We are using SCCM to manage the virtual machine configuration. We had around 100 or 200 virtual machines and wireless, and we need to configure different settings on all of the virtual machines. We need to handle patching, updating, and installing security updates. We prefer to use System Center instead of other solutions like GFI LanGuard that are already installed in other environments.
Solution Architect at KIAN company
Flexible, great for patching on virtual machines, and pretty stable
Pros and Cons
- "It's helped us solve problems surrounding patching, installing, and reporting different patches, etc., on the virtual machines."
- "Based on my experience with SCCM 2016, the main, big issue is not having a good user-friendly environment. It needs much better GUI."
What is our primary use case?
How has it helped my organization?
Previous to SCCM, the entire process was completely manual.
What is most valuable?
The solution is very flexible and very handy. It has helped us move past the process of manually updating.
It's helped us solve problems surrounding patching, installing, and reporting different patches, etc., on the virtual machines.
What needs improvement?
Based on my experience with SCCM 2016, the main, big issue is not having a good user-friendly environment. It needs much better GUI.
We had some problems configuring Linux virtual machines. We needed to install agents. Microsoft should pay more attention to these Linux virtual machines in order to make implementation with them easier.
Buyer's Guide
Microsoft Configuration Manager
December 2024
Learn what your peers think about Microsoft Configuration Manager. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
For how long have I used the solution?
I've been working in the System Center on two projects for around two years.
What do I think about the stability of the solution?
The solution is extremely stable. We've only really had to restart the solution twice in the first year. It's very reliable.
What do I think about the scalability of the solution?
In terms of scalability, at that time I didn't need to scale the development. However, in the near future, it is possible. I don't have any idea of the timeline for our scaling the solution as I focus on VMware technology at this time.
Our company has around 60 users. However, we offer this solution to one of the enterprise customers that use it for bank data centers. They have around 3000 staff.
We are using the System Center to manage around 2000 virtual machines.
How are customer service and support?
In my country, due to sanctions, we cannot use direct support. We just use third-party partners in different countries. Generally, we support the System Center and all their products directly and don't need outside support.
Which solution did I use previously and why did I switch?
If a company migrates to a cloud environment, I prefer to use another solution. For example, in the Azure environment, I definitely use Intune instead of System Center. In other products, I use Jamf, which is a good product that is comparable with System Center in the cloud environment.
How was the initial setup?
In terms of the current initial setup, the new version is a little bit more complex as you need to design a great architecture for the enterprise environment when we use a lot of virtual machines. For example, when you have more than 1,000 virtual machines, there needs to be a high level of consideration for the design of different components of the System Center.
In terms of deployment, if you have a good design, the process may take about a week. You need, I would guess, one week for installing and preparing the environment. However, you need to relay different instructions in order to install it. In total, the process would take around one, or, at a maximum, two weeks.
Our team consists of five members; one senior and four support engineers. Their job is to configure and maintain the active directory environment and the SCCM platform.
What about the implementation team?
I implemented the solution myself. I took a month to study the solution, and, after that, I was able to handle the process personally. I took only two days in terms of how long it took me to install it.
What's my experience with pricing, setup cost, and licensing?
The solution is pretty expensive. A company really needs to consider their environment.
What other advice do I have?
We're just a customer. In the past, we used System Center version 2012, and after one year we upgraded to System Center 2016.
Out of all the products in the market, the best solution is System Center, especially for Microsoft virtual machines and all services that are related to Microsoft Technologies.
If you are evolving in the Microsoft environment, I prefer to use the System Center due to the fact that it includes different solutions like System Center Configuration Manager, System Center Operation Manager, System Center Virtual Backup. It's a full solution and provides different services. It has great integration with other Microsoft products.
