Datasheet

A single pane of glass for complete Endpoint Management and Security

Today's challenge Highlights

The way businesses operate has been redefined by the rapid rise in the number and
Supported operating systems
diversity of endpoints used in enterprises. This also leads to various forms of
cyberattacks and insider threats. With devices varying in form and function, more and
Linux macOS
more enterprises these days are looking for a unified endpoint management (UEM)
model that will provide a single software platform for managing and securing a wide
ChromeOS Windows
range of enterprise devices, including servers, desktops, laptops, smartphones,
tablets, and IoT devices.
iOS Android
The solution
Endpoint Central is a unified endpoint management and security solution that Windows Phone tvOS
manages and secures servers, desktops, and mobile devices from a single console. It
automates the entire endpoint lifecycle, reducing IT costs, boosting efficiency, and
Recognized by
improving productivity. With built-in security measures against vulnerabilities, data
leaks, and browser threats, along with DEX capabilities for proactive monitoring and
issue resolution, it ensures optimal performance and a seamless digital workplace.

Use Endpoint Central to

Automate regular endpoint management activities.

Standardize OS and application configurations across your network.

Secure endpoints from a wide range of threats.

Troubleshoot day-to-day problems.

Audit your IT assets.

Proactively monitor and enhance digital employee experience

Trusted by over Currently managing

20 years
Support for Used across
31 ,000 more than
20 190
of experience in the
market.
IT professionals across 26 million languages. countries.
the globe. endpoints.

See what highly regarded analyst firms have to tell about us here!

Patch Management Software Deployment

Automate patching for over 1000 Windows, Mac, Linux, and Install or uninstall MSI and EXE-based applications.
third-party apps.
Schedule software deployments and perform pre and
Proactively detect and deploy missing patches. post-deployment activities.

Test and approve patches before deployment to mitigate security Allow users to install software themselves using the self-service
risks. portal.

Deploy critical zero-day patches. Utilize over 10000 predefined templates to deploy applications.

Disable auto-updates and decline patches as needed. Create a repository of packages and reuse them any number of
times to install or uninstall software.
Obtain reports on system health status as well as system
vulnerability. Install software as a specific user using the Run As option.
Vulnerability Management
Improve your security posture with integrated threat and Application Control
vulnerability management by instantly detecting and remediating Discover all installed applications and executables, and
vulnerabilities. categorize them as enterprise approved or unapproved based
on their digital signatures.
Enhance security by deploying security policies and mitigating
system misconfigurations. Flexible regulation that provides multiple modes to efficiently
establish a zero trust environment.
Leverage ManageEngine's exclusive partnership with the Centre
for Internet Security (CIS) to ensure compliance with CIS Hassle-free application control that allows users to request
benchmarks. access to applications.

Swiftly spot zero-day vulnerabilities and deploy mitigation scripts Adopt a Zero Trust approach by enabling Strict Mode to prohibit
as workarounds before the patches arrive. even unmanaged applications, automatically.

Audit and eliminate high-risk software such as end of life software,

Data Leakage Prevention
remote desktop sharing software, and peer to peer software to stay
safe from data breaches. Monitor and regulate your enterprise data movement from a
centralized console to combat insider attacks and data loss.
Audit active ports to discover anomalies as a part of vulnerability
management. Scan and categorize enterprise's critical data as per compliance
and regulatory standards.
Asset Management
Regulate data transfer attempts via cloud uploads, E-mail
Track all hardware and software in your network live.
exchanges, printers, and other peripheral devices.
Ensure software license compliance.
Receive instant alerts for policy breach attempts and remediate
Block executables and uninstall prohibited software. false positive events.

Analyze software usage statistics and reduce costs associated with Browser Security
unused software using software metering.
Lockdown enterprise browsers and harden the browser settings
Receive notifications for specific events such as detection of new to prevent browser-based attacks.
software, non-compliance due to under-licensing, and prohibited
software. Gain a comprehensive view of multiple browsers being used
across the network.
Gain over 20 pre-defined reports for hardware, software, inventory,
and license compliance. Enforce browser security configurations such as STIG and CIS
compliances.
Mobile Application Management
Implement a safe browsing experience by detecting and
Create your own enterprise app repository containing only removing harmful plug-ins.
IT-approved in-house and commercial apps.
Allow enterprise-approved websites and block unwanted web
Silently install, update, and remove corporate apps from devices apps to increase productivity and security.
while also managing app licenses and preconfiguring app
permissions. Mobile Security Management
Configure and enforce corporate security policies affecting
Ensure devices run only trusted corporate apps, blacklist
Wi-Fi, VPN, email, and more.
malicious/vulnerable apps, and prevent users from uninstalling
corporate apps. Prevent unauthorized access to corporate email, and securely
distribute, save, and view content.
System tools
Enforce device-level encryption; isolate personal and corporate
Monitor and analyze remotely managed systems by viewing the
workspaces on BYOD devices; and locate, lock, and wipe
task details and processes that are running on them.
misplaced devices.
Remotely boot up a machine instantly using Wake-on-LAN, or
Reports
schedule boot-ups.

