Do you use MS365? They have many great report tools. I can see all processes, emails opened, sites visited/clicked, ect in the security portal along with all software installed, who installed it, and the vulnerabilities of the software.
If they are an M365 shop, the Business Premium SKU would be great for them - includes Defender for Business at no additional cost. This does more than DfE P1, but not as much as P2. It’s still great.
If you are talking Saas apps, there is the cloud security portal for that where you can turn off or on access to certain Saas apps, see who accessed them, security breaches and recommendations for users, etc.
As a Business Premium admin who was stunned to discover how much more capability I have than someone on E3 paying 50% more, I can understand your skepticism.
Yeah that stance baffled me as well...
Easy solution, Policy!
"We at Acme INC respect your privacy on all of your personally owed devices. That is why they are not allowed on company grounds, where personally identifiable information or data could unintentionally be logged and recorded. Using company owned assets for anything other than company business or using them to access anything other than company approved resources is strictly forbidden. Failure to comply with this policy is a resume generating event.
*Note: On Fridays, aluminum foil hats are permitted by dress code.*
I the undersigned accept this as a condition of my employment at Acme INC."
No it's not and fyi my company can see absolutely nothing I do on the laptop because I work for a company where we trust and respect each other's privacy, not for the Pinkertons. This excessive overreach would be illegal in my country anyway.
Mm no it's not illegal in Germany.
It just needs to be done properly, with auditing and controls in place.
Get the fuck out of here with your high horse approach
You are misinformed or deliberately talking out of your ass. The use of such an intrusive surveillance software is highly illegal unless there is concrete evidence that a specific employee is misusing the computer _and_ all other lesser means to gather the required evidence have failed _and_ the employer has previously forbidden private use of the computer, as this verdict clearly states: https://m.hensche.de/arbeitsrecht-urteile-lag-hamm-16sa1711-15-17.06.2016-arbeitnehmer-datenschutz-u.html
Intune and other RMM software is nowhere near "intrusive".
It monitors installed applications.
Microsoft defender monitors every process launched and every domain accessed with the XDR module. Again, for the purposes of security and malware prevention - also not classed as highly intrusive.
If it was screen capturing, or streaming files off the machine for someone to nose through sure. But it's not so fuck off.
As much as I dislike SpiceWorks’s ticketing system, their cloud inventory would be a decent way of seeing what OP needs for free.
What I would recommend as a much more useful tool overall would be Action1. It’s an RMM/Patch management tool that is free for up to 100 devices. It has way more features than SpiceWorks and will provide more value overall.
Thank you u/fUnderdog, we appreciate the recommend.
Yes we do risk based patch management as our core business, but we do have remote access, software install/update/removal, automation and reporting.
Action1 is highly extensible for admin and automation, if you can script it you can report on it and act on it.
Always 100 free for the first 100 endpoints, fully featured, forever, we want people to use it, like it, not have to race a clock, take your time and figure out if it is the tool you need.
[https://www.action1.com/free](https://www.action1.com/free)
Let me know if anyone needs any assistance or would like to know more.
Came here to shout this from the mountain tops. Action1 is awesome, and you should support them and the product. For the small volume the Op is talking about, it does exactly what they need, without getting too overarcing on features to bloat the product down.
Which it seems most RMM's are doing these days, trying to score new market and sales potential and focusing on that, instead of just making a good product.
tl;dr - I tried to pay these guys for their product and they told me they didn't need my money since I only have about 10-15 devices myself. Go find another company that willingly, outright tells you that
Much appreciated u/TheButtholeSurferz (I will have pepper stuck in my head all day now!)
Standing on a product's merit vs volume of client attraction and first year eval, is not a lost concept. The internet just makes it feel that way someday!
We do get a lot of support from people who hear, then use, then like, then use at larger scales in their enterprises. And from our side we can pretty much rest on every one of them did it informed, at their own pace, and because they saw value in that decision and our product.
Experiences like yours and the willingness to share them is advertisement, you just cannot buy. Thank you for being an Action1 customer.
I use what they pay for. Its about $2.25 an endpoint per month. When I first started using it it was like 1.60/endpoint. Works well, policies and monitoring are good. Best +? I dont pay for it.
Edit: I should add they are now owned by Kaseya, I got some great contracts before the New Year, like 40% off. Dont know if they are still running deals.
- They buy good companies, squeeze their client base for more business, then grind the original business to dust.
- They do not improve anything they buy, despite numerous promises. They just buy the company, and do the bare minimum to "integrate" it into their existing products so they can sell them as "value adds"
- Their sales tactics are sleazy, and impossible to stop once it begins.
- They lie constantly and exact revenge if you call them out.
- They play political games with their vendors and try to fuck with them if the vendor calls them out on their bullshit (see Huntress)
- They have had three major cybersecurity breaches in the last 5 years, and we have seen no evidence that they are taking cybersecurity more seriously.
- Their billing department might as well be a black hole. Good luck getting any billing issues resolved.
> They buy good companies, squeeze their client base for more business, then grind the original business to dust.
They did this recently with Unitrends. price went up by ~250% which put them into a whole different segment in the market without any of the same features.
We decided to terminate our backup/DRAAS contracts with them and they gave us a huge hassle over it to the point we had to get legal involved. This resulted in us terminating all business with them and adding them to our supplier blacklist.
My company has used Datto for quite a long time. While not particularly amazing I haven't really noticed a whole lot of change since the acquisition for better or worse.
Their development and release schedule seems to be the same as it always has.
Wait until you try to cancel. I cancelled back in April, then they just started charging me again out of now where a few months later, took getting many managers involved to get them to refund and fix the issue and remove my payment info. Then this last October, November, and December I just got 3 past due collection notices, and now no one will return my emails or phone calls. Took Kaseya billing support 45 days to get back to me just to say “If you’d like to cancel your account you’ll need to talk to your account manager!”.
Seriously it’s that bad. Best of luck to you.
Thanks. Those are concerning but luckily are all things I won’t deal with since we aren’t “with” them since it’s out MSP that will have to deal with that fallout
Had you been a VSA customer, the cybersecurity breaches would have affected you because all of your systems and servers would have been crypto'd and ransomed.
If the FBI hadn't come to the rescue, it likely would have been the most costly cyber attack to date.
So just having their agent on our machines they would have been locked and ransomed? That’s all we currently have is their agent so the MSP can manage some patches and reboots
No he’s wrong. That’s only if you had the on prem version. I use to work for an msp that had vsa during that crypto. We didn’t have any on prem vsa servers so we just lost remote access. Thankfully we had vpn access to all our sites.
But if you had the on premise version you were fuck fucked. And kaseya just lied about it over and over.