I would recommend the solution to an engineer or administrator. And first, a new user will have to study different best practices and have a good overview of the architect of System Center and the functionality of the different components. After that, they would have to go in through the details about the Linux machines. The biggest problems we had at the time of implementation was related to Linux virtual machines, not Microsoft virtual machines. With the licensing and the price, it's a tricky point that the engineers should consider when they need to set up a license
Overall, I would rate the solution eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Solutions Architect with 1,001-5,000 employees
Enables us to set up schedules, according to security needs, to automate server and desktop patching
Pros and Cons
- "With the SCCM inventory, we found a lot of rogue applications. We were able to identify them, find out who was running them, and either put them on our application list or remove them."
- "It gives us the ability to set up schedules, according to what our security requirements are, to automate the patching of our servers and desktops."
- "What's valuable is the basic management of the systems, being able to control who can access the systems."
- "You can remote control or RDP. That has been the most valuable because we can go into one console and can get to anything we want. Instead of going to all these different consoles, we centralized everything."
- "There is a reboot issue with the patching. Sometimes, if patching runs into any issue whatsoever, it doesn't reboot but it doesn't tell you it errored out. It just sits there and we don't find out until the next day whether it patched or not. That was a big issue for us. We're working through that. They added some stuff in there now where you can actually tell reboot is pending. But we still need some kind of notification that if something fails or is pending, we know. We shouldn't have to go in and look. They don't have anything for that right now."
- "Their compliance reporting is not accurate, and they admitted it on the phone when we had a call with them. We were trying to understand why their numbers didn't match on our compliance reports. It is not accurate and you cannot depend on the compliance reports. The numbers just don't match, and we can't figure out why. We called Microsoft and they said, "Yeah, that's a known issue." But there is no word that they're working on it."
- "There's no way to say, "I want this maintenance window to be on the second Tuesday of the month." It's strict. This window is this and that's it. You can't fluctuate."
- "As far as load balancing across, they don't have that support yet, so that you can actually build multiple primaries and have it load balance across. They don't have any of that functionality yet. That would be a nice feature, to scale that way."
What is our primary use case?
Systems management, inventory, pushing out deployment, and patching. It has multiple purposes.
How has it helped my organization?
It helped our internal IT get ahold of all the applications that we are actually running out there. With the SCCM inventory, we found a lot of rogue applications. We were able to identify them, find out who was running them, and either put them on our application list or remove them.
One of our goals with the patching of systems was to automate it so we wouldn't have to manually push out patches anymore. It gave us the ability to set up schedules, set up all the groups and collections and, according to what our security requirements are, to automate the patching of our servers and desktops. Everybody knows now exactly what days it will happen and what is going to get patched, on a schedule. That was a huge culture shift.
What is most valuable?
What's valuable is the basic management of the systems, being able to control who can access the systems.
You can remote control or RDP. That has been the most valuable because we can go into one console and can get to anything we want. Instead of going to all these different consoles, we centralized everything. That's the big one that we really are enjoying, that we have a central console for everything.
What needs improvement?
We run into little stuff all the time. There is a reboot issue with the patching. Sometimes, if patching runs into any issue whatsoever, it doesn't reboot but it doesn't tell you it errored out. It just sits there and we don't find out until the next day whether it patched or not. That was a big issue for us. We're working through that. They added some stuff in there now where you can actually tell reboot is pending. At least that tells us which ones didn't reboot, but before that got put in the 2018 version, it was really tough because management wanted a report of what patched and what wasn't, we couldn't give it to them.
We went into the feedback site and added our feedback and voted on it. The reboot pending was a big step forward, but we still need some kind of notification that if something fails or is pending, we know. We shouldn't have to go in and look. They don't have anything for that right now.
I would also love to be able to patch Linux servers. I would love that ability to be on one console and patch my environment. I know they're doing it with the Azure piece right. I saw that at Ignite last year, where they're looking to almost have SCCM as part of the cloud, and they will supposedly let you patch your Linux boxes from the cloud. Being a law firm, that is not going to happen for us. We are not cloud-friendly.
