Contact Us
Kandji

Kandji

Kandji streamlines Apple device management with robust automation.

Basic Information

Kandji is a cloud-based Apple device management and security platform, not a physical asset with a model number. It is designed to manage and secure fleets of Apple devices for businesses, including Mac, iPad, iOS, and tvOS devices. The platform focuses on automating routine tasks, enforcing compliance, and enhancing security.

  • Model: Cloud-based Apple device management and security platform.
  • Version: Kandji operates as a continuously updated Software as a Service (SaaS) platform, without discrete version numbers for the platform itself.
  • Release Date: Founded in 2018, the platform launched in 2019.
  • Minimum Requirements:
    • Managed Devices: Nearly all Apple devices are supported, provided they run supported operating system versions.
    • Administrator Console: Requires the latest version of a modern web browser such as Safari, Chrome, Firefox, or Edge.
  • Supported Operating Systems: macOS, iOS, iPadOS, tvOS, and visionOS.
  • Latest Stable Version: As a SaaS platform, Kandji receives continuous updates and feature enhancements.
  • End of Support Date:
    • Platform: Continuous support for the SaaS platform.
    • Managed OS Versions: As of October 15, 2025, macOS 12 Monterey, macOS 13 Ventura, and iOS, iPadOS, and tvOS 16 are considered End of Support by Kandji, meaning no new features or bug fixes are added for these versions.
  • End of Life Date:
    • Platform: Continuous availability for the SaaS platform.
    • Managed OS Versions: macOS 11 and earlier, iOS 15 and earlier, iPadOS 15 and earlier, and tvOS 15 and earlier are considered End of Life.
  • Auto-Update Expiration Date: Not applicable to the Kandji platform itself. Kandji provides "Managed OS" features that allow administrators to schedule and enforce OS updates on managed devices, with configurable enforcement timeframes.
  • License Type: Subscription-based model. Pricing is custom and depends on the specific solutions required and the number and types of devices to be managed.
  • Deployment Model: Cloud-based Software as a Service (SaaS).

Technical Requirements

Kandji's technical requirements are primarily dictated by the operating systems of the Apple devices it manages and the standard specifications for accessing a web-based administration console.

  • RAM: Not specified for the platform or administrator console; depends on the operating system requirements of managed devices and the administrator's local machine.
  • Processor: Not specified for the platform or administrator console; depends on the operating system requirements of managed devices and the administrator's local machine.
  • Storage: Not specified for the platform or administrator console. For managed devices, free space is required for deployed applications and OS updates.
  • Display: Not specified for the platform or administrator console; standard display resolution for web browser usage.
  • Ports: Active internet connection is required for managed devices and the administrator console to communicate with the Kandji cloud platform.
  • Operating System:
    • Managed Devices: macOS (14 Sonoma, 15 Sequoia, 26 Tahoe), iOS (16 and higher), iPadOS (16 and higher), tvOS (16 and higher), visionOS (2 and higher).
    • Administrator Console: Any operating system capable of running the latest versions of Safari, Chrome, Firefox, or Edge web browsers.

Analysis of Technical Requirements

Kandji is a cloud-native solution, meaning its core infrastructure requirements are handled by the vendor. For end-users and administrators, the technical demands are minimal. Managed devices must meet Apple's specifications for the supported operating systems. The administrator console is accessed via a web browser, requiring only a modern browser and an active internet connection. This approach simplifies deployment and maintenance for IT teams, as there are no specific server or client-side hardware requirements beyond the managed Apple devices themselves.

Support & Compatibility

Kandji provides comprehensive support and compatibility within the Apple ecosystem, leveraging continuous updates and dedicated management tools.

  • Latest Version: As a cloud-based platform, Kandji is continuously updated, ensuring access to the latest features and security enhancements without manual version upgrades.
  • OS Support: Kandji supports macOS, iOS, iPadOS, tvOS, and visionOS. It focuses exclusively on Apple devices, lacking support for Windows, Android, or other non-Apple devices.
  • End of Support Date: Kandji provides ongoing support for its platform. For managed operating systems, macOS 12 Monterey, macOS 13 Ventura, and iOS, iPadOS, and tvOS 16 are considered End of Support as of October 15, 2025.
  • Localization: Information regarding specific localization support for the Kandji administrator console is not explicitly available in public documentation.
  • Available Drivers: Not applicable. Kandji is a Mobile Device Management (MDM) solution that manages devices at the operating system level, utilizing Apple's MDM framework and its proprietary macOS Agent. It does not require or provide device-specific drivers.

