On-Premises vs. Cloud: What's the difference?

Mobile Device Manager Plus is available both as an on-premises edition as well as an on-demand/cloud edition. Based on several factors, either of these deployment types can prove right for your organization. However, the basic difference is essentially where the hardware and software components reside. The complete differences between MDM on-premises and cloud are listed below.

NOTE: ManageEngine Mobile Device Manager Plus cloud is powered by Zoho. Names like "Zoho" and "ManageEngine" are used interchangeably, however both Zoho and ManageEngine are divisions of Zoho Corporation.

Server Location

In an on-premises setup, the MDM server is available within your organization just like any other server in your network. It is your own responsibility to setup the required infrastructure and ensure that the MDM server is secured, maintained, up and running with minimal down-time. Optionally, you can configure a Secure Gateway to prevent your MDM server from being directly exposed to the Internet. MDM also lets you configure a Failover Server, which is a paid add-on to eliminate server down-time.

Whereas, in the case of MDM cloud, the server is remotely hosted on Zoho cloud services and is accessed over the Internet using appropriate login credentials. ManageEngine holds responsibility for the server, its uptime, and costs incurred in setting up and maintaining the required infrastructure.

Functionality

In order to setup MDM on-premises and start managing devices, a set of ports and domains must be allowed in your organization's firewall. Subsequently, manual configuration of these initial settings are required, out of which NAT, proxy, and Mail server settings are mandatory. Whereas, MDM cloud is completely hosted on Zoho cloud services; gives you complete access from anywhere, at anytime. You can start managing devices right after signing up using your Zoho account without any initial configuration steps, since MDM cloud leverages Zoho's mail servers.

With regards to server upgrades, MDM on-premises ensures service packs and hotfixes with brand new features are available time to time. Users must upgrade their MDM servers manually when an upgrade is available. With MDM cloud, servers are automatically upgraded and subsequently, the latest features will be available to use.

NOTE: Upgrading the MDM server will neither affect the devices under management nor make any changes to the configured policies, apps, and other settings.

Additionally, MDM uses Zoho Assist to facilitate Remote Control. With MDM on-premises, you need to sign up and create an account with Zoho Assist to remotely troubleshoot devices. Whereas, this is not the case with MDM cloud. Since MDM cloud already uses a Zoho account, you need not create any additional accounts as such. Similarly, MDM facilitates integration of on-premises as well as Azure Active Directory for either of the deployments. With MDM on-premises, you can simply integrate by providing your AD domain, but MDM cloud requires you to install an application to sync Entra ID(formerly Azure AD) or on-premises AD.

Security

With MDM on-premises, sensitive data such as employee details, mail server information, inventory details, location details, enterprise application details, etc., are within your control. In institutions or organizations where compliance is an issue; whose regulations don't allow sensitive data to be on cloud, MDM on-premises would prove right by offering greater control and security. With MDM cloud, the aforementioned organizational data is securely present within Zoho's servers. Sensitive data present within the cloud servers are encrypted to provide top-grade security standards. Click here to learn more about our security practices, policies, and infrastructure.

Integrations

MDM on-premises and MDM cloud integrate with a variety of specialized software applications ranging from App development to Help desk solutions. MDM by itself, is a comprehensive mobile device management solution; integrating other software applications amplifies the benefits of deploying MDM in your organization. Click here to learn more about Mobile Device Manager Plus' integrations, for either of the deployments.

Conclusion

In a nutshell, with MDM cloud you need not worry about setting up the server; It can be accessed over the Internet unlike the one-time setup process which MDM on-premises requires. But, it doesn't necessarily mean MDM cloud is better than MDM on-premises when your organization has the required hardware and software setup in prior. Both MDM on-premises and MDM cloud has its set of features; choosing between the two is completely based on your business requirements.

Additionally, Mobile Device Manager Plus MSP is available as a standalone product, exclusively for Managed Service Providers. Similarly, MDM MSP is available as an on-premises edition and an on-demand/cloud edition.

Supported Platforms for both Mobile Device Manager Plus On-Premises and Mobile Device Manager Plus Cloud

  • iOS 4.0 and above
  • Android 5.0 and above
  • Windows 8.0 and above
  • macOS 10.17 and above
  • Chrome 57.0 and above
  • tvOS 7.0 and above
  • iPadOS 13.0 and above

Feature based comparison matrix

Note: Both Mobile Device Manager Plus On-premises and Mobile Device Manager Plus Cloud have their own unique set of features; choosing between the two is completely based on your business requirements.

