Who do you use for antivirus, MDM, and remote support software?
Posted by Evernight2025@reddit | sysadmin | View on Reddit | 117 comments
We currently have Xcitium and are looking to run away after they've upped their pricing and jacked us around promising to implement features they told us they had when we initially onboarded and wouldn't have even onboarded if we knew they didn't have.
As such, I'm having to start looking for new antivirus, MDM, and remote support software products to replace it with. What are you using currently and do you recommend it?
skyheartx@reddit
We stopped with xcitium a while back. These days we lean on Microsoft Defender for Endpoint for AV (nice that it’s already baked into our O365 stuff) intune handless windows + iOS/Android mdm, and splashtop sos does the live remote control. Cheaper licences, no surprise paywalls. The bit that really kept us sane was tacking on Workwize for the hardware side, when a laptop croaks we fire off a replacement or repair straight from the same dashboard that shows its defender and intune status so we are not lost in rma email chains and folks get a fresh machine same day instead of limping along for a week.
adityaj7_@reddit
We’re in a similar setup (mostly Windows with some iOS/Android). For antivirus, we use a lightweight endpoint solution with strong behavioral detection. MDM is handled separately through a platform that supports both Android and iOS with remote wipe and app control. For remote support, we stick to a tool that allows unattended access and multi-session handling.
Instead of all-in-one, breaking it into focused tools has given us more flexibility and fewer surprises. I'd recommend testing standalone options before committing.
Rohit_survase01@reddit
Consider ScalefusionMDM—it supports Windows, iOS, Linux, Android and ChromeOs and also includes built-in remote support features, which can help reduce the need for separate tools. For antivirus, CrowdStrike Falcon or Bitdefender GravityZone are strong choices.
Icy-Willingness-590@reddit
Watchguard
nancybatespro@reddit
For a Windows-heavy environment with some iOS/Android devices, it’s usually best to go modular unless one vendor truly excels in all three areas. For Antivirus, CrowdStrike, SentinelOne, or Bitdefender are solid picks. For MDM, this Spiceworks thread would assist in comparing top Windows MDM options. And for Remote Support, AnyDesk and Splashtop are both lightweight and cost-effective for quick remote sessions.
iliekplastic@reddit
Threatdown + Defender, Airwatch, Teamviewer.
BWMerlin@reddit
Why Teamviewer? I am curious as we also use Workspace ONE and paid for the Workspace ONE Assist addon for remote support so wondering what Teamviewer is giving you beyond that.
iliekplastic@reddit
We don't pay extra for Workspace ONE beyond the bare minimum of handling cellphones/tablets. For workstations we are kinda old school.. bitlocker + gpo + logon scripts + no BYOD etc....
JoopIdema@reddit
Sccm, sccm and sccm.
mini4x@reddit
SCCM isn't antivirus nor does it do remote support.
981flacht6@reddit
SCCM has a remote support viewer and you can certainly manage Endpoint Protection with SCCM.
Few_Mouse67@reddit
Come on, the SCCM remote viewer is garbage, yes it's there as a last resort but do you want T1 supporters to start SCCM just to remote support someone?
981flacht6@reddit
I didn't say it was good.
mini4x@reddit
You can manage end point protection, but sccm itself isn't antivirus.
I forgot about the support viewer, I recall it being quite terrible tho, and I though they dropped it completely at one point.
981flacht6@reddit
System Center Endpoint Protection is basically rebranded built-in Defender controlled through SCCM.
The support viewer did suck.
mini4x@reddit
It was just a Managment / Reporting tool for Defender.
Background_Okra_5003@reddit
ESET Protect, ConnectWise Automate, ScreenConnect
shrimp_blowdryer@reddit
How do u like that combo
Background_Okra_5003@reddit
ESET and S/C are pretty straight forward, but Automate requires a lot of learning and configuration to be truly useful.
vAttack@reddit
Microsoft Intune for MDM, Microsoft Defender for Endpoint for antivirus and for remote support we use AnyDesk but thinking of implementing RustDesk soon.
Tech_IS_Fun@reddit
u/vAttack Have you had any success with or tried the "Quick Assist" from Microsoft for remote support? We use it and have had a pretty good success rate, excluding when users need to install a program like their home printer's control program - this requires Admin privileges. When the dialog box comes up asking if it's okay for the program to make changes to your computer and fields for admin creds, it blacks out the screen on the technician side. It always says "Not in Administrator Mode" - which is something that we should probably look into. Anyway, I was just curious about your thoughts on the app.