Publish announcements company-wide or just to technicians. Utilize over 200 out-of-the-box Active Directory reports on users,
computers, groups, OUs, and domains.
Schedule disk defragmentation, check disks, and disk cleanup for
local or remote workstations. Lower utility bills with effective power management, and view
system uptime reports.
Mobile Device Management Obtain up-to-date user logon details with user logon reports.
Automate bulk enrollment and authentication of BYOD and View reports on patches, configurations, and events for auditing.
corporate devices.

Control OS updates and troubleshoot remote mobile devices.

Gain complete visibility into your organization's mobile assets

through predefined and customizable reports.
 Configurations
Standardize desktop, computer, application, and security settings
Remote Control
with baseline configurations for your entire organization. Leverage secure remote control to meet various compliance
regulations, including HIPAA and PCI DSS.
Use over 40 configurations for users and computers, or create
templates for frequently used configurations. Troubleshoot remote desktops seamlessly with collaboration
Choose from over 180 scripts in the script repository. between multiple users.

Restrict and control the usage of USB devices like printers, CD Integrated video, call, chat; and options for transferring files
drives, portable devices, bluetooth devices, modems, and other between machines.
peripherals in the network, both at the user and computer level. Record entire remote control sessions for auditing purposes.

Go green with effective power management by applying power Lock end users' keyboards and mice, and black-out their
schemes, shutting down inactive computers, and viewing system screens to ensure confidentiality during remote sessions.
uptime reports.
Take advantage of 128-bit AES encryption protocols during
Configure browser, firewall, and security policies; achieve access remote control operations.
control for files, folders, and the registry using permissions
management. OS Deployment
Set alerts for password expiration and low system drive space.
Automatically capture the image of a computer, whether it's live
Peripheral Device Control or shut down, using intelligent online and offline imaging
techniques.
Effectively regulate and restrict the entry of more than 15 types of
peripheral devices from a centralized console along with automatic Store these images in a centralized repository and perform OS
detection of active ports. deployment on the go.

Role-based file access and transfer control with file transfer limit to Customize captured images by using deployment templates for
secure your enterprise-critical data. different roles and departments within your organization.

Grant temporary access for peripheral devices to specific Perform hassle-free deployment across different types of
endpoints for a defined time frame. hardware.

Be proactive by mirroring the data in a secure location when USB Execute post-deployment activities like installing applications,
devices access your critical enterprise data, thus preventing data configuring computer settings, and more.
loss.
BitLocker Management
Adhere to device compliance standards by preventing data loss
through peripheral devices and get insights from comprehensive Secure your computer's data by automating encryption for
device audit reports. select drives or the entire hard drive.
Endpoint Privilege Management Identify the TPM-installed computers for enhanced PIN security
Remove unnecessary admin rights and run business-critical along with passphrase authentication.
applications with restricted privileges to prevent attacks based on
Retrieve your computer's data using the recovery key in case of
privilege elevation or credential compromise.
faulty hardware and reset the password for the computers
Maintain the least privilege model without compromising removed from the network.
productivity by enabling application-specific privilege elevation.
Employ data encryption policies and stay compliant with data
Handle interim user needs by enabling privileged temporary protection guidelines like FISMA, HIPAA, and PCI-DSS.
access to applications that are automatically revoked after a set
period. Next-Gen Antivirus
Real-time AI-assisted malware detection enforces protection
Ransomware Protection
against evolving threats.
Reactive protection for heightened endpoint security by
gatekeeping ransomware. Comprehensive incident forensics with detailed reports align
with MITRE Tactics, Techniques, and Procedures (TTPs).
Multi-patented and machine learning-assisted behavior analysis
instantly detects any ransomware attempting to intrude on your In-depth insights into attack methods, pathways, and kill-chain
network. analysis.

Provides detailed analysis of all intrusion attempts. Immediate intrusion mitigation, including ransomware
protection, ensures swift intrusion neutralization.
Offers seamless rollback to ensure your data is recovered with one
click.
Threat mitigation with minimal disruptions to your network's
Digital Employee Experience (DEX) operations ensures business continuity.

Continuously monitor endpoint health with real-time telemetry on One-click file recovery allows users to easily restore
CPU, memory, disk, battery, warranty, GPU, and application compromised files to their original state with a simple click.
crashes.

Detect and prioritize issues proactively through configurable

alerts, severity tagging, and smart alert grouping to reduce noise.
Pricing
Diagnose root causes quickly using contextual diagnostics that
Security Edition
link failures to device versions, app versions, models, services etc
Pricing starts at $1695/year for 50 endpoints.

Automate remediation at scale with pre-built scripts, workflows,

UEM Edition
and a no-code builder for silent or consent-based fixes.
Pricing starts at $1095/year for 50 endpoints.

Benchmark and improve performance using device-level Enterprise Edition (for WAN)
experience scores, trend dashboards, and baseline comparisons. Pricing starts at $945/year for 50 endpoints.

Leverage a pre-built action library of data collectors, scripts, and Professional Edition (for LAN)
workflows, for organization-specific actions. Pricing starts at $795/year for 50 endpoints.

Free Edition
*Available as an add-on
Complete management of up to 25 endpoints

© 2025 Zoho Corp. All rights reserved.