Datto Inc. has officially pulled the wraps off an updated edition of its Datto RMM solution featuring patch management for third-party software and a new, less disruptive approach to remote maintenance sessions using Microsoft’s PowerShell scripting tool.
Rolled out to Datto partners in December and spotlighted by the Norwalk, Conn.-based vendor in a press release today, version 6.5 of Datto RMM lets technicians ban selected applications from specific endpoints and automatically update those systems to the latest version on devices authorized to run them.
The benefit in both cases is safer end user environments at a time of rampant virus outbreaks and ransomware attacks, according to Ian van Reenen, Datto’s vice president of engineering. Though RMM solutions generally do an effective job of keeping operating systems like Microsoft Windows patched, he says, most are incapable of limiting users to the latest, most secure versions of broadly-deployed products like Adobe Acrobat Reader and the Google Chrome browser.
“Because they’re very often small applications, they get installed widely across endpoints and then seldom updated,” says van Reenen of such applications, adding that hackers are aware of that fact and increasingly exploiting it. “It’s really key for our partners to stay on top of updating all that third-party software,” he says.
Earlier editions of Datto RMM allowed users to create custom patching routines for third-party software and execute them manually. Version 6.5 is the first to automate that process, however.
The new feature lets users set policies for which devices can and can’t run supported third-party tools. Based on those rules, Datto RMM’s locally-installed agent checks endpoints every 60 seconds for the presence of those systems and which version is in place. It then automatically deletes any application that shouldn’t be installed and updates systems that have fallen out of date.
A number of vendors, van Reenen notes, sell solutions offering similar functionality. “It’s an additional cost,” he says of such products. “It’s not integrated, you can’t report on it, [and] you can’t see across an entire estate.” Datto RMM, by contrast, patches third-party software through the same interface technicians use to perform other administrative tasks, and produces summary reports on the process as well.
“The MSP gets complete visibility of what is vulnerable and hasn’t been patched and what has been patched, so they can also demonstrate value to their customers,” van Reenen says.
The new feature covers 11 applications in all at present, including not only Adobe Acrobat Reader and Google Chrome, but Mozilla Firefox, Microsoft Skype, Adobe AIR, Adobe Flash Player, and Shockwave as well. The system also patches Datto’s own backup client. “That’s obviously often deployed across organizations and we want to make sure that people always have the latest version,” van Reenen observes.
Datto based the initial lineup of supported systems on research into which third-party products are both most used and most vulnerable. The company plans to add more solutions to the list in the future.
The new PowerShell feature lets technicians run that popular utility on remote endpoints in an encrypted, secure background session without interrupting the user by taking complete control of their device. According to van Reenen, tools from other vendors with comparable capabilities usually incorporate only a subset of PowerShell’s functionality. Datto RMM, on the other hand, supports full, native PowerShell sessions.
Datto, which has been updating its RMM system roughly every six weeks since last summer, has already begun rolling out version 6.6 of Datto RMM. The new release will export detailed information about patch management and other topics to the company’s Autotask PSA platform, so technicians working a ticket can see which devices are and aren’t fully patched without consulting a separate interface.
“It gives them a very nice clear overview of what jobs need to be done and when,” van Reenen says, adding that users can expect minor Datto RMM updates to continue arriving frequently in the future.
“The release cadence has picked up, and we’ve certainly found that our partners prefer that we put out smaller more regular releases rather than big ones,” he says. Smaller updates, he continues, get new functionality out to users faster and require less technician training.
Datto RMM was known as Autotask Endpoint Management until last June, eight months after Datto merged with Autotask in conjunction with its acquisition by private investor Vista Equity Partners. The company told ChannelPro last year that it planned to update both its RMM and PSA solutions more frequently.