What is our primary use case?
We utilize it for tasks such as ongoing OS patching, application deployment, configuring services, making adjustments to conferencing settings, comparing configurations across different systems, and implementing security measures, among other things.
How has it helped my organization?
Certainly, MECM, being MECM, is undeniably one of the best tools I've come across, having a plenty of features that have been steadily improving over time. In our role, it serves as an outstanding solution, particularly as a configuration manager. Nothing quite compares to MECM in this regard. The interface and its capabilities have been immensely helpful. While I've explored other tools on the market, including premium options, MECM stands out as superior to all of them. Moreover, it aligns seamlessly with Microsoft platforms and their various intricacies. It's a significant advantage.
What is most valuable?
The cloud account management is a valuable feature.
What needs improvement?
Regarding this, I'd like to mention the agent situation. When the agent on an end-user device is not functioning correctly, it can be quite problematic. It would be highly beneficial if there were a self-healing mechanism in place. Essentially, if the agent becomes corrupted or encounters issues, it should be able to rectify itself autonomously. This is particularly critical because, in order to utilize a tool like MECM (assuming you're referring to Microsoft System Center Configuration Manager), we need to deploy agents, known as AsMs, on all the devices we use, such as Windows 10 or Windows Server. Sometimes, when we deploy configurations or updates, they don't apply properly due to agent issues. This issue has been present since we began using MECM around 23 years ago. Unfortunately, there is currently no built-in mechanism for the agent to detect its own problems and initiate self-repair.
Microsoft doesn’t have any feature to scan vulnerabilities and hence, they could include those.
For how long have I used the solution?
I have been using Microsoft Endpoint Configuration Manager for the last 10 years.
What do I think about the stability of the solution?
I would rate it six or seven out of ten. There have been significant issues in the past, particularly over the last three years. Sometimes, the activities we attempt to implement are not entirely successful, and they end up being ignored. Achieving a full implementation success rate of 100% is challenging; typically, we reach about 90-95%. It requires substantial effort and diligence to get everything working as it should, highlighting the need for improvements in this regard.
What do I think about the scalability of the solution?
MECM has impressive scalability. It can support up to 150,000 devices, and if you require more, you can simply add another primary site. This scalability is as advertised, and I have experience working in a large environment. I would rate it 9 out of 10.
How was the initial setup?
The timeline for setting up this system depends on the number of endpoints or end-users involved. For example, during my time at Walmart, where we were supporting around 350,000 endpoints and 8,000 servers, it took a few months to get the environment settled. In my current organization, which is focused on internal services, it only takes about a week, sometimes even just a couple of days. The process, though, remains quite similar. It can be done by a lot of people but requires support from teams.
The setup process typically involves configuring prerequisites, setting up SQL Servers (especially for larger environments), and dealing with any network restrictions. Some networks have specific requirements and restrictions that need to be accommodated. As mentioned earlier, ensuring that your system can communicate with agents across the environment is crucial. In more basic terms, you'll need relays or distribution points in each data center or location. These distribution points help in routing and redistributing the data efficiently. The complexity of the setup mainly hinges on the number of offices and locations you're dealing with. Fortunately, the setup itself is straightforward and user-friendly, so understanding it doesn't require much time if you're familiar with the process.
The setup is extremely easy and I would rate it 10 out of 10.
What about the implementation team?
Certainly, in an enterprise environment, having an SME for deploying MECM is essential. Even though I can handle it myself and have experience implementing SCCM for over a hundred to two hundred and seven devices, I still seek the guidance of an SME to ensure I'm on the right track. It's always beneficial to have that expertise, especially when dealing with Microsoft products.
What other advice do I have?
I would recommend it using simply and would rate it 8 out of 10.
*Disclosure: I am a real user, and this review is based on my own experience and opinions.