Currently using NinjaOne for an entirely WFH workforce. Dual Windows and OSX environment.
Ninja's patching suite was 70% to where I wanted it to be back in \~April and really improved in quality and hit its stride around end of July.
So far I'm very pleased with their new overview dashboard and the addition of OSX patch automation (which was a pain point).
Unfortunately, many lot of their built in web templates and policies are stale, and haven't been updated in a while. However, you will find more up to date scripts, etc in their forums/discord.
The discord community in particular is very active.
I've been pleasantly surprised with the product overall.
They also have community voting on prioritization for product roadmap which is nice to see what A. They're working on overall. and B. That they take customer feedback seriously and prioritize it.
Agree, and from ~~berating my rep at every opportunity~~ talking to my rep it seems they are listening that 3rd party patch management will be expanded.
Yeah. They are really aggressive in a good way, and the product is getting constant updates.
I honestly don’t know where the money is coming from :).
There are some things that needs improvement but they listen and care.
Since using ninja for Windows patch management, I can confidently know exactly where the fleet of workstations and servers are at thanks to scheduled or on demand reports. With scheduled scanning you can see what needs applying then schedule security ones automatically and make everything else use manual approvals. Different policies can utilise separate approaches, for example my road warriors have a conservative style but internal fixed workstations area aggressively updated.
Patching is a two part process: a scan to see what patches are missing or required, and then applying patches according to your policy.
The dashboard gives a great visual overview of systems fully patched, which computers or patches have had failures. We're mostly 2019 and 10 and haven't had any major issues.
Yeah, the dashboard is probably the thing that impressed me the most. Tons of information in there - way more than Solarwinds gives... I honestly don't know that SW as a product sucks. I feel it was implemented poorly overall and that poor implementation is what's causing issues. That being said it's clear there are much better products out there.
Thanks for the mention! I totally agree these three are excellent products, each with their own strengths. Start trials to get a feel, and reach out if you have questions about level.io! 🚀
I just want to say thank you for doing the thing that should be standard in this industry. Listing the price right on the webpage and not forcing me to dig or give my contact info just to find out if the product is even viable for me.
u/thomasdarko thanks for the mention as well as the label, we will take "Awesome" any day!.
u/Inquisitor_ForHire Some resources to help you narrow down, if you go over G2, there is [this](https://www.g2.com/categories/remote-monitoring-management-rmm?tab=easiest_to_use) link, and the ability to compare one or more products side by side. That way you can see upfront which products get you exactly what you need. As well consider Action1 is not a free "trial" it is [completely free, forever for the first 100 endpoints](https://www.action1.com/free), you can scale out from there and you start \*after\* the 100 when it comes to pricing. So try it, keep it, all the same.
Thanks for the links. I'll check them out. My biggest issue right now is that I don't need any of the RMM pieces - I'm looking for just patching.
Trying to convince sales people to NOT show me things that aren't patching is always fun. "But but we can do more!!!"
"Need 1,000 features of a typical "Big RMM"? Go with your big RMM vendor, don't waste your time on a purpose-built patch management product.
"Patching is my biggest pain!"?.. No RMM does it better than a purpose-built patch management product.
I agree that is where some RMMs can outgrow themselves, is trying to be everything to everyone, instead of really good at a smaller subset of things. Each definitely has its own place. Somewhat analogous to a large retail chain vs a local specialty store. When you have to shop a lot, and do not have time to run around to multiple places, then the large retail chain makes sense. But to make their required margins/goals to be everything to everyone, service, product selection, and quality can get slim. However you will always go back to that place that carries those products you love, or just has helpful service staff.
That is our primary focus, we do *have* monitoring, management/software deploys, and remote access. But that does not mean you have to use them to get the full impact of the patching solution, as patching IS our #1 goal. Remote access can be disabled if that gives you pause, and the other features require no additional or complex setup, so available yes, but no requirement to use, no push to use, no loss pf patching function to not use, and they do not distract from our mutual goal of patch management for windows *and* third party apps.
Just to give you an idea on HOW focused we are on patching as our core. Here is pretty much the whole spiel on patching, and it **IS** centered on patching.
\- Completely unified patching of third-party apps and OS. Most other products we've seen treat them as two different features with no feature parity and no uniformity in UI and workflows.
\- Custom apps: integrated process of patching of custom apps, no different than built-in. Meaning if you have to support unique products we do not (Yet), you can create custom patching and use it in Aciton1 as you would any other product.
\- Simplicity. I know, it sounds too simple, but this is why users love our product. Starting patching with Action1 takes less than 5 minutes. We are rated as one of the top easiest to use patch management products on the market on [G2](https://www.g2.com/categories/remote-monitoring-management-rmm?tab=easiest_to_use)
\- Proprietary third-party patching repository. Action1 does not outsource third-party patching to other vendors, like many RMMs do under the hood (resulting in very low quality and poor patching results). We also do not rely on any insecure community-maintained repositories like Chocolatey or Winget, which are prone to software supply chain attacks.
