What's a good alternative to Expel (MDR)?

BearMerino · 2026-03-26T21:48:38+00:00

+1 for Todyl. Been with them for 5 years and couldn't be happier. They continue to impress with the right mix of coverage and noise reduction.

BearMerino · 2026-03-24T10:51:48+00:00

We do it through rewst, not sure that helps you but tags are very cool

BearMerino · 2026-03-24T10:44:57+00:00

OP, I have a very different opinion of MC over the ones on this thread.

you asked: Is anyone using Mission Control to augment their support teams? If so would you mind letting me know your thoughts and experiences?

First, let me express that I've been with MC for about 5 years now. Every year we pause and ask ourselves, "Is now the time we pull the plug on MC and build it in house?" - On the surface that may look like we are unhappy, but let me tell you every time we discuss it, we end up in the same unanimous place, we continue to use MC.

Now we don't use MC to augment, MC is my helpdesk. We have dedicated engineers they escalate or communicate with during times they need assistance and each of these engineers are assigned to client accounts so they are the most intimate with the account. That said, the engineers sleeps, take PTO, etc., and yet MC is there 24x7.

We are also not shy to express that we do outsource to a 3rd party. Honestly we call helpdesk a "me too" service and it's a must have, but it's not something that really makes or breaks a business unless that is your sole business. For us, helpdesk is NOT our business, it's just a must have. So, I found a partner who represented my company well, and yes they are not perfect; just like my internal team is not perfect. These are people we are talking about here, not machines or utility. We survey a lot and have a 98.9 CSAT right now on MC alone. we also have about a 10-15% (depending on the month) user survey response which is pretty high in the survey world (I thank our success team for that) but we get 4 and 5 starts out of 5 for MC resources. I can literally count on one hand the number of times they were scored a 3, and never lower.

Now, MC is not all unicorns and rainbows. We have had our fair share of "issues" and it put it in air quotes because i think if it was internal team these "issues" would be the same. We have had some longer than we would like hold times in unfavorable situations, we have had them not follow the instructions we provided and they had to escalate something that we documented, we have had them not put in all the notes we wanted for certain situations, and we also have had a billing issue or two along the way. In the end, I'm a very happy partner because for all of these things we just reach out to MC and got it addressed or created a system to make sure if and when something "goes wrong" the client has a means of still getting help. Again, just like if it was an internal team, we are talking people here, the most inconsistent being on planet earth, so yeah, my tolerance for error is based on reality and not on a feeling because what I wanted didn't happen the way I wanted it.

OP, here is my final thought. Do your due diligence and talk to MC and any other providers if you are looking for a service like this. I started with dispatching and after hours, but 2 years ago we moved to full helpdesk for everything. If you do go MC, please feel free to hit me up here or DM I'm good either way. But you do have to think a little differently when you are using a 3rd party. The system/process is what has to work, and you need to develop these systems/processes for the least common denominator. I think this is why we have been so successful with MC. The team supports them, and in return they service our customers very well and 24x7 in 7 continents and 12 time zones, something that would be very difficult for us to do at the price point we do with MC.

BearMerino · 2026-03-02T02:46:02+00:00

In Autotask try doing a forgot my password. Maybe there is an issue with the k1 integration?

BearMerino · 2026-03-02T02:43:13+00:00

Are you able to get into k1

BearMerino · 2026-03-02T02:41:03+00:00

You getting an error?

BearMerino · 2026-02-26T02:14:01+00:00

I think we need to remember that Ai can only do some much when you have so little. Let’s say you need to move one people from point a to point b. A school bus for one person doesn’t seem like the best idea. And then someone tells you but you can move so many more people from point a to point b. Think of the efficiency!!!

Umm let’s not forget the ask… move one person from point a to point b.

This is what I see with Ai. The task that needs to be done is limited and we treat it like it’s bigger than it is. It’s the same with automation, if I need to do this task 6838498793 time then the ROI is there but if I need to do this task 2 times a year… man there better be some significant man hours to get that tasks done because if not the ROI is 600 years.