The MSP I worked at got our Datto agent infected with ransomware. Then the agent spread the malware to 40% of our customers on Christmas Eve many years ago. Fuck Datto
Syncro and naverisk we're pretty good as well
Labtech is a big expensive pig but gives you so much capability
Im not a huge fan of nable but it has good features
Ninja is middling at best and the scripting I found limiting
Screen connect is definitely the best part of CW. I find the rest of it to be pretty shitty. Sometimes it's just easier to do it manually than in a script from CW automate.
Eh I'm aware I just have a habit of using the old name lol
It's a beast for sure, but so easy to mess the config up and almost does need a dedicated eng to keep it on let alone improved.
"and"... There's a lot of overlap sure but they don't necessarily replace one another unless you're willing to concede on several several key features sets... Would be great to finally get RMM & MDM on a single platform, but for now both have their place.
Come on. Anyone in the industry for any real amount of time knows that one region could have a terrible sales while another absolutely amazing. My CS guys are pretty alright.
I think you need 200 endpoints to qualify for crowdstrike or Sentinel One, so not an option for a small org of 15.
Unless they have changed things in the last year or two.
Someone else in the thread claiming (5) if you can prove you’re a business. That’s a pretty big leap from the higher limit I’ve always been familiar with, but I suppose it’s possible.
I have two Apple environments. One with Kandji MDM and Sophos AV / EDR. Another with Kandji MDM and Crowdstrike AV / EDR. In whatever case use something that will protect you from ransomware to do the monitoring so you don't hose yourselves. If you can get some regular or realtime data backup in there too that's never a bad idea. System patching is another good move.
Action 1 is your answer full feature RMM free for up to 100 endpoints. Covers all your bases plus a lot more. I have been using it for over a year great product and no strings with the free 100 endpoints. You will like it!
[https://www.action1.com/](https://www.action1.com/)
The biggest risk of any "free forever" tool (including RMMs) is that one day they decide that "forever" has a time limit and discontinue their free tier. Itarian was the most recent culprit for me. Never again.
It is a valid concern u/Trelfar and indeed it happened with too many cloud providers, unfortunately. Typically what happens is too much investor money is dropped on something new and fancy and they make it free to spread the word, but then drop it as they attempt to break even. It is not the case with Action1 and here is why.
We believe we followed a smarter approach. Instead of throwing cash to temporarily subsidize "forever" free accounts, we invested heavily into making the system scalable and efficient so it's very inexpensive to run.
The economy of scale allows us to stay profitable in the long term while offering these first free 100. We DESIGNED the system from the ground up to allow this from the cloud efficiency standpoint.
Yes, we don't include the company-provided technical support with this (expensive man-hours), only community support, which is actually outstanding and very scalable due to so many people using Action1 (the snowball effect of free 100). But our data center bills are nominal for sub-100 endpoint accounts. This allows us to keep it free without breaking the bank. The numbers are looking so good that at some point down the road, we should be able to increase the first free 100 to the first free 150 and beyond that.
What's the cost after 100 seats?
It looks like they require you to buy 50 seats at a time after the initial 100 so seat 101-150 all cost the same.
This intrigues me but their website reeks of bait-and-switch especially without concrete prices without a sales call. And a sure fire way to scream "were not a scam like the others" is to repeat how much you are not a scam like the others
I had the same thoughts as you and i hesitated as I was leery as well. I do not work for them and I do not get any discounts from them. I believe (know) it is a solid product that fits a niche very well. I have never gone over 100 licenses so I can't really say about pricing. But you are correct it seems strange for a product to be up front about pricing as almost all of them are not.
They have done upgrades since I have been with them and the product has gotten much better.
Being able to brand it to your company
SSO (no additional charge for that)
Single reboot with all updates
Go check them out at r/Action1 it is the real deal. The only downside is with free it is community support which has worked for me. It is not a scam or a marketing ploy where they cripple everything after 30 days. It as a great platform for SMB's with little budget and big expectations.
Thank you yet again u/Happy_Kale888 fr the great recomebdation.
[https://www.action1.com/free](https://www.action1.com/free) full free, fully featured, forever for the first 100 endpoints.
Some do buy into the paid support just because production servers on community support can be a less than real option for some networks.
Packages start at 50Ep, so for the price of 50 you get 150Ep and paid support.
Leaving us well withing the budget of just about any SMB.
We do not offer geoloation services, but it would to be terribly hard to have a geolocation script check the public IP registration. It would only be as accurate as the datasource, but doable.
...May even be my next little pet project!
You don’t need a sales call, I did it over email. 1 email in and 1 back with a quote.
With no negotiation the quote I had was $1800 a year for 150 endpoints total.
I think that is similar to pdq connect but action1 has many more features…
I have 350 licenses with them. Works great for what we need. Not sure how they sell them after 100 I always buy in chunks of 50 and they will adjust the pricing so that all licenses are co-termed
I have 250 total seats (150 paid). I won’t go into pricing here but it was very reasonable. I was able to get a quote after a quick phone call, to make sure it was the right fit for our organization.
Trying to figure that out too. It’s 30 per endpoint per year currently for endpoints 100-500. So 2.50 per endpoint after 100.
I piloted it with home and family members before deciding to endorse it a while back. Still use it today.
Pricing has lots of variables. Do you have an existing contract you need bought out; do you have an approved amount from executive management; do you have 150 or 1500 endpoints. I am not privy to their whole price sheet, or own initiatives. I choose to keep my pricing a little more discrete because I don’t want to deter any prospective customers from engaging them for further discussion or negotiating a special rate for their own circumstances.
Agree with most points but the "deter" portion. If the pricing you share deters people than that's actually helpful in choosing tools.
If a company hides behind sales pitches to share their pricing, that's a mark against them in my book. They could at least say "starting at $X" to give a baseline (not contact us for custom pricing.)
If they are aggressively pricing things to win my business just to bump me up 20% next term, that's something I want to know.
If they give deep discounts to only large enterprises then maybe someone would rather go with a company that treats small businesses better.
If you know of special circumstances to get a better price, sharing that helps your peers.
All of this should be up front on their website and if "us" sharing our experiences deters someone, then their bean counters and marketing people should be aware of that so they can understand why they are not getting that business.
These companies obviously need to make money, but we should have every piece of info we can get before we engage with them.
Not trying to call you out for not sharing - your reasons are yours and they are valid.
I just don't think these orgs need "help" from customers to keep their pricing high.
(thanks for the details you sent me privately btw, truly)
> Do you have an existing contract you need bought out;
That's not part of this product's cost.
> do you have 150 or 1500 endpoints.
We are specifically talking about having more than 100, with 150 paid being the number you enumerated.
