How How SCM Monitor Security !!!!! RRS feed

  • Question

  • Dear  all ,,

    There is an issue  I want to discuss   which is related to SCM ( Security compliance Manager  )  where its highlighted that we can use it to PLAN , DEPLOY and  MONITOR  security baselines of Microsoft operating systems and Office applications ,, actually  I  recognized  and found that I can use it to PLAN and DEPLOY but didnot found any thing related to MONITORING  in this tool  ???!!!! ,, so if its really acting as monitoring system ,,, kindly  am asking you to highlight that for me ,, or  told me what they mean by work MONITOR here 

    Best regards  

    Monday, January 16, 2012 7:25 PM

All replies

  • Mohammed;

    Have you had a chance to read any of the security guides attached to the baselines within SCM? I suggest that you start with the guide for Windows Server 2008 R2, specifically Chapter 1: IT Governance, Risk, and Compliance. You'll need to use System Center Configuration Manager for scanning systems for compliance and System Center Service Manager to take advantage of everything described in that chapter.


    Kurt Dillard http://www.kurtdillard.com
    Monday, January 16, 2012 8:20 PM
  • Dear Kurt ,,

    Really i read much of this guide but when i see Monitoring in SCM i  though that it make this with it self not with help of SCCM , am working in this issue because we gonna deploy this solution with customer soon but his enviroment donot include SCCM and he also want to Monitor Security Baseline Beside Planning and deploying ,,, in addition we donot have much time now to study the SCCM Course to aplly this solution to custmorer ,,


    kindly i want to ask you another question do you see that MBSA 2.2 ( Microsoft Baseline Security Analyzer ) is Enough for this task ?


    and if not ,, hope you yo have another tool that donot talk much time now in studing and can use it in Scanning ( for vulnerabilities )  and Monitoring Security Baseline , to be able decide which security baseline to apply to secure the enviroment  


    Thanks Kurt for your interest :)

    Best Regards  

    Monday, January 16, 2012 8:43 PM
  • Mohammed;

    You can use the DCM feature in SCCM to scan for compliance or one of the 3rd party scanners that support SCAP content. See NIST's website for more information about SCAP: http://scap.nist.gov.

    good luck!


    Kurt Dillard http://www.kurtdillard.com
    • Proposed as answer by Kurt Dillard Tuesday, January 17, 2012 4:00 PM
    Monday, January 16, 2012 9:27 PM