Evernight2025@reddit (OP)
I use Quick Assist as a backup if our primary isn't working. It works great in a pinch, but I definitely wouldn't want to rely on it to be the primary.
Tech_IS_Fun@reddit
Yes... So true! It does have some persistent connection problems.
Expensive_Plant_9530@reddit
Quick Assist is great for simple solutions, but it won't pass through Admin Prompts/UAC prompts, so you need an end user who has an admin password.
It works great when I help my Mother-in-law, since she owns the laptop and she has the admin password. It doesn't work great when I need to remote connect to Suzie's work computer, and I need to open an Elevated Terminal or a control panel applet to change settings, etc.
sopwath@reddit
Have you considered LAPS with quick assist?
cbiggers@reddit
We have this functionality disabled via GPO.
THEE_WaffleKing@reddit
Defender for Business, Intune and remote software from one of our IT partners. Local company in our country. I think the remote support is based on the Kaseya platform?
worthlessgarby@reddit
Cortex XDR pro, meraki systems manager for mdm. And screenconnect but also have endpoint central.
solracarevir@reddit
Ford endpoint We use Sophos Intercept X with XDR and MTR, it's been rock solid for years and I'm super happy with it. For MDM Manage Engine and for Remote support Teamviewer.
The only one i'm considering replacing is Teamviewer.
Obvious_Word873@reddit
I don’t use it but I feel like it would be a natural jump for you to use ManageEngine’s RMM in place of teamviewer.
Is there a reason you haven’t gone that way?
NeckRoFeltYa@reddit
I started with TeamViewer and went to ConnectWise. Not a MSP but we manage all of the smaller branches and companies under our umbrella. Makes it easy to group everything together in their own silos.
4thehalibit@reddit
NinjaOne, Crowdstrike, WorkspaceOne
BWMerlin@reddit
I am curious what you use NinjaOne for when you have Workspace ONE?
4thehalibit@reddit
Workspace One is only used for MDM of mobile devices. Ninja is used as our RMM we just switched from Connectwise and Manage
Strassi007@reddit
All endpoints Sophos Intercept X including MDM, Teamviewer.
Teamviewer is a thorn in my eyes since i started here, but we have yet to move to another platform.
Humble-oatmeal@reddit
SureMDM combines MDM, remote support, and AV capabilities supporting your Windows, iOS, and Android devices. Should meet your needs
BWMerlin@reddit
Workspace ONE for MDM with the Workspace ONE Assist addon for remote control. We use Huntress with their managed Defender option for AV.
Nezothowa@reddit
TeamViewer with device monitoring and management. Not mere remote control possibilities.
Threatdown (bundled with TV) EDR with access to the real threatdown dashboard for detailed stuff
CCleaner Cloud which takes care of (what I consider) mandatory and standard cleaning of all devices.
GPO directly embedded into the ISO and is applied regardless of domain join.
The ISO itself has many registry additions as well. The user has maximum power and flexibility without the need of administrative rights and cannot access or change any modern or legacy panel requiring admin access. UAC is adapted.
This is the absolute baseline.
Malaka__@reddit
CCleaner Cloud? What would you use it for?
Nezothowa@reddit
Automatic cleaning and has other nice little features. It’s not very expensive anyway. Only 2€ per device.
ChromeShavings@reddit
CrowdStrike with NinjaOne API, NinjaOne MDM, NinjaOne Remote. Phenomenal RMM.
Sab159@reddit
Microsoft defender for antivirus/ edr. Cause it is included in our e5 package and does the job well.
TeamViewer for remote access.
coukou76@reddit
TeamViewer still exists?!
mini4x@reddit
Why are people still use it is the bigger question.
Sab159@reddit
Ahah you guys are so edgy. Anyway teamviewer is doing fine for our needs.
mini4x@reddit
As long as you don't mind the breaches and exploits it works fine.
Sab159@reddit
This applies to every software in existence. Teamviewer is not worse than other in this regard.
man__i__love__frogs@reddit
Defender, Intune, ScreenConnect
parrothd69@reddit
Crazy all people paying extra for antivirus when it's free..lol
MBILC@reddit
Because the free option lack features and more advance capabilities, also Defender stock windows is easily bypassed.
man__i__love__frogs@reddit
Yeah, I wouldnt use the 'free' defender, but if you needed a MDM and office apps in a Windows environment, it would be foolish to not go with say Business Premium/E5.