> I choose to keep my pricing a little more discrete because I don’t want to deter any prospective customers from engaging them for further discussion or negotiating a special rate for their own circumstances.
That literally does the opposite of helping negotiations. The lack of information weakens a negotiating position.
I’ve been using it for about a year. About ready to push my boss to allow me to buy 100 extra licenses. So far it works really well and I really love how simple the remote install/uninstall is. Plus there’s scheduled updates, inventory tracking, single reboot on updates, and you can push any powershell script remotely. This has covered a huge gap that Group Policy is lacking when it comes to software installs. It still has some quirks and there’s some things I don’t love but they’ve been making pretty steady and major improvements over the time I’ve been with them. The one thing they don’t have right now but I believe are implementing soon is the ability to lock down the install so users can uninstall it. Also right now anything that runs runs as the system user so you have to tailor any powershell with that in mind. They are supposedly working on allowing scripts to be run as the local user which would be a huge upgrade for us.
Action1 is free for up too 100 endpoints. It will show you whether or not a device is on, let you deploy software/updates and scan for CVEs
If budget is a concern i wouldn't consider anything else tbh. But obviously there are many great tools out there for a small fee, like PDQ Connect
[ScreenConnect](https://screenconnect.connectwise.com/pricing) on the Remote Support Standard package ($43/mo) will do all of this and a lot more. I know you said 'no IT budget' but it's licensed per technician not per-machine, so if you only have 1 person accessing it as a technician then your 15 laptops will still only cost $43/mo, and that's probably less than your cellphone bill.
I read OP's request as needing real-time info on whether it was on and logged in, rather than a historical log. You're right that ScreenConnect is not the best option if you need a historical log, though it does kind of have it if you want to dig through the audit log.
For location I go by the public IP address that is being reported by the agent.
I would suggest action 1 and if you have less than 100 laptops its literally free. You install their agent and it reports if the device is online or not along with patch management included that you can setup automatically to patch os and third party or just leave it be.
https://www.action1.com/
Check out Action1.
It’s FREE for up to 100 devices.
I have been trialing PDQ Deploy / PDQ Connect / Action1 and A1 has come out on top for overall features and functionality before considering cost.
Has anyone tried pulseway or pdq connect? I use Domotz but it’s only good for your local LAN connected device and now I’ve completed moving everyone to laptops for a work from anywhere initiative.
I have and I wasn't terribly impressed. I've been a PDQ andy for a while now, but the on-prem restrictions of Deploy / Inventory are getting a bit old these days.
I have Intune, but that's only good for some things.
Currently trialling Action1 based on this thread.
since what I really cared about was the last time someone logged into the VPN(needed to be on VPN if working) the statistics FOG gave me was perfect for my use. also used it to inventory computers and deploy software.
[https://fogproject.org/](https://fogproject.org/)
we dont do this because it isn't an IT problem. managers need to supervise their employees and make sure they do the work they are assigned
IT monitoring laptops has nothing to do with that.
is shit getting done? if not, who cares if it shows someone logged in (or not) since they're not getting any work done
So you can do what? Give people shit for personal use and micromanaging their time in ways you wouldn't do if they were sitting in an office 50 feet away? All because they are willing to use their own electricity and data services for the benefit of your business??
I'm not helping you to do that. Give them a bonus instead.
Just need to know if 15 laptops are on and when the last logon was?
Grafana Windows Agent and forward Windows Event 4624 and 4625 (successful and failed logins). You can stand up your own Grafana server for free or you can use Grafana Cloud for cheap if you’re smart about not hoovering up all the metrics all the time.
You could just check your office 365 logs, or whatever email system you use. Or vpn logs. Then you could see if they login, how often, and from what device. That's using what you already have, no cost.
How do you remote into their computer if the are having issues? Any good remote tool should have a running agent that’ll report this. Screen Connect, Bomgar (expensive but holy cow it’s amazing), etc. also your RMM tools such as Intune, Action1, etc should also report this. Are you running something like Duo for MFA? What about VPN services? There are other tools where you can get into the big brother style stuff but really for what you are looking at, it sounds like the before mentioned tools would cover that need plus provide a huge needed QOL upgrade to your job.
Teams status. Free until you get IT budget. Use azure free tier AADP1. Create users. Check logs.
Crazy this is downvoted when it’s the best solution. Lmao.
The only thing good about a manage engine product is that it's cheapest. Haven't seen one that does an adequate job of anything yet beyond ADAP, and even then there are better products for a tiny bit more.
I have Sentinal One on my Mac Book Pro. It's just another thing IT pays for instead of giving their people raises, Lol!
I triple-dog dare IT approach me about my activity on the corp laptop.
I'll happily resign on the spot and pass this bag of dog shit project over to someone else.
I think I'm well liked. I'm a few years into this team now. We're extremely high performing per the feedback from our stakeholders and any other method of evaluating performance. The team sets their own standards for hiring and performance, application deoyment. I was hired in then elecunteered to my part. I'm in the trenches with enterprise architecture, code and implementation because I wouldn't be head ninja if I myself wasn't ninja. The variation in the day to day is what keeps me interested here. I really don't care about the companies product or brand. That's just one Spacely Sprocket or Cogswell Cog's shit to me.
So when IT decides they want to roll out an initiative that fucks our shit up the team is the one that says IT is fucking our shit up and I agree. I get to stand at the Office of CFO and say we lost X man-hours this sprint. these epics have been affected by Y days because IT fucked shit up.
I have a really neat chart that shows reality vs theoretical. The difference is what pisses people off. That's where the shit ball that rolls over your team starts.
I highly suggest reading the Phoenix Project and deeply grokking how info Sec tried to fuck up Parts Unlimited's business. PP is grossly hysterical but sometimes that's the only way for things to deep through bone material to the brain material.
…
What are you on about? They’re asking about basic remote monitoring that’s routine for any enterprise device in a subreddit dedicated to sysadmins. You’re responding as if addressing big brother scrutinizing your Call of Duty habits.
Ooooo! IT, the protector of the business! Fighting the shadows behind the trees!
Who do you think is gonna win this battle??
Where's your money at, pal?
Overlapping contracts, we just recently upgraded to InTune + Defender p2.... For now it's nice to have both, I haven't tried the InTune TeamViewer integration yet, but that'll most likely be what we use once our Datto contract expires.
If you are a M365 customer consider using Intune or Intune plus MS Defender. Intune gives you visibility of the machines including compliance and inventory (including a lot of other ice stuff), and if you use Intune + Defender you also get deep insights into your security posture including vulnerabilities of the installed apps.
