Cadres RMM
RMM is the Cadres IT operations product. One agent covers endpoint management, patching, privileged access, workflow automation, ITSM, vulnerability management, Active Directory, compliance, monitoring, backup, and discovery. It is built for teams that want a single operational data model instead of six agents, four dashboards, and a shared password spreadsheet.
RMM Scope
Ring deployment with adaptive sizing from live service group topology, risk-weighted canary selection, and pre/post fingerprint comparison for drift-triggered rollback — not just install-failure rollback. A global kill switch force-cancels in-progress agent jobs across every organization. A 7-metric KPI dashboard covers MTTR, rollback rate, false positive rate, and circuit breaker precision.
Credentials live in the vault. Nobody knows the password — not the operator, not the admin, not whoever created the account. Checkout grants access for a session. Check-in triggers automatic rotation. Break-glass sessions always rotate on return, no exceptions. Seven credential types across five rotation providers, all through the same audit-logged system. Workflow steps check out credentials programmatically with the same trail as a human operator.
A workflow is a graph of steps. PAM checkout, human approval with configurable quorum, conditional branching, parallel fan-out, delay, webhook, and host script execution are all first-class step types. Runbooks connect platform events to workflows with rate limits, cooldown windows, and stabilization validation metrics. Simulation mode predicts exactly what would execute before touching a single host.
Fourteen capability areas in one surface per host: health metrics, network performance, services, processes, user and group management, file browser, SSH and PowerShell console, remote control, software, security posture, diagnostics, OOB management. Every SSH, PowerShell, and remote control session is fully screen-recorded. RDP is disabled by the agent between sessions.
Why Teams Start Here
01
Define rings. Let the system size them from service topology. Send canaries first — specifically the hosts with high failure history. Compare fingerprints before and after. Roll back automatically on drift. If something goes wrong across all organizations, one kill switch stops everything and cancels jobs already running on agents.
02
Every credential checkout is logged with who, when, and why. Every session is screen-recorded. When an auditor asks who accessed a server, you pull up the recording and hit play — not four log streams and a timestamp reconciliation exercise. PAM audit trail and session recording are the same system, not separate tools cross-referenced after the fact.
03
An alert fires. A runbook triggers a workflow. If it is a P1 with three or more affected hosts, the major incident workflow launches automatically. Problems auto-detect recurring patterns from incident history and maintain a known error database. GPO changes that have a correlated approved change record are flagged as authorized. GPO changes with no matching change record are flagged as unauthorized. The full chain — alert, investigation, workflow, incident, problem, change, resolution — runs on one platform with one audit trail.
Evaluation
RMM belongs alongside Portal, Meridian, and Keystone, but it stands on its own when patching, privileged access, service workflows, and infrastructure control are the center of the conversation — and when you are tired of explaining why six agents were needed to do what should be one platform's job.
