Microsoft Configuration Manager Reviews

We are using SCCM to manage the virtual machine configuration. We had around 100 or 200 virtual machines and wireless, and we need to configure different settings on all of the virtual machines. We need to handle patching, updating, and installing security updates. We prefer to use System Center instead of other solutions like GFI LanGuard that are already installed in other environments.

Previous to SCCM, the entire process was completely manual.

The solution is very flexible and very handy. It has helped us move past the process of manually updating.

It's helped us solve problems surrounding patching, installing, and reporting different patches, etc., on the virtual machines.

Based on my experience with SCCM 2016, the main, big issue is not having a good user-friendly environment. It needs much better GUI. 

We had some problems configuring Linux virtual machines. We needed to install agents. Microsoft should pay more attention to these Linux virtual machines in order to make implementation with them easier.

I've been working in the System Center on two projects for around two years. 

The solution is extremely stable. We've only really had to restart the solution twice in the first year. It's very reliable.

In terms of scalability, at that time I didn't need to scale the development. However, in the near future, it is possible. I don't have any idea of the timeline for our scaling the solution as I focus on VMware technology at this time.

Our company has around 60 users. However, we offer this solution to one of the enterprise customers that use it for bank data centers. They have around 3000 staff.

We are using the System Center to manage around 2000 virtual machines.

In my country, due to sanctions, we cannot use direct support. We just use third-party partners in different countries. Generally, we support the System Center and all their products directly and don't need outside support.

If a company migrates to a cloud environment, I prefer to use another solution. For example, in the Azure environment, I definitely use Intune instead of System Center. In other products, I use Jamf, which is a good product that is comparable with System Center in the cloud environment. 

In terms of the current initial setup, the new version is a little bit more complex as you need to design a great architecture for the enterprise environment when we use a lot of virtual machines. For example, when you have more than 1,000 virtual machines, there needs to be a high level of consideration for the design of different components of the System Center.

In terms of deployment, if you have a good design, the process may take about a week. You need, I would guess, one week for installing and preparing the environment. However, you need to relay different instructions in order to install it. In total, the process would take around one, or, at a maximum, two weeks.

Our team consists of five members; one senior and four support engineers. Their job is to configure and maintain the active directory environment and the SCCM platform.

I implemented the solution myself. I took a month to study the solution, and, after that, I was able to handle the process personally. I took only two days in terms of how long it took me to install it.

The solution is pretty expensive. A company really needs to consider their environment.

We're just a customer. In the past, we used System Center version 2012, and after one year we upgraded to System Center 2016.

Out of all the products in the market, the best solution is System Center, especially for Microsoft virtual machines and all services that are related to Microsoft Technologies.

If you are evolving in the Microsoft environment, I prefer to use the System Center due to the fact that it includes different solutions like System Center Configuration Manager, System Center Operation Manager, System Center Virtual Backup. It's a full solution and provides different services. It has great integration with other Microsoft products. 

I would recommend the solution to an engineer or administrator. And first, a new user will have to study different best practices and have a good overview of the architect of System Center and the functionality of the different components. After that, they would have to go in through the details about the Linux machines. The biggest problems we had at the time of implementation was related to Linux virtual machines, not Microsoft virtual machines. With the licensing and the price, it's a tricky point that the engineers should consider when they need to set up a license

Overall, I would rate the solution eight out of ten.

Systems management, inventory, pushing out deployment, and patching. It has multiple purposes.

It helped our internal IT get ahold of all the applications that we are actually running out there. With the SCCM inventory, we found a lot of rogue applications. We were able to identify them, find out who was running them, and either put them on our application list or remove them.

One of our goals with the patching of systems was to automate it so we wouldn't have to manually push out patches anymore. It gave us the ability to set up schedules, set up all the groups and collections and, according to what our security requirements are, to automate the patching of our servers and desktops. Everybody knows now exactly what days it will happen and what is going to get patched, on a schedule. That was a huge culture shift.

What's valuable is the basic management of the systems, being able to control who can access the systems.

You can remote control or RDP. That has been the most valuable because we can go into one console and can get to anything we want. Instead of going to all these different consoles, we centralized everything. That's the big one that we really are enjoying, that we have a central console for everything.

