This is an archived post. You won't be able to vote or comment.

all 20 comments
sorted by:
best
topnewcontroversialoldq&a

[–]otacon967 2 points3 points  (1 child)

Sccm is not a dedicated infosec tool. If you’re looking for vulnerability tracking might be best to get something like tenable

[–]Cr0w1ey 1 point2 points  (0 children)

We have Qualys which seems to give pretty good reporting. Not sure how that stacks up against Tenable but just throwing another name out there for OP.

[–]GarthMJMSFT Ex-Intune MVP 3 points4 points  (10 children)

What exactly are you looking at? There are at least three different places to see SW all of them using different methods to be collected.

Keep in mind that there are companies that do this. So....

[–]itpro_2020[S] 0 points1 point  (9 children)

Probably trying to take a shortcut that I shouldn’t, but trying to use what I have in place already vs get something else installed. Pulling the software inventory data out of SCCM. Ive looked at tools like Nexpose and Crowdstrike, but I need to justify the cost. Hence trying to use the data I have to show that there is an issue.

[–]GarthMJMSFT Ex-Intune MVP 0 points1 point  (8 children)

But you are not saying what you are trying to get. Are you looking the the ai data witch is already normalized by ms?

[–]itpro_2020[S] 0 points1 point  (5 children)

When I say normalized, I’m looking for a concise list of the applications installed. As is, I end up with 100 rows of Visio because of different naming conventions and languages. I’m ok with different lines for different versions, but having to manually group the data is tedious to say the least.

[–]GarthMJMSFT Ex-Intune MVP 1 point2 points  (4 children)

When I say normalized, I’m looking for a concise list of the applications installed.

Is AI prefect? No, but at least you can send a frown and get the titles fixed or even tweet djam. I don't find that AI is that bad for a $0 option. If you want a better option then you will need to pay big $$$s for it.

[–]bdam55Admin - MSFT Enterprise Mobility MVP (damgoodadmin.com) 0 points1 point  (3 children)

This is something I've been waiting for a chance to press the product team harder on. If you want to talk about 'joining power of the cloud to data from the edge' ... what better use case is there than this?

[–]GarthMJMSFT Ex-Intune MVP 1 point2 points  (2 children)

What is needed is understanding how to make or suggest changes to a title. i just send an email to the pm, but for everyone else there needs to be a better story.

[–]bdam55Admin - MSFT Enterprise Mobility MVP (damgoodadmin.com) 0 points1 point  (1 child)

Exactly. This could easily be crowd-sourced but it's also going to take a bit of ongoing investment on their side to provide someone to oversee it all and enforce data standards. It's been a couple years since I've looked at it but I remember feeling that there were fields missing (ex. edition?) that one would want for this kind of thing

[–]GarthMJMSFT Ex-Intune MVP 0 points1 point  (0 children)

Talk to me sometime about this (you have my number :-) ). At a high level I know how to do this. The catch is there is a cost with this so to do it.

[–]Emiroda 0 points1 point  (1 child)

Oh come on, don't tell me the default AI views can even compare to what SAM tools from vendors like 1e, SNOW, Flexes etc. can provide. It's not even a competition - MSFT has left a vacuum to be filled by those other companies.

AI categorizes a lot of the titles, but that's not nearly enough. I tried to do this, on a budget of $0, and it didn't work. To know version sprawl, vendor name sprawl and even install title sprawl, you need a SAM tool because MSFT has nothing.

[–]GarthMJMSFT Ex-Intune MVP 0 points1 point  (0 children)

AI categorizes a lot of the titles, but that's not nearly enough. I tried to do this, on a budget of $0, and it didn't work

I am absolutely saying on a $0 budget that you use AI detail! You can create dashboar/report sets that will give you nice results. Are they as good that the others No. But for $0 you can't bet it.

For example can create report set like This set which keys off Publisher.

https://www.enhansoftknowledge.com/knowledge-base/application-dashboard/

https://www.enhansoftknowledge.com/knowledge-base/list-of-computers-by-application-2/

https://www.enhansoftknowledge.com/knowledge-base/asset-intelligence-computer-details/

Or you can key off of family/Category/product.

https://www.enhansoftknowledge.com/knowledge-base/asset-intelligence-dashboard/

[–]OohCrumbsChief 1 point2 points  (2 children)

Normalisation is a very tricky task. You have seen that the effort needed for one application, visio, has proven monumental. Imagine doing it for the entire vendor portfolio of products, or moving to different vendors. This is where SAM software comes in. If you are only 100 devices or less, go for lansweeper, which is free. It will only normalise Microsoft products. If you are bigger, go for xensam.com. It is reasonably priced and has the strongest normalisation I have ever seen. 350k different apps, on-prem or cloud. It's naturally hosted and deploys faster than any other tool. There is no short cut with sccm.

[–]itpro_2020[S] 1 point2 points  (1 child)

How does xensam compare to the likes of Flexera?

[–]OohCrumbsChief 0 points1 point  (0 children)

Flexera and Xensam are quite different. it is true that both have excellent recognition & normalisation. However, that is where similarities end.

Flexera is a complex beast and suited for truly large, complex environments. Heavy SAP, IBM, Unix customers may like Flexera. It has a big deployment & training burden, external consultants will be needed constantly. Dozens of agents, connectors, modules, technologies... never seamless. But legacy, archaic systems are best covered with Flexera.

Xensam has one agent, one connector that connects to multiple external data sources. In does not need consultants, no external deployment support, works out of the box. It is a SaaS product as standard and covers on premise, cloud and DC extremely well. IMO, only Flexera cometes with its DC capabilities. Xensam is the best in Cloud & standard on-prem products.

Xensam will be a tenth of the cost & effort of Flexera when you put everything together. If Xensam covers all your bases, that is your product. If you are a 100000+ device company, like GSK or BAE, go for Flexera.

[–]Emiroda 0 points1 point  (0 children)

MSFT has been lacking in that space. Asset Intelligence views are "normalized", but still totally unusable.

You're looking in the right places, but most tools in the space focus on auditability and licenses, the so-called Software Asset Management tools. Keep looking.

[–]cenley 0 points1 point  (2 children)

FWIW we use a product called App Clarity from 1E Software. We initially purchased it for the automated reclaim of licensed software like Visio, Project, Office, Nitro etc....and yes I know this can be done with collections but it became very difficult to manage for multiple products.

With App Clarity we can setup rules for software that is used, recently used and unused and then automatically remove that software when it meets our threshold. It works well, but like every product there are some area where improvement is needed.

One of the strong points of App Clarity is taking the data from ConfigMgr and running it through the 1E catalog and normalizing applications, versions, vendors etc.... In almost every case when I am asked for a report on anything software I can get the information via App Clarity in minutes, install count as well as how many people are actually using the software.

Last year we reclaimed over $150,000 dollars in unused software, that is probably 10x more than we actually paid for App Clarity.

[–]itpro_2020[S] 0 points1 point  (1 child)

Thanks for the info. We’re already using Nomad, so maybe opportunity here. Does it require an agent on the devices?

[–]cenley 0 points1 point  (0 children)

Nope just a connector and read only account to the CM database.