Start Trial
All posts

The Snowball

Pete
engineeringproduct

In the first post, I talked about the patching problem that started all of this. What I did not mention was the snowball.

What started as a want for fully automated patch management quickly became a cascade of ideas. If this, then why not that?

Six Agents on Every Server

At the time I was tracking six agents on every server. Monitoring. MFA. Management with patching. Vulnerability scanning. Ransomware protection. EDR. Then on top of that I was managing a password solution, network discovery, and ITSM separately. Six agents, four separate tools, and none of them talked to each other in any meaningful way.

Why?

The management tool already has the ability to run anything as SYSTEM. It already has scripting functionality. At minimum it could go a little further and automate the workflows I was running manually. But it does not. Innovation from this industry is slow. New features take forever. A bug in the reporting engine took over 90 days to get resolved. Ninety days. For a reporting bug.

So I decided to start building Cadres. It started with patch management, but patching on its own is not enough. Patching without host management is useless. Host management without remote control is incomplete. Remote control without session recording is a security gap. You see the snowball forming.

I did what I do best. I committed to being all in on it. Every feature I could think of that was useful, integrated into a single data plane. Every manual workflow reimagined as automation.

The “Good Enough” Question

Now someone might say we are building a platform of tools that are all just average. We cannot be great at everything. My answer to that is we are not trying to be great at everything. We are great at the right things and good enough at the things that add value and make sense within the platform. The difference is that “good enough” inside a unified platform is better than “best in class” in a tool that cannot talk to anything else.

What Host Management Actually Looks Like

The host management feature has more capability than any other product on the market. If you are a server admin, you will never need to work outside of your RMM tool again. That is not marketing fluff. Here is what is in front of you when you open a host:

  • Real-time health metrics for CPU, memory, disk, and network
  • Network performance monitoring including latency, jitter, packet loss, and interface status
  • General configuration including OS details, hardware, and system properties
  • Out-of-band management for iDRAC, iLO, and IPMI configuration
  • Services control panel to start, stop, restart, enable, or disable any service
  • Running processes control panel with the ability to kill or inspect any process
  • User and group management on the host itself
  • Security posture including SSL certificate monitoring and vulnerability status
  • Software deployment with license compliance and usage tracking
  • Event and log viewer with filtering and search
  • Diagnostic tools that execute on the host: ping, traceroute, nslookup, netstat, port checks
  • SSH and PowerShell console directly in the browser
  • Remote control directly in the browser. On Windows, your security team is going to love that RDP is disabled by the agent when remote sessions are not in use. Security is baked in everywhere
  • File browser with upload and download

Every one of these runs through the agent. The backend is SaaS. It does not have network access to your hosts. The agent handles execution, the platform handles orchestration. That is the architecture.

MFA Without Another Agent

Remember that MFA agent I mentioned earlier? You do not need it anymore. You already have MFA on the RMM tool itself. When you connect to a host through Cadres, you are already authenticated with multi-factor. There is no need for a separate product bolted onto RDP just to satisfy an audit checkbox.

Locking It Down

For more secure workloads, any of these features can be disabled per host or per policy. Not every server needs a file browser. Not every team needs remote console access. The platform respects that.

Full Session Recording

Every action in the platform is logged. That includes full screen recording of every SSH, PowerShell, and remote control session. If something goes wrong, you can go back and see exactly who did what, when they did it, and where they clicked.

This is not just a nice-to-have for internal accountability. This is a game changer for third-party risk management and audit workflows. When an auditor asks “who accessed this server and what did they do,” you do not pull logs from four systems and cross-reference timestamps. You pull up the recording and hit play.

What Comes Next

The user and group management feature I mentioned is not just about managing local accounts on a host. It connects to something bigger. That is the next post.

If you are running multiple agents, multiple tools, and multiple dashboards to manage what should be a single workflow, start a trial.