Regarding Sophos Safeguard and MDR, I do not work with MDR because MDR is a service offered directly from Sophos. I do not think there are many partners involved in the MDR service, and those who do must have vast resources to provide support for MDR. MDR is basically Managed Detection and Response, an outsourced service equivalent to having a Security Operation Center and paying for on-the-go usage of a SOC for security analytics. This is an expensive proposition, and only big enterprises of Sophos customers would use that tool. Regarding Sophos Workspace, which is the encryption tool, it runs only on Windows. It is the Windows laptop encryption tool that uses Windows encryption, manages the keys, and allows you to set the policy. I do not think it is a great offering, and I really do not think anybody will invest in that when there are so many other options, especially Microsoft itself. Any third-party offering an encryption solution brings into question whether they are using Microsoft. Apart from Sophos, I work with ManageEngine, which is a tool for patch management and asset management. It is a Zoho Corporation product. In terms of ManageEngine, AD Plus and others are for managing your Active Directory and Azure AD. I work on the patch management, which is Endpoint Central, asset management, and I have started working on the DLP application control solutions that work on the endpoint. ManageEngine Patch Manager Plus is one of the modules, and you can buy Patch Management as a separate product, but it is better to buy Endpoint Central, which has the patch managing capability built in. ManageEngine Patch Manager Plus provides the instance in the cloud, so that is the cost saving. Otherwise, I will have to spin up an AWS instance and pay for the AWS instance as well as this product, which is a double cost. Better than that is to just take this offering, which saves time and trouble. You just place a request, they will give you a trial instance or you can sign up for a trial instance. After that, you license it, and the trial becomes your production instance. You do not have to move anything. I have one customer having it via a partner and another one directly. With Microsoft, you cannot patch non-Microsoft products. You can only patch Microsoft Windows or the server or maybe MS Office, and there are limitations with drivers also. You cannot control the patching through Microsoft because you can create a task and leave it there, but you cannot say deploy this on that machine and do not deploy on the other machine. This is where the third-party patching tool comes into play. Consider a software developer and colleagues in sales and marketing. The protocol says I do not disturb your machine until you say it is patchable or I will take care of the patching. This is the common understanding in all software organizations. The development machines will not be touched. If you are a developer and I know what patches are there, I can give you a report saying these are all the dangerous ones you need to attend. Either I patch it to the latest edition or you have to take the trouble. If you are going to patch it, you know exactly what you have to patch to, what level you are going to patch it to, and which version you can accept before your system breaks up in some configuration issue. Software is software, but the code which you have built depends on the version of the software you are running. Obviously, this is the compromise you have to make. Suppose you are using Visual Studio. You can patch it, I can patch the application, but will you let me patch it? That is the question. Microsoft will not patch Visual Studio through Intune. You have to manually patch it. What happens is you have to define the type of patch policy-wise. Define the type of patch as critical, important, medium, or low. Define whether it is operating system or application, choose whatever you want, set the criteria for the patch to be deployed, and set the schedule for the patch to be deployed. It runs by itself with nothing to be done.
I would recommend first checking the integration functionality and support, specifically what type of support they can provide for integration, whether it can support SIEM easily, what type of product or SIEM technology it can be integrated with, and which types of particular logs it will send to the SIEM solution. Different patches also correlate with the EDR, so we need to check whether it correlates or not because ManageEngine Patch Manager Plus is not correlating with our EDR. This is one of the drawbacks, but this can be addressed during the deployment of ManageEngine Patch Manager Plus. I rate this solution 7 out of 10.
The commercial aspect of ManageEngine is challenging due to their lack of presence in Brazil, which makes obtaining proposals difficult. I would rate them between three and five for commercial experience.
When selecting a solution, review the features you need based on your organizational requirements. Some organizations may only need patching, while others might need vulnerability fixes and security features. A unified license for patching and vulnerability fix with remote support tools is recommended. I rate the overall solution a ten out of ten.
Learn what your peers think about ManageEngine Patch Manager Plus. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.
The solution's performance is quite good, and I'm quite satisfied with this product. I would recommend ManageEngine Patch Manager Plus to other users. Overall, I rate ManageEngine Patch Manager Plus an eight out of ten.
If you plan to use the solution in an enterprise environment, you should make sure to check the recommendations from ManageEngine. It would help if you had a proper architecture and planning before proceeding with the solution's deployment process. I rate the overall solution a ten out of ten.
Security Infrastructure Engineer at NP Secure Co.,Ltd
Reseller
Aug 31, 2023
My recommendation to those planning to use the solution would be to contact ManageEngine's sales team and support team since they are very responsive by nature. If you have any concerns related to the product, you can send queries to the solution's sales or support team, and they will get back to you since they are very fast to respond. I rate the overall solution an eight out of ten.
