Hexnode SCCM integration: Managing the move from SCCM to Hexnode
Windows OS has come a long way in the last three-plus decades (since its debut) through a different set of iterations to become the world’s most popular desktop operating system with a commanding lead. Over the years, Microsoft has constantly been reinventing itself to figure out ways to move their OS from store shelves to every desk. The tech giant, somehow, managed to retain their B2B following all these years, though the fast dynamic Apple has been creeping in (albeit a way behind) as a major opponent. It may well be argued that the progression and evolution of the services Windows offer for businesses has been a strategic centerpiece in this rivalry. Windows has the best support for most industry-specific applications, business-related software and regulatory requirements.
Not only had Microsoft made Windows secure by default, but they also co-opted a good deal of management technologies for businesses dedicated to making Windows a complete business solution. SCCM is a top-notch management tool that goes along with Windows-based devices to facilitate businesses to administer and secure their device networks. Despite being designed from the ground up with Windows support in mind, this tool provides support for a bunch of other OSs and handling it is a simple affair. And to add, SCCM has adopted a fast-paced aligned upgrade process to keep step with workplace modernization, but does it cater to the management requirements of the new digital enterprise is a really tough question to answer.
Being a 27-year-old tool, SCCM has its own constraints and is not for everyone who’s looking for painless management across a heterogeneous environment with little oversight. Better yet, you can integrate SCCM with MDM and leverage the combination for a cut above management experience. If you’re an SCCM admin looking for a workaround, look no further than this SCCM integration option which involves less of a time commitment, and this post is to help you easily go through the process. But, before we dive too deep into the topic, here comes a general overview of SCCM for those looking to start at the very beginning.
What is SCCM (System Center Configuration Manager)?
SCCM is a legacy on-premises software management suite developed by Microsoft to increase IT productivity and efficiency by reducing manual tasks on Windows. SCCM provides an automated administrative system that empowers end users with the right tools at the right time along with comprehensive compliance and asset management, thereby maximizing hardware and software returns on investment.
This classic solution for on-premises infrastructure was initially launched under the name Systems Management Server (SMS) and later renamed as System Center Configuration Manager) also called simply ConfigMgr. For years, SCCM combined with Active Directory and GPO was the traditional way of deploying Windows devices for work purposes. The tool is now part of Microsoft Endpoint Manager and is popularly known as Microsoft Endpoint Configuration Manager (MECM).
What are the services offered by SCCM?
SCCM manages devices and servers, either included within your network or internet-based. To cloud-enable this on-premises management tool, it should relate to cloud-based services from Microsoft like Azure AD, Intune MDM and Microsoft Defender ATP.
SCCM can easily tame even the most chaotic desktop environments featuring a set of services for all aspects of device life cycle management. The feature stack includes:
- Software management
- OS update management
- Configuration monitoring
- Remote control and troubleshooting
- Patch management
- Network security management
- Resource access management
- Compliance management
- Hardware and software inventory management
- Analytics and reporting
- Data protection
- Windows Defender anti-virus control
and so on.
Microsoft offers four different options for device management:
Here are the primary capabilities of SCCM that are key to comprehensive desktop management:
- Co-management: The method to concurrently manage devices using SCCM and Intune. Co-management cloud-attaches the currently running SCCM deployments with Microsoft 365 and unlocks additional cloud management features.
- Cloud-attached management: Manages internet-based clients by integrating with Azure AD, cloud-based distribution points and cloud management gateway.
- Desktop analytics: Checks the update readiness of the devices and helps make informed decisions when an update is available.
- Application management: Distribute, monitor, update and manage Microsoft 365 applications and other applications from the Microsoft store for business and education.
- OS deployment: Deploy OS images or upgrades to Windows 10.
- Software updates: Push, monitor and manage software updates.
- Access management: Give users access to company resources required for their work.
- Compliance management: Ensure device compliance by tracking the configuration compliance status. Identifies security vulnerabilities and remediates non-compliance with pre-configured features.
- Endpoint protection: Integrates with Windows Defender services like Antivirus, Advanced Threat Protection, Exploit Guard, Application Guard, Application Control and Firewall for endpoint security.
- Inventory: Collects details about the hardware of devices and the apps & files stored on the devices.
