We performed a comparison between BigFix and Microsoft Endpoint Configuration Manager based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the above variables, we would conclude that BigFix slightly edges out Microsoft Endpoint Configuration Manager. Our users find that Microsoft Endpoint Configuration Manager is harder to use and its support is less effective.
"With on-premises Active Directory, the main challenge was that we had no control when a user was working from home. We didn't know what exactly a user was doing and whether the AV was up to date or not. Intune provides better control of their machines."
"The tool's most valuable feature is Autopilot."
"At the moment, Autopilot is the most valuable feature."
"The biggest benefits of Intune are the ability to push changes and the added security. When we moved forward with Defender, we onboarded all those machines automatically. That helps dramatically. For a while, we were left with machines that weren't protected. We could see where people had done things they shouldn't have done, and Defender saved our skins a few times. It didn't happen a lot, but it happened enough that it made us glad we made that decision."
"It works pretty well for us."
"It's normally able to meet 100% expectations of our customers."
"I like the tool's integration with Apple. Anyone who creates an ID in Intune will get an Apple ID."
"The Asset Management and Auto Pilot are valuable features."
"It's enabled us to have a highly successful endpoint patching program for the past decade. It's been enormously successful there. It's also become a core part of many of our business processes, from compliance monitoring of endpoints, encryption management, key escrow, and local administrator password escrow. It's built into our inventory. It's very much everywhere."
"BigFix has always been easier to use when managing servers, especially when you deal with so many servers. We have 7,000. That's a lot of services to manage, and it's convenient to patch them all at once."
"Between the user groups, the community, the AVP support, the direct access via technical route and the PMR support, half the time I don't even need to do a formal PMR because the solutions from the community resolve whatever issues we're having. It's the best community and support based system I've ever used."
"Patch Management for a variety of operating systems makes it valuable as we can rely on a single tool for obtaining patch compliance of the entire compute infrastructure."
"Before we had BigFix, we had problems with some malware. BigFix allows us to immediately patch all instances of endpoints that were vulnerable to antivirus and initiate scans. That's key."
"It enables us to patch our systems quickly and within expectations and to increase our volume as needed. It has also helped us compress our patch sites. We used to do it monthly but now we do it weekly."
"Software distribution and patch management are the most valuable."
"The older version of the tools that I use also included the connectivity aspect, and the fact that the tool now has it separate from the collection of usage data makes the deployment of these tools much easier."
"This solution captures all the devices in our infrastructure."
"It is a very good solution. It has a good interface and is easy to use. On top of that, it is very reliable in terms of distribution as well as getting the report."
"Provides great insight into the functionalities of the data scope."
"The technical support is good."
"Patching is very effective and reporting is very good."
"The most valuable feature of Microsoft Endpoint Configuration Manager is patch management."
"I manage software updates and operating systems for devices, and within seconds, we can remotely deploy a system for, say, 2,000 devices. Not only that, but we can also deploy scripts and create comprehensive compliance rules."
"The product is very stable compared to older versions."
"Microsoft Intune fails a lot when it comes to device compliance."
"There can be delays in the deployment of new policies."
"The solution can have some compliance problems in general and the end-point user can bypass easily the company policies in Intune."
"One area for improvement is app deployment. Another is the Windows update rollout. If you're rolling out an object to a device that's offline, Intune stops trying to reach this device after it sits idle for a bit. We are forced to find a workaround that could help manage that."
"It doesn't economize when you scale up. We have over 14,000 employees, and we have between 7,500 and 8,000 city-owned or personal devices being used to conduct city business. Its price can be improved. It is not a cheap solution."
"Sometimes, customers compare it with AirWatch, but the concept of Intune is different from other solutions. It's an application management app. It gets a bit difficult to explain it to customers, but it's not a product limitation. It takes a presale document or presentation to explain it to customers."
"Integrating certain group policies can be challenging and may necessitate using on-premises systems to integrate them with Microsoft Intune."
"There is room for improvement in integration and security as well."
"The main shortcoming of BigFix was integration with vulnerability management. If you had a vulnerability in your software and BigFix on the endpoint, you needed integration with Qualys, Tenable, or another vulnerability management solution to fix that. It was like, "Okay, we can identify issues, and get that information back from the endpoint, but what are we doing about it?""
"They need better integration."
"License management isn't quite as easy as it should be to deal with the licensing. You need to take the server down to import the new licenses which I find to be annoying."