I'm a senior engineer, and my job focuses on data center administration. I'm taking care of the hardware side, so patch management is one of my responsibilities. My company is going for ManageEngine Patch Manager Plus. It's just in the finalization phase. Nearly five hundred clients will use ManageEngine Patch Manager Plus, and two to three administrators will suffice for managing the solution. My advice to people looking into implementing ManageEngine Patch Manager Plus is that an advantage of going with a ManageEngine product is the multiple applications and tools you can take advantage of when managing IT resources. ManageEngine Patch Manager Plus is essential to an IT department or a medium or large-scale organization. My rating for ManageEngine Patch Manager Plus is nine out of ten versus other products I've tested. I work for a manufacturing company with thirteen factories. My company is a customer of ManageEngine.
I give the solution an eight out of ten. The solution provides access to critical updates and therefore out of our 53 technicians 30 of them have access to ManageEngine Patch Manager Plus. The solution requires two people for maintenance and I do the regular updates. We would like to scale up our use of the solution but we have asked if they can implement ManageEngine Patch Manager Plus for us otherwise we will move to Atera, another patch manager solution, which includes implementation and meets our requirements. Previous to using ManageEngine Patch Manager Plus we applied the patches manually. I recommend the solution, it will save a lot of effort and avoid a lot of KB issues when you are downloading. If you are working with the SharePoint server, you can easily just remove the KB for SharePoint so you will not ruin the application. ManageEngine Patch Manager Plus is a good product.
Information Security Manager at a tech services company with 501-1,000 employees
Real User
Jun 28, 2020
We're just customers. We aren't resellers or consultants. I don't know what the exact version of the solution we are using is, however it is the latest one. The solution is definitely something a company should try. It's a better alternative to the traditional SCCM. Compared to other security products, it's not expensive. It's a great solution. It works quite well. I would give it a rating of eight out of ten. It does what it mentions it will do and it does very well.
Information Technology Consultant at a outsourcing company with 501-1,000 employees
Real User
Top 20
May 7, 2020
At this point, this product satisfies our requirements. I would recommend this product, although it depends on the requirements. It can be integrated with a lot of other products, too. Ultimately, it depends on how it is that they want to manage their assets. I would rate this solution an eight out of ten.
SOC Analyst at a maritime company with 51-200 employees
Real User
Sep 27, 2019
For anybody researching this type of solution, if you need one product for Windows, Mac, and Linux, then this is the best choice. This solution is very easy to use, and very easy to do the patching. It is important, however, to have it fully compatible with the Mac. I would rate this solution a seven out of ten.
ManageEngine Patch Manager Plus offers a comprehensive patch management solution with robust remote push capabilities, supporting both Windows and Linux environments for seamless integration.ManageEngine Patch Manager Plus is noted for automation, ease of use, and detailed reporting. It secures platforms by patching Microsoft and non-Microsoft applications. Key features include automated deployment, vulnerability scanning, and rollback capabilities. Integration with Endpoint Central, Rapid7,...
Regarding Sophos Safeguard and MDR, I do not work with MDR because MDR is a service offered directly from Sophos. I do not think there are many partners involved in the MDR service, and those who do must have vast resources to provide support for MDR. MDR is basically Managed Detection and Response, an outsourced service equivalent to having a Security Operation Center and paying for on-the-go usage of a SOC for security analytics. This is an expensive proposition, and only big enterprises of Sophos customers would use that tool. Regarding Sophos Workspace, which is the encryption tool, it runs only on Windows. It is the Windows laptop encryption tool that uses Windows encryption, manages the keys, and allows you to set the policy. I do not think it is a great offering, and I really do not think anybody will invest in that when there are so many other options, especially Microsoft itself. Any third-party offering an encryption solution brings into question whether they are using Microsoft. Apart from Sophos, I work with ManageEngine, which is a tool for patch management and asset management. It is a Zoho Corporation product. In terms of ManageEngine, AD Plus and others are for managing your Active Directory and Azure AD. I work on the patch management, which is Endpoint Central, asset management, and I have started working on the DLP application control solutions that work on the endpoint. ManageEngine Patch Manager Plus is one of the modules, and you can buy Patch Management as a separate product, but it is better to buy Endpoint Central, which has the patch managing capability built in. ManageEngine Patch Manager Plus provides the instance in the cloud, so that is the cost saving. Otherwise, I will have to spin up an AWS instance and pay for the AWS instance as well as this product, which is a double cost. Better than that is to just take this offering, which saves time and trouble. You just place a request, they will give you a trial instance or you can sign up for a trial instance. After that, you license it, and the trial becomes your production instance. You do not have to move anything. I have one customer having it via a partner and another one directly. With Microsoft, you cannot patch non-Microsoft products. You can only patch Microsoft Windows or the server or maybe MS Office, and there are limitations with drivers also. You cannot control the patching through Microsoft because you can create a task and leave it there, but you cannot say deploy this on that machine and do not deploy on the other machine. This is where the third-party patching tool comes into play. Consider a software developer and colleagues in sales and marketing. The protocol says I do not disturb your machine until you say it is patchable or I will take care of the patching. This is the common understanding in all software organizations. The development machines will not be touched. If you are a developer and I know what patches are there, I can give you a report saying these are all the dangerous ones you need to attend. Either I patch it to the latest edition or you have to take the trouble. If you are going to patch it, you know exactly what you have to patch to, what level you are going to patch it to, and which version you can accept before your system breaks up in some configuration issue. Software is software, but the code which you have built depends on the version of the software you are running. Obviously, this is the compromise you have to make. Suppose you are using Visual Studio. You can patch it, I can patch the application, but will you let me patch it? That is the question. Microsoft will not patch Visual Studio through Intune. You have to manually patch it. What happens is you have to define the type of patch policy-wise. Define the type of patch as critical, important, medium, or low. Define whether it is operating system or application, choose whatever you want, set the criteria for the patch to be deployed, and set the schedule for the patch to be deployed. It runs by itself with nothing to be done.