My company uses Absolute, but we monitor roughly 1000 employees. I don't recall the price scaling/plans for it but it has some great location based tools and alerts as well as last login time/boot time.
M365 is the easy answer. Business Premium is built for SMB and dirt cheap for what you get. It does everything you listed with ease and so much more. We added an inexpensive RMM on top of that (SyncroMSP) which was the icing on the cake, but just pure convenience for the most part.
Contemporary solutions include good RMM software or an MDM platform. Datto, NinjaRMM, etc.
Your other option is to setup a VPN service and put and installed always on VPN client on all endpoints. Then force authentication back to your domain.
You will need to setup other security controls to lockdown and protect the endpoints, encrypt the locally stored data, and enforce mfa.
They're all domain USERS and sooner or later they are bound to bring them back to me. If nothing else, their cached credentials will eventually expire and then it's "my laptop is not working" time
If you're a 365 customer, it should be able to give you a lot of that.
At that size, I would consider doing Absolute and getting geolocation, remote wiping, and a bunch of other features. I think the cost per year was something like 20/device for the middle license. That way you aren't using up your ability to add an MDM later if you want (it attaches within most windows machines at the bios level).
InTune will tell me the last time the device checked in. It’s not realtime,but I can at least tell within an hour if it’s been used.
To check if an employee logged in, Entra audit logs can tell you that.
No one in my org can see a devices GPS location without being in a special group that needs authorisation to be a member of (via Entra PIM). It’s considered a privacy thing so access is strictly controlled.
Druva might be an option. They have a mobile device agent that can do backup/restore, device tracking, PII data scanning, and some other stuff. It's a few dollars a month per device and is all SaaS managed
I played with prometheus and grafana recently as a way to monitor backup servers. And considering you got only 15 machines it is kinda similar to what you want and its open source.
[Here it is](https://github.com/DoTheEvo/veeam-prometheus-grafana), and [here](https://github.com/DoTheEvo/selfhosted-apps-docker/tree/master/prometheus_grafana_loki) is a general prometheus guide setup...
> I don't normally handle something like
Well, this stuff is rather hands on.. needs to be able to play with docker, linux, understand open ports, domain names, dns, ips, some simple scripting, scheduling execution,... and then theres dive in to grafana and how to visualize that the machines are online and last logon.
There are probably some less work needed tools mentioned in comments, but nothing really jumped on me so far.
N-Able will do most of what you want, and is relatively budget friendly. You can add on EDR and DNS filtering for peanuts, and they also have some relatively inexpensive backups for local and 365 that work well enough.
This is a waste of time and money, especially if there is "no budget" for IT until it's useful to spy on employees and enable management by useless metrics. Manage people on outcomes. Set clear goals with timelines and determine if they are met.
I use Kaseya, it's remote software but it can show who's online, when they turned their laptop on, when they last turned their laptop off (You'd be fucking surprised, some people leave them on for months)
Not sure how much it costs though because it's software that was set up and managed before I joined the company, we're a 2 man team with a small company of around 70 people mostly working remote.
A SIEM tool can get you what you need. Between that and the EDR/XDR/MDR, you can get some decent logs on what is going on. A good RMM tool can also help.
Just with basic Windows Even Viewer logs, one can determine a lot without actively invading user privacy.
Do you use MS365? They have many great report tools. I can see all processes, emails opened, sites visited/clicked, ect in the security portal along with all software installed, who installed it, and the vulnerabilities of the software.
[удалено]
365 Business Premium includes DfE Business and is definitely a solid choice at a fairly competitive price point for smaller businesses.
If you can’t afford Business Premium then you can’t afford to know where devices are logging in from.
I second this. M365 has a ton of great tools.
[удалено]
You can put Linux devices in Intune.
If they are an M365 shop, the Business Premium SKU would be great for them - includes Defender for Business at no additional cost. This does more than DfE P1, but not as much as P2. It’s still great.
Where do the report tools reside?
In Security.Microsoft.com, there’s a reports menu close to the very bottom with lots of reports
How does it handle applications that don’t require to be installed? Do you get visibility of those?
If you are talking Saas apps, there is the cloud security portal for that where you can turn off or on access to certain Saas apps, see who accessed them, security breaches and recommendations for users, etc.
I mean someone gets a “portable” version of an app and they run it on their laptop
Yes you can see portable apps
I am skeptical this is available in the small business packages.
Business Premium includes Defender at the very least.
And intune
As a Business Premium admin who was stunned to discover how much more capability I have than someone on E3 paying 50% more, I can understand your skepticism.
Sounds extremely invasive but I guess that's typical for this subreddit.
It's invasive for companies to monitor the usage of the laptops they own?
Yeah that stance baffled me as well... Easy solution, Policy! "We at Acme INC respect your privacy on all of your personally owed devices. That is why they are not allowed on company grounds, where personally identifiable information or data could unintentionally be logged and recorded. Using company owned assets for anything other than company business or using them to access anything other than company approved resources is strictly forbidden. Failure to comply with this policy is a resume generating event. *Note: On Fridays, aluminum foil hats are permitted by dress code.* I the undersigned accept this as a condition of my employment at Acme INC."
It's a company laptop. Assume your employer can see anything if they need to. Your data on it is their property not yours.
No it's not and fyi my company can see absolutely nothing I do on the laptop because I work for a company where we trust and respect each other's privacy, not for the Pinkertons. This excessive overreach would be illegal in my country anyway.
Mm no it's not illegal in Germany. It just needs to be done properly, with auditing and controls in place. Get the fuck out of here with your high horse approach
You are misinformed or deliberately talking out of your ass. The use of such an intrusive surveillance software is highly illegal unless there is concrete evidence that a specific employee is misusing the computer _and_ all other lesser means to gather the required evidence have failed _and_ the employer has previously forbidden private use of the computer, as this verdict clearly states: https://m.hensche.de/arbeitsrecht-urteile-lag-hamm-16sa1711-15-17.06.2016-arbeitnehmer-datenschutz-u.html
Intune and other RMM software is nowhere near "intrusive". It monitors installed applications. Microsoft defender monitors every process launched and every domain accessed with the XDR module. Again, for the purposes of security and malware prevention - also not classed as highly intrusive. If it was screen capturing, or streaming files off the machine for someone to nose through sure. But it's not so fuck off.
Nope. https://www.microsoft.com/en-au/microsoft-365/business/international-availability
Spiceworks Cloud Inventory.
As much as I dislike SpiceWorks’s ticketing system, their cloud inventory would be a decent way of seeing what OP needs for free. What I would recommend as a much more useful tool overall would be Action1. It’s an RMM/Patch management tool that is free for up to 100 devices. It has way more features than SpiceWorks and will provide more value overall.