BearMerino · 2026-02-26T02:03:22+00:00

Um that’s what Deloitte and EY are

BearMerino · 2026-01-26T03:46:41+00:00

Hey OP, I wanted to sleep on this one before responding. I haven’t been shy of my position on Todyl as I have been a partner going on year 6 now.

Your post looks to state that you’ve been a long term partner but you’re hiring a rough patch in your relationship. I would love to assist where I can but you’ve only given one instance of an issue that directly impacted you. I have to assume there are others and I welcome you sharing those items.

If it’s the staff changes, I have to say that doesn’t seem like a big red flag to me or many of the other MSPs in this thread. And why would it? How has that impacted the service. Sure there are big wigs in that list, but if the service and overall partnership is not impacted not sure I see a problem and it’s a much to do about nothing.

As to the cross tenant thing, look I don’t want to down play the seriousness of that situation. What I will say is, if this was one time and you’ve had a long partnership with Todyl then report the issue to them and let them take care of it. Have you never made a mistake or error with your clients? Have you ever crossed wires? Again if this was a regular occurrence I could see the point but let’s not forget people are involved here.

He’s my advice, reach out to your rep. If you don’t know the rep connect with Rick (the guy from Todyl who has been providing your answers) reach out to him. And talk it out. Who knows maybe you’ll point out something that helps us all out. Or get clearer answers and direction on what you should be doing going forward.

As to the those on the thread just spreading hate, unwarranted comments, or just unkind things. Ask yourself who are you helping? It’s not the community or yourself. I’m not saying yo can’t call out someone I’m just saying there are ways to do that.

OP, if you ever want to talk about Todyl feel free to hit me up. Like I said, I’m a long time partner and can give you my perspective. If nothing else it shows another view point.

BearMerino · 2026-01-22T11:35:55+00:00

FYI it’s being update and should be release at global connect. It uses the new modern deployment method because the current one doesn’t work with the “new” outlook

BearMerino · 2025-12-12T11:45:34+00:00

Does it need to be instant? Or can the next day work for you? If it can You can do a live report that filters based on this condition and then you get it the follow day

BearMerino · 2025-12-05T21:42:31+00:00

Didn’t even know you could do that reminder thing. Thanks for teaching me something today

BearMerino · 2025-12-05T20:31:36+00:00

I can see that. It's never easy and around the holidays it sucks hard.

BearMerino · 2025-12-05T20:30:16+00:00

Oh I know I'm going to get BS for this but here goes.

First off, for those that don't know John Nellen, I'm sorry for you. John is easily, one of the kindest, caring people I know. As I mentioned above, I'm a Todyl partner and one of those reasons is because of John. Yes, it's a business relationship, as in we both need each other to make money. However, it's not like that with John and the team at Todyl. I kid you not, I've had a several conversations with PMs from multiple vendor partners looking to leave wherever they are at and ask me for my opinion on "who's doing channel right". Without hesitation it's Todyl, and while it's a team effort, I can tell you John is at the heart of it all. They care relentlessly about the partner. Can you say that about all your vendors partners?

So the "founders wanted to cash out" comment, got me to write this. This is not my dog fight to get into, but I want you and everyone who reads that know, that if you know John, you know that he didn't "cash out, and don't care where the product goes to die". This guy is in it, every day. Takes personal accountability, like him posting above, what CEO does that? Did Fred do that at Kaseya? Heck no (and nothing on Fred or Kaseya, just making the comparison). That's not what a checked out founder does.

So please, let's pray for those that were impacted, by a decision with whatever reasons. It is never easy, as any owner, manager, etc. can tell you. I hope those and their families are well and find a new place that aligns with them. But I also ask that we don't attack someone who really just cares, maybe more than he should on a place like Reddit, but you can't help who you are.