MBILC@reddit
Yes, it is a nice way to manage everything in one place, but also now we get into "all your eggs in one basket" scenario, trusting Microsoft to do it all.
man__i__love__frogs@reddit
Very true, but I've found if any egg is in that basket, especially something like Exchange Online, you're already depending on it.
CptZaphodB@reddit
For uptime maybe, but let's say you add Sophos or Proofpoint for additional email security, suddenly you're not so reliant on Microsoft for everything.
MBILC@reddit
Ya, and often with the pricing of MS E+ to get decent security options, those also blow away MS current email security solutions which are known for letting a lot of crap get through.
Kind_Philosophy4832@reddit
Beside of not having all defender features, afaik NetLock RMM can manage the normal defender including scan jobs, exclusions, detections and stuff. We use huntress, but NetLock as a RMM
mohammadmosaed@reddit
Which real solution is free?
mini4x@reddit
Ditto.
But we have E5's so not stock Defender.
ReportedSea43@reddit
Demoing NinjaOne and Huntress now and am very happy so far.
NSFW_IT_Account@reddit
Huntress for MDR? What were you using previously?
ReportedSea43@reddit
Going to use their MDR, ITDR, and SIEM. Previously we had a MSP onboard and were using what they provided (Bitdefender).
NSFW_IT_Account@reddit
We use Bitdefender but we just use their basic AV not the full MDR stack. Feel like we're under-providing.
Obvious_Word873@reddit
I’m happy with both.
Bubbagump210@reddit
Intune and Checkpoint Endpoint. It’s essentially white label Sophos but I really like their interface and the support has been surprisingly good.
demonseed-elite@reddit
Defender/Sentinel One, Connectwise Automate, ScreenConnect
Arctic Wolf is tossed in there too
marcoshid@reddit
N-Able, S1
Malaka__@reddit
You ever experience issues with N-Able take control where you need to reinstall the beanywhere service for it to work?
PhillyGuitar_Dude@reddit
crowdstrike, intune and combo of logmein central and goto resolve.
victor6267@reddit
Defender, Intune/Mosyle, ScreenConnect
Cold_Snap8622@reddit
CrowStrike, Manage Engine, PDQ Connect
azurite--@reddit
Also using PDQ connect. Love the dynamic groups and how fast the entire platform is. Best of all is that we were grandfathered into beta pricing.
sposesposesposespose@reddit
cs falcon complete, intune, screen connect
Aggravating-Sock1098@reddit
Eset (MDR), Intune, Ninja RMM.
moreanswers@reddit
Trelix (was Mcafee), ManageEngine, Splashtop.
We are moving away from Trelix, prob. going to jump onto the Microsoft Ecosystem.
FamiliarShirt@reddit
Defender, Intune, Bomgar aka Beyondtrust Remote Support
InvestigatorUsual665@reddit
NinjaOne, Sentinal One, Intune
Norphus1@reddit
Which OS?
For Macs, JAMF without question. Easily the best out there. Mosyle is supposed to be good too.
For Windows... Depends on how deep you want to dive into Microsoft's ecosystem I guess. Intune along with MDE and Conditional Access is an insanely powerful system, once you dive into it, especially if you're already using Office 365 and Azure for SSO. Ninja One and Google Workspace may be worth a look too.
Embarrassed_End4151@reddit
Jamf is golden for apple devices
Norphus1@reddit
For Apple devices, I agree but it’s getting better gradually.
For Windows, it’s fine but I prefer SCCM personally.
Embarrassed_End4151@reddit
We use both intune and sccm
eclipseofthebutt@reddit
Mosyle has been pretty good for us, but it definitely has some quirks with some of their proprietary stuff.
XxsrorrimxX@reddit
Cisco AMP, Endpoint Central
InterestingGap4892@reddit
Absolute(mdm), NinjaOne (patching/remote support), Endpoint antivirus/malware - SentinelOne
MostViolentRapGroup@reddit
Crowdstrike, Mosyle, Jump Desktop
bloodniece@reddit
Datto RMM and BCDR, Huntress, Defender ATP, Threatlocker, CyberCNS for vulns.
