Microsoft Endpoint Manager (Microsoft Intune + SCCM)

Microsoft Endpoint Manager (Microsoft Intune + SCCM)

Top Rated
Top Rated
Microsoft Endpoint Manager (Microsoft Intune + SCCM)



Great for Cloud Management

We are in the process of transitioning from Group Policy over to Microsoft Endpoint Manager. We are using it for controlling our policies …

Reviewer Pros & Cons

View all pros & cons


View all pricing

Microsoft 365 Business Basic


On Premise
per user/per month

Microsoft 365 For Individuals


On Premise
per month

Microsoft 365 Apps


On Premise
per user/per month

Entry-level set up fee?

  • No setup fee


  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Features Scorecard

No scorecards have been submitted for this product yet..

Product Details

What is Microsoft Endpoint Manager (Microsoft Intune + SCCM)?

Microsoft Endpoint Manager, combining the capabilities of the former Microsoft System Center Configuration Manager, SCCM or ConfigMgr with the mobile device management application Microsoft Intune, is presented as a unified endpoint management option.

The former Microsoft Intune is an endpoint management solution for mobile devices, an MDM solution that allows the user to securely manage iOS, Android, Windows, and macOS devices with a single endpoint management solution.

The component Endpoint Configuration Manager (the former SCCM) is a system monitoring and management platform that can be deployed as an agent, via the cloud, or on-premises. It can manage systems across OS types (Windows, Mac, Linux), as well as multiple environments, including servers, virtual environments, and mobile devices from a single management console, and supports scaling capabilities, such as future application delivery.

The platform includes a customizable reporting tool to inform future business software decisions. It also enables endpoint protection from malware and vulnerability identification within the monitored systems and infrastructure.

Microsoft Endpoint Manager (Microsoft Intune + SCCM) Video

Announcing Microsoft Endpoint Manager

Microsoft Endpoint Manager (Microsoft Intune + SCCM) Integrations

Microsoft Endpoint Manager (Microsoft Intune + SCCM) Technical Details

Deployment TypesOn-premise
Operating SystemsWindows
Mobile ApplicationNo


View all alternatives


(1-25 of 218)
Companies can't remove reviews or game the system. Here's why
Joe Aldeguer | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
First off let me clarify my product review only covers Microsoft Intune now called Microsoft Endpoint Manager. I used it to manage all of macOS and Windows 10 computers to deploy apps, compliance policies, configuration profiles, Windows autopilot, and to onboard my devices to Microsoft Defender for Endpoint.
  • Windows Autopilot
  • Integrates well with Apple devices
  • Good tech support
  • Runs in the cloud there is no need to put up an on-premises server
  • Deploying more apps besides Microsoft Edge and Microsoft Office 365 app
  • Microsoft needs to make it easier to deploy exe, pkg, and msi apps without having to go through the manual process of re-packaging these apps using tools from github like intuneapputil
  • Add a feature to push out software updates for 3rd party apps
Windows Autopilot makes provisioning user Windows PC laptops a breeze. A user only needs to turn on the laptop, join it to their local WiFi, login with their O365 account then sit back and let Windows Autopilot handle the app installations required for work, configure the laptop settings to meet my organization requirements. I have seen this all completed in less than 30 minutes depending on how fast the internet connection is.