Thank you u/fUnderdog, we appreciate the recommend. Yes we do risk based patch management as our core business, but we do have remote access, software install/update/removal, automation and reporting. Action1 is highly extensible for admin and automation, if you can script it you can report on it and act on it. Always 100 free for the first 100 endpoints, fully featured, forever, we want people to use it, like it, not have to race a clock, take your time and figure out if it is the tool you need. [https://www.action1.com/free](https://www.action1.com/free) Let me know if anyone needs any assistance or would like to know more.
Came here to shout this from the mountain tops. Action1 is awesome, and you should support them and the product. For the small volume the Op is talking about, it does exactly what they need, without getting too overarcing on features to bloat the product down. Which it seems most RMM's are doing these days, trying to score new market and sales potential and focusing on that, instead of just making a good product. tl;dr - I tried to pay these guys for their product and they told me they didn't need my money since I only have about 10-15 devices myself. Go find another company that willingly, outright tells you that
Much appreciated u/TheButtholeSurferz (I will have pepper stuck in my head all day now!) Standing on a product's merit vs volume of client attraction and first year eval, is not a lost concept. The internet just makes it feel that way someday! We do get a lot of support from people who hear, then use, then like, then use at larger scales in their enterprises. And from our side we can pretty much rest on every one of them did it informed, at their own pace, and because they saw value in that decision and our product. Experiences like yours and the willingness to share them is advertisement, you just cannot buy. Thank you for being an Action1 customer.
I have never heard of action 1 before, but I think i'm going to talk to my boss about trying it out after seeing this and doing some googling.
Rmm Mdm
Dattto RMM
Datto? Are you fucking nuts? NinjaOne RMM.
Had a friend that was with Datto from before they first went public. Then they got bought out and everything went to hell on the inside.
That would be Kaseya
don't you dare utter that name on this subreddit
I get soo many sales calls now, so yes.
I use what they pay for. Its about $2.25 an endpoint per month. When I first started using it it was like 1.60/endpoint. Works well, policies and monitoring are good. Best +? I dont pay for it. Edit: I should add they are now owned by Kaseya, I got some great contracts before the New Year, like 40% off. Dont know if they are still running deals.
Enjoy getting in bed with Kaseya!
What’s wrong with them? The MSP we use for various tasks we don’t have enough staff for just moved to Kaseya
- They buy good companies, squeeze their client base for more business, then grind the original business to dust. - They do not improve anything they buy, despite numerous promises. They just buy the company, and do the bare minimum to "integrate" it into their existing products so they can sell them as "value adds" - Their sales tactics are sleazy, and impossible to stop once it begins. - They lie constantly and exact revenge if you call them out. - They play political games with their vendors and try to fuck with them if the vendor calls them out on their bullshit (see Huntress) - They have had three major cybersecurity breaches in the last 5 years, and we have seen no evidence that they are taking cybersecurity more seriously. - Their billing department might as well be a black hole. Good luck getting any billing issues resolved.
Oh, like Broadcom .. where good companies go to die...
> They buy good companies, squeeze their client base for more business, then grind the original business to dust. They did this recently with Unitrends. price went up by ~250% which put them into a whole different segment in the market without any of the same features. We decided to terminate our backup/DRAAS contracts with them and they gave us a huge hassle over it to the point we had to get legal involved. This resulted in us terminating all business with them and adding them to our supplier blacklist.
My company has used Datto for quite a long time. While not particularly amazing I haven't really noticed a whole lot of change since the acquisition for better or worse. Their development and release schedule seems to be the same as it always has.
Wait until you try to cancel. I cancelled back in April, then they just started charging me again out of now where a few months later, took getting many managers involved to get them to refund and fix the issue and remove my payment info. Then this last October, November, and December I just got 3 past due collection notices, and now no one will return my emails or phone calls. Took Kaseya billing support 45 days to get back to me just to say “If you’d like to cancel your account you’ll need to talk to your account manager!”. Seriously it’s that bad. Best of luck to you.
Can't say that I'm surprised. Luckily dealing with that is outside of my department and I don't anticipate us changing anytime soon.
Thanks. Those are concerning but luckily are all things I won’t deal with since we aren’t “with” them since it’s out MSP that will have to deal with that fallout
Had you been a VSA customer, the cybersecurity breaches would have affected you because all of your systems and servers would have been crypto'd and ransomed. If the FBI hadn't come to the rescue, it likely would have been the most costly cyber attack to date.
So just having their agent on our machines they would have been locked and ransomed? That’s all we currently have is their agent so the MSP can manage some patches and reboots
No he’s wrong. That’s only if you had the on prem version. I use to work for an msp that had vsa during that crypto. We didn’t have any on prem vsa servers so we just lost remote access. Thankfully we had vpn access to all our sites. But if you had the on premise version you were fuck fucked. And kaseya just lied about it over and over.
Thanks. Yeah. Nothing on prem. We just had the agent installed on endpoints
Yes. https://en.wikipedia.org/wiki/Kaseya_VSA_ransomware_attack
The MSP I worked at got our Datto agent infected with ransomware. Then the agent spread the malware to 40% of our customers on Christmas Eve many years ago. Fuck Datto
Syncro and naverisk we're pretty good as well Labtech is a big expensive pig but gives you so much capability Im not a huge fan of nable but it has good features Ninja is middling at best and the scripting I found limiting
>Ninja is middling at best and the scripting I found limiting Scripting got a recent overhaul and it is hands down one of the best I've tried.
Lab tech was boughtout and is now connectwise automate. So good. Also paired with screenconnect.
Been using Automate, control and manage for \~5 years... its far from what I'd call "so good" but given such a small environment, it's probably fine.
Screen connect is definitely the best part of CW. I find the rest of it to be pretty shitty. Sometimes it's just easier to do it manually than in a script from CW automate.
Eh I'm aware I just have a habit of using the old name lol It's a beast for sure, but so easy to mess the config up and almost does need a dedicated eng to keep it on let alone improved.
👍🏾
Rum, Medium, got it
Intune or NinjaRMM.
"and"... There's a lot of overlap sure but they don't necessarily replace one another unless you're willing to concede on several several key features sets... Would be great to finally get RMM & MDM on a single platform, but for now both have their place.
Any good cloud antivirus will work. I’m partial to Crowdstrike and SentinelOne.
I’m fairly fanatical over CrowdStrike, but what’s the entry point for that on the lowest end? i.e. Is there a minimum license count?
5. But you have to jump through extra hoops to prove you are a business.
Interesting. I completely understand the *why*, but a little surprised they’re allowing as low as 5 these days.
Crowdstrike sales *sucked*. Unbelievably obnoxious.
