Third-party maintenance can cut what you pay to keep post-warranty hardware alive by a large margin — but only if you're honest about what it does and doesn't do. This is the caveats-and-fit piece, not the sales pitch: where the hardware/software boundary really sits, why security patches are the line TPM won't cross, and a clear framework for when a refresh is the honest answer instead. Start with the free TPM Savings Calculator to see an indicative number, then read on before you sign anything.
What third-party maintenance actually covers
Strip away the marketing and TPM is a narrow, well-defined product: hardware break-fix. When a disk, PSU, DIMM, fan, motherboard or line card fails on kit that's out of warranty or past end-of-service-life, a third-party provider diagnoses it, ships a replacement part and — depending on your SLA — puts an engineer on site to swap it. Providers hold spares, run multi-vendor engineering desks and cover servers, storage and network gear from Dell, HPE, Cisco, NetApp, Lenovo and others under one contract.
The honest framing is that TPM buys you two things: break-fix cover at a discount, and the freedom to defer a refresh you don't yet need. Gartner puts the discount at 50–70% off OEM support net prices (Market Guide for Data Center and Network Third-Party Hardware Maintenance, 2019, ID G00414695). That's a band, not a promise — where you land depends on your estate, vendor and current renewal. See what third-party maintenance is for the full definition.
The line TPM won't cross: firmware and security patches
Here's the part most providers gloss over. An OEM support contract bundles more than break-fix — it also gates firmware updates, software feature releases and, critically, security patches behind an active entitlement. A third-party maintainer replaces your failed hardware; it cannot issue Dell, HPE or Cisco's proprietary firmware and security fixes, because those live behind the vendor's own login and licence. That capability stays with the OEM.
For most infrastructure this gap is manageable. Firmware on a stable, patched box rarely needs to change, and break-fix is what actually keeps the lights on. But for anything internet-facing, anything in a regulated data path, or anything a scanner will flag — the patch gap is real and you should treat it as such. This is the single most important distinction between third-party maintenance and OEM support, and any advisor who doesn't lead with it isn't being straight with you.
Compliance and un-patchable systems: when a refresh is the honest answer
If a system must stay patched to satisfy a control — Cyber Essentials Plus, PCI DSS, NHS DSP Toolkit, ISO 27001, a cyber-insurance clause — then a security update you can no longer obtain is a finding waiting to happen. TPM keeps that hardware running, but it doesn't close the vulnerability, and no maintenance contract can paper over an auditor's checklist. When the box sits in a compliance-critical path and the OEM has stopped shipping patches, the honest recommendation is a refresh, not a maintenance renewal.
We say this even though we sell TPM, because the alternative is misleading you into a contract that leaves a hole in your posture. The nuance: not every legacy box is in that path. An isolated storage target on a segmented VLAN, a lab environment, a batch-processing node behind three firewalls — those can often run safely for years on break-fix cover. The job is to sort the estate honestly, and that starts by knowing exactly when OEM support ends for each asset.
When TPM is genuinely the smart call
TPM earns its keep when hardware is reliable, the workload is stable, and the only thing the OEM renewal really buys you is the same break-fix you can get for far less. Classic fits: storage arrays holding cold or archival data, second-site or DR kit, network gear on a mature topology, and servers running an appliance-like workload that won't change. In these cases you defer a capital refresh, redirect the saving, and lose nothing that matters. Providers report life extension of 3–5 years, up to 7, past end-of-service-life — indicative, not guaranteed.
The economics compound on storage under third-party maintenance, where OEM post-warranty renewals climb steeply in the final years. If you've already been quoted a refresh you're not ready for, run the numbers against refurbished hardware or a phased spread via the IT finance calculator before you commit. Whatever the maths says, treat it as indicative and confirm it with a free Servnet audit — never a quotation pulled from a table.
A framework you can actually apply
For each system, ask three questions in order. One: is it in a compliance-critical or internet-facing path that must stay patched? If yes and the OEM has stopped shipping security fixes, refresh — TPM doesn't cover that gap. Two: if the patch question is clear, is the hardware reliable and the workload stable? If yes, TPM is likely the smart, cheaper call. Three: is a refresh already due for capacity, performance or power reasons? Then TPM only makes sense as a short bridge, not a long-term plan.
This is deliberately un-clever. The value isn't in a scoring model; it's in refusing to pretend a maintenance contract solves a patching or capacity problem it can't touch. Vendor-specific nuance still matters — Dell ProSupport, HPE Tech Care and Cisco SmartNet renewals each bundle things differently — so use the framework to triage, then get the estate audited before you renew or refresh anything.