- Asset Intelligence: Provides continuous visibility into software license usage and collects inventory data of hardware and software ownership and location.
- Power management: Monitor and manage the power consumption of devices.
- Remote control: Manages devices at remote locations.
- Remote connection profiles: Create, deploy and monitor remote connection settings.
- Reporting: Uses SQL Server Reporting Services for getting advanced reports.
- Software metering: Monitors app usage.
- On-premises Mobile Device Management: Manage devices by leveraging the management capabilities built into the devices.
Is SCCM going to die anytime soon?
The Endpoint Manager was, in fact, Microsoft’s answer to this common query. By introducing this solution platform which unifies several existing technologies like SCCM, Windows Autopilot, Desktop Analytics, Azure AD and so forth with its own Intune MDM, Microsoft proved that the traditional management tools would continue to play a key role in co-managing devices. So, SCCM itself is not dead, and Microsoft is not planning to reduce investments in SCCM; the only change is that it has been renamed MECM. Though Microsoft is now doubling down its effort to attain feature parity for other management tools, SCCM still remains an integral part of endpoint management technologies across organizations. And there are clear advantages to continuing using SCCM.
Services included with Microsoft Endpoint Manager
- Microsoft Intune — Microsoft’s MDM solution.
- SCCM — On-premises management solution.
- Co-management — SCCM and other cloud offering like Intune and Microsft365 cloud services combined together.
- Desktop Analytics — Integrates with SCCM to check the update readiness of devices.
- Windows Autopilot — Zero touch enrollment tool to pre-configure devices.
- Azure Active Directory — Used for MFA and for identifying devices and users.
- Endpoint Manager admin center — Web console to create management policies.
Why do businesses use SCCM?
- SCCM facilitates full lifecycle management of a group of PCs, virtual machines, servers and even mobile devices running different OSs under a single console.
- SCCM integrates seamlessly with Windows systems and provides end users with access to all devices and applications without compromising corporate security.
- SCCM extends and works alongside existing Microsoft technologies and services like Active Directory, Group Policy, SQL Server, Internet Information Services, Background Intelligence Transfer Service, Windows Server Update Services, Exchange Server, Windows Deployment Services, Certificate Services, Network Access Protection, and so on.
- SCCM works well with packaging and complex files. It is an excellent tool for large payloads and hence provides significant value to clients having complex requirements.
- SCCM maintains a consistent Windows experience for the users.
- Though it’s a purchased tool, SCCM is available on a limited trial basis.
Why is SCCM no longer enough for device management?
In general, most organizations tend to go with the SCCM, Microsoft’s own tool to manage Windows PCs. But as now businesses all over the world are enabling their employees to work mobile, and everything is becoming smart and connected, businesses are more tempted towards one central point that can manage everything from traditional PCs and mobile devices to most modern IoT gadgets. On the flip side, with a variety of technologies available, employees also expect to get immediate access to all essential resources without being encumbered by heavy-handed management. So, what is needed now is a consistent support model for all device form factors and that should be simple and responsive not only for IT but also for end users, which means that SCCM alone is not enough. While most OS platforms provide APIs for management, using a completely different on-premises client management system for PCs and laptops alone is not a viable option as well.
Limitations of SCCM
PC administrators have traditionally relied on SCCM for device management and security. SCCM is definitely a good tool to handle Windows PCs but is not a one-size-fits-all solution. There are many other drivers that constantly tempt organizations to look for an alternative.
- SCCM is a tool that has a steep learning curve, and setting up an SCCM infrastructure all from scratch is nearly a tough assignment. Due to its cumbersome architecture, handling the tool requires full-time involvement from the admin’s side.
- SCCM admins have to deal with the maintenance required to the infrastructure by themselves.
- SCCM supports only a few platforms out of Windows and is lacking features for OS platforms other than Windows. It doesn’t integrate well with management features from other platform’s enterprise and mobility suite.
- As the management system is on-premises, SCCM admins need to set up and maintain their own servers.
- SCCM is a bit uneconomical for small or medium organizations as it incurs a cost on the solution as well as the server resources required to run it.
SCCM alone is a great start, but it often falls short quickly. However, before blaming it too much on SCCM, let’s look at an alternate solution.
Can UEM be a good replacement for SCCM?
