SCCM 2012 and some of its new features

SCCM 2012 and some of its new features

Microsoft System Center Configuration Manager 2012 (SCCM 2012)  enables administrators to manage the deployment and security of devices and applications across an enterprise irrespective of geographical location. 

System Center Configuration Manager 2012 discovers servers, desktops, tablets, and mobile devices connected to a network through Active Directory and installs client software on each node. It manages application deployments and updates on a device or group basis, allowing for automated patching via Windows Server Update Services and policy enforcement via Network Access Protection. System Center Endpoint Protection Manager 2012, formerly known as Forefront Endpoint Protection, is built into System Center Configuration Manager to ensure security of data stored on those devices.

SCCM 2012 Configuration Manager lets you perform tasks such as the following:

• Deploy operating systems, software applications, and software updates.
• Monitor and remediate computers for compliance settings.
• Monitor hardware and software inventory.
• Remotely administer computers.

System Center 2012 Configuration Manager collects information in a Microsoft SQL Server database, which allows you to run queries and produce reports to consolidate information throughout the organization. You can use Configuration Manager to manage a wide range of Microsoft operating systems, including client platforms, server platforms, and mobile devices.

Several key features of System Center Configuration Manager 2012 help administrators address the bring-your-own-device (BYOD) trend in the enterprise, including user-centric management. End users can search for applications via a self-service Software Center and define the times when installations and upgrades take place. IT shops can install applications in different ways on different devices – for example, as a native application on a primary device and as a Remote Desktop Services app or App-V program on a tablet.  SCCM 2012 also includes role-based access control, which enhances system security by only showing end users the interface elements that apply to their specific roles. 

Top five features in System Center Configuration Manager 2012

1.       User-centric management

One of the biggest change in SCCM 2012 is User Centric Management. This theme is carried forward throughout the product. Software distributions can now be targeted at users rather than to devices. Previously when targeting a software distribution, SCCM was limited  to collections based on systems but now software distributions can be directed at specific users or groups of users.  Additionally, users can define a primary device (or you can set up rules to determine a primary device) and have a different software policy for primary and non-primary devices. Consider the scenario where a manager logs onto a subordinates workstation temporarily, if the system is not designated as his primary device, any applications specifically targeted at managers primary devices, will not be available to him on that system.

2.        Configuration settings remediation

Desired Configuration Monitoring has been available since SMS 2003 and was renamed to Desired Configuration Management and enhanced in SCCM 2007. The ability to report and alert on compliance has been useful in monitoring and managing configuration drift. SCCM 2012 takes the concept of managing configuration drift to the next level. First of all, the feature is now called Configuration Settings and can be applied to desktops, servers, mobile devices and users (see point one above). My favourite new functionality is the ability to remediate WMI, registry, and script settings that are not compliant. Automated remediation can drastically reduce the time that a non-compliant configuration stays out of compliance.

3.        Collection-based configuration settings

In SMS and SCCM 2007 client configuration settings are designated at a site level. If different client agent settings are required for different devices then a separate site is required. Consider an environment where developers machines would have minimal agents (inventory only perhaps), or where servers have different requirements. In SCCM 2012, client settings can be customized and targeted at specific collections within the same site. This will reduce the complexity of many site hierarchies.

4.        Dependency-based software distribution

In SMS and SCCM 2007, software distributions are targeted at collections of devices. Typically, an administrator would create a collection that meets the pre-requisites for the application being deployed using a query and then associate the package to the collection with a n advertisement. This worked fine when the paradigm was device centric as long as the collection was built correctly. With user centric software distribution, it can be difficult to determine which device a particular software distribution will ultimately be targeted at.

In SCCM 2012 Requirement Rules and/or Global Conditions are used to specify preconditions for a deployment such as: available hardware (e.g., memory, available hard disk space, etc.), software pre-requisites (e.g., Office must be installed as a prerequisite for Office SP1), user affinity (Is this the user's primary device?). This is a much more elegant approach to application management, especially when coupled with the new concept of Deployment Types.  An application can have multiple deployment types (such as an upgrade, uninstall, virtual app, local install, mobile device version) and the deployment type can be triggered based on the Requirement Rules or Global Conditions.

5.        Software Center and Application Catalog

Keeping with the user-centric theme, the Software Center and Application Catalog is essentially an application that allows users to set some configurable settings as well as request  and install available applications. This "App Store" model can minimize some of the challenges associated with managing devices and applications for mobile technology-savvy users that are used to fending for themselves.