Cisco offers Meraki Systems Manager (SM), an enterprise mobility management platform supporting the monitoring, provisioning and securing of mobile devices across an enterprise network.
N/A
ManageEngine Endpoint Central
Score 9.1 out of 10
N/A
Desktop Central from ManageEngine is a client desktop management with patching, remote control, and configuration.
It is very helpful if you need to restrict the apps a student or employee can have on their device. I had teachers using Netflix on the iPads before I brought them under management. Restricting them will make you unpopular with some of your employees, however, I advise them the device is being provided for business use and, therefore we have the right and responsibility to manage it.
Compared to other endpoint management tools that I have experience with, the patch management and the system health statistics functions work much better and are easier to navigate. The endpoint control functions are nowhere near as good as what I've used with Kaseya's VSA application - with that you could remote control a machine via a remote desktop type interface, or you could connect to the command line or PowerShell and it functioned as if you were directly connected to the machine - command history, tab completion, etc.. "just worked" and if the endpoint disconnected, you didn't lose anything that was going in the window when it reconnected (Exception being if the machine rebooted), grouping systems by department or building was also easier, as was moving systems between groups
We set alerts when a devices gets low on disk space. That is automatic and creates a ticket in ME SDP. We are then able to Add space to a VM Desktop, and then go thru ManageEngine Endpoint Central to extend the drives so the entire process can be done without interruption to the end user.
Using the patch scans we can easily see what patches have been installed for all manufacturers not just Microsoft, without having to physically go to the device. It also allows us to choose which patches we want to push out and automate the process so we can be hands off, freeing up out time for other things.
Remote access to devices. This allows us to remotely make changes, not just via remote control but also make registry changes and clean up space without going to the device and without interruption to the end user.
Alerts. We have set up to get email alerts when new hardware is plugged into any computers. This lets us know if someone is bringing in un-authorized equipment (thumb drives, hubs, etc) to better manage what is/is not on our network.
Limited ability for "command line" functions. For example, we had a laptop that was stolen and showed to be online, but we could not wipe it. We were able to access a command prompt, but it would not accept DISKPART or FORMAT commands to try and make the PC unusable.
The GPS location is not terribly accurate and frequently it "guesses" location based off of an IP address rather than actually activating the GPS on the device. This makes tracking lost/stolen devices very difficult.
Difficulty getting devices to correctly show their status in the dashboard. For example, I can have a PC that is online and connected to the Internet, but shows to be offline in the dashboard. Only after refreshing many times would it indicate that the PC was actually online, thus allowing me to administer it.
When I first started using ManageEngine Endpoint Central, the UI felt very complicated and cluttered up, which means as a new user, it took a lot of time to get used to using it and knowing where certain features are. This was also because specific features aren't obvious to the user, it can take time to find them through multiple routes.
When pushing out specifc software to a large number of endpoint devices such as 1500 in my organisation, the deployment fails a lot more meaning some devices dont receive the software and this has to be done manually for them. This can take a lot of time.
When an issue is reported about ManageEngine Endpoint Central, for example it constantly crashing when being heavily used. The support was delayed and it took a lot of time for first line support to address the issue and escalate it.
ManageEngine is considered an excellent product due to its comprehensive suite of solutions for IT management, with ManageEngine Endpoint Central specifically excelling in endpoint management. The platform stands out for its user-friendly interface, robust features, and versatility in addressing diverse IT needs. It offers organizations a centralized solution for endpoint security, patch management, software deployment, and asset management
It has is easy to use overall and is very powerful. The learning curve for the system is very small and I have found it easy to train members of our team to use it. It can fit any size organization and the support is excellent. The ROI is well worth it. If you have a multiplatform ecosystem, this tool is near perfect.
The application itself is great. However, I have little insight to what the patches are doing. Being able to see patch download progress, not just the status, would be great. The user interface could also use an overhaul. The countless menus, sometimes containing similar if not duplicate tabs can be frustrating to navigate.
We have found that Cisco Meraki has always had very good customer support. In the rare case, when we have needed assistance they have always been quick to respond and solve the issue.
The immediate chat support is great and very helpful. However, if you need escalated support or have a deeper need that the chat tool can't help with, you will experience significant wait times and slow responses. The time zone difference becomes painful to the point of often just giving up.
The only product I have used that is similar is Apple Configurator. While a powerful solution, it requires physical access to the devices which is not always possible, especially on a large site. Meraki is able to achieve many of the same functions as the Apple configurator but without ever needing to physically access the device, other than initial setup and registration.
I tend to use a combination of solutions to keep the estate running efficiently. ManageEngine Endpoint Central has more control over the timing of patching for users. Juggling users being able to work and keeping systems up to date with user satisfaction in mind is a monthly goal. Pushing updates with giving users some control seems to be working.
It’s scalable up to a point and will scale well from small to a medium business, however, as a business grows and policies get more mature or detailed, you might have to later upgrade to a more appropriate enterprise solution such as MaaS360 or AirWatch. This solution however, will last quite a long tome for a growing business.
Our immediate take away has been a savings of thousands a year in MDM fees. We were paying around $3.00 a device with our previous MDM and our average with Meraki is about $1.88 per device. That while providing far more functionality than our previous provider.
It has greatly helped us with our compliances through the compliance scans, such as taking our CIS compliance from 36% up to around 90%.
It has massively reduced the number of application/patch vulnerabilities through automated patching & dynamic configurations with custom scripts. From 60 criticals and 300 highs down to just 5 criticals and 25 highs, very quickly.
It has helped us identify issues with our Bitlocker not syncing to Azure AD properly, because the recovery keys in ManageEngine were always correct but werent always correct in Azure AD.
