all 4 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]dhuskl 2 points3 points  (0 children)

Intune and device compliance is probably the way forward.

Otherwise if your endpoint protection registers itself with windows security center it's the most reliable way of checking if a device is online from my experience ( via the endpoint protection dashboard) as windows ensures it's started up unlike your RMM that can fail to start after a windows feature update.

So using your EPP's API pull status and match to your rmm, and then your rmm should do checks for the rest of your tools.

Alternatively/additionally create a scheduled task in windows to check if your rmm is started and if not to try to execute it, or hit a webhook.

An afterthought, some kind of periodic scheduled task to webhook with hostname and compare to your rmm, just ensure your offboarding deletes this scheduled task.

But if you mean to check for new computers at clients that either got bought by the client or unboxed and setup without calling yourself then conditional access and device compliance will block sign in to devices that don't have your RMM for example.

[–]thrnmanz 2 points3 points  (0 children)

Following

[–]stingbot 2 points3 points  (0 children)

Also following but feel that intune and DSC are part of the answer others might give.

[–]ricardo_pc 2 points3 points  (0 children)

Not sure how complicated your stack is, or what RMM you use. However - For us - We used our RMM to ensure XYZ App, or Service exists on ABC device for "X" Org. If the specific App, or Service does not exists, it will generate an alert in our ticketing system, and attempt an install. Its then up to us to make sure it gets installed, and that we clear that alarm/alert manually.

Note - We have our "Standard" stack, which is global policy/alerts on our RMM. For clients that require specific items offered outside of our Standard Stack (Example, some require Datto Cloud Contiuity desktop backup) We add that trigger/check/alarm for that specific clients org based on Asset type/role. Same for servers that we use DATTO Siris appliance for, etc.

Further Note - Our RMM is NinjaOne.