Citrix Endpoint Management

Citrix Endpoint Management

Citrix Endpoint Management is a solution for managing endpoints, offering Mobile Device Management (MDM), and mobile application management (MAM) capabilities. With Citrix Endpoint Management, you manage device and app policies and deliver apps to users. Your business information stays protected with strict security for identity, devices, apps, data, and networks.

Citrix and customer responsibilities

Citrix Cloud Operations handles various infrastructure and monitoring tasks. As a result, you can focus on the user experience and on managing devices, apps, and policies.

Citrix responsibilities:

  • Citrix Endpoint Management server nodes
  • NetScaler Gateway (service or on-premises) initial integration and configuration
  • NetScaler Gateway Load Balancer
  • Database
  • Cloud Connector software configuration
  • SAML authentication integration with ShareFile
  • Citrix Endpoint Management site monitoring: Instance, database, enterprise connectivity (LDAP), VPN tunnel (if applicable), public SSL certificate, Citrix Endpoint Management licensing

Customer responsibilities:

  • NetScaler Gateway (on-premises) management and updates
  • Machines where Cloud Connectors and Gateway Connector (for Citrix Gateway service) are installed
  • LDAP/Active Directory
  • DNS
  • ShareFile: Initial ShareFile configuration, on-premises storage zones controller installation, Citrix Files updates
  • Citrix Endpoint Management configuration: Devices, policies, apps, delivery groups, actions, and client certificates

Integration with Microsoft Endpoint Manager

Citrix Endpoint Management integrates with Microsoft Endpoint Manager (MEM). That integration adds the value of Citrix Endpoint Management micro VPN to Microsoft Intune aware apps, such as the Microsoft Edge browser. With the integration, you can:

  • Secure Office 365 applications with conditional access with Azure AD. For more information, see Integrate with Azure AD Conditional Access.
  • Wrap your own line of business apps with Intune and Citrix to provide micro VPN capabilities inside an Intune mobile app management (MAM) container.
  • Manage and deliver Office 365 apps, line of business apps, and Citrix Secure Mail in one container. This management method provides ultimate security and productivity. For example, you can:

    • Block individual devices or operating systems
    • Customize ActiveSync policies based on devices, users, or user groups
    • Quarantine at the device level
    • Monitor individual connections or devices
    • Avoid the security risks of credential and data caching

Use Citrix Endpoint Management MDM+MAM or Intune MDM to manage devices. For more information, see Citrix Endpoint Management integration with Microsoft Endpoint Manager.

Cloud Connector and resource locations

You connect to Citrix Endpoint Management through Cloud Connector. Cloud Connector serves as a channel for communication between Citrix Cloud and your resource locations. Cloud Connector enables cloud management without requiring any complex networking or infrastructure configuration such as VPNs or IPsec tunnels.

Resource locations have the resources required to deliver services to your subscribers. For Citrix Endpoint Management, resource locations are your NetScaler Gateway, LDAP, DNS, and PKI servers.

Resource locations

For more information about Cloud Connector and resource locations, see About Citrix Endpoint Management.

Get started with Citrix Endpoint Management


XenMobile Migration Service

If you’re using XenMobile Server on-premises, our XenMobile Migration Service can get you started with Citrix Endpoint Management. Migration from XenMobile Server to Citrix Endpoint Management doesn’t require you to re-enroll devices.

For more information, contact your local Citrix salesperson, Systems Engineer, or Citrix Partner.

To learn more about our migration service, see 3 reasons to move to Citrix Endpoint Management service.

To see why to migrate, how to migrate, and the benefits of migrating to Citrix Endpoint Management, visit the CEM Migration Service Course Catalog, or refer to the Citrix Endpoint Management (CEM) Migration Service guide.

When you’re evaluating or buying Citrix Endpoint Management, the Citrix Endpoint Management Operations team provides ongoing onboarding help. The Operations team also communicates with you to make sure the core Citrix Endpoint Management services are running and configured correctly. This figure shows the onboarding steps.

Onboarding workflow

To sign up for a Citrix account and request an Citrix Endpoint Management trial, contact your Citrix Sales Representative. When you’re ready to continue, go to

For a quick overview of Citrix Endpoint Management onboarding and configuration, watch this video.

Want to learn more before starting? Try these resources:

Citrix Endpoint Management documentation: Provides full Citrix Endpoint Management documentation, from onboarding to initial configuration to advanced configuration. A “What’s new” article describes new features and fixes. Citrix notifies you when that article is available for a new version.

Citrix Endpoint Management Onboarding Handbook: Consolidates all the available information around Citrix Endpoint Management, so you can continue smoothly enabling and onboarding Citrix Endpoint Management. You can use the document to record changes for your internal processes and to document your high-level and functional designs.

Citrix Endpoint Management Deployment Handbook: Planning an Citrix Endpoint Management deployment involves many considerations. The handbook includes recommendations, common questions, and use cases for your Citrix Endpoint Management environment.

SalesIQ: More resources for our Citrix Partners.

Next steps

For information about the Citrix Endpoint Management onboarding process, see Onboarding and resource setup.

After you complete onboarding, see Prepare to enroll devices and deliver resources.

Deprecation announcements

For advanced notice of the Citrix Endpoint Management features that are being phased out, see Deprecation.

Citrix Endpoint Management support

For details on how to access supported related information and tools in the Citrix Endpoint Management console, see Monitor and support.

Rolling updates to the Citrix Endpoint Management release occur approximately every two weeks. To you, the customer, this process is transparent. Initial updates are applied to Citrix internal sites only, and are then applied to customer environments gradually. We deliver updates incrementally in waves to provide product quality and to maximize availability.

Citrix Endpoint Management customers receive updates and communications directly from the Citrix Endpoint Management Cloud Operations team. Those updates keep you current with new features, known issues, fixed issues, and so on.

The Citrix Cloud Operations team maintains the Citrix Endpoint Management environments with the latest Citrix Endpoint Management rolling patches. To get specific patches or fixes that are required before the rolling patch, contact Citrix Technical Support.

If you have any issues with your environment, contact Citrix Technical Support or your Citrix Account team. Such issues might include mobile device enrollment, Citrix Endpoint Management console access, or Citrix Secure Mail issues.

If you need any integration or changes made on NetScaler Gateway in the Cloud or Citrix Endpoint Management, submit a request through Citrix Technical Support.

Examples of changes that you might request are:

  • Citrix Files integration with NetScaler Gateway in the Cloud
  • Change NetScaler Gateway authentication type
  • Validate connectivity to customer data center resources
  • Change split tunnel configuration for micro VPN
  • Restart Citrix Endpoint Management components because of some server configuration changes

Service level agreement

Citrix Endpoint Management uses industry best practices to achieve cloud scale and a high degree of service availability.

For complete details about Citrix’s commitment for availability of Citrix Cloud services, see the Service Level Agreement.

Citrix Endpoint Management