We run into little stuff all the time. There is a reboot issue with the patching. Sometimes, if patching runs into any issue whatsoever, it doesn't reboot but it doesn't tell you it errored out. It just sits there and we don't find out until the next day whether it patched or not. That was a big issue for us. We're working through that. They added some stuff in there now where you can actually tell reboot is pending. At least that tells us which ones didn't reboot, but before that got put in the 2018 version, it was really tough because management wanted a report of what patched and what wasn't, we couldn't give it to them.

We went into the feedback site and added our feedback and voted on it. The reboot pending was a big step forward, but we still need some kind of notification that if something fails or is pending, we know. We shouldn't have to go in and look. They don't have anything for that right now.

I would also love to be able to patch Linux servers. I would love that ability to be on one console and patch my environment. I know they're doing it with the Azure piece right. I saw that at Ignite last year, where they're looking to almost have SCCM as part of the cloud, and they will supposedly let you patch your Linux boxes from the cloud. Being a law firm, that is not going to happen for us. We are not cloud-friendly.

Finally, their compliance reporting is not accurate, and they admitted it on the phone when we had a call with them. We were trying to understand why their numbers didn't match on our compliance reports. Our security really liked the idea of being able to get compliance reports themselves, on patching etc. However, it is not accurate and you cannot depend on the compliance reports. The numbers just don't match, and we can't figure out why. We called Microsoft and they said, "Yeah, that's a known issue." But there is no word that they're working on it or anything like that. That's all they said, "It's a known issue."

We've had no stability problems at all. Things have been running great for a year, we haven't had any real issues with the system itself. We've had to tweak some things like everybody does, some registry keys here and there, but there has not been a stability problem at all.

It scales, but it gets expensive. If you're looking to do - and this is something I hear they're changing in one of the future versions - built-in HA, high-availability, right now you have to use Microsoft clustering. So you have to buy Microsoft clustering to make it highly available. 

As far as load balancing across, they don't have that support yet, so that you can actually build multiple primaries and have it load balance across. They don't have any of that functionality yet. That would be a nice feature, to scale that way. The way they have designed SCCM is to put the load in the offices. You put secondary sites out there where you put DPs on the sites and they pull from the local site, not from across the LAN. That helps with the load, it doesn't really hit the primary server.

We had to escalate our issue because you always get that person at first-level support who reads off a script. Then, after a couple hours, you say, "Escalate this." Once we got to the second person, we were able to figure our issues out. I would rate tech support at seven out of 10, based on our experience.

We used ZENworks for years. I used to work for Novell, so I was biased toward it too. We switched because we weren't sure where they were going. With Novell going away, Micro Focus taking over, and somebody taking over the whole umbrella corporation, we had no idea. They couldn't give us a real roadmap out for a long period of time. We were a little worried about being on a product that might not be around in five years.

We had no problems with ZENworks. It was fine, we loved it, but we were worried about the future.

I did a lot of research before I set it up. I watched a lot of YouTube videos, talked to Microsoft, demos, etc. I did enough homework so that when we set it up it was pretty simple. You just have to understand the SCCM infrastructure and how it works. If you don't understand that it might be confusing when you first install it. You have to understand your primary site, your secondary site, your distribution points and how they work, so you know how to set it up correctly.

After that, installing it was easy. Just understanding what connects to what. What has to go first, what has to go second, what services you need installed and set up, and how to set them up. Once you do your research on that it is pretty simple. But if you go in blind, I can see how it could be rather difficult.

Pricing and licensing are a downside of SCCM. It's expensive. I'd have to confirm this, but I think they changed the licensing to core-based instead of socket-based. It's not cheap, because you have to buy the software, you have to buy SQL. Another thing we learned from talking to Microsoft is that they provide you a license for SQL if you run it on the same box as the primary server. If you run it outside that box, you have to buy SQL. Microsoft does recommend you running it on the same box because of performance. But then, in order to run SQL, SCCM, and everything on the same box, you better have some resources.

It's an expensive solution. There's no doubt about it.