Features Mobile Device Manager Plus On-Premises Mobile Device Manager Plus Cloud
General Specifications
Support for Samsung Knox devices
Support for Shared iPads
Guest Mode for Shared iPads
Support for modern management for Windows PCs
Support for Windows Surface Pro
Managed Guest Session for ChromeOS
Real time dashboard for audit reports
Remote troubleshooting
Custom branding
Device Enrollment
Self Enrollment
Enrollment through Active Directory
SMS Enrollment
Enrollment via E-mail invites
OS independent enrollment invites
Bulk Enrollment
Apple DEP (Apple Business Manager/Apple School Manager)
Apple Configurator
NFC Enrollment
EMM Token Enrollment (QR code Enrollment)
Samsung Knox Enrollment
Android Zero Touch Enrollment
Windows ICD Enrollment
Windows Entra ID(formerly Azure AD) Enrollment and Autopilot
Chromebook Enrollment
Multi factor device authentication
Profile/Policy Management
Device restrictions (Camera, Safari, etc.)
Restrict app installations
Device restrictions (Camera, Safari, etc.)
Managing iCloud, document sync, backup, etc.
Enforcing password for iTunes
Restricting iCloud Private Relay
Privacy Preferences Policy Control (PPPC) for Mac devices
Kernel and system extensions for Mac devices
Advanced Wi-Fi configuration
Department based device grouping
VPN configuration
Per-app VPN
Custom configuration
OEM-specific configurations
Security Management
Passcode protection
Enforce encrypted backup
FileVault Encryption
Firmware password/ Recovery Lock
Lost mode support
Remote Lock
Corporate data wipe
Complete device wipe
OS update management
OS update management for rugged devices
Geo Location Tracking
Location History
Detect Jailbroken and Rooted devices
Remove Jailbroken and Rooted devices
Geo-fencing
Samsung Knox container support
Containerization for Non-Samsung devices
Web content filtering
Global proxy setting
Single Sign-on
Enterprise Factory Reset Protection (EFRP)
SafetyNet Attestation
Asset Management
Track information on device details, certificates
Unmanaged devices notification
Application information
Out-of-box asset reports
Announcements
Unified, single map view of all devices
Battery level tracking
Bulk remote restart and shutdown
App Management
Silent installation of Enterprise/ In-house apps
Silent installation of Store apps (including paid apps)
Publish apps on App Catalog
Managed App Configurations
Manage app updates
Automate Store app updates
Multi-version support for enterprise apps
Status of the deployed apps
Allow/prevent app data backup
Apple VPP (ABM/ASM)
App removal
Kiosk support/ App Lock
Device Lockdown (Multi App Kiosk)
Autonomous Single App Kiosk Mode
Home Screen Layout customization
Blocklisting apps
Google Play for Work
Windows Business Store
Chrome Web Store
Office 365 MAM Policies
Conditional Access to Office 365 apps *
Email Management
Configure enterprise e-mail accounts
Secured viewing of e-mail attachments
Microsoft Exchange ActiveSync, Office 365 configuration
Conditional access to Exchange
Content Management
Remote sharing of documents
Document Viewer
Copy/Paste restrictions from Workspace to personal apps
Data leakage prevention (DLP) policies for distributed content
Restrict sharing of corporate data with unmanaged devices
Certificate Management
Trust and client certificates
SCEP certificate authority
DigiCert certificate authority
Auto renewal of client certificate
Integrations
Integration with Active Directory

Integration with Entra ID(formerly Azure AD)

Integration with G Suite
Integration with Okta
Public APIs for integration
Integration with desktop management software
Patch management
Software deployment
Asset management
Remote control
Integration with helpdesk software
Integration with app development software
Integration with analytics software
Implementation
Separate app to be installed on device
System Requirements
Windows
Linux
Browsers Supported
Internet Explorer
Firefox
Chrome
License Type
Annual/Recurring
Perpetual
Pricing
Free/Standard Edition
Professional Edition

Note: On Mobile Device Manager Plus Cloud, Self Enrollment is only supported after integrating with Active Directory and Entra ID(formerly Azure AD). Self Enrollment using Okta or G Suite is currently not supported. For any additional requirements and assistance, kindly contact support.

Contact Us:

Website: https://www.manageengine.com/mobile-device-management/

Sales team email: sales@manageengine.com

Support team email: mdm-support@manageengine.com

mdmcloud-support@manageengine.com