Finally, their compliance reporting is not accurate, and they admitted it on the phone when we had a call with them. We were trying to understand why their numbers didn't match on our compliance reports. Our security really liked the idea of being able to get compliance reports themselves, on patching etc. However, it is not accurate and you cannot depend on the compliance reports. The numbers just don't match, and we can't figure out why. We called Microsoft and they said, "Yeah, that's a known issue." But there is no word that they're working on it or anything like that. That's all they said, "It's a known issue."
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
We've had no stability problems at all. Things have been running great for a year, we haven't had any real issues with the system itself. We've had to tweak some things like everybody does, some registry keys here and there, but there has not been a stability problem at all.
What do I think about the scalability of the solution?
It scales, but it gets expensive. If you're looking to do - and this is something I hear they're changing in one of the future versions - built-in HA, high-availability, right now you have to use Microsoft clustering. So you have to buy Microsoft clustering to make it highly available.
As far as load balancing across, they don't have that support yet, so that you can actually build multiple primaries and have it load balance across. They don't have any of that functionality yet. That would be a nice feature, to scale that way. The way they have designed SCCM is to put the load in the offices. You put secondary sites out there where you put DPs on the sites and they pull from the local site, not from across the LAN. That helps with the load, it doesn't really hit the primary server.
How are customer service and technical support?
We had to escalate our issue because you always get that person at first-level support who reads off a script. Then, after a couple hours, you say, "Escalate this." Once we got to the second person, we were able to figure our issues out. I would rate tech support at seven out of 10, based on our experience.
Which solution did I use previously and why did I switch?
We used ZENworks for years. I used to work for Novell, so I was biased toward it too. We switched because we weren't sure where they were going. With Novell going away, Micro Focus taking over, and somebody taking over the whole umbrella corporation, we had no idea. They couldn't give us a real roadmap out for a long period of time. We were a little worried about being on a product that might not be around in five years.
We had no problems with ZENworks. It was fine, we loved it, but we were worried about the future.
How was the initial setup?
I did a lot of research before I set it up. I watched a lot of YouTube videos, talked to Microsoft, demos, etc. I did enough homework so that when we set it up it was pretty simple. You just have to understand the SCCM infrastructure and how it works. If you don't understand that it might be confusing when you first install it. You have to understand your primary site, your secondary site, your distribution points and how they work, so you know how to set it up correctly.
After that, installing it was easy. Just understanding what connects to what. What has to go first, what has to go second, what services you need installed and set up, and how to set them up. Once you do your research on that it is pretty simple. But if you go in blind, I can see how it could be rather difficult.
What's my experience with pricing, setup cost, and licensing?
Pricing and licensing are a downside of SCCM. It's expensive. I'd have to confirm this, but I think they changed the licensing to core-based instead of socket-based. It's not cheap, because you have to buy the software, you have to buy SQL. Another thing we learned from talking to Microsoft is that they provide you a license for SQL if you run it on the same box as the primary server. If you run it outside that box, you have to buy SQL. Microsoft does recommend you running it on the same box because of performance. But then, in order to run SQL, SCCM, and everything on the same box, you better have some resources.
It's an expensive solution. There's no doubt about it.
Which other solutions did I evaluate?
We looked at some small-time vendors, third-party stuff. No major names. There was one that we looked at that was really small and it actually seemed pretty powerful. It was called PDQ. But it turned out to be more for small business than enterprise-ready.
The only enterprise solutions we came across were SCCM, ZENworks, and BigFix from IBM. Even though BigFix did Linux, it did everything, the price point was really expensive. It was something that wasn't even in our ballpark, and they didn't seem to want to deal with us.
We were already on ZENworks and we knew how it worked. We knew everything about it, but again, we didn't know its future. When it came down to having discussions with our team, myself, and other architects, we decided the more we keep with a single solution - we are mainly a Microsoft shop, Windows on the desktop, and mostly Microsoft servers - the more we keep the stack together. That's why we went with SCCM.
What other advice do I have?