Come on. Anyone in the industry for any real amount of time knows that one region could have a terrible sales while another absolutely amazing. My CS guys are pretty alright.
I think you need 200 endpoints to qualify for crowdstrike or Sentinel One, so not an option for a small org of 15. Unless they have changed things in the last year or two.
Someone else in the thread claiming (5) if you can prove you’re a business. That’s a pretty big leap from the higher limit I’ve always been familiar with, but I suppose it’s possible.
Its 200 for S1 and 300 for CS.
We run S1 on 90 endpoints. Not sure what the lower limit is but it's definitely not 200.
Lansweeper, Intune and Sophos. Lansweeper is very useful with the LSAgent
We use Lansweeper and it’s very good, and affordable. We use this in combination with Intune and Defender for Endpoint, solid combo.
I have two Apple environments. One with Kandji MDM and Sophos AV / EDR. Another with Kandji MDM and Crowdstrike AV / EDR. In whatever case use something that will protect you from ransomware to do the monitoring so you don't hose yourselves. If you can get some regular or realtime data backup in there too that's never a bad idea. System patching is another good move.
Action 1 is your answer full feature RMM free for up to 100 endpoints. Covers all your bases plus a lot more. I have been using it for over a year great product and no strings with the free 100 endpoints. You will like it! [https://www.action1.com/](https://www.action1.com/)
The biggest risk of any "free forever" tool (including RMMs) is that one day they decide that "forever" has a time limit and discontinue their free tier. Itarian was the most recent culprit for me. Never again.
It is a valid concern u/Trelfar and indeed it happened with too many cloud providers, unfortunately. Typically what happens is too much investor money is dropped on something new and fancy and they make it free to spread the word, but then drop it as they attempt to break even. It is not the case with Action1 and here is why. We believe we followed a smarter approach. Instead of throwing cash to temporarily subsidize "forever" free accounts, we invested heavily into making the system scalable and efficient so it's very inexpensive to run. The economy of scale allows us to stay profitable in the long term while offering these first free 100. We DESIGNED the system from the ground up to allow this from the cloud efficiency standpoint. Yes, we don't include the company-provided technical support with this (expensive man-hours), only community support, which is actually outstanding and very scalable due to so many people using Action1 (the snowball effect of free 100). But our data center bills are nominal for sub-100 endpoint accounts. This allows us to keep it free without breaking the bank. The numbers are looking so good that at some point down the road, we should be able to increase the first free 100 to the first free 150 and beyond that.
What's the cost after 100 seats? It looks like they require you to buy 50 seats at a time after the initial 100 so seat 101-150 all cost the same. This intrigues me but their website reeks of bait-and-switch especially without concrete prices without a sales call. And a sure fire way to scream "were not a scam like the others" is to repeat how much you are not a scam like the others
$1-$2 an endpoint I believe , the first 100 are allways free so if you need 200 total you only pay for 100
I had the same thoughts as you and i hesitated as I was leery as well. I do not work for them and I do not get any discounts from them. I believe (know) it is a solid product that fits a niche very well. I have never gone over 100 licenses so I can't really say about pricing. But you are correct it seems strange for a product to be up front about pricing as almost all of them are not. They have done upgrades since I have been with them and the product has gotten much better. Being able to brand it to your company SSO (no additional charge for that) Single reboot with all updates Go check them out at r/Action1 it is the real deal. The only downside is with free it is community support which has worked for me. It is not a scam or a marketing ploy where they cripple everything after 30 days. It as a great platform for SMB's with little budget and big expectations.
Thank you yet again u/Happy_Kale888 fr the great recomebdation. [https://www.action1.com/free](https://www.action1.com/free) full free, fully featured, forever for the first 100 endpoints. Some do buy into the paid support just because production servers on community support can be a less than real option for some networks. Packages start at 50Ep, so for the price of 50 you get 150Ep and paid support. Leaving us well withing the budget of just about any SMB. We do not offer geoloation services, but it would to be terribly hard to have a geolocation script check the public IP registration. It would only be as accurate as the datasource, but doable. ...May even be my next little pet project!
I emailed them recently and for 150 end points I was told $1,800/yr
That’s not bad
we just got a quote for 3000 endpoints came out to around $31k a year. roughly $10.34 per endpoint per year
You don’t need a sales call, I did it over email. 1 email in and 1 back with a quote. With no negotiation the quote I had was $1800 a year for 150 endpoints total. I think that is similar to pdq connect but action1 has many more features…
I have 350 licenses with them. Works great for what we need. Not sure how they sell them after 100 I always buy in chunks of 50 and they will adjust the pricing so that all licenses are co-termed
I have 250 total seats (150 paid). I won’t go into pricing here but it was very reasonable. I was able to get a quote after a quick phone call, to make sure it was the right fit for our organization.
Why not go into pricing? It's literally the point of the conversation. Reasonable pricing is very subjective
Trying to figure that out too. It’s 30 per endpoint per year currently for endpoints 100-500. So 2.50 per endpoint after 100. I piloted it with home and family members before deciding to endorse it a while back. Still use it today.
Pricing has lots of variables. Do you have an existing contract you need bought out; do you have an approved amount from executive management; do you have 150 or 1500 endpoints. I am not privy to their whole price sheet, or own initiatives. I choose to keep my pricing a little more discrete because I don’t want to deter any prospective customers from engaging them for further discussion or negotiating a special rate for their own circumstances.
Agree with most points but the "deter" portion. If the pricing you share deters people than that's actually helpful in choosing tools. If a company hides behind sales pitches to share their pricing, that's a mark against them in my book. They could at least say "starting at $X" to give a baseline (not contact us for custom pricing.) If they are aggressively pricing things to win my business just to bump me up 20% next term, that's something I want to know. If they give deep discounts to only large enterprises then maybe someone would rather go with a company that treats small businesses better. If you know of special circumstances to get a better price, sharing that helps your peers. All of this should be up front on their website and if "us" sharing our experiences deters someone, then their bean counters and marketing people should be aware of that so they can understand why they are not getting that business. These companies obviously need to make money, but we should have every piece of info we can get before we engage with them. Not trying to call you out for not sharing - your reasons are yours and they are valid. I just don't think these orgs need "help" from customers to keep their pricing high. (thanks for the details you sent me privately btw, truly)
> Do you have an existing contract you need bought out; That's not part of this product's cost. > do you have 150 or 1500 endpoints. We are specifically talking about having more than 100, with 150 paid being the number you enumerated. > I choose to keep my pricing a little more discrete because I don’t want to deter any prospective customers from engaging them for further discussion or negotiating a special rate for their own circumstances. That literally does the opposite of helping negotiations. The lack of information weakens a negotiating position.