We looked at some small-time vendors, third-party stuff. No major names. There was one that we looked at that was really small and it actually seemed pretty powerful. It was called PDQ. But it turned out to be more for small business than enterprise-ready. 

The only enterprise solutions we came across were SCCM, ZENworks, and BigFix from IBM. Even though BigFix did Linux, it did everything, the price point was really expensive. It was something that wasn't even in our ballpark, and they didn't seem to want to deal with us.

We were already on ZENworks and we knew how it worked. We knew everything about it, but again, we didn't know its future. When it came down to having discussions with our team, myself, and other architects, we decided the more we keep with a single solution - we are mainly a Microsoft shop, Windows on the desktop, and mostly Microsoft servers - the more we keep the stack together. That's why we went with SCCM.

Do your homework. Understand the basics of it, how it works between services. When you go to install it's going to ask you specific questions, and you might not know what the question is unless you did your homework ahead of time.

Microsoft offers architectural sessions. Right before we installed it, we went to Microsoft and they sat down with us and did a session with us to understand how to architect it, how do design it. I would definitely advise doing that. I don't know who they offer it to, but that was very helpful. We met with their architects at Microsoft and they helped us understand how to architect it.

I give SCCM an eight out of 10. It's powerful. It's not a 10 because it has little bugs here and there. It has little issues that are annoying. For example, you may want to do something on a maintenance window. There's no way to say, "I want this maintenance window to be on the second Tuesday of the month." It's strict. This window is this and that's it. You can't fluctuate. There are little intricacies that are a little annoying. Sometimes we find the flexibility is not there in certain circumstances.

Our Windows environment has about 100 servers, Windows 2012/2016, and more than 500 desktop and laptop computers with Windows 7/10.

We use SCCM 2012 mainly for installing and deployment of images for new operating systems on end-user computers, for application management, distribution of new applications, software and hardware inventory, remote assistance, application virtualization and, of course, for software updates on servers and workstations.

It has improved distribution and the migration of existing desktop computers and user profiles to new machines.

Excellent reports for compliance, status of updates, and software metering.

I would like to see some improvements in WSUS and control of other, non-Microsoft, product updates.

I use the solution to manage security and policies. 

The solution effectively handles inventory management, deployment, and reporting. 

The solution does not support remote devices so CMG is still required. 

I have been using the solution for six years. 

The solution is very stable. 

The solution is for ICCM so does not scale like a cloud application. It is intended for security, management, or device teams and not end users. 

Scaling is always available with a monetary investment. 

Technical support is pretty good. 

The complexity of setup depends many factors such as the number of sites or distribution points and whether they will be centrally administered. Proper planning and execution are important. 

Deployments of an ICCM server can take up to four weeks. 

The solution operates on a licensing model that can be expensive. 

Pricing is reasonable for small companies but large companies or enterprise environments require multiple licenses. 

The solution is very stable and robust with a longstanding reputation. It works well with Windows devices and offers good management for ICCM.

The cloud-based platform is a good option for managing only Android or iOS devices. 

I rate the solution an eight out of ten. 

The primary use case for SCCM is for managing workstations.

All of the software that runs on our workstations is packaged and distributed and managed. Along with that, some of our security software is managed a little bit differently, but is accounted for in that way.

We also use it for keeping track of our patches.

We're a Microsoft-centric organization, so we are happy with the integration between products.

The interface, customization, and security are all pretty good.

There is no asset management package included. You have to buy that separately so we need  to use another system to manage that. This is one of the biggest things that makes SCCM not as competitive as some other systems. If they had this functionality then their help desk software would be much better and much more useful.

It is a little bit fat on the client-side, in terms of the stuff it leaves in place after the management is complete. It would be nice if they could pay attention to that, although we have a separate way of dealing with it.

I have been involved with using SCCM in four or five different places for a total of close to 15 years.

SCCM has no issue with stability.

This is a scalable product. The biggest group that I have been involved with was maybe 15,000 people. Typically, the sizes are in the 1,000-person area and it's not the type of product that you put together and configure for an office.

Their SCCM support is slightly better than their general support. Their general support, Microsoft is tiered so you have to fight your way through the tiers to get to the real people. There's no way around that, but that's just the way they are. I understand that because they're such a big company

I have not done the initial setup alone, and I wouldn't recommend doing it for anybody who didn't know what they were doing, or that hadn't done it before, because you have to go through a certain learning process.