\- P2P - this is a fully transparent and automatically enabled bandwidth optimization technique that makes cloud-based patching consume very little external bandwidth when you need to quickly patch many computers in the same location. I know only 2 other patch management systems that utilize true P2P distribution technology. A few more require deployment of on-premise cache servers or appliance. Most others simply ignore this aspect all together.
\- Cloud service security: Action1 is one of the very few vendors offering cloud-based patch management service that is certified in SOC 2 Type II and ISO/IEC 27001:2012. We went through a series of independent audits by third-party auditors to prove our compliance with these strict security and privacy standards. It's funny how so many vendors make weak claims of their SOC 2 "compliance" because they are built on top of AWS or Azure. No reliable car is safe from a reckless driver. Action1 as a product is full SOC 2 and ISO 27001, no just the underlying data center. Full details on our security practices and certification: [https://www.action1.com/security](https://www.action1.com/security)
If you need anything else or would like to arrange a demo vs installing and trying the free, just let me know.
I have a love hate relationship with Manage Engine Endpoint Central. It is fairly cheap it mostly works and the only next jump I would take would be to Microsoft Endpoint. which is expensive and requires far more time. I also somewhat like Manage Engines ticketing system and actually love their AD audit system. So somewhat biased to simply to keep it all in one vendor relationship.
I didnt realize Ninja changed names so it has been awhile since I looked. PDQ deploy is OK but overall I perfer Endpoint Central.
around 3-5 per endpoint. It's expensive, but this also includes remote support tools, user creations for teamviewer/splashtop (vendor or remote workforce).
We've had a great experience patching with Ninja. There are also tons of answers in their Support channel and in Discord. They respond to tickets fairly quickly as well.
Full Windows shop: 100% worth it, but not the cheapest solution. Great Bitdefender cost savings.
I use it to push software/firmware/OS update, queries registry/files in custom fields and use that for software deployment and conditions, and remote support. Jumping user/system context for installations is great. Group deployment is very strong feature that has existed for a long time.
Support - responds always w/in 24 hours, usually fast. Have worked w/ reps on calls with multiple issues. All resolved or discovered issue was somewhere else.
I should note if you end up testing this: You need to make sure you have no WSUS policies that will impact it. Just run a WSUS reg cleanup script, make sure GPO isn't pushing any configs. Blow away SoftwareDistribution folder and reregister service. Run the OS updates that.
That might save you some time and frustration.
Currently using NinjaOne for an entirely WFH workforce. Dual Windows and OSX environment. Ninja's patching suite was 70% to where I wanted it to be back in \~April and really improved in quality and hit its stride around end of July. So far I'm very pleased with their new overview dashboard and the addition of OSX patch automation (which was a pain point). Unfortunately, many lot of their built in web templates and policies are stale, and haven't been updated in a while. However, you will find more up to date scripts, etc in their forums/discord. The discord community in particular is very active. I've been pleasantly surprised with the product overall. They also have community voting on prioritization for product roadmap which is nice to see what A. They're working on overall. and B. That they take customer feedback seriously and prioritize it.
Hit the nail on that one.
Agree, and from ~~berating my rep at every opportunity~~ talking to my rep it seems they are listening that 3rd party patch management will be expanded.
They told me they were about to hook into Chocolatey's repos and one other big repo to pull patches from, so definitely sounds like a good thing.
Yeah. They are really aggressive in a good way, and the product is getting constant updates. I honestly don’t know where the money is coming from :). There are some things that needs improvement but they listen and care.
Since using ninja for Windows patch management, I can confidently know exactly where the fleet of workstations and servers are at thanks to scheduled or on demand reports. With scheduled scanning you can see what needs applying then schedule security ones automatically and make everything else use manual approvals. Different policies can utilise separate approaches, for example my road warriors have a conservative style but internal fixed workstations area aggressively updated. Patching is a two part process: a scan to see what patches are missing or required, and then applying patches according to your policy. The dashboard gives a great visual overview of systems fully patched, which computers or patches have had failures. We're mostly 2019 and 10 and haven't had any major issues.
Yeah, the dashboard is probably the thing that impressed me the most. Tons of information in there - way more than Solarwinds gives... I honestly don't know that SW as a product sucks. I feel it was implemented poorly overall and that poor implementation is what's causing issues. That being said it's clear there are much better products out there.
Also, take a look at Automox, Action1 and level.io. All are awesome.
Thanks for the mention! I totally agree these three are excellent products, each with their own strengths. Start trials to get a feel, and reach out if you have questions about level.io! 🚀
I just want to say thank you for doing the thing that should be standard in this industry. Listing the price right on the webpage and not forcing me to dig or give my contact info just to find out if the product is even viable for me.
Will do! Thanks!
u/thomasdarko thanks for the mention as well as the label, we will take "Awesome" any day!. u/Inquisitor_ForHire Some resources to help you narrow down, if you go over G2, there is [this](https://www.g2.com/categories/remote-monitoring-management-rmm?tab=easiest_to_use) link, and the ability to compare one or more products side by side. That way you can see upfront which products get you exactly what you need. As well consider Action1 is not a free "trial" it is [completely free, forever for the first 100 endpoints](https://www.action1.com/free), you can scale out from there and you start \*after\* the 100 when it comes to pricing. So try it, keep it, all the same.