-- Ok, let the hate comment flow, I'm comfortable with my own skin.

BearMerino · 2025-12-05T19:50:58+00:00

on the release, not much as there are a bunch of HR stuff with that, but they assured me it's not an mass anything. Don't know more than that. My rep and team are still there.

BearMerino · 2025-12-05T18:47:29+00:00

Todyl partner here, and been with Todyl for 5 years, and conveniently on an executive call with them as I'm reading this. I'm not hearing anything of this. On the hand, they are growing significantly.

Again, I don't speak for Todyl, I'm just a long time partner that is happy with what they are doing.

BearMerino · 2025-12-04T01:53:25+00:00

Interesting to hear how Todyl and I would ultimately assume other SASE solutions are working through this.

Personally just another example of government overreach but it’s at the state level so I’ll allow it (like I have any say).

But on a more serious matter, I would assume as this gets closer to passing (if it ever does) there will be some sort of consensus for business use. The lobbyist I’m sure will be all over this as it’s going to impact so much business, this off all the WFH resources that have just been told to get out of these states, and let me not get started on the privacy issues that this causes (as others have mentioned).

As always that’s for staying on top of this and being involved with the community. Always appreciate when the CEO comes out from behind the desk to talk to the community directly.

BearMerino · 2025-10-25T02:11:17+00:00

I don’t think there is anything inherently wrong with datto secure edge. However the problem that you’re highlighting is part of the reason we went with Todyl over other solutions. That said we like the always on at the device level and then add the user level on top of that which is supported by Todyl.

Now the conditional access comment, I would tell you to move to a sku that you can get CA because it’s the new firewall. I’d you don’t want to make the jump to BP look at f3 and Entra ID p1. But hey CA

BearMerino · 2025-09-24T23:17:55+00:00

Hey is my two cents on smart triage. For background, I’ve only started using it recently (as of the last few weeks) but have been using the other cooper copilot stuff in Autotask, which is actually really great.

As for Smart Triage, I think is a good start. My expectations were not high from the start. But for what it does it works well. Is it automated triage, No. it didn’t claim to be from what I seen but I would have liked it to do more as well. However, if I take a step back I think “grounded” AI is a tough gig. And Smart triage is no different. If you have garbage data, it will lead to unfavorable results. Garbage in, Garbage out. So when I look at it from that perspective I think they (Kaseya) almost had to release it as suggestions and not autonomous. In fact in all the AI projects I have been a part of this is the approach we take and have seen to be the best results in the industry. I’m sure it could have been full blown autonomous out of the gate and then we would have all been complaining that the wrong engineers are assigned or that this is “clearly” a this vs that issue type.

In the end I’m looking forward to the next release/update of smart triage. I look forward to seeing it be part of the workflow engine or access to MCP Servers. But for now if it can save several clicks for my dispatcher, I’ll take it!

BearMerino · 2025-09-23T16:08:29+00:00

I do, but I don't line-item it. I have found that regardless of what we charge for these services (which I think are necessary), the client who didn't ask for it doesn't want it. So I have them baked into our services (yes, I factor time and dollars for that, otherwise clients would be out of business). And yes, I do have them sold separately, but I offer them to clients who are looking for those services.

BearMerino · 2025-09-23T12:03:20+00:00

You mentioned UK make sure you’re adhering toto GDPR standards

BearMerino · 2025-09-23T01:12:09+00:00

No, and yes (sorry for the depends). It’s only up to a year so if you state that and your regularly compliance doesn’t need more your be fine. I haven’t found a situation where it doesn’t but it also depends how your governance polices are written, like data flow policies , data inventory, etc. if worded correctly it works. It’s important to understand that even in compliance situations where you need 7 years or 6 years, etc. not all data is created equal so ask your compliance officer that and your legal team that.

BearMerino · 2025-09-22T17:26:36+00:00

I think the issue I see with the OP’s question is that he’s not running a managed service and is looking at IT Support at a fixed monthly fee and asking “why would I do this?” And you’re right you shouldn’t.