Do your homework. Understand the basics of it, how it works between services. When you go to install it's going to ask you specific questions, and you might not know what the question is unless you did your homework ahead of time.
Microsoft offers architectural sessions. Right before we installed it, we went to Microsoft and they sat down with us and did a session with us to understand how to architect it, how do design it. I would definitely advise doing that. I don't know who they offer it to, but that was very helpful. We met with their architects at Microsoft and they helped us understand how to architect it.
I give SCCM an eight out of 10. It's powerful. It's not a 10 because it has little bugs here and there. It has little issues that are annoying. For example, you may want to do something on a maintenance window. There's no way to say, "I want this maintenance window to be on the second Tuesday of the month." It's strict. This window is this and that's it. You can't fluctuate. There are little intricacies that are a little annoying. Sometimes we find the flexibility is not there in certain circumstances.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Microsoft Configuration Manager
December 2024
Learn what your peers think about Microsoft Configuration Manager. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Head of Department for IT Services at a government with 201-500 employees
Streamlines migration of existing desktop computers and user profiles to new machines
Pros and Cons
- "There have to be made some improvement in WSUS and control in other non-Microsoft products updates."
- "I would like to see some improvements in WSUS and control of other, non-Microsoft, product updates."
What is our primary use case?
Our Windows environment has about 100 servers, Windows 2012/2016, and more than 500 desktop and laptop computers with Windows 7/10.
We use SCCM 2012 mainly for installing and deployment of images for new operating systems on end-user computers, for application management, distribution of new applications, software and hardware inventory, remote assistance, application virtualization and, of course, for software updates on servers and workstations.
How has it helped my organization?
It has improved distribution and the migration of existing desktop computers and user profiles to new machines.
What is most valuable?
Excellent reports for compliance, status of updates, and software metering.
What needs improvement?
I would like to see some improvements in WSUS and control of other, non-Microsoft, product updates.
For how long have I used the solution?
Three to five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Cloud Solution Architect at a tech services company with 1,001-5,000 employees
A very stable and robust solution for ICCM environments
Pros and Cons
- "The solution effectively handles inventory management, deployment, and reporting."
- "The solution does not support remote devices so the CMG is still required."
What is our primary use case?
I use the solution to manage security and policies.
What is most valuable?
The solution effectively handles inventory management, deployment, and reporting.
What needs improvement?
The solution does not support remote devices so CMG is still required.
For how long have I used the solution?
I have been using the solution for six years.
What do I think about the stability of the solution?
The solution is very stable.
What do I think about the scalability of the solution?
The solution is for ICCM so does not scale like a cloud application. It is intended for security, management, or device teams and not end users.
Scaling is always available with a monetary investment.
How are customer service and support?
Technical support is pretty good.
How was the initial setup?
The complexity of setup depends many factors such as the number of sites or distribution points and whether they will be centrally administered. Proper planning and execution are important.
Deployments of an ICCM server can take up to four weeks.
What's my experience with pricing, setup cost, and licensing?
The solution operates on a licensing model that can be expensive.
Pricing is reasonable for small companies but large companies or enterprise environments require multiple licenses.
What other advice do I have?
The solution is very stable and robust with a longstanding reputation. It works well with Windows devices and offers good management for ICCM.
The cloud-based platform is a good option for managing only Android or iOS devices.
I rate the solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner AND Reseller
Infrastructure, Technical Computing Applications at EQF Solutions
Stable and works well for large environments
Pros and Cons
- "We're a Microsoft-centric organization, so we are happy with the integration between products."
- "There is no asset management package included."
What is our primary use case?
The primary use case for SCCM is for managing workstations.
All of the software that runs on our workstations is packaged and distributed and managed. Along with that, some of our security software is managed a little bit differently, but is accounted for in that way.
We also use it for keeping track of our patches.
What is most valuable?
We're a Microsoft-centric organization, so we are happy with the integration between products.
The interface, customization, and security are all pretty good.
What needs improvement?
