for a XenMobile Service Migrated Site: Demonstrates how to export your settings and configure for Endpoint Management.

SalesIQ: More resources for our Citrix Partners.

Mobile platform support

After you make a request for an Endpoint Management instance, you can begin preparing to support Android, iOS, Windows, Chrome, and other platforms. As you complete the steps that apply to your environment, record the information for reference. You need the information when you configure Endpoint Management console settings.

These requirements are part of the overall communication and port requirements that make up the Endpoint Management onboarding process. For details, see Onboarding and resource setup.

Android

Chrome

  • Configure G Suite for Chrome OS device enrollment from your G Suite account. For details, see Chrome OS devices.

iOS

  • Create an Apple ID and developer account. For details, see the Apple Developer Program website.
  • Create an Apple Push Notification Service (APNs) certificate. If both of the following conditions are true, an Apple APNs certificate is required:

    • You plan to manage iOS devices with your Endpoint Management deployment.
    • You plan to use push notification for your Secure Mail deployment.

For details about obtaining Apple APNs certificates, see the Apple Push Certificates Portal. For more information about Endpoint Management and APNs, see APNs certificates and Push Notifications for Secure Mail for iOS.

Windows

  • Ensure that you have a public SSL certificate available if you plan to use Endpoint Management autodiscovery for your Windows Phone enrollment. For details, see Endpoint Management Autodiscovery Service.

Workspace hub

Citrix Ready workspace hub, as an IoT edge device, adds to Citrix IoT solutions. For more information about Citrix Ready workspace hub, see this Citrix blog post.

You can manage Citrix Ready workspace hub devices from your Endpoint Management console. For information, see Workspace hub device management.

For more details about the unified endpoint management (UEM) and data protection benefits of Endpoint Management, see this use case on the Citrix website.

Endpoint Management MDX Toolkit and MDX Service

The MDX Service and MDX Toolkit are app wrapping technologies that prepare enterprise apps for secure deployment with Endpoint Management. For information about Endpoint Management MDX Service, our cloud tool, see Endpoint Management MDX Service. For information about Endpoint Management MDX Toolkit, the traditional MDX wrapping process, see MDX Toolkit.

The Endpoint Management console

The Endpoint Management solution uses the same web console as an on-premises Endpoint Management deployment. In this way, day-to-day administration of your Cloud solution, occurs in a similar way as an on-premises XenMobile deployment.

Some configuration changes to Endpoint Management require a restart of the server nodes. Typically, the Endpoint Management console lets you know when a restart is needed. To request a restart of the server nodes, contact technical support at https://www.citrix.com/contact/technical-support.html.

Endpoint Management device enrollment

For information about Endpoint Management enrollment options for the different device platforms, see User accounts, roles, and enrollments.

Endpoint Management support

For details on how to access supported related information and tools in the Endpoint Management console, see Monitor and support.

Rolling updates to the Endpoint Management release occur approximately every two weeks. To you, the customer, this process is transparent. Initial updates are applied to Citrix internal sites only, and are then applied to customer environments gradually. Delivering updates incrementally in waves helps to ensure product quality and to maximize availability.

If you are an Endpoint Management customer, you also receive Endpoint Management updates and communications directly from the Endpoint Management Cloud Operations Team. Those updates keep you current with new features, known issues, fixed issues, and so on.

The Citrix Cloud Operations team maintains the Endpoint Management environments with the latest Endpoint Management rolling patches. To obtain specific patches or fixes that are required before the rolling patch, contact Citrix Technical Support.

If you have any issues with your environment, contact Citrix Technical Support or your Citrix Account Team. Such issues might include mobile device enrollment, Endpoint Management console access, or Secure Mail issues.

If you need any integration or changes made on the NetScaler in the Cloud or Endpoint Management, submit a request through Citrix Technical Support.

Examples of changes that you might request are:

  • Citrix Files integration with NetScaler in the Cloud
  • Change NetScaler Gateway authentication type
  • Validate connectivity to customer data center resources
  • Change split tunnel configuration for micro VPN
  • Restart Endpoint Management components due to some server configuration changes

Service Level Agreement

The XenMobile Service (the Service) design uses industry best practices to achieve cloud scale and a high degree of service availability.

For complete details about Citrix’s commitment for availability of Citrix Cloud services, see the Service Level Agreement.