Analysis of Overall Support & Compatibility Status

Kandji exhibits strong compatibility and support within the Apple device ecosystem, which is its exclusive focus. The platform's continuous update model ensures that it remains current with Apple's rapidly evolving operating systems and features, including support for new OS versions like iOS 17, iPadOS 17, and tvOS 17. Its "Managed OS" feature automates OS updates and upgrades, helping organizations maintain compliance and security across their fleet. The absence of support for non-Apple devices is a key characteristic, making it a specialized solution rather than a cross-platform one. Customer support is frequently praised for being knowledgeable and responsive.

Security Status

Kandji integrates robust security features and compliance measures tailored for Apple devices, aiming to provide a secure and manageable endpoint environment.

  • Security Features: Automated patch management, Endpoint Detection & Response (EDR) for Mac, pre-built compliance templates, security baselines, remote lock and wipe capabilities, FileVault encryption enforcement, password policies, continuous endpoint monitoring, application security, vulnerability management, custom scripts for advanced configurations, zero-touch deployment with security configurations, audit logs, device location tracking, and network/VPN/Wi-Fi configuration.
  • Known Vulnerabilities: Publicly available information does not indicate specific known vulnerabilities within the Kandji platform itself. The platform's security features are designed to mitigate vulnerabilities on managed devices.
  • Blacklist Status: Not applicable for a software platform.
  • Certifications: Kandji is SOC 2 Type 2 compliant, demonstrating its commitment to security and privacy controls. It is also a CIS (Center for Internet Security) partner, providing security controls and facilitating compliance with various standards.
  • Encryption Support: Supports and enforces FileVault disk encryption for macOS devices. Data at rest and in transit are protected, consistent with its SOC 2 compliance. Kandji also supports EAP-TLS for secure network authentication using certificates.
  • Authentication Methods: Enforces Multi-Factor Authentication (MFA) for all users signing into a Kandji tenant using email and password. It supports authentication via Google, Office 365, or Single Sign-On (SSO) connections, where MFA is typically handled by the Identity Provider. For network access, it supports various Extensible Authentication Protocol (EAP) types, including EAP-TLS, PEAP, and EAP-TTLS.
  • General Recommendations: Leverage automated security features, enforce regular software updates, utilize compliance templates, and implement strong authentication policies.

Analysis on the Overall Security Rating

Kandji demonstrates a strong overall security posture, particularly for organizations managing Apple devices. Its SOC 2 Type 2 compliance and partnership with CIS validate its adherence to recognized security standards. The platform provides a comprehensive suite of security features, including EDR for Mac, automated patching, and robust encryption enforcement (FileVault), which are critical for protecting sensitive data and maintaining compliance. The enforcement of MFA for direct logins and support for enterprise authentication methods like EAP-TLS further strengthen access control. Kandji's focus is on proactive threat protection and vulnerability management *on* the managed endpoints, rather than having inherent vulnerabilities within its own platform.

Performance & Benchmarks

As a cloud-based MDM solution, traditional hardware benchmarks are not applicable to Kandji. Its performance is measured by the efficiency and responsiveness of its management capabilities.

  • Benchmark Scores: Not applicable for a cloud-based Mobile Device Management (MDM) platform.
  • Real-World Performance Metrics: Kandji is noted for its ability to streamline operations, reduce the time and effort required for device management, and facilitate efficient onboarding processes. It offers quick deployment of policies and applications, with real-time feedback on policy success or failure.
  • Power Consumption: Not applicable to the Kandji platform itself. The platform's efficiency in managing devices can indirectly contribute to optimized device performance and battery life on managed Apple endpoints.
  • Carbon Footprint: Specific carbon footprint data for Kandji is not publicly available. As a cloud service, its environmental impact is largely tied to its cloud provider's sustainability practices.
  • Comparison with Similar Assets: Kandji is often compared to other Apple MDM solutions like Jamf, Mosyle, and Addigy. It is recognized for its ease of use, superior customer support, and deep integration within the Apple ecosystem. While some competitors offer broader cross-platform support, Kandji's specialization allows for a more tailored and efficient Apple device management experience.