Where Microsoft Intune needs to improve I think is the part where it can push out software updates to 3rd party apps. Right now I have to use Automox to fill in this gap.
Whenever I get stuck implementing Microsoft Intune I found it easy to get the support I needed from Microsoft.
Score 10 out of 10
Vetted Review
Review Source
Microsoft Endpoint Manager (Microsoft Intune + SCCM) is used in various ways in my company and the companies I'm an MSP for. Mostly it is used in Microsoft 365 Business Premium environments and it does a great job of gathering end point information as well as give us the ability to push out Microsoft Desktop apps and Microsoft Edge as well as other apps. It's also nice that I can setup specific configurations and settings for Windows, 365 desktop apps, and Edge just like when using Group Policy for on premise servers and PCs. But using Microsoft Endpoint Manager (Microsoft Intune + SCCM) is much easier to use and implement.
  • Able to create Compliance Policies and Configuration Profiles
  • Configure Windows Update settings
  • Configure Endpoint security settings and Windows Defender Antivirus
  • Create App Protection and Configuration Policies
  • More hardware details of devices such as drives, memory, etc.
  • Ability to remotely connect to a PC without 3rd party software
  • Not really any other cons that stand out
Microsoft Endpoint Manager (Microsoft Intune + SCCM) is well suited for any organization or company size. Probably is used more in depth in organizations or companies that have 20 or more PCs. Being that Microsoft Endpoint Manager (Microsoft Intune + SCCM) comes with Microsoft 365 Business Premium is a huge plus which makes it very well suited for any size business, especially small businesses.
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use [Microsoft] Endpoint Manager [(Microsoft Intune + SCCM)] for all of our workstations that are either hybrid Azure AD joined or simply Azure joined devices. We also use it to manage iDevices. We have used SCCM for several years now, and when Intune announced the co-management capability, we made the transition very quickly. There are certain elements that Intune does not handle, such as bare metal imaging, but otherwise we have moved all workloads to Intune while maintaining our SCCM on prem. This covers device compliance, WSUS, application deployment, configuration profiles, etc.
  • SCCM imaging can't be beat
  • Intune application deployment and WSUS ensures that devices are getting updates and applications, especially in WFH scenarios
  • The upgraded interface is much easier to work with than older SCCM iterations (2007 and below)
  • The ADMX templates are still lacking in some areas
  • Like SCCM, Endpoint Manager requires patience
  • It would be nice if there was better integration for remote connectivity
For any enterprise environment, it will be hard to go wrong with [Microsoft Endpoint Manager (Microsoft Intune + SCCM)]. Is it the perfect solution? No...but when considering integration across the M365/Azure front, it has significant advantage. It is probably overkill for smaller organizations, or for small businesses with limited technology staff. That said, it is not the most complicated product offered by Microsoft :)
Mark McCully | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Our company is using Microsoft EndPoint Manager \ Intune to manage all our our mobile devices across the enterprise - tablets, mobile phones, and laptops. We apply security policies and administer all of these devices via Intune in the cloud. It is great to have a centralized, SaaS based solution so that we don't have to manage any infrastructure in our data centers. Intune makes sure that company data and emails stay secure even on employee owned assets. It is very easy to remotely and securely wipe an application or device that gets lost or stolen as well.
  • Centralized administration of mobile devices - updates, security, reporting
  • Seamless integration with SCCM
  • ability to wipe devices remotely if lost or stolen
  • built in reports aren't very useful.
  • could be more cost effective.
Microsoft Endpoint Manager is a very power application for managing remote users and mobile devices at scale. I don't think it would make much sense for a smaller company that doesn't have that many mobile assets to use, but for mid to enterprise size companies Microsoft Intune is definitely a life saver to cut down on the TCO of mobile device management.
Score 9 out of 10
Vetted Review
Verified User
Review Source
Our organization uses Microsoft endpoint manager on our campus to supply updates , security patches , install applications and inventory devices seamlessly to 1500 users. SCCM addresses the issue of having technicians touch each individual device across our campus. We are able to isolate different graduating years and install necessary applications pertaining to each individual group with in the console. Each year we have to reimage each individual device and also add devices for incoming students, Microsoft Endpoint manager has simplified this process by being able to create a golden image than can be applied to different make and model of devices.
  • Simplify rollout of devices
  • Inventory thousands of devices and users
  • Apply patches and applications to multiple devices at once
  • Perhaps a more intuitive GUI
  • A built in database with specific queries
When dealing with a large number of users and devices SCCM has become the right hand of the department in regards to deploying, monitoring and rolling out devices. Making sure all devices are patched and have the latest malware revisions updated and applied has become much easier than before where each individual user was responsible.

Due to the time it takes to apply updates and changes, SCCM would be less appropriate when dealing with a smaller size of users
Score 8 out of 10
Vetted Review
Verified User
Review Source
We currently utilize [Microsoft Endpoint Manager (Microsoft Intune + SCCM)] across most of our organization. We recently acquired a different business and are in the process of trying to get SCCM deployed to that side. We primarily utilize this to help ensure patching/updates are pushed out on a timely basis for our systems.
  • [Microsoft Endpoint Manager (Microsoft Intune + SCCM)] helps to speed up the deployment of patches/software throughout our environment. I can easily build a package and then deploy across all endpoints.
  • The ability to supercede software is also quite handy. This automates the removal of old versions and replacing them with newer versions.
  • The Intune Autopilot option is very useful if you want to deploy software to devices straight out of the box. You can configure them to download software when a user opens a new PC and turns it on for the first time.
  • The one major drawback to SCCM is the delays or inability to deploy software if the device doesn't stay online long enough. This is particularly an issue in our environment for those users who work remotely and don't connect to our VPN client. If you can deploy via Cloud agent, this issue should go away
  • There is a steep learning curve in getting SCCM configured and creating packages created, but it works great once configured.
If you have a knowledgeable and decent sized server team, this is a fantastic product. However, trying to configure and maintain [Microsoft Endpoint Manager (Microsoft Intune + SCCM)] with only 1 or 2 server engineers, it is quite a handful. Since it is a Microsoft product, you can rely on the stability as well as the security of the application.
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Endpoint manager to manage all the windows devices in the organization, both shared and 1:1 from a central IT department over 100 different sites. It allows us to consistently apply policies, maintain security and track inventory at a distance. It allows us to control our onboarding of new devices, imaging said devices, and deliver software, updates in a consistent manner.
  • Inventory management.
  • Policy enforcement
  • Device Tracking
  • Imaging
  • Continuous updates add new functionality
  • Update delays in the subsystems
  • Artificial limits on number of items displayed in lists, different on each page.
  • Continous updates means that the location to find features moves.
Large, centralized IT department with responsibility for, and control over large portions of an organization's IT assets, policies, and security work well with SCCM. The addition of Intune allows for a distributed workforce to receive updates, policies, and security over the internet. Smaller organizations, or groups of smaller departments in a large organization that manage their own IT assets would not be a good fit for the investment in MEM.
Score 10 out of 10
Vetted Review
Verified User
Review Source
Used to deploy, manage and monitor mobile devices (mostly mobile phones) and client computers. Great for mobile phones which are usually very hard to manage, especially when you have a mixture of Android and IOs devices that need to manage and protect.
  • Mobile device management
  • Device policies
  • DLP
  • Managing different OSes on mobile devices.
  • Customization of end user portal.
It does everything you need in an MDM solution and if you are already paying for Microsoft Office 365 it's already there and takes almost no time to setup.
Sam Othman | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We are in the process of transitioning from Group Policy over to Microsoft Endpoint Manager. We are using it for controlling our policies and setting up our standard operating environment. as well as application deployment. It allows us to standardize what we are doing and automate IT functions, freeing up valuable resources to be better spent elsewhere.
  • Policy Management
  • Application Deployment
  • Cloud Management
  • Pricing
  • Steep Learning Curve
I would implement Microsoft Endpoint Manager without a doubt in a new startup. Between this and Azure Active Directory, there is limited need for on-prem Group Policy & Active Directory. This would allow full cloud management of the enterprise and less need for on-prem services.