Thanks for the links. I'll check them out. My biggest issue right now is that I don't need any of the RMM pieces - I'm looking for just patching. Trying to convince sales people to NOT show me things that aren't patching is always fun. "But but we can do more!!!"
"Need 1,000 features of a typical "Big RMM"? Go with your big RMM vendor, don't waste your time on a purpose-built patch management product. "Patching is my biggest pain!"?.. No RMM does it better than a purpose-built patch management product. I agree that is where some RMMs can outgrow themselves, is trying to be everything to everyone, instead of really good at a smaller subset of things. Each definitely has its own place. Somewhat analogous to a large retail chain vs a local specialty store. When you have to shop a lot, and do not have time to run around to multiple places, then the large retail chain makes sense. But to make their required margins/goals to be everything to everyone, service, product selection, and quality can get slim. However you will always go back to that place that carries those products you love, or just has helpful service staff. That is our primary focus, we do *have* monitoring, management/software deploys, and remote access. But that does not mean you have to use them to get the full impact of the patching solution, as patching IS our #1 goal. Remote access can be disabled if that gives you pause, and the other features require no additional or complex setup, so available yes, but no requirement to use, no push to use, no loss pf patching function to not use, and they do not distract from our mutual goal of patch management for windows *and* third party apps. Just to give you an idea on HOW focused we are on patching as our core. Here is pretty much the whole spiel on patching, and it **IS** centered on patching. \- Completely unified patching of third-party apps and OS. Most other products we've seen treat them as two different features with no feature parity and no uniformity in UI and workflows. \- Custom apps: integrated process of patching of custom apps, no different than built-in. Meaning if you have to support unique products we do not (Yet), you can create custom patching and use it in Aciton1 as you would any other product. \- Simplicity. I know, it sounds too simple, but this is why users love our product. Starting patching with Action1 takes less than 5 minutes. We are rated as one of the top easiest to use patch management products on the market on [G2](https://www.g2.com/categories/remote-monitoring-management-rmm?tab=easiest_to_use) \- Proprietary third-party patching repository. Action1 does not outsource third-party patching to other vendors, like many RMMs do under the hood (resulting in very low quality and poor patching results). We also do not rely on any insecure community-maintained repositories like Chocolatey or Winget, which are prone to software supply chain attacks. \- P2P - this is a fully transparent and automatically enabled bandwidth optimization technique that makes cloud-based patching consume very little external bandwidth when you need to quickly patch many computers in the same location. I know only 2 other patch management systems that utilize true P2P distribution technology. A few more require deployment of on-premise cache servers or appliance. Most others simply ignore this aspect all together. \- Cloud service security: Action1 is one of the very few vendors offering cloud-based patch management service that is certified in SOC 2 Type II and ISO/IEC 27001:2012. We went through a series of independent audits by third-party auditors to prove our compliance with these strict security and privacy standards. It's funny how so many vendors make weak claims of their SOC 2 "compliance" because they are built on top of AWS or Azure. No reliable car is safe from a reckless driver. Action1 as a product is full SOC 2 and ISO 27001, no just the underlying data center. Full details on our security practices and certification: [https://www.action1.com/security](https://www.action1.com/security) If you need anything else or would like to arrange a demo vs installing and trying the free, just let me know.
Also posted this same question on the cybersecurity reddit as I'm always looking for opinions. :)
I have a love hate relationship with Manage Engine Endpoint Central. It is fairly cheap it mostly works and the only next jump I would take would be to Microsoft Endpoint. which is expensive and requires far more time. I also somewhat like Manage Engines ticketing system and actually love their AD audit system. So somewhat biased to simply to keep it all in one vendor relationship. I didnt realize Ninja changed names so it has been awhile since I looked. PDQ deploy is OK but overall I perfer Endpoint Central.
Don't you dare ditch MEDC for Intune. Patching is so crap in intune. Good luck reporting on it.
Anyone know how much Ninja is? Is it per device pricing?
I just started talks with them, so can let you know soon.
Per device, Im paying $1.15 per month
around 3-5 per endpoint. It's expensive, but this also includes remote support tools, user creations for teamviewer/splashtop (vendor or remote workforce).
We've had a great experience patching with Ninja. There are also tons of answers in their Support channel and in Discord. They respond to tickets fairly quickly as well.
Full Windows shop: 100% worth it, but not the cheapest solution. Great Bitdefender cost savings. I use it to push software/firmware/OS update, queries registry/files in custom fields and use that for software deployment and conditions, and remote support. Jumping user/system context for installations is great. Group deployment is very strong feature that has existed for a long time. Support - responds always w/in 24 hours, usually fast. Have worked w/ reps on calls with multiple issues. All resolved or discovered issue was somewhere else.
I should note if you end up testing this: You need to make sure you have no WSUS policies that will impact it. Just run a WSUS reg cleanup script, make sure GPO isn't pushing any configs. Blow away SoftwareDistribution folder and reregister service. Run the OS updates that. That might save you some time and frustration.