Ivanti Endpoint Manager increases user and IT productivity by helping IT administrators gather detailed device data, automate software and OS deployments, and quickly fix user issues.
N/A
SentinelOne Singularity
Score 8.9 out of 10
N/A
SentinelOne is endpoint security software, from the company of the same name with offices in North America and Israel, presenting a combined antivirus and EDR solution.
There is no direct replacement for the on-prem Ivanti [Unified Endpoint Manager (formerly LANDESK Management Suite)] solution. Ivanti has a companion product called Neurons, but that is in additional cost, and requires configuration with your on-prem [Unified Endpoint Manager] instance to perform basic functions. If cloud-based is a requirement for your organization, this is likely a dealbreaker. You can implement [Unified Endpoint Manager] in a cloud instance such as AWS, but the support for this appears limited. If on-prem is not an issue for you, this is a great tool for device management. It has robust features, impressive inventory, massive customization options, and excellent vendor support. If Patch Management is a problem in your company right now, this is the first product I would evaluate.
It works extremely well for investigating the root cause analysis of events because you can see so much detail into what was happening before, after, and around the detective incident. A weak point would be when the AI gets a little over-aggressive or doesn’t quite understand the use case for specific tools. Our RMM tool was detected as a pup.
Patch(Security) is done really well. You can use roll out projects or built-in automation as well as the use of groups and scopes to design pilot and other use cases.
It takes a solid inventory of what you have of your endpoints and can do an agentless scan as well if you need to collect data that way as well.
Provisioning is rather simple and even allows you to use other products' software for the image or the built-in if you wish to do so.
Software distribution works well and has a lot flexibility built into the module.
Setup - Boy it is a pain to configure everything correctly. Be aware that you'll probably be giving an AD service account some God rights to get everything working....and security just loves that....
Cost - Boy you have to pay for everything. I suppose it lets you buy into just what you want but having repeated items go through procurement is a pain if your procurement branch is a pain.
We are happy with the product but the support and development process is far superior to any other company we have worked with. Having a good support structure is very important in today's marketplace of products that do so many things and have so many robust options and capabilities. We are very satisfied with our contract, pricing, support and product execution.
Items are logically laid out and most are easy to find. The more advanced stuff can be trickier, but it is still not hard to find. There are a lot of options though, so remembering where some settings are, especially if you do not alter them often, can take a minute, but you will get to them fairly qiickly.
There are some minor issues with the platform that can be mildly frustrating, but the overall performance, peace of mind, and ROI make it worth using. The management console is intuitive and easy to learn, the endpoint clients are simple but give IT professionals enough data to make management easy and simple
TRM\TAM support has been generally very good. Getting reported bug fixes, design changes, UX problems resolved has been a pain. It is often difficult to get problems escalated beyond the TRM\TAM level. Support is fantastic when you can get it, getting it can often require more work than it should, and that is probably our biggest issue.
Their support is good and quick to respond. The one issue we faced was when a non-protection issue arose there was a lot of dancing around trying to figure things out. This was frustrating as it took significantly longer to figure out issues. Lots of repetitive log gathers, screen caps, uninstalls that never seemed to resolve issues. Eventually, the product would be updated and the issue seemed to be resolved, but seemed to be the only solution.
It's been many years since I did a full evaluation of other products but at the time we purchased it, the main competitors were Microsoft's SMS and Alteris. SMS just looked horribly ugly and complicated (which fit in very well with Microsoft's other server tools) and Alteris looked okay but had a piecemeal approach where even a basic deployment meant purchasing a half dozen or more components. LANDesk had one bundle for all the tools we were looking for and had a great interface for presenting the data.
SentinelOne had all of the major features that we were looking for. The other products either required too much administrative attention or were lacking key features. For example, one could be uninstalled by the end user. We required that the installation be password protected to protect against end user disabling or uninstalling. One product required manual intervention for all remediation which put to high a burden on limited staff. All products are always being revised so these may no longer be issues but they had a significant impact on our decision.
SentinelOne has already proved its value by stopping attacks that would have gone otherwise unnoticed until much later in their infection process.
The Vigilance team has provided quick response to threats that were not easily contained via the automated response SentinelOne's agents provide. This has given us a significant piece of mind.
