SCCM and vuln scanners

Hey - I am not overly familiar with System Center Configuration Manager and how it can be used to identify control issues with windows workstations/servers.

Historically our security/audit use MBSA / Nessus to scan such devices - can SCCM be used to run similair reports. Or perhaps put another way - what can MBSA / Nessus find that SCCM cant find? If anything?

Does SCCM replace the need to vulnerability scanners?
LVL 3
pma111Asked:
Who is Participating?
 
btanExec ConsultantCommented:
Below is related post but simply say that mbsa and sccm would be checking the same only on microsoft related patches and configuration baseline. Check out microsoft security compliance mgr that create or have existing security baseline references for gpo. I see nessus or vulnerability scanner differently as it need not be microsoft specific and it check for low hanging like open ports, services, vulnerability type of cve etc. gfi languard does a good check and remediate as well.

 http://social.technet.microsoft.com/Forums/en-US/configmgrgeneral/thread/2a67f5d8-8f41-48f7-99f3-2cbc4e34f786
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.