Gaining Better Insight, Management and Security (and lower TCO) with Microsoft System Center Configuration Manager

Microsoft System Center Configuration Manager (SCCM) and the former Systems Management Server suite have always been known for their powerful capabilities to collect information, distribute software and help control the configuration of an enterprise Microsoft Windows environment.  I have helped deploy SCCM to help IT departments comprehensively assess, deploy, and update servers, client computers, and devices-across physical, virtual, distributed, and mobile environments.

Two great examples of the benefits of SCCM deployment come from one of my recent implementations for “Company A”.

Example 1: We were testing the deployment of the SCCM client to workstations when the process unexpectedly failed.  While troubleshooting this failure we discovered the root cause was that the intrusion detection software Company A had installed on their workstations was five versions behind and the intrusion detection server was several revisions behind as well.  Newer releases of the intrusion detection product had been updated to accommodate SCCM, but the older version installed had blocked installation.  This discovery helped Company A’s IT leadership realize that their network, comprised of several thousand workstations, was not as secure as they had expected.  They were also able to achieve this valuable insight by simply going through the SCCM installation process.

Example 2:  At Company A, we now had the SCCM client installed and reporting on all workstations and servers.  The inventory information was collected and eventually a request came in from the CIO, wanting to know how many computers were running the version of anti-virus software that they owned and managed.  We generated the report and found out that only 25% of the total amount of workstations and servers had the anti-virus software installed.  When we brought this information to him, he told us that the SCCM report could not be correct and that there must be something wrong with the data.  This reminded me of the famous quote from the movie “A Few Good Men” that states, “You can’t handle the truth!” After showing him detailed inventory information for specific computers that were missing anti-virus that showed all other installed software we were able to demonstrate that the problem wasn’t SCCM—it was failed policy, procedure and configuration management.  Since the implementation of SCCM at Company A, they have leveraged SCCM to raise their antivirus levels to nearly 100% and implement Microsoft Updates for the first time in their environment.  Fortunately for them, the SCCM implementation came before they were caught off-guard by a major malware attack or other exploit of their former vulnerabilities.

For Company A, SCCM delivered enhanced insight into and control over their IT systems and is now a vital part of their day-to-day operations.

When an organization decides to implement a configuration management software like SCCM, or through the use of an appliance such as the Dell KACE Systems Management appliances, they must remember that the information collected along the way and afterwards may expose weaknesses, but these need to be viewed as important opportunities.  This is the exact reason why these software products and appliances are so important as they provide a level of insight into an enterprise computing environment that can be entirely overlooked through status quo approaches and processes.

Do you know the status of your enterprise computing environment?  Are you 100% sure of your software patch/update and anti-virus compliance levels?  Microsoft System Center Configuration Manager can help your organization improve insight, management, and security and reduce total cost of ownership.

Leave a Reply

%d bloggers like this: