Citrix Endpoint Management

Endpoint Management

Citrix Endpoint Management is a solution for managing endpoints, offering mobile device management (MDM) and mobile application management (MAM) capabilities. With Endpoint Management, you manage device and app policies and deliver apps to users. Your business information stays protected with strict security for identity, devices, apps, data, and networks.

Citrix and customer responsibilities

Citrix Cloud Operations handles various infrastructure and monitoring tasks. As a result, you can focus on the user experience and on managing devices, apps, and policies.

Citrix responsibilities:

  • Endpoint Management server nodes
  • Citrix Gateway (service or on-premises) initial integration and configuration
  • Citrix Gateway Load Balancer
  • Database
  • Cloud Connector software configuration
  • SAML authentication integration with Citrix Content Collaboration
  • Endpoint Management site monitoring: Instance, database, enterprise connectivity (LDAP), VPN tunnel (if applicable), public SSL certificate, Endpoint Management licensing

Customer responsibilities:

  • Citrix Gateway (on-premises) management and updates
  • Machines where Cloud Connectors and Gateway Connector (for Citrix Gateway service) are installed
  • LDAP/Active Directory
  • DNS
  • Citrix Content Collaboration: Initial Citrix Content Collaboration configuration, on-premises storage zones controller installation, Citrix Files updates
  • Endpoint Management configuration: Devices, policies, apps, delivery groups, actions, and client certificates

Integration with Microsoft Endpoint Manager

Endpoint Management integrates with Microsoft Endpoint Manager (MEM). That integration adds the value of Endpoint Management micro VPN to Microsoft Intune aware apps, such as Microsoft Edge browser. With the integration, you can:

  • Secure Office 365 applications with conditional access with Azure AD. For more information, see Integrate with Azure AD Conditional Access.
  • Wrap your own line of business apps with Intune and Citrix to provide micro VPN capabilities inside an Intune mobile app management (MAM) container.
  • Manage and deliver Office 365 apps, line of business apps, and Citrix Secure Mail in one container. This management method provides ultimate security and productivity. For example, you can:

    • Block individual devices or operating systems
    • Customize ActiveSync policies based on devices, users, or user groups
    • Quarantine at the device level
    • Monitor individual connections or devices
    • Avoid the security risks of credential and data caching

Use Endpoint Management MDM+MAM or Intune MDM to manage devices. For more information, see Citrix Endpoint Management integration with Microsoft Endpoint Manager.

Cloud Connector and resource locations

You connect to Endpoint Management through Cloud Connector. Cloud Connector serves as a channel for communication between Citrix Cloud and your resource locations. Cloud Connector enables cloud management without requiring any complex networking or infrastructure configuration such as VPNs or IPsec tunnels.

Resource locations have the resources required to deliver services to your subscribers. For Endpoint Management, resource locations are your Citrix Gateway, LDAP, DNS, and PKI servers.

Resource locations

For more information about Cloud Connector and resource locations, see About Endpoint Management.

Get started with Endpoint Management


XenMobile Migration Service

If you’re using XenMobile Server on-premises, our XenMobile Migration Service can get you started with Endpoint Management. Migration from XenMobile Server to Citrix Endpoint Management doesn’t require you to re-enroll devices.

For more information, contact your local Citrix salesperson, Systems Engineer, or Citrix Partner.

To learn more about our migration service, see 3 reasons to move to Citrix Endpoint Management service.

To see why to migrate, how to migrate, and the benefits of migrating to Citrix Endpoint Management, visit the CEM Migration Service Course Catalog, or refer to the Citrix Endpoint Management (CEM) Migration Service guide.

When you’re evaluating or buying Endpoint Management, the Endpoint Management Operations team provides ongoing onboarding help. The Operations team also communicates with you to make sure the core Endpoint Management services are running and configured correctly. This figure shows the onboarding steps.

Onboarding workflow

To sign up for a Citrix account and request an Endpoint Management trial, contact your Citrix Sales Representative. When you’re ready to continue, go to

For a quick overview of Endpoint Management onboarding and configuration, watch this video.

Want to learn more before starting? Try these resources:

Endpoint Management documentation: Provides full Endpoint Management documentation, from onboarding to initial configuration to advanced configuration. A “What’s new” article describes new features and fixes. Citrix notifies you when that article is available for a new release.

Citrix Endpoint Management Onboarding Handbook: Consolidates all the available information around Endpoint Management, so you can continu smoothly enabling and onboarding Endpoint Management. You can use the document to record changes for your internal processes and to document your high-level and functional designs.

Endpoint Management Deployment Handbook: Planning an Endpoint Management deployment involves many considerations. The handbook includes recommendations, common questions, and use cases for your Endpoint Management environment.

SalesIQ: More resources for our Citrix Partners.

Next steps

For information about the Endpoint Management onboarding process, see Onboarding and resource setup.

After you complete onboarding, see Prepare to enroll devices and deliver resources.

Deprecation announcements

For advanced notice of the Citrix Endpoint Management features that are being phased out, see Deprecation.

Endpoint Management support

For details on how to access supported related information and tools in the Endpoint Management console, see Monitor and support.

Rolling updates to the Endpoint Management release occur approximately every two weeks. To you, the customer, this process is transparent. Initial updates are applied to Citrix internal sites only, and are then applied to customer environments gradually. We deliver updates incrementally in waves to provide product quality and to maximize availability.

Endpoint Management customers receive updates and communications directly from the Endpoint Management Cloud Operations Team. Those updates keep you current with new features, known issues, fixed issues, and so on.

The Citrix Cloud Operations team maintains the Endpoint Management environments with the latest Endpoint Management rolling patches. To get specific patches or fixes that are required before the rolling patch, contact Citrix Technical Support.

If you have any issues with your environment, contact Citrix Technical Support or your Citrix Account Team. Such issues might include mobile device enrollment, Endpoint Management console access, or Secure Mail issues.

If you need any integration or changes made on Citrix Gateway in the Cloud or Endpoint Management, submit a request through Citrix Technical Support.

Examples of changes that you might request are:

  • Citrix Files integration with Citrix Gateway in the Cloud
  • Change Citrix Gateway authentication type
  • Validate connectivity to customer data center resources
  • Change split tunnel configuration for micro VPN
  • Restart Endpoint Management components because of some server configuration changes

Service level agreement

Citrix Endpoint Management uses industry best practices to achieve cloud scale and a high degree of service availability.

For complete details about Citrix’s commitment for availability of Citrix Cloud services, see the Service Level Agreement.

Endpoint Management