There is no asset management package included. You have to buy that separately so we need to use another system to manage that. This is one of the biggest things that makes SCCM not as competitive as some other systems. If they had this functionality then their help desk software would be much better and much more useful.
It is a little bit fat on the client-side, in terms of the stuff it leaves in place after the management is complete. It would be nice if they could pay attention to that, although we have a separate way of dealing with it.
For how long have I used the solution?
I have been involved with using SCCM in four or five different places for a total of close to 15 years.
What do I think about the stability of the solution?
SCCM has no issue with stability.
What do I think about the scalability of the solution?
This is a scalable product. The biggest group that I have been involved with was maybe 15,000 people. Typically, the sizes are in the 1,000-person area and it's not the type of product that you put together and configure for an office.
How are customer service and technical support?
Their SCCM support is slightly better than their general support. Their general support, Microsoft is tiered so you have to fight your way through the tiers to get to the real people. There's no way around that, but that's just the way they are. I understand that because they're such a big company
How was the initial setup?
I have not done the initial setup alone, and I wouldn't recommend doing it for anybody who didn't know what they were doing, or that hadn't done it before, because you have to go through a certain learning process.
I have seen that a base installation complete can be done in three days, and I have also seen an environment with 1,000 workstations deployed in two weeks.
What about the implementation team?
I have always worked with somebody who is well-versed in the solution to assist with deployment. I rely on a Microsoft MVP-level person to get the install done properly for me.
One person is enough for maintenance.
What's my experience with pricing, setup cost, and licensing?
Pricing is negotiable with Microsoft, depending upon which of their packages you choose. They're changing their packages, and I don't know how they're changing them yet. It's been a few years since I have worked in that capacity.
Which other solutions did I evaluate?
We continually look at and evaluate everything.
Microsoft has Intune, as well. However, Intune is a choice if you're in a smaller-scale situation. Typically, I don't get called into things unless it is large, where I interact with clients on technical computing and solving network problems that are related to workstation issues. For these types of larger things, SCCM is a logical choice.
I haven't been in a Unix environment beyond having to do database-engine-related work.
What other advice do I have?
My advice for anybody looking into implementing SCCM is that it has to be on a larger scale, and you have to be committed to Microsoft.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Works at Toyota Boshoku America
Helps us with deploying operating systems and applications in our organization
Pros and Cons
- "This has made the management of our environment easier."
- "Not everything is readily available, and there are a lot of commands that are only executable via PowerShell."
What is our primary use case?
We use this solution for implementing System CenterConfigMgr in our organization, and for standardization.
How has it helped my organization?
This has made the management of our environment easier.
What is most valuable?
The most valuable features of this solution are the OSD and application deployments, and it also automates updates.
What needs improvement?
Not everything is readily available, and there are a lot of commands that are only executable via PowerShell. In this regard, the user interface could be improved.
This is linked to how Microsoft designs the products: They release a product and a visual interface, but also provide PowerShell commandlets. This usually is in ratio of 30/70 (UI / PowerShell actions).
For how long have I used the solution?
Four years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
System Specialist at Tech Mahindra Limited
Integrates well, reliable, and simple setup
Pros and Cons
- "The most valuable feature of Microsoft Endpoint Configuration Manager is the software deployment. Additionally, Microsoft integrates most of the other solutions well with one another."
- "The availability of technical support could improve."
What is our primary use case?
I am using Microsoft Endpoint Configuration Manager for software distribution and patch management.
What is most valuable?
The most valuable feature of Microsoft Endpoint Configuration Manager is the software deployment. Additionally, Microsoft integrates most of the other solutions well with one another.
What needs improvement?
The support could improve.
For how long have I used the solution?
I have used Microsoft Endpoint Configuration Manager for approximately five years.
What do I think about the scalability of the solution?
We are utilizing the solution on a regular basis.
I rate the scalability of Microsoft Endpoint Configuration Manager
How are customer service and support?
