The mobile device management space is relatively new, but it is already showing signs of being a study in same-old, same-old. How much can you really do with Apple's API for iDevices, after all? Judging by the current players, you'd think that all MDM solutions require a stand-alone management server and yet another console to administer. Though many MDM vendors put different faces on the same basic functionality, Centrify promises a unique methodology, at a price you won't believe.
Centrify has always been about cross-platform security, control and auditing through integration with the Microsoft Active Directory framework. With the goal of keeping enterprise device management on the simple side and free of multiple management platforms, Centrify is known for adding AD functionality to pretty much any major operating system, from Apple OS X to Ubuntu Linux. And now, Centrify For Mobile takes on the MDM market, using its established AD-centric bag of tricks with a few interesting new features thrown in.
Tom Kemp is Centrify's president and CIO, and he recently walked me through differences between his company's MDM approach and what the rest of the market is up to. The competition tends to require a specialized server and a new administration console to learn, and then gives you whatever can be leveraged with ActiveSync and device hooks like Apple's Push Notification Service and API for mobile devices. Costs for these solutions often run over $75 per managed device and can be complex just to test drive.
Kemp sees a better way to tame the challenges of BYOD and provide enterprise control of mobile devices for IT shops that have already invested in Active Directory. Centrify provides advantages by combining the easy deployment of a cloud-based service with the familiar administrative tasks of enforcing Group Policy-based security settings, Kemp says.
During the demonstration, I saw how Centrify's lightweight cloud proxy server brings mobile operating systems into the AD management environment quickly, and with no significant changes to the existing network topology. Other solutions might need firewall changes or creation of a DMZ. Over-the-air policy integration lets AD help desk staff remotely wipe a device, disable corporate functions upon employee termination, and automatically distribute and enforce device permissions through the common ADUC console.
Having gained a working familiarization with a number of Centrify's MDM competitors, I can appreciate the elegance of a solution that simply puts mobile devices in the Active Directory mix but maintains feature parity with the rest of the market. I also have to hand it to Centrify for its pricing structure, which includes a full-featured zero-cost option. Not only can you kick the tires for free (some others in this space make product trials pretty onerous), if you like Centrify, you can use it without paying anything.
The difference between free Centrify and the Premium version? Support.
Customers opting to cheap out will still benefit from everything Centrify has to offer for mobile device management, but support is limited to whatever you can get from the online customer community. But those who know their AD environments may find that they don't really need support, which in my book just might make Centrify the hottest deal in full-featured MDM right now.
Lee Badman has no relationship with Centrify.Lee is a Network Engineer and Wireless Technical Lead for a large private university. He also teaches classes on networking, wireless network administrtaion, and wireless security. Lee's technical background includes 10 years in the US Air Force as an Electronc Warfare ... View Full Bio