"They don't have a proper mobile device management capability. They're working on it, however, that's the one thing that needs improvement so that you can have full unified endpoint management."
"The relevant language takes a little getting used to since it's not used anywhere else in the industry. It's just in the BigFix environment."
"Sometimes the workstations communicate back to the BigFix server two or three days in a week or something similar. Sometimes there can be a delay reporting back to the server for a variety of reasons, such as users turning their computer off when they go home. When the user comes back and turns the computer back on BigFix needs to synchronize and sometimes it can take some time, approximately one week. The communication between the agent and the server should be faster, there is room for improvement in this area."
"I would like to see SDK for Web UI included in the next release."
"The deployment has room for improvement and can be more streamlined."
"Its client interface should be more accessible, and the notifications should be more customizable from the console. It should be more user friendly and have some kind of customized notifications so that we can use it on the client side. These are the reasons why we restricted its use only for the server environment and didn't use it on the client side."
"This solution needs to be supported on all Operating systems."
"This solution should be simpler, and more consistent across modules/sections."
"One area of improvement is regarding the patching of Office 365 products. We have some difficulties on this side, and it can be improved."
"The solution is a bit heavy on the sources such as RAM or CPU and the software needs to be a bit lighter."
"As far as load balancing across, they don't have that support yet, so that you can actually build multiple primaries and have it load balance across. They don't have any of that functionality yet. That would be a nice feature, to scale that way."
"It would be better if automation options were available. For example, in Nexthink or SysTrack, there is an analytical tool. Creating dashboards would be very easy if you implement the same thing in Microsoft. That report will be a daily cost to the customers and good revenue for our organization. The price also could be better. In the next release, we need to include some features like tables, dashboards, surveys, services, and metrics in the dashboard. Whatever we are implementing will be downloaded by a report. Apart from the report, we will telecast from the dashboard. It's very easy to compare, and it will be easy to telecast to the end-users."
"The TSM component could be improved."
More Microsoft Configuration Manager Pricing and Cost Advice →
BigFix is ranked 5th in Configuration Management with 91 reviews while Microsoft Configuration Manager is ranked 2nd in Configuration Management with 78 reviews. BigFix is rated 8.6, while Microsoft Configuration Manager is rated 8.2. The top reviewer of BigFix writes "Very stable and easy to deploy with excellent patch compliance". On the other hand, the top reviewer of Microsoft Configuration Manager writes "Seamless system updates, useful integration, and reliable". BigFix is most compared with Microsoft Windows Server Update Services, Tanium, Red Hat Ansible Automation Platform, ManageEngine Patch Manager Plus and Red Hat Satellite, whereas Microsoft Configuration Manager is most compared with Red Hat Ansible Automation Platform, ManageEngine Endpoint Central, Tanium, AWS Systems Manager and Red Hat Satellite. See our BigFix vs. Microsoft Configuration Manager report.
See our list of best Configuration Management vendors and best Patch Management vendors.
We monitor all Configuration Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
SCCM is very robust but you need more time and people to manage it.
For a company of 200 employees only can use something easier to manage such as PDQ deployment S/W. it's a lot cheaper and easier to manage.
Kumar.
We have 1500 users and even with a reasonable sized support team we find SCCM difficult to manage. I haven't experienced the other solutions, but I suspect you will be better placed with an alternative to SCCM.
Before answering to your needs, we need to understand that there are two distinctive features from SCCM and BigFix.
SCCM since 2020 has stopped its support for Linux Patching, so in its entirety, if you are only using Windows, you might consider SCCM. It still support Mac with basic features, but it depends on your requirements. Again, the operation with SCCM is also not easy at all.
Bigfix on the other side is a solution to manage different types of OS, as we say it distributed environment. Windows, Linux, Mac, etc. Bigfix is mainly used in large companies with more than 1000+ employees. It is not cheap as Bigfix is a robust enterprise solution.
You might want to consider other automated patch management tools such as LANDesk or Managed Engine which has been seen in deployment in smaller enterprises.
Cheers,
Rendy
Hi Ihsan,
Hope you are doing well, As per my experience to deploy SCCM for 200 users is not worth it, you want to be blessed use Quest product KACE System Management Appliance, easy to manage and upgrade (patching/managing end point managing and many more).
https://www.itcentralstation.c...
Thank you.