Gone are the days where you have to use multiple tools to manage your device fleet. For not being an outlier when it comes to modern management abilities, the Windows OS has augmented itself to allow cloud-based delivery of device configurations and applications. As users and devices have become mobile, on-premises management is almost a thing of the past, and businesses are strongly embracing the idea that management didn’t necessarily have to on-premises, but cloud-based approaches can save more. Being a quick way to bridge the gap between device forms, UEM is a widely accepted approach that is available either as cloud or on-premises to get beyond traditional PC management based on SCCM.
Hexnode UEM is a single window cost-effective solution for digital businesses that can scale across devices and support all flavors of endpoints. It potentially expands across various use cases and accomplishes everything from device onboarding to end of life over the air using the internet. Hexnode features device protection, asset management, and everything under an all-in-one easy to license offering. Thus, it provides more of what is needed and improves upon most features already available with client management tools like SCCM.
SCCM vs. Hexnode UEM
Organizations sticking with Microsoft tools alone apparently over the years might find the choice too difficult to make. But right now, Hexnode provides an option to integrate with SCCM that will help organizations with their move from SCCM to Hexnode and switch management of already existing devices.
Preparing for a good migration experience with the Hexnode SCCM integration feature
Don’t fall victim to a solution that doesn’t work spectacularly well for your requirements when you have the option to easily sync existing devices with Hexnode and manage them like any other enrolled device. You can integrate SCCM with Hexnode, enroll Windows 10 devices directly into the Hexnode portal using the Hexnode Installer application and manage them alongside your other OS devices managed in Hexnode. SCCM integration for device migration is actually a two-step process:
Step 1: Download and install the Hexnode SCCM Agent app on the SCCM server.
- Download and install the SCCM Agent on the server (link is provided in the Hexnode portal).
- Launch Hexnode SCCM Agent app setup wizard. Click on Next to continue the installation setup.
- Select the destination path for the SCCM Agent app to be installed.
- Provide the Site Code and Portal Name for setting up Hexnode SCCM Agent.
-Site Code: Provide the site code to identify the sites on the SCCM server. The Site code will be a three-character alphanumeric code. It can be obtained from your SCCM server.
-Portal Name: Provide the Hexnode portal name to which the SCCM server is to be integrated.
- Provide the Hostname, Username and password to connect to the database of the SCCM server.
- Click on Install.
- Click on Finish to exit the setup.
- All the devices in the SCCM server will be listed under Admin > SCCM in the Hexnode portal.
Step 2: Download and deploy the Hexnode MDM app for Windows 10 devices (v1709+) for direct enrollment into the Hexnode portal.
- Download and install the Hexnode MDM app for Windows 10 devices on a Windows client device (link is provided in the Hexnode portal).
- Launch the application.
- Select Software Library.
- Click on +Create > Create Application.
- Specify the settings for the application.
-Type: Choose the application type as Windows MSI file.
-Location: Provide the location of the application in UNC path format.
- View and verify the imported details from the Windows MSI file. Click on Next to edit/modify the imported information.
- Modify the details and click on Next.
- Verify the details under Summary and click on Next.
- Once you’re done with the application wizard, click on Close.
- The application will be listed under Software Library > Overview > Application Management > Applications.
To deploy the application,
- Select the app under Software Library. Right-click on the app and choose the Deploy option.
- The app to be deployed will be listed by default under the field Software.
- Collection specifies the users/user groups in the server to which the app is to be deployed. It can be either All User Groups, All Users or All Users and User Groups.
- Choose either the Distribution Point or Distribution Point Group to which the app is to be deployed.
- Specify the software deployment option.
- Action: Choose the option to Install the application.
- Purpose: Choose the option Required.
- If required, you can schedule the deployment. Click on Next to continue.
- Specify the required user experience and click on Next.
- Configure the alert messages to be generated while the application is deployed.
- Verify the summary of the deployment and click on Next.
- Click on Close to exit the setup wizard.
- Windows devices will be enrolled with the Hexnode portal.
You might have understood now why migrating SCCM devices to UEM is important for centralized management. With such an easy to enable migration process, actually why not is more the question. So, don’t settle for less than UEM desktop management when a vendor-agnostic tool like Hexnode picks up where SCCM leaves off and realizes the concept of modern Windows 10 management.