We simply use the built in mobile device tools for Exchange 2007/2010 in our environment. It depends on how many devices you have, what security policies you need to enforce, DLP policies...the list goes on.
We have a bit over 100 devices currently between iPhones, iPads and Android phones. Our EAS policy requires a password, wipes the device after 8 failed tries, prevents RDP applications for DLP reasons and blocks unsigned applications. Not sure if that prevents jailbroken apps on iOS or manually installed apps on Android, but we have a separate signed use policy form that users agree to. If we happen to find them in violation of the policy their phone is simply taken away completely.
For a third party solution I think
Mobile Iron is still the premium product. I haven't had a chance to test drive it since we haven't run into any user problems with our current procedure and my boss doesn't want me "wasting the time". My understanding is it allows a wipe of the entire device or just the corporate data, allows remote app deployment, remote device management and a few other cool tricks that I don't think we currently need. All this of course comes at a price on top of the Exchange cost, which is another anti-driving factor for my company.