Desktop Central from ManageEngine is a client desktop management with patching, remote control, and configuration.
$795
per year per user
Tenable Nessus
Score 8.8 out of 10
N/A
Tenable headquartered in Columbia offers Nessus, a vulnerability scanning and security assessment solution used to analyze an entity's security posture, vulnerability testing, and provide configuration assessments.
We preferred Endpoint Central for several reasons. The wide range of functionality, the ability to manage our entire infrastructure from a single console, and the capability to manage our smartphones. No other solution allowed us to do all this, except Microsoft Intune which is …
Intune doesn't offer 3rd party patching and the reporting isn't on the same level for some of the offerings in this application. Nessus is very expensive, and we have used both at the same time to compare and they pull the same results with the ManageEngine Endpoint Central …
ManageEngine has all of the features of the other products, but it came in significantly below the cost of these, and as such won out. It is easy to use, deployment works well, and the web site is very responsive.
ManageEngine Endpoint Central is a simple patch manager which helps you spot the latest updates for more popular applications. ManageEngine Endpoint Central can also scan for out-of-date drivers, but we wouldn't recommend that. You're unlikely to see any major benefits (drivers …
What I like most about ManageEngine Endpoint Central is its effective patch management and powerful remote access, which help me resolve issues quickly and save time. BitLocker management and application deployment are easy to manage from a single console, and the corporate data wipe feature ensures data security for lost or retired devices. Overall, it’s an easy-to-use, time-saving, and value-for-money endpoint management solution.
It is an excellent tool for scanning servers, workstations, and network devices to identify missing patches and misconfiguration; we regularly use it to confirm patch effectiveness after the update; it also helps us for preparing audits such as iso 27001, and regulatory requirements, it also helps us to identify open ports and services that violate security.
We set alerts when a devices gets low on disk space. That is automatic and creates a ticket in ME SDP. We are then able to Add space to a VM Desktop, and then go thru ManageEngine Endpoint Central to extend the drives so the entire process can be done without interruption to the end user.
Using the patch scans we can easily see what patches have been installed for all manufacturers not just Microsoft, without having to physically go to the device. It also allows us to choose which patches we want to push out and automate the process so we can be hands off, freeing up out time for other things.
Remote access to devices. This allows us to remotely make changes, not just via remote control but also make registry changes and clean up space without going to the device and without interruption to the end user.
Alerts. We have set up to get email alerts when new hardware is plugged into any computers. This lets us know if someone is bringing in un-authorized equipment (thumb drives, hubs, etc) to better manage what is/is not on our network.
Nessus is best at performing vulnerability scans, in fact, it gives findings and moreover accurate findings of the assessments. It does not do penetration testing or exploit the vulnerabilities because it is concerned about scanning the systems/applications.
In fact, Nessus has multiple profiles/policies to perform different types of scans such as, scans oriented for PCI-DSS, malware scans, web application scans, bad shell shock detection scan to name a few.
Nessus has the ability to classify the vulnerabilities into risk-based categories from critical to even informational which I think is one of the things that separates Nessus from other vulnerability scanners.
The remote CLI/PowerShell interfaces should support tab completion and command history like the real-world versions
Remote control could work better
Having a standalone application, even if just a Java app or something for the remote control/remote command line versus running it out of a web browser
The tool has lots of options for setting up before scanning any device, this methodology could be simplified further with default configuration for various devices predefined, anyhow we can use this technique by making use of policies.
For advanced users we cannot disable the plugins inside the plugin groups, we can enable the whole set of plugins at a time, for few hundreds its ok, but thousands of plugins are of waste of resource and time.
ManageEngine is considered an excellent product due to its comprehensive suite of solutions for IT management, with ManageEngine Endpoint Central specifically excelling in endpoint management. The platform stands out for its user-friendly interface, robust features, and versatility in addressing diverse IT needs. It offers organizations a centralized solution for endpoint security, patch management, software deployment, and asset management
Nessus is best and easy to use application for Vulnerabilities finding and reporting, it has multiple platforms and wide scope covering almost all devices for security improvement so far, thus we are very likely to continue its services.
The application itself is great. However, I have little insight to what the patches are doing. Being able to see patch download progress, not just the status, would be great. The user interface could also use an overhaul. The countless menus, sometimes containing similar if not duplicate tabs can be frustrating to navigate.
Tenable Nessus is a great product and provides a lot of value, but it is difficult to set up and use and the amount of data it generates can be overwhelming. It does help us prioritize based on the severity of the detection, however there are sometimes mitigating factors that we have implemented that Nessus does not account for, which causes lots of noise in the reports.
The immediate chat support is great and very helpful. However, if you need escalated support or have a deeper need that the chat tool can't help with, you will experience significant wait times and slow responses. The time zone difference becomes painful to the point of often just giving up.
I haven't needed to contact support yet. But issues are easily solved with a quick internet search which means support and by extension, the larger community are involved and knowledgeable.
It seems that the services offered with the purchase change from what is covered to what is an additional cost. Somethings I thought we had ended up requiring an additional purchase if we wanted to continue using the feature.
I tend to use a combination of solutions to keep the estate running efficiently. ManageEngine Endpoint Central has more control over the timing of patching for users. Juggling users being able to work and keeping systems up to date with user satisfaction in mind is a monthly goal. Pushing updates with giving users some control seems to be working.
Sometimes when we identify a vulnerability with Nessus that has an exploit, we made a proof of concept with Metasploit in order to show to the IT managers the importance of the software/hardware hardening.
We have been able resolve and complete any requests which include things like software deployment or issues that include troubleshooting, much faster and more efficiently. This has had a sharp decrease in our response times and also time it takes to complete these requests or incidents.
The mobile device management features have allowed us to be able to have a much tighter grip on security. This means we have dramtically decreased our device vulnerabilities and risk of data breaches. This has saved us lots of time and money.
The remote features that are available have helped a lot with user's being able to work remotely and allow our organisation to sustain hybrid work. It means user's can still be as productive and IT support is as efficient no matter where the user is working.
Nessus certainly has a positive impact while me while performing my job, either as security research, or performing vulnerability assessments for clients. It gives a lot of information about the system/application after performing scans. The number of false positives is also less compared to other vulnerability scanners.
The professional edition is very useful as policy templates available in this edition are very handy and useful even to perform compliance scan like PCI DSS scan.
Also, the ability to export the scan results into reports in formats like HTML, PDF is very useful which could be for performing system/application reviews.