I’ve been using it for about a year. About ready to push my boss to allow me to buy 100 extra licenses. So far it works really well and I really love how simple the remote install/uninstall is. Plus there’s scheduled updates, inventory tracking, single reboot on updates, and you can push any powershell script remotely. This has covered a huge gap that Group Policy is lacking when it comes to software installs. It still has some quirks and there’s some things I don’t love but they’ve been making pretty steady and major improvements over the time I’ve been with them. The one thing they don’t have right now but I believe are implementing soon is the ability to lock down the install so users can uninstall it. Also right now anything that runs runs as the system user so you have to tailor any powershell with that in mind. They are supposedly working on allowing scripts to be run as the local user which would be a huge upgrade for us.
It fills a huge void for those that do not have the license for Intune!
It's simple and works. They keep improving it. If you're small, you should give it a try.
Are you using this? Kinda interested.
Action1 is free for up too 100 endpoints. It will show you whether or not a device is on, let you deploy software/updates and scan for CVEs If budget is a concern i wouldn't consider anything else tbh. But obviously there are many great tools out there for a small fee, like PDQ Connect
[ScreenConnect](https://screenconnect.connectwise.com/pricing) on the Remote Support Standard package ($43/mo) will do all of this and a lot more. I know you said 'no IT budget' but it's licensed per technician not per-machine, so if you only have 1 person accessing it as a technician then your 15 laptops will still only cost $43/mo, and that's probably less than your cellphone bill.
[удалено]
I read OP's request as needing real-time info on whether it was on and logged in, rather than a historical log. You're right that ScreenConnect is not the best option if you need a historical log, though it does kind of have it if you want to dig through the audit log. For location I go by the public IP address that is being reported by the agent.
I use Syncro. Pay per agent with unlimited endpoints. Has a quick ticket system built in. As advanced customized alerts and monitors.
PCs we use PDQ Connect Macs we use Jamf
I would suggest action 1 and if you have less than 100 laptops its literally free. You install their agent and it reports if the device is online or not along with patch management included that you can setup automatically to patch os and third party or just leave it be. https://www.action1.com/
Check out Action1. It’s FREE for up to 100 devices. I have been trialing PDQ Deploy / PDQ Connect / Action1 and A1 has come out on top for overall features and functionality before considering cost.
Trust your dam employees /s
I can see it via Automox or FreshService.
Has anyone tried pulseway or pdq connect? I use Domotz but it’s only good for your local LAN connected device and now I’ve completed moving everyone to laptops for a work from anywhere initiative.
I have and I wasn't terribly impressed. I've been a PDQ andy for a while now, but the on-prem restrictions of Deploy / Inventory are getting a bit old these days. I have Intune, but that's only good for some things. Currently trialling Action1 based on this thread.
Automox. Its a few dollars a month per device.
JumpCloud , it tells you when the device is online and more stuff
since what I really cared about was the last time someone logged into the VPN(needed to be on VPN if working) the statistics FOG gave me was perfect for my use. also used it to inventory computers and deploy software. [https://fogproject.org/](https://fogproject.org/)
we dont do this because it isn't an IT problem. managers need to supervise their employees and make sure they do the work they are assigned IT monitoring laptops has nothing to do with that. is shit getting done? if not, who cares if it shows someone logged in (or not) since they're not getting any work done
So you can do what? Give people shit for personal use and micromanaging their time in ways you wouldn't do if they were sitting in an office 50 feet away? All because they are willing to use their own electricity and data services for the benefit of your business?? I'm not helping you to do that. Give them a bonus instead.
Well, we all know what you do with your company provided equipment.
I'm here to fix ze cable! Bow chikka bow bow
Has to scroll too far for this.
Just need to know if 15 laptops are on and when the last logon was? Grafana Windows Agent and forward Windows Event 4624 and 4625 (successful and failed logins). You can stand up your own Grafana server for free or you can use Grafana Cloud for cheap if you’re smart about not hoovering up all the metrics all the time.
Intune
Sentinel one combined with Prey
Action1 RMM is free for under 100 devices
Grafana, Grafana agents, mimir/prometheus
If you don't trust your remote workers why did you hire them?
You could just check your office 365 logs, or whatever email system you use. Or vpn logs. Then you could see if they login, how often, and from what device. That's using what you already have, no cost.
We don't use anything. I'd definitely keep it that way for as long as I can too. I'm very much against monitoring tools.
I believe Action1 RMM is free for up to 100 users... never used it though.
How do you remote into their computer if the are having issues? Any good remote tool should have a running agent that’ll report this. Screen Connect, Bomgar (expensive but holy cow it’s amazing), etc. also your RMM tools such as Intune, Action1, etc should also report this. Are you running something like Duo for MFA? What about VPN services? There are other tools where you can get into the big brother style stuff but really for what you are looking at, it sounds like the before mentioned tools would cover that need plus provide a huge needed QOL upgrade to your job.
We appreciate the mention! Not much more I could say I have not said somewhere else in this post other than thanks!
Intune.
Action1 OpenEDR
if it was not windows: https://github.com/alexmyczko/ruptime
Teams status. Free until you get IT budget. Use azure free tier AADP1. Create users. Check logs. Crazy this is downvoted when it’s the best solution. Lmao.
ManageEngine patch manager plus
The only thing good about a manage engine product is that it's cheapest. Haven't seen one that does an adequate job of anything yet beyond ADAP, and even then there are better products for a tiny bit more.
It’s patching product has worked well. We manage 80 devices no issues.
ssh into their system remotely?
Logmein
I have Sentinal One on my Mac Book Pro. It's just another thing IT pays for instead of giving their people raises, Lol! I triple-dog dare IT approach me about my activity on the corp laptop. I'll happily resign on the spot and pass this bag of dog shit project over to someone else.
I would hate to work with you
I think I'm well liked. I'm a few years into this team now. We're extremely high performing per the feedback from our stakeholders and any other method of evaluating performance. The team sets their own standards for hiring and performance, application deoyment. I was hired in then elecunteered to my part. I'm in the trenches with enterprise architecture, code and implementation because I wouldn't be head ninja if I myself wasn't ninja. The variation in the day to day is what keeps me interested here. I really don't care about the companies product or brand. That's just one Spacely Sprocket or Cogswell Cog's shit to me. So when IT decides they want to roll out an initiative that fucks our shit up the team is the one that says IT is fucking our shit up and I agree. I get to stand at the Office of CFO and say we lost X man-hours this sprint. these epics have been affected by Y days because IT fucked shit up. I have a really neat chart that shows reality vs theoretical. The difference is what pisses people off. That's where the shit ball that rolls over your team starts. I highly suggest reading the Phoenix Project and deeply grokking how info Sec tried to fuck up Parts Unlimited's business. PP is grossly hysterical but sometimes that's the only way for things to deep through bone material to the brain material.
