So you have ConfigMgr installed and you’re managing thousands of devices;You get asked to update all the third party applications you have. What do you do? It’s just you, no-one else and there’s more apps than you can realistically handle, and they need patching yesterday…
Yay for 3rd party utilities!
Luckily for those responsible for patching (and providing those reports that ‘management’ love so much) we have some excellent products available to us in the ConfigMgr world to shift the heavy workload of patching and reporting, from us, to an automated solution. Sure, we can get someone ( or, most likely, us!) to create an application and deploy it with the relevant switches so that it installs silently and without rebooting, but then what?
- Where’s that report?
- What about next month?
- What about the new version, does it work?
- Is that command line correct?
- What about the next emergency patch?
- What about everything else?
- Why don’t we script it using PowerShell?
Yup, 3rd party patch management utilities save us time, and lots of it.
For this post I wanted to concentrate on the most suitable (in my environment) 3rd party tool to patch what will be over two hundred and fifty thousand devices (yup, 250,000). So, as you may see, this can save me and the rest of the team, a whole lot of time that we can spend on more interesting and productive tasks.
- Well, we have MECM for our devices, so we want to use a single console for managing our updates and in the simplest way possible, why choose something that cannot use the console and is difficult to use? So that is our primary driver. Ease of use.
- Products; Does the utility cover the applications in our estate? Secondary driver. Product List
- Reporting; How good are the reports from the utility? It’s no use having a great product, if the reporting is terrible, after all, how do we justify the cost if we cannot prove the tool is working and deploying those patches.Reporting.
- Cost; Last but definitely not least, how much is this time saving going to cost me?
What Products are available?
Google is your friend (or not) and a quick search shows the following
- ManageEngine – https://www.manageengine.com/sccm-third-party-patch-management/
- SolarWinds – https://www.solarwinds.com/patch-manager/use-cases/third-party-patch-management-sccm
- PatchMyPC – https://patchmypc.com/third-party-patch-management-sccm-scup-catalog
- Itarian – https://www.itarian.com/patch-management/sccm-patch-management.php
- Ivanti – https://www.ivanti.com/products/patch-for-endpoint-manager
So, we have some products to look at, in the next post I will evaluate these against the chosen criteria!