SOLVED SCCM Asset Management

[Dineshyadav]

I have a quick question. Our company is planning to implement SCCM 2012 but one of our security team advising us to implement Nessus tool for vulnerability and patch assessment. I would like to know, can SCCM do nessus assessment job or do we really have to have nessus for vulnerability and patch assessment. If SCCM can do this job, we will not procure nessus. I would really appreciate you help on this regards.

 

[Prajwal Desai]

Nessus is the best tool for vulnerability and patch management. SCCM can do patch management better than Nessus but when it comes to finding and patching vulnerabilities, I think Nessus is better than SCCM. With SCCM you can create configuration baselines and evaluate the server against Microsoft recommended practices. Compliance is evaluated by defining a configuration baseline that contains the configuration items that you want to evaluate and settings and rules that describe the level of compliance you must have. To check what patches are missing or for vulnerability management use Nessus, for patch deployment and other tasks you can use SCCM.

 

[Dineshyadav]

That was very quick. Thanks again.