ManageEngine MDM Plus

Push Wi-Fi, VPN, and proxy configurations across all supported platforms with certificate-based authentication.

Email and Exchange ActiveSync profiles with managed email account provisioning across platforms.

Extensive restriction library with 100+ device and app restrictions across iOS, Android, Windows, macOS, and ChromeOS.

Custom configuration profiles with OEMConfig for Android, custom plist for Apple, and OMA-URI for Windows.

Kiosk mode for iOS, Android, and Windows with single-app, multi-app, and kiosk browser options.

Apple Business Manager integration supports ADE for iOS and macOS with automated enrollment profiles.

Android Zero-Touch Enrollment and Samsung KME supported with Android Enterprise fully managed device profiles.

Basic Windows Autopilot support; Windows MDM enrollment available but less mature than Intune-native experience.

Bulk enrollment via CSV import, QR codes, and email invitations with group-based enrollment profiles.

Self-enrollment portal with Android Work Profile and iOS User Enrollment; clear privacy separation for BYOD.

App distribution from all major stores with silent install capability on supervised iOS and managed Android.

LOB app distribution supporting APK, IPA, and enterprise certificate-signed apps with auto-update.

VPP integration with Apple Business Manager for silent app deployment and license management.

AppConfig and managed app configuration for iOS and Android with key-value pair deployment.

App Catalog with self-service portal for end users to install approved apps across platforms.

Extensive compliance rules with geo-fencing compliance, app-based compliance, and automated remediation workflows.

Conditional access for Exchange and corporate Wi-Fi based on compliance status.

FileVault and BitLocker enforcement with recovery key escrow and encryption compliance monitoring.

SCEP certificate deployment with auto-renewal and manual certificate distribution across platforms.

Built-in threat detection with jailbreak/root detection, malicious app scanning, and automated remediation.

iOS and Android OS update scheduling; Windows/macOS OS updates require Endpoint Central for full management.

Limited patch management; Windows and macOS patching requires Endpoint Central integration.

iOS update deferral and scheduling; limited deferral options for other platforms.

Complete and selective wipe with device reassignment and retirement audit logging.

Device inventory with hardware lifecycle data; asset management reports for fleet planning.

Dashboard with compliance status, device breakdown, and enrollment analytics widgets.

Extensive canned and custom reports with scheduling, PDF/CSV export, and Active Directory-linked reporting.

Detailed inventory tracking with app blacklist/whitelist enforcement and storage monitoring.

Audit logging with admin activity tracking, policy change history, and enrollment event logging.

Live device status with location tracking, battery monitoring, and connectivity status.

Remote lock, complete wipe, corporate wipe, and device restart across supported platforms.

Remote view for Android and iOS; macOS/Windows remote control requires Endpoint Central or Zoho Assist.

Custom script execution on macOS and Windows; limited to batch command deployment.

Self-service portal with device location, remote alarm, lock, and app installation capabilities.

File distribution for macOS and Windows; content management for document deployment.

Dynamic groups with AD-synced membership and custom criteria-based device targeting.

Group and tag-based policy deployment with custom property-driven assignment.

Geofencing with location-based compliance, geo-boundary alerts, and automated actions.

Scheduled profile deployment and time-based restrictions for managed devices.

Group-based policy hierarchy with inheritance and override capabilities.

Entra ID directory integration with user/group sync and device-to-user mapping.

Google Workspace directory sync; basic SAML integration for third-party IDPs.

Deep on-premises AD integration with auto-enrollment triggers and OU-based device assignment.

SCEP certificate deployment for Wi-Fi and VPN certificate-based authentication.

User-device affinity with AD-synced user assignment and user-based targeting.

REST API for device management operations; Zoho API ecosystem for extended integration.

Basic webhook support; integration with Zoho Flow for workflow automation.

Syslog support and integration with ManageEngine Log360 for security log analysis.

Native integration with ManageEngine ServiceDesk Plus; API connectivity for third-party ITSM.

Custom script deployment for macOS and Windows; limited to batch execution.