Item: ManageEngine Vulnerability Manager Plus
Rating: 8
Author: Gregory Caporale, CISSP

Overall Satisfaction with ManageEngine Vulnerability Manager Plus

Use Cases and Deployment Scope

We use ManageEngine Vulnerability Manager Plus to perform weekly vulnerability scans and identify the computers on our network that need to be upgraded or patched. We deploy all our software updates through ManageEngine Vulnerability Manager Plus and we have set up the product to perform updates to a test group first and then once some time has passed we roll out the updates to the entire network.

Pros and Cons

Pros

It excels in automating the patch management process, including testing and deployment for Windows, macOS, and Linux.
When new vulnerabilities are disclosed, ManageEngine Vulnerability Manager Plus provides immediate, actionable insights to detect affected systems and offers emergency, pre-built patches to mitigate risks instantly.
It identifies and helps remove unauthorized or risky software
It scans and hardens systems by detecting and fixing misconfigurations

Cons

The reporting could be better. Some of the canned reports that get generated are no longer useful. They are too noisy and do not provide succinct information.
The patch management process is a bit slow and at times it takes too long to push updates out to large numbers of computers.

Return on Investment

By automating the scanning, assessment, and patch management process, VMP has helped reduce the time to patch for us by 40%.
It has provided continuous visibility into device health and overall patch state. This has helped reduce the amount of time manually checking and updating.
By prioritizing the list of vulnerabilities the tool has helped our staff stay focused on the high-impact risks and ensure that critical assets are patched first.

Usability

I think overall the product is very user friendly. There are only a few minor areas where the process is a bit more complex than it has to be. The single pane of glass view makes working in the product easy. I can take a look at the entire list of systems and quickly identify those devices that are in need of immediate attention. The reporting is still a little weak, I'd like to be able to create my own custom reports but otherwise it is still useful.

Key Insights

Do you think ManageEngine Vulnerability Manager Plus delivers good value for the price?

Yes

Are you happy with ManageEngine Vulnerability Manager Plus's feature set?

Yes

Did ManageEngine Vulnerability Manager Plus live up to sales and marketing promises?

Yes

Did implementation of ManageEngine Vulnerability Manager Plus go as expected?

Yes

Would you buy ManageEngine Vulnerability Manager Plus again?

Yes

Other Software Used

ManageEngine Log360, Sophos Managed Detection and Response, ManageEngine ServiceDesk Plus, ManageEngine DataSecurity Plus

Likelihood to Recommend

ManageEngine Vulnerability Manager Plus is highly effective for organizations prioritizing ease of use, cost-effectiveness, and a single pane of glass for both vulnerability detection and patching. It is well-suited for organizations needing to manage a diverse, yet traditional, on-premise IT infrastructure (servers, workstations, laptops). It is good at securing remote endpoints by using an agent to scan, detect and patch workstations. It is good for both scanning and remediating vulnerabilities through the built-in patching tools. It is ideal for a smaller to mid sized environment using Active Directory.

ManageEngine Vulnerability Manager Plus Feature Ratings

Comments

Please log in to join the conversation

ManageEngine Vulnerability Manager Plus - a great product for SMB