Analysis of the Overall Performance Status

Kandji's performance is characterized by its operational efficiency and user experience within the Apple device management domain. The platform excels in automating complex IT tasks, such as device enrollment, application deployment, and OS updates, which significantly reduces manual effort and improves IT team productivity. Its intuitive interface and responsive console contribute to a positive administrative experience. While not measured by traditional benchmarks, the real-world impact of Kandji's performance is evident in its ability to scale device management effectively for mid-market to enterprise organizations and ensure devices are secure and compliant with minimal intervention.

User Reviews & Feedback

User reviews and feedback for Kandji generally highlight its strengths in Apple device management, ease of use, and automation capabilities, while also pointing out its exclusive focus on Apple as a potential limitation for some organizations.

  • Strengths:
    • Ease of Use: Users consistently praise Kandji's intuitive interface and user-friendly design, making it accessible for both beginners and experienced IT professionals.
    • Apple Device Management: Highly effective for managing Apple devices, simplifying setup, and enhancing security.
    • Automation: Offers over 150 pre-built automations for tasks like software updates, security patches, and compliance, significantly reducing manual intervention.
    • Customer Support: Frequently cited as knowledgeable, responsive, and helpful.
    • Security Management: Strong security controls, compliance templates, EDR for Mac, remote lock/wipe, and FileVault encryption are highly valued.
    • Efficient Onboarding: The Liftoff tool automates device setup and configuration, ensuring quick readiness for new devices.
    • Streamlined App Deployment: Features like Auto-Apps simplify the distribution and management of applications.
    • Real-time Sync & Insights: Provides instant feedback on policy success/failure and AI-powered insights for better decision-making.
  • Weaknesses:
    • Apple Exclusivity: The most common limitation noted is its exclusive focus on Apple devices, lacking support for Windows, Android, or Linux.
    • Missing Features: Some users report limitations in reporting tools, device customization options, and features like local admin password randomization.
    • Sync Issues: Occasional sync issues with devices and less accessible functionalities have been mentioned.
    • Cost: Can be perceived as expensive, particularly for smaller organizations, and license compatibility across different Apple devices can be restrictive.
  • Recommended Use Cases:
    • Organizations with a primary or exclusive Apple device fleet (Mac, iPhone, iPad, Apple TV).
    • Medium to large businesses, enterprises, educational institutions, and organizations in sectors like healthcare, finance, retail, manufacturing, and legal.
    • Companies prioritizing streamlined Apple device management with a strong emphasis on automation, security, and compliance.

Summary

Kandji is a specialized, cloud-based Apple device management and security platform that excels in providing comprehensive and automated solutions for organizations operating within the Apple ecosystem. Launched in 2019, it has quickly established itself as a robust tool for IT administrators and InfoSec teams.

Strengths: Kandji's primary strength lies in its deep integration with Apple's management frameworks, offering an intuitive and user-friendly interface that simplifies complex MDM tasks. Its extensive automation capabilities, including over 150 pre-built automations and features like Auto-Apps and Liftoff, significantly reduce manual effort for device enrollment, configuration, application deployment, and patch management. Security is a core focus, evidenced by its SOC 2 Type 2 compliance, CIS partnership, EDR for Mac, FileVault enforcement, and robust authentication methods like MFA. Users consistently praise its responsive customer support and the efficiency it brings to managing large fleets of Apple devices.

Weaknesses: The most notable limitation is Kandji's exclusive focus on Apple devices, making it unsuitable for organizations with diverse operating system environments that include Windows or Android. Some users have expressed a desire for more advanced reporting tools and greater device customization options. Additionally, the pricing structure can be a barrier for smaller businesses, and some users have reported occasional sync issues.

Recommendations: Kandji is an ideal solution for medium to large enterprises, educational institutions, and organizations across various industries that are heavily invested in Apple products. It is particularly well-suited for those seeking to streamline IT operations, enhance security posture, and ensure compliance across their Apple device fleet through automation and a user-friendly platform. Organizations with mixed-OS environments or very tight budgets for smaller device counts might need to consider alternative solutions or evaluate if the benefits of specialized Apple management outweigh the need for broader platform support. For Apple-centric environments, Kandji offers a powerful and efficient path to secure and productive device management.

The information provided is based on publicly available data and may vary depending on specific device configurations. For up-to-date information, please consult official manufacturer resources.

Simplify your IT ecosystem with InvGate Asset Management

30-day free trial - No credit card needed

Get started

Clear pricing

No surprises, no hidden fees — just clear, upfront pricing that fits your needs.

View Pricing

Easy migration

Our team ensures your transition to InvGate is fast, smooth, and hassle-free.

View Customer Experience