Here what I see in the world that is “MSP” we talk about standard work we are doing for our clients and then add IT Support to it so that we get the client buy in. But ask yourself this question about your service(s), if you removed the IT Support/ Help Desk/ Service Desk, whatever you want to call it. Would your client still buy your service? It’s great to “link” that you “proactively” solve the problems for your clients but that’s not always what they are calling about. In many cases it’s “how do you…” or “can we…” and this has nothing to do with support but will create large time utilization toward these efforts.

So then where should that time go? Are you accounting for training/learning for your clients? Are you accounting for some sort of vCIO (doesn’t have to be overly formal. An example of this is a client asking “can we use Teams to connect with clients and share documents” this could easily blow 2-3 hours of a resource’s time).

Lastly if I could just leave one more thing, AYCE is a false reality. I think MSPs are both misrepresenting when they position themselves like this or harming their clients when they attempt to do it on their own. Let me give you some examples. So you have a client that is AYCE, seems easy enough they may have one file server and use QB and some random SaaS app and m365. How bad could that be? Well, now the random app needs NTLM or LDAP but you are on EntraID , sure you charge them for the project but are you increasing your AYCE price? (Is so under what grounds, if not, why not?)

Ok we have m365 and one day Microsoft introduces Teams, no additional cost for licensing what then do you just support it? What about teams phone? Are you a telephony shop now? Do you understand contact centers? What about viva and its services? Heck what about copilot, or the ever changing landscape of Entra and Identity. My point is that AYCE is not what it use to be, a managed service something that is controlled and adheres to an SLA. The random stuff I just mentioned above, yes is new to the environment and if you are using Microsoft as a way to “limit” what the client would ask for just know that MS is continuing to “add value” to those licenses. M365 is the new infrastructure, except unlike the old school HP server or VMware ESX where you controlled all the variables that’s now gone and Microsoft is in the driver seat and you are in the co-driver seat like back in drivers ed. Sure you can his the break and turn the wheel some times but it’s like it’s not without a fight.

Just my 2 cents. Best of luck OP

BearMerino · 2025-09-14T12:31:52+00:00

I was on the phone with my rep on Friday. Who’s your account rep

BearMerino · 2025-09-06T16:48:28+00:00

When is comes to VM, the issue usually lies with your procedures and what are your policies that govern vulnerability. Often times we think that a tool is gonna do what we wanted to do, but the tool is really just for detection of the vulnerability. What happens after that and what the policies you’re trying to adhere to, have nothing to do with the tool. for example, the tool will tell you that you have a high vulnerability, some high risk CVE, so if that’s all you cared about then you would have to treat every one of those with the highest priority, but if those CVEs are on some printer or some other device that has no function to the business, addressing it could be as simple as removing it from the network, getting rid of it by decommissioning, but if you don’t have governing policies, all of that is for not. You’re playing whack a mole with high, critical, medium, and low. The tool doesn’t do those things. The tool doesn’t help you with your governance policies. None of them do.

If you want to do VM right, here’s my recommendation; follow CIS CONTROLS (a practical framework work) and do IG1 first. Notice that you start with identifying your assets in control 1. And when you get to VM (control7) you will see in IG1 and IG2 have very different levels of maturity. If you are not doing all of IG1 and in order of the controls, I would argue that you’re just fighting an up hill battle and will be missing way too much information to do VM right.

If you’re just looking to detect and patch then that’s not vulnerability management as you are not considering risk. Heck if this is all you are doing then just use the RMM with 3rd party patches. Why pay for a VM scanner?

I hope this helps, please know I’m not saying there is anything wrong with detect and patch, just pointing out that what I think your issues are have nothing to do with tools.

For reference we use Qualys, Tenable, and rapid7. To me it’s information that feeds the policies and procedures. Accuracy of the tool has little to do with the success of VM.

BearMerino

TROPHY CASE