Posted on 06-29-2022 05:30 AM
Hi,
Curious for recommendations for our fleet of ~50 Mac devices.
We're currently using Jamf Now which is great for enforcing basic security policies, but we are staring to outgrow it. Specifically in terms of what we are looking for:
Support for Apple VPP. We are using that now via. Jamf, I noticed Fleetsmith surprisingly does not support this - this is probably a dealbreaker unless there are workarounds?
Better security features, including ability to automate/enforce OS and software updates, logging/alerting on security events (authentication etc.). We are already doing malware detection so that is not necessary.
Ability to deploy custom packages, scripts & resources (fonts come to mind here) as necessary.
Reporting/Alerting/Automation - we don't have an IT team, I'd love a simplified view of which machines are in compliance and which need follow-ups, in addition to anything else which makes administration easier. Any integration with email/slack for messaging users would be a positive.
Straightforward migration experience. Ideally our end-users would just need to install the application and thats it.
We are G Suite users so any integrations here would be interesting, but not essential. I like how Fleetsmith can import your user list. Mostyle's login window sounds interesting, but some of the feedback I've seen indicate it can be problematic? (MFA requirement, confusing to users etc.)
The other thought I had, and not sure how viable this is, would be to look for something which offers some of the security features I'm looking for and upgrade to Jamf Now Plus (?) - that would fill most of our short term needs, and would save migrating users/devices.
Thanks in advance for any recommendations!
Posted on 06-29-2022 07:51 AM
Considering you are on a JAMF forum you know the recommendation you will receive :). At 50 devices you meet the cut for JAMF Pro, honestly I recommend taking a look. JAMF Pro is one of the best MDM platforms, and the migration from JAMF Now to JAMF Pro should be the simplest of the options.
The massive gaping hole in JAMF Pro is for whatever reason JAMF absolutely refuses to address their shortfalls with OS update management. JAMF can push updates with MDM commands (or scripts for intel devices) but refuses to add the MDM keys to monitor OS update status. Essentially you send the update command and have no idea what the device did until it checks in with a new OS version, if it fails you never know.