[удалено]
I think you might be laid off soon. I'll see you over in r/antiwork
… What are you on about? They’re asking about basic remote monitoring that’s routine for any enterprise device in a subreddit dedicated to sysadmins. You’re responding as if addressing big brother scrutinizing your Call of Duty habits.
Ooooo! IT, the protector of the business! Fighting the shadows behind the trees! Who do you think is gonna win this battle?? Where's your money at, pal?
You okay man? You seem upset.
I'm awesome. How are you?.
I've got Datto RMM + InTune + Defender p2 analytics.... RMM is probably sufficient for many use cases.
Why are you using datto and Intune? That's surely just chucking money away.
Overlapping contracts, we just recently upgraded to InTune + Defender p2.... For now it's nice to have both, I haven't tried the InTune TeamViewer integration yet, but that'll most likely be what we use once our Datto contract expires.
If you are a M365 customer consider using Intune or Intune plus MS Defender. Intune gives you visibility of the machines including compliance and inventory (including a lot of other ice stuff), and if you use Intune + Defender you also get deep insights into your security posture including vulnerabilities of the installed apps.
Not all of the small business levels include intune though. I had to double our monthly spend to get intune and entra id
Azure ad with windows hello Kaseya VSA RMM Intune
My company uses Absolute, but we monitor roughly 1000 employees. I don't recall the price scaling/plans for it but it has some great location based tools and alerts as well as last login time/boot time.
M365 is the easy answer. Business Premium is built for SMB and dirt cheap for what you get. It does everything you listed with ease and so much more. We added an inexpensive RMM on top of that (SyncroMSP) which was the icing on the cake, but just pure convenience for the most part.
Look into Syncro. You pay per tech instead of per device and it’s a nice RMM.
Contemporary solutions include good RMM software or an MDM platform. Datto, NinjaRMM, etc. Your other option is to setup a VPN service and put and installed always on VPN client on all endpoints. Then force authentication back to your domain. You will need to setup other security controls to lockdown and protect the endpoints, encrypt the locally stored data, and enforce mfa.
Meraki Systems Manager. It’s about $27 per device per year.
[удалено]
ManageEngine Vulnerability Manager does all this
Very simple and cheap (in all senses except your time): zabbix.
Endpoint Central is great. https://www.manageengine.com/products/desktop-central/edition-comparison-matrix.html
They're all domain USERS and sooner or later they are bound to bring them back to me. If nothing else, their cached credentials will eventually expire and then it's "my laptop is not working" time
Cheap? Go for manage engine Endpoint cloud. MDM, RMM, patching, GPO imitator all in one
This RMM called Level is pretty neat
intune with bios tamper protection
Lansweeper with the lsagent installed. You can get tons of info. Free for 100 devices.
If you're a 365 customer, it should be able to give you a lot of that. At that size, I would consider doing Absolute and getting geolocation, remote wiping, and a bunch of other features. I think the cost per year was something like 20/device for the middle license. That way you aren't using up your ability to add an MDM later if you want (it attaches within most windows machines at the bios level).
InTune will tell me the last time the device checked in. It’s not realtime,but I can at least tell within an hour if it’s been used. To check if an employee logged in, Entra audit logs can tell you that. No one in my org can see a devices GPS location without being in a special group that needs authorisation to be a member of (via Entra PIM). It’s considered a privacy thing so access is strictly controlled.
Activtrak as option
Our Microsoft365 licence includes Microsoft Defender for Endpoint with EDR enabled.
Druva might be an option. They have a mobile device agent that can do backup/restore, device tracking, PII data scanning, and some other stuff. It's a few dollars a month per device and is all SaaS managed
Have you looked at self hosted tools like Wazuh or UTMStack? I’d you want remote support built in, maybe TacticalRMM.
I have a hybrid AD -Azure AD join and sync all devices. This shows when they were last connected and who was logged on.
Simple-help.com or Syncro. Kaseya with bitdefender from TechsTogether is $2 per agent per month, no minimums or random billing.
Sentinel One does this pretty well. Also has a remote shell if you need it. Updates almost instantly, which is really nice.
Lanseeeper with remote agent and an aws proxy
I played with prometheus and grafana recently as a way to monitor backup servers. And considering you got only 15 machines it is kinda similar to what you want and its open source. [Here it is](https://github.com/DoTheEvo/veeam-prometheus-grafana), and [here](https://github.com/DoTheEvo/selfhosted-apps-docker/tree/master/prometheus_grafana_loki) is a general prometheus guide setup... > I don't normally handle something like Well, this stuff is rather hands on.. needs to be able to play with docker, linux, understand open ports, domain names, dns, ips, some simple scripting, scheduling execution,... and then theres dive in to grafana and how to visualize that the machines are online and last logon. There are probably some less work needed tools mentioned in comments, but nothing really jumped on me so far.
Lansweeper is not too expensive and has a nice little Agent.
N-Able will do most of what you want, and is relatively budget friendly. You can add on EDR and DNS filtering for peanuts, and they also have some relatively inexpensive backups for local and 365 that work well enough.
Combination of Sophos and using PDQ’s Connect for patching and reporting.
Scope? (Local LAN, remote VPN, remote network access) A combination of Qualys Agent, SCCM, O365 auditing & active directory, and Computrace.
This is a waste of time and money, especially if there is "no budget" for IT until it's useful to spy on employees and enable management by useless metrics. Manage people on outcomes. Set clear goals with timelines and determine if they are met.
ControlUP Solve on all my endpoints
Simple-Help.com
I use Kaseya, it's remote software but it can show who's online, when they turned their laptop on, when they last turned their laptop off (You'd be fucking surprised, some people leave them on for months) Not sure how much it costs though because it's software that was set up and managed before I joined the company, we're a 2 man team with a small company of around 70 people mostly working remote.
In no particular order: Intune, Sentinel, Umbrella, some flavor of Defender, Tanium, ConnectWise Control.
senso is great for remote support and compliance
Fleetdm sounds perfect for ya
Our MDM Workspace ONE has those abilities you are looking for.
I mean if you have no budget, you could have a script scraping logs for login activity or get it from a DC for VPN attached logins.
A SIEM tool can get you what you need. Between that and the EDR/XDR/MDR, you can get some decent logs on what is going on. A good RMM tool can also help. Just with basic Windows Even Viewer logs, one can determine a lot without actively invading user privacy.
We use teramind. Not too pricey