Posted by Kevin Kaminski at (


Are you one of the few remaining administrators who double checks that the Configuration Manager client has been completely deployed to all endpoints?

Despite there being fewer hours in the day (at least it feels that way), I still make time to assess the health of each agent and remediate issues as efficiently as I can. It’s time I’d rather invest elsewhere, but I believe it’s that important.

As you can imagine, when Martins Kurtis at UonCloud ( gave me a demonstration of his new product, SupTool, I was impressed by its innovative approach to this time-consuming problem. Now that I’ve been evaluating it for a few months, I thought it was time to share some of its strong points with you.

One of Martin’s goals with SupTool is to simplify endpoint health assessment and remediation as well as add value to existing solutions. It was not designed to replace the Configuration Manager Client Health feature but complement it.

While Configuration Manager Client Health checks have evolved considerably over the years, in my experience, they cannot maintain a healthy environment. The Configuration Manager Client Health mechanism only works for systems that already have the client installed, which for large organizations, still leaves a lot of machines in limbo.

What impresses me about SupTool is that UonCloud opted to build an agentless server architecture hosted in Azure. Using an agentless solution ensures that there is less of a dependency on the machine state, which makes the solution more resistant to issues with the operating system health of the endpoint. Moreover, an agentless solution directly tackles the issue of time-consuming endpoint assessment because it can rapidly be implemented and begin reporting valuable insights right away.

SupTool’s architecture and technical requirements leave a relatively small footprint within your local environment, which translates into minimal on-premises infrastructure.

For those of you concerned about data security and transmitting data back and forth from the cloud, information sent to Azure can be hashed using a custom key. SupTool also allows you to customize your tenant name, which you can use to keep your organization’s identity anonymous.

Because the product is managed using modern application development techniques and hosted in the cloud, it comes very close to being a SaaS application for your infrastructure. This means that the product is continually evolving to deliver more value at a rapid pace when compared to traditional management products.

Currently, a new feature is in preview; you can host critical patches on a network share and have SupTool ensure that the .msu patch files are applied to the device. Being able to have a backup patch management tool can be critical for preventing or containing a zero-day exploit that is in your environment. Back in the late 90s, I worked for a telecommunications company that made an in-house backup management tool for this exact scenario, and because of more evolved threats, this backup patching capability seems to be something I am seeing more and more customers invest in.

In all I find the innovative approach of the product to be refreshing because I am a huge cloud proponent. I am glad to see yet another vendor trying to leverage the cloud to make an easy to implement and maintain solution that eliminates the need for many tedious hours of maintenance each month to ensure proper operation of key management infrastructure components. The product is subscription based, and the lack of upfront infrastructure and setup make for a very small upfront commitment of time and infrastructure to implement.