UK’s trusted IT infrastructure partner since 2003
Servnet
FinanceToolsConfiguratorGet in Touch
Third-Party Maintenance, Honestly: Cover, Gaps & When to Refresh — analysisThird-Party Maintenance, Honestly: Cover, Gaps & When to Refresh — analysis — reach
Hardware Maintenance · Cost & ROI

Third-Party Maintenance, Honestly: Cover, Gaps & When to Refresh

Servnet Editorial · Hardware Maintenance Practice9 min read

Third-party maintenance can cut what you pay to keep post-warranty hardware alive by a large margin — but only if you're honest about what it does and doesn't do. This is the caveats-and-fit piece, not the sales pitch: where the hardware/software boundary really sits, why security patches are the line TPM won't cross, and a clear framework for when a refresh is the honest answer instead. Start with the free TPM Savings Calculator to see an indicative number, then read on before you sign anything.

What an OEM support contract bundles — and where TPM stops
5Hardware break-fixDiagnosis, spares, on-site engineer — TPM COVERS this4Spares & parts logisticsStocked replacements, RMA — TPM COVERS this3Firmware updatesOEM-proprietary — TPM does NOT supply2Security patchesBehind OEM licence — TPM does NOT supply1Software feature releasesOEM entitlement only — TPM does NOT supply

What third-party maintenance actually covers

Strip away the marketing and TPM is a narrow, well-defined product: hardware break-fix. When a disk, PSU, DIMM, fan, motherboard or line card fails on kit that's out of warranty or past end-of-service-life, a third-party provider diagnoses it, ships a replacement part and — depending on your SLA — puts an engineer on site to swap it. Providers hold spares, run multi-vendor engineering desks and cover servers, storage and network gear from Dell, HPE, Cisco, NetApp, Lenovo and others under one contract.

The honest framing is that TPM buys you two things: break-fix cover at a discount, and the freedom to defer a refresh you don't yet need. Gartner puts the discount at 50–70% off OEM support net prices (Market Guide for Data Center and Network Third-Party Hardware Maintenance, 2019, ID G00414695). That's a band, not a promise — where you land depends on your estate, vendor and current renewal. See what third-party maintenance is for the full definition.

The line TPM won't cross: firmware and security patches

Here's the part most providers gloss over. An OEM support contract bundles more than break-fix — it also gates firmware updates, software feature releases and, critically, security patches behind an active entitlement. A third-party maintainer replaces your failed hardware; it cannot issue Dell, HPE or Cisco's proprietary firmware and security fixes, because those live behind the vendor's own login and licence. That capability stays with the OEM.

For most infrastructure this gap is manageable. Firmware on a stable, patched box rarely needs to change, and break-fix is what actually keeps the lights on. But for anything internet-facing, anything in a regulated data path, or anything a scanner will flag — the patch gap is real and you should treat it as such. This is the single most important distinction between third-party maintenance and OEM support, and any advisor who doesn't lead with it isn't being straight with you.

Compliance and un-patchable systems: when a refresh is the honest answer

If a system must stay patched to satisfy a control — Cyber Essentials Plus, PCI DSS, NHS DSP Toolkit, ISO 27001, a cyber-insurance clause — then a security update you can no longer obtain is a finding waiting to happen. TPM keeps that hardware running, but it doesn't close the vulnerability, and no maintenance contract can paper over an auditor's checklist. When the box sits in a compliance-critical path and the OEM has stopped shipping patches, the honest recommendation is a refresh, not a maintenance renewal.

We say this even though we sell TPM, because the alternative is misleading you into a contract that leaves a hole in your posture. The nuance: not every legacy box is in that path. An isolated storage target on a segmented VLAN, a lab environment, a batch-processing node behind three firewalls — those can often run safely for years on break-fix cover. The job is to sort the estate honestly, and that starts by knowing exactly when OEM support ends for each asset.

