Monthly Archives: March 2014

SCCM 2012 – Security (Part 1)

Hi All, security is always a hot topic and people think that only blocking certain actions from the console is enough. but what about the data that is being sent to/from a client? from a server? is it secure? Well…before i answer this questions, you need to understand a bit more about SCCM. SCCM 2007 had 2 installation modes. Mixed mode and Native mode. the mixed mode was “unsecure” by default while the native mode was “a bit secure” by default. what i mean by this? in a mixed mode, all network traffic was not encrypted and the default protocol for client communication was HTTP while on native mode the default protocol was HTTPS. This changed on SCCM 2012 as you can set this option per role, it means that you can have a management point accepting either HTTP or HTTPS and another management point accepting HTTPS only. for all…

SCCM 2012 – Software Updates

Hi All, Today I’m going to talk a bit aobut software updates. As you may be aware, softwre update is a “simple” task however, the process behind the software update can be a bit complex. And the reason is simple, what happen if I do this? Well…i don’t want this post to be dealt as “best practices” but a guidance on how to do software update and the reason is simple, many people know how to do, but always want a bit more guidance on what would be better….and remember…not best practices. I always refuse to talk about best practices because it always depends. Let’s imagine the scenario where you have a remote site with 3k users. Should you put a local DP there? maybe a secondary site? Let’s assume that as best practices, you would add a distribution point, but on this scenario, every single server should only be…