I would recommend first checking the integration functionality and support, specifically what type of support they can provide for integration, whether it can support SIEM easily, what type of product or SIEM technology it can be integrated with, and which types of particular logs it will send to the SIEM solution. Different patches also correlate with the EDR, so we need to check whether it correlates or not because ManageEngine Patch Manager Plus is not correlating with our EDR. This is one of the drawbacks, but this can be addressed during the deployment of ManageEngine Patch Manager Plus. I rate this solution 7 out of 10.
The commercial aspect of ManageEngine is challenging due to their lack of presence in Brazil, which makes obtaining proposals difficult. I would rate them between three and five for commercial experience.
When selecting a solution, review the features you need based on your organizational requirements. Some organizations may only need patching, while others might need vulnerability fixes and security features. A unified license for patching and vulnerability fix with remote support tools is recommended. I rate the overall solution a ten out of ten.
I'd rate the solution eight out of ten. I haven't tried the AI features on ManageEngine yet.
I rate the overall solution an eight out of ten.
I rate the overall solution an eight out of ten.
I rate the product a nine out of ten.
I rate the product an eight out of ten.
The solution's performance is quite good, and I'm quite satisfied with this product. I would recommend ManageEngine Patch Manager Plus to other users. Overall, I rate ManageEngine Patch Manager Plus an eight out of ten.
If you plan to use the solution in an enterprise environment, you should make sure to check the recommendations from ManageEngine. It would help if you had a proper architecture and planning before proceeding with the solution's deployment process. I rate the overall solution a ten out of ten.
My recommendation to those planning to use the solution would be to contact ManageEngine's sales team and support team since they are very responsive by nature. If you have any concerns related to the product, you can send queries to the solution's sales or support team, and they will get back to you since they are very fast to respond. I rate the overall solution an eight out of ten.
I rate the solution as a ten.
I'm a senior engineer, and my job focuses on data center administration. I'm taking care of the hardware side, so patch management is one of my responsibilities. My company is going for ManageEngine Patch Manager Plus. It's just in the finalization phase. Nearly five hundred clients will use ManageEngine Patch Manager Plus, and two to three administrators will suffice for managing the solution. My advice to people looking into implementing ManageEngine Patch Manager Plus is that an advantage of going with a ManageEngine product is the multiple applications and tools you can take advantage of when managing IT resources. ManageEngine Patch Manager Plus is essential to an IT department or a medium or large-scale organization. My rating for ManageEngine Patch Manager Plus is nine out of ten versus other products I've tested. I work for a manufacturing company with thirteen factories. My company is a customer of ManageEngine.
I give the solution an eight out of ten. The solution provides access to critical updates and therefore out of our 53 technicians 30 of them have access to ManageEngine Patch Manager Plus. The solution requires two people for maintenance and I do the regular updates. We would like to scale up our use of the solution but we have asked if they can implement ManageEngine Patch Manager Plus for us otherwise we will move to Atera, another patch manager solution, which includes implementation and meets our requirements. Previous to using ManageEngine Patch Manager Plus we applied the patches manually. I recommend the solution, it will save a lot of effort and avoid a lot of KB issues when you are downloading. If you are working with the SharePoint server, you can easily just remove the KB for SharePoint so you will not ruin the application. ManageEngine Patch Manager Plus is a good product.
We're just customers. We aren't resellers or consultants. I don't know what the exact version of the solution we are using is, however it is the latest one. The solution is definitely something a company should try. It's a better alternative to the traditional SCCM. Compared to other security products, it's not expensive. It's a great solution. It works quite well. I would give it a rating of eight out of ten. It does what it mentions it will do and it does very well.
At this point, this product satisfies our requirements. I would recommend this product, although it depends on the requirements. It can be integrated with a lot of other products, too. Ultimately, it depends on how it is that they want to manage their assets. I would rate this solution an eight out of ten.
For anybody researching this type of solution, if you need one product for Windows, Mac, and Linux, then this is the best choice. This solution is very easy to use, and very easy to do the patching. It is important, however, to have it fully compatible with the Mac. I would rate this solution a seven out of ten.