Is this system a fit for TPM? (illustrative signal map)
TPM fit — control mapS1Hardware reliable, workload stableCORES2Not in a compliance-critical or internet-facing pathCORES3No pending OEM security patch requirementCORES4Past or near end-of-service-lifePLUSS5Archival, DR or second-site rolePLUSS6Refresh not yet due on capacity or powerPLUSS7Multi-vendor estate under one contractOPTS8Segmented VLAN or isolated networkOPT

When TPM is genuinely the smart call

TPM earns its keep when hardware is reliable, the workload is stable, and the only thing the OEM renewal really buys you is the same break-fix you can get for far less. Classic fits: storage arrays holding cold or archival data, second-site or DR kit, network gear on a mature topology, and servers running an appliance-like workload that won't change. In these cases you defer a capital refresh, redirect the saving, and lose nothing that matters. Providers report life extension of 3–5 years, up to 7, past end-of-service-life — indicative, not guaranteed.

The economics compound on storage under third-party maintenance, where OEM post-warranty renewals climb steeply in the final years. If you've already been quoted a refresh you're not ready for, run the numbers against refurbished hardware or a phased spread via the IT finance calculator before you commit. Whatever the maths says, treat it as indicative and confirm it with a free Servnet audit — never a quotation pulled from a table.

A framework you can actually apply

For each system, ask three questions in order. One: is it in a compliance-critical or internet-facing path that must stay patched? If yes and the OEM has stopped shipping security fixes, refresh — TPM doesn't cover that gap. Two: if the patch question is clear, is the hardware reliable and the workload stable? If yes, TPM is likely the smart, cheaper call. Three: is a refresh already due for capacity, performance or power reasons? Then TPM only makes sense as a short bridge, not a long-term plan.

This is deliberately un-clever. The value isn't in a scoring model; it's in refusing to pretend a maintenance contract solves a patching or capacity problem it can't touch. Vendor-specific nuance still matters — Dell ProSupport, HPE Tech Care and Cisco SmartNet renewals each bundle things differently — so use the framework to triage, then get the estate audited before you renew or refresh anything.

TPM or refresh? Triage each asset
Must it stay patched, and has the OEM stopped shipping fixes?
Yes — compliance-critical, patches gone
Refresh (honest answer)
No — reliable & stable workload
TPM (smart, cheaper)
Refresh already due (capacity/power)
TPM as short bridge only
Key takeaways
  • TPM covers hardware break-fix, spares and engineering — and lets you defer a refresh — but it does not supply OEM firmware or security patches.
  • The saving is real but a band, not a fixed figure: 50–70% off OEM support net prices (Gartner 2019,).
  • If a system must stay patched for compliance and the OEM has stopped shipping fixes, a refresh is the honest answer — TPM won't close that gap.
  • TPM is the smart call for reliable, stable, appliance-like or archival kit; providers report 3–5 (up to 7) years of life extension past EOSL — indicative, not guaranteed.
  • Triage every asset by patch-criticality first, then reliability, then whether a refresh is already due — and confirm any number with a free audit, never a quote.
Frequently asked

FAQs — Third-Party Maintenance, Honestly

Does third-party maintenance include security patches?

No. This is the key limit. TPM covers hardware break-fix, spares and engineering, but it cannot supply the OEM's proprietary firmware and security patches — those stay behind the vendor's own licence and login. For stable, well-patched or isolated systems that gap is manageable; for anything that must stay patched for compliance, a refresh is the honest answer, not a maintenance renewal.

How much does third-party maintenance actually save?

Gartner puts it at 50–70% off OEM support net prices (Market Guide for Data Center and Network Third-Party Hardware Maintenance, 2019, ID G00414695). It's a band, not a fixed figure — where you land depends on your vendor, estate and current renewal. Any specific number is indicative and should be confirmed by a free Servnet audit, never treated as a quotation.

When should I refresh instead of taking TPM?

Refresh when a system sits in a compliance-critical or internet-facing path and the OEM has stopped shipping security patches, or when a refresh is already due for capacity, performance or power reasons. TPM suits reliable, stable, appliance-like or archival kit where break-fix is all you truly need. Triage each asset by patch-criticality first — see when OEM support ends.

Related

Continue reading

More in Cost & ROI

Got a question this article didn't answer?

One conversation with an engineer who's done this before. No sales script.

Talk to Servnet →

Talk to a UK specialist

Get expert advice or a no-obligation quote — servers, storage, networking, maintenance, finance and cloud. We reply the same working day.

or call 0800 987 4111