The availability of technical support could improve.
I rate the support from Microsoft Endpoint Configuration Manager as seven out of ten.
How would you rate customer service and support?
Neutral
How was the initial setup?
I rate the initial setup of Microsoft Endpoint Configuration Manager an eight out of ten.
What's my experience with pricing, setup cost, and licensing?
I rate the price of Microsoft Endpoint Configuration Manager an eight out of ten.
What other advice do I have?
I rate Microsoft Endpoint Configuration Manager an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Technology Support Analyst at a energy/utilities company with 501-1,000 employees
Highly scalable, impressive support, and reliable
Pros and Cons
- "The solution is highly scalable."
- "The solution could improve the functionality for automating, license management. Additionally, more and better-looking reports are needed."
What is our primary use case?
Microsoft is working on migrating the function of Microsoft Endpoint Configuration Manager to the cloud. Every week and every month there is something new that's happening to move to the cloud.
Microsoft Endpoint Configuration Manager is used for installing new workstations without the interaction of people, it does the deploying of workstations automatically. Autopilot is used for automatic deployment installations of workstations without IT support. We only have packages at home and we do not need a VPN to configure workstations from home.
The patching of inventory to patching of Windows and applications, such as Office, inventory of wiping security, deploying new software, reinstalling software, uninstalling software, and wiping the device. This is insecurity from Active Directory services, some functionality we are moving to a group policy. By having less IT support you can handle more workstations.
What needs improvement?
The solution could improve the functionality for automating, license management. Additionally, more and better-looking reports are needed.
For how long have I used the solution?
I have used Microsoft Endpoint Configuration Manager within the last 12 months.
What do I think about the stability of the solution?
Microsoft Endpoint Configuration Manager is a stable solution. We do not have a lack of production in my orgaization.
What do I think about the scalability of the solution?
The solution is highly scalable.
We have two IT engineers using the solution.
How are customer service and support?
Microsoft has high-level support, I only have good words to say about them.
Which solution did I use previously and why did I switch?
I have used Zabbix previously. I was using Zabbix, its free tool. It's not for somebody who does not have knowledge of Linux. Zabbix is not for a regular Microsoft user to use.
How was the initial setup?
The installation requires a lot of knowledge and experience. The whole process took us three months.
What's my experience with pricing, setup cost, and licensing?
The license price could be reduced for Microsoft Endpoint Configuration Manager They should make the price more affordable for smaller companies, most companies would be able to use the solution if it was priced better. There are more people on this cloud because you don't have to have either a server room or an on-premise server. You can have one IT person handle this without any local infrastructure.
You receive a license for Microsoft Endpoint Configuration Manager when you buy an EMS E3 license.
What other advice do I have?
I would recommend this solution to others.
I rate Microsoft Endpoint Configuration Manager a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Microsoft Configuration Manager Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Popular Comparisons
SolarWinds Server and Application Monitor
ScienceLogic
Oracle Enterprise Manager
ServiceNow Discovery
IBM SevOne Network Performance Management (NPM)
HPE System Management Homepage
NiCE Management Packs for SCOM
Kaseya IT Center
Buyer's Guide
Download our free Microsoft Configuration Manager Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Do you think there is a minimum critical threshold that justifies the deployment of the System Center suite?
- Tanium vs SCCM
- SCCM vs BigFix: what are pros and cons?
- How to choose between ManageEngine Desktop Central and Microsoft Endpoint Configuration Manager (formerly SCCM)?
- SCCM vs. vCenter Configuration Manager
- How does Ansible compare to Microsoft Endpoint Configuration Manager (SCCM)?
- What are the weaknesses of SCCM and how can they be improved by a user?
- When evaluating Server Monitoring, what aspect do you think is the most important to look for?
- Which Windows event log monitoring tool do you recommend?
- How do the various System Monitoring solutions compare?
SQL standard license is included whether it’s colo’d or remote as long as it is only used for ConfigMgr. docs.microsoft.com