TCO Study of WSUS & SCCM

Find out why cloud-native SaaS platforms outperform traditional on-premises patch management & deliver significant TCO savings


Patch management remains an essential component of the IT industry as it is needed to protect infrastructure against security vulnerabilities, prevent crashes, and yield new updates enhancing the user experience. This downloadable whitepaper addresses the total cost of ownership (TCO) and other supplemental benefits between legacy on-premise patch management systems (i.e., Microsoft’s WSUS and SCCM) and cloud-based software as a service (SaaS) patch management providers like Automox.

This analysis reveals SaaS-based solutions are often less expensive when multiple operating systems (OS) are in use along with geographically diverse employee populations. SaaS is capable of scaling to meet the demands of remote-based workforces without any need to shift patch deployment techniques or alterations to company systems.


In our study, the cost component categories used to calculate TCO for patch management systems include the following:

  • Hardware product costs: The cost of hardware procurement (i.e., network equipment, storage equipment, and servers for data processing)

  • Software licenses: Software license costs that include the initial purchase price of software, which is subject to specific requirements (i.e., number of CPU cores)

  • Software maintenance: Maintenance license agreements with software companies which extend support for software over a period of months or years

  • Internal labor estimates: Internal labor estimates include time and cost for a specific resource to accomplish a given task such as decommissioning, patch testing, and scaling events

  • Service costs: Services encompass third-party services required to maintain or operate patch management software

  • Travel costs: Employee travel costs associated with upkeep, training, or similar activities

  • Leasing costs: Leasing costs for physical space such as co-locating data processing servers regionally

  • Disaster recovery costs: Unforeseen events that could cause disruptions in service


  1. Free tools are not the lowest-cost solution. Despite being “free,” WSUS lacks the components provided by a patch management solution, requiring an extensive increase in labor on behalf of the adopting customer to fill in the gaps. This results in a customer deploying various disparate solutions to manage systems. The diversity of software and configurations required increases overall management overhead, lowering the value of WSUS and increasing total cost of ownership.

  2. SCCM is riddled with hidden costs. SCCM is riddled with hidden costs including license fees such as databases, hardware deployment requirements, labor, professional services and more. Geographically dispersed, or larger organizations that do not have an infrastructure where most managed hosts are network adjacent, will suffer the most from these additional costs. The burden of upkeep for SCCM servers results in massive overhead, burdening large organizations and proving to be too taxing for smaller organizations who often remain non-compliant due to the technical and logistical challenges of patch management with SCCM.

  3. Automox is the lowest cost solution. Unlike competitors, Automox is capable of scaling both remote and on-premise without a shift in deployment technique or other costly labor or software changes. Automox’s pricing is much more straightforward, allowing customers to easily plan and scale without unforeseen costs or changes associated with hardware, support, or other components.

Download the whitepaper to understand how SaaS-based patch management like Automox has potential to substantially reduce costs vs. legacy platforms across every scenarios. The significant cost savings are most prevalent in scenarios where multiple OS are in use, or workforces consisting of heavily virtualized or entirely remote-based staff.

Get a demo today.

Dive deeper into this topic