TyWerner@reddit
Datto AV, Intune for all devices, some config for Mac in Addigy, Datto RMM
agale1975@reddit
Ninja One , Crowdstrike/Bitdefender EDR, Intune
Barious_01@reddit
I really need to check.out Ninja one. I have also review alterus it seems like a licensing is cheap on that end. Ivanti suite right now is frustrating me atleast on the UEM side MDM seems to be quite versatile they bought Mobile Iron and MI was hot garbage when they were independent.
Darkhexical@reddit
Ninja is around 2 dollars per device unless you have above 1000 devices(around 1k+ you get closer to a dollar per device) If you have a ton of devices may be better to go with synco or atera.
agale1975@reddit
Definitely take a look at Ninja. We were Connectwise and saving a ton of money with Ninja and works 10x better. Not quite as Robust as Automate but it’s getting there.
LegendaryHN@reddit
+1 for ninja. Amazing tool and support
Barious_01@reddit
Yeah connectwise was my first management system and many veterans complained about it but from first experience it had all the features I needed at the time. Interesting to go to one that is less than that like backend console and such seems may don't get that right and omg please have persistent remote session now just user specific sessions. Ivanti uses landesk remote and I want to burn it with fire.
hangin_on_by_an_RJ45@reddit
We use ManageEngine suite of products for a lot of things. It gets the job done at a good price. We have Intune, but not gonna lie - it's been a garbage experience so far.
Kind_Philosophy4832@reddit
Defender (huntress) and NetLock RMM as it's open source
thewaytonever@reddit
So Microsoft, Microsoft annnnnnnnnnnnnndddd Microsoft. Yup, Defender for O365, InTune, and Teams for remote support.
Exkudor@reddit
Sophos XDR, Sophos MDM and TeamViewer (currently on the way out of the door, will probably be replaced with Rust desk)
leksluthah@reddit
We use Sophos for UEM and MDM, but DameWare from SolarWinds is our current tool for remote support, which is all in-house. And I need to replace that.
Evernight2025@reddit (OP)
We had DameWare prior to switching to Xcitium. I wasn't sad to move on from that.
MrSanford@reddit
Defender and N-able.
meatwad75892@reddit
Cisco Secure Client for EDR/AV.
Jamf for Apple, Intune for Windows.
BeyondTrust Remote Support.
cosmonaut_tuanomsoc@reddit
We use currently Tehtris for EDR, we also invest in their SOC, we have external red team audit which valued their software pretty nicely. We gave up on Cylance (which is right now in the middle of shitshow because of Acquisition).
Expensive_Plant_9530@reddit
What's the issue with Cylance? Arctic Wolf just bought them and they're trying to push it heavily.
Obvious_Word873@reddit
Huntress managed Defender, ManageEngine, NinjaOne. We will probably switch to NinjaOne for MDM as well in the next year or two as their offerings have been improving.
TekSnafu@reddit
TrendMicro, No MDM, NinjaOne
jsand2@reddit
We use Trend for AC and Teamviewer for remote. I can't see us swaying away from either as both seem to do great for us.
hkusp45css@reddit
MDEp2, Intune, RDS+PKI+MFA - For sharing, we use Teams, almost exclusively, although we have access to a BUNCH of tools like DameWare, VNC, the shitty tool that came with our ITSM and even a home brew solution we designed.
Moist_Lawyer1645@reddit
Sophos is great, though to be honest, with everything cloud managed, Defender is all you need.
Pr0f-Cha0s@reddit
Sophos IntX MDR/MTR/AV, Intune MDM, NinjaOne RMM
jeezarchristron@reddit
Defender, Intune and Nable
jonchihuahua@reddit
Splashtop with their antivirus
russellvt@reddit
Linux
chrisp1992@reddit
Defender Suite, Intune, and Remote Help
khantroll1@reddit
Right now?
Trend, Hexnode, Splashtop.
Hobbit_Hardcase@reddit
For Windows, we use Intune and TeamViewer. We ran POCs with Defender, Crowdstrike, and ThreatLocker last year, but decided to stick with SentinelOne. I think that came down to a financial decision.
_Blank-IT@reddit
Eset, Intune, N-able
nethfel@reddit
Our organization is kind of entrenched into the MS ecosystem so we use Azure/Intune, windows defender and Splashtop for remote support.
Routine_Brush6877@reddit
+1 for Sophos MDR.