I have seen that a base installation complete can be done in three days, and I have also seen an environment with 1,000 workstations deployed in two weeks.

I have always worked with somebody who is well-versed in the solution to assist with deployment. I rely on a Microsoft MVP-level person to get the install done properly for me.

One person is enough for maintenance.

Pricing is negotiable with Microsoft, depending upon which of their packages you choose. They're changing their packages, and I don't know how they're changing them yet. It's been a few years since I have worked in that capacity.

We continually look at and evaluate everything.

Microsoft has Intune, as well. However, Intune is a choice if you're in a smaller-scale situation. Typically, I don't get called into things unless it is large, where I interact with clients on technical computing and solving network problems that are related to workstation issues. For these types of larger things, SCCM is a logical choice.

I haven't been in a Unix environment beyond having to do database-engine-related work.

My advice for anybody looking into implementing SCCM is that it has to be on a larger scale, and you have to be committed to Microsoft.

I would rate this solution an eight out of ten.

We use this solution for implementing System CenterConfigMgr in our organization, and for standardization.

This has made the management of our environment easier.

The most valuable features of this solution are the OSD and application deployments, and it also automates updates.

Not everything is readily available, and there are a lot of commands that are only executable via PowerShell. In this regard, the user interface could be improved.

This is linked to how Microsoft designs the products: They release a product and a visual interface, but also provide PowerShell commandlets. This usually is in ratio of 30/70 (UI / PowerShell actions).

I am using Microsoft Endpoint Configuration Manager for software distribution and patch management.

The most valuable feature of Microsoft Endpoint Configuration Manager is the software deployment. Additionally, Microsoft integrates most of the other solutions well with one another.

The support could improve.

I have used Microsoft Endpoint Configuration Manager for approximately five years.

We are utilizing the solution on a regular basis.

I rate the scalability of Microsoft Endpoint Configuration Manager 

The availability of technical support could improve.

I rate the support from Microsoft Endpoint Configuration Manager as seven out of ten. 

Neutral

I rate the initial setup of Microsoft Endpoint Configuration Manager an eight out of ten.

I rate the price of Microsoft Endpoint Configuration Manager an eight out of ten.

I rate Microsoft Endpoint Configuration Manager an eight out of ten.

Microsoft is working on migrating the function of Microsoft Endpoint Configuration Manager to the cloud. Every week and every month there is something new that's happening to move to the cloud.

Microsoft Endpoint Configuration Manager is used for installing new workstations without the interaction of people, it does the deploying of workstations automatically. Autopilot is used for automatic deployment installations of workstations without IT support. We only have packages at home and we do not need a VPN to configure workstations from home.

The patching of inventory to patching of Windows and applications, such as Office, inventory of wiping security, deploying new software, reinstalling software, uninstalling software, and wiping the device. This is insecurity from Active Directory services, some functionality we are moving to a group policy.  By having less IT support you can handle more workstations.

The solution could improve the functionality for automating, license management. Additionally, more and better-looking reports are needed.

I have used Microsoft Endpoint Configuration Manager within the last 12 months.

Microsoft Endpoint Configuration Manager is a stable solution. We do not have a lack of production in my orgaization.

The solution is highly scalable.

We have two IT engineers using the solution.

Microsoft has high-level support, I only have good words to say about them.

I have used Zabbix previously. I was using Zabbix, its free tool. It's not for somebody who does not have knowledge of Linux. Zabbix is not for a regular Microsoft user to use.

The installation requires a lot of knowledge and experience. The whole process took us three months.

The license price could be reduced for Microsoft Endpoint Configuration Manager  They should make the price more affordable for smaller companies, most companies would be able to use the solution if it was priced better.  There are more people on this cloud because you don't have to have either a server room or an on-premise server. You can have one IT person handle this without any local infrastructure. 

You receive a license for Microsoft Endpoint Configuration Manager when you buy an EMS E3 license. 

I would recommend this solution to others.

I rate Microsoft Endpoint Configuration Manager a nine out of ten.