It can be tricky to migrate from on-prem to Microsoft Endpoint Manager within a larger organisation as each individual policy item would need to be implemented one by one and tested thoroughly - but well worth the effort to do this.
Score 8 out of 10
Vetted Review
Verified User
Review Source
We use MS Intune and SCCM with our Azure cloud solution for all of our offices.
It is great tools to control and monitoring our security, servers and applications.
Manage mobile devices is highly important now days, so now we can manage our phones and tablets in modern way with modern approach.
  • We can add and assign mobile apps to user groups and devices
  • Manage access on personal devices by restricting actions users can do or not
  • Wipe or removing organization data from apps
  • Reporting should be improved
  • Better integration with AV software
  • AI integration with alert notification about unusual user behavior
It is good for mid or ent business. Good interfaces and integration with other MS applications and services.
Nowadays lots of companies use BYOD devices and try to manage them with Systems Center Configuration Manager, which bring some security issues and unconvinced. MS Intune may improve this situation and bring lots of benefits.
For small business it is less appropriate because require licenses and IT professionals to manage.
Ericson Aragoza | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
MS Endpoint Manager is currently being used at our organization as a standard way of deploying applications across multiple departments. It lessens the burden of deploying multiple applications to multiple departments that have different software needs and such. From an admin perspective, it's easier to manage the applications that are deployed in a specific group (Finance, HR, Administrative Roles, IT Admins, Support, etc) instead of manually provisioning each endpoint with a specific old-school "Check-list" style approach.
  • Ease of Management
  • East of Deployment
  • Quick Overview
  • Reliability
  • Lack of further updates.
It is well suited to organizations that have numerous deployments or yearly refreshes of systems. Especially now that we do work from home (mostly), it's easier for IT administrators and end-users to actually rely on this software to provide the specific application that they do require. From an admin point of view, it's as simple as adding the new or updated application to the available apps for users to install. From an end-user perspective, it's as simple as checking the SCCM client for the available app and installing it.
Score 9 out of 10
Vetted Review
Verified User
Review Source
Microsoft Intune is used to provide corporate data access via email app and other mobile apps on the mobile device of an employee. Intune enables the use of a personal mobile device to access emails and other official data in a secure environment where the IT team has full control over the flow of information. It is used throughout the organization where employees are eligible for email access via mobile. The business does not have to worry about data leakage and it provide 24/7 access to emails to employees.
  • Device management.
  • Complete control over the flow of information on the mobile device.
  • Allows secure data access on BYOD.
  • Compliance and policy enforcement on the Office apps in mobile.
  • Dashboard customization can be improved.
  • Privacy between personal and office data as i don't want that my company control my phone.
  • Location service could be improved.
  • Enhanced security and integration with other apps.
Intune is suitable for scenarios to manage endpoints such as laptop, desktop, and mobile devices. It allows administrators to set up office email and other apps on the personal mobile device of the employees so that they access corporate data all the time. Administrators have full control of the information flow and they have the option to remotely wipe all the data in case of any compromise. Suitable for providing enterprise mobility and secure access to corporate resources. Not sure about less appropriate scenarios.
Being a Microsoft product, support was good. Out interaction was limited to our in-house IT team which was installing the Intune app in our mobile device. The installation was smooth and we haven't faced any difficulties with the app while using it. Provides a smooth and secure access to all Office 365 apps in mobile while separating the personal and professional data.
Score 7 out of 10
Vetted Review
Verified User
Review Source
We use it for monthly Windows updates, image deployment to workstations, server and application deployment. It's being used in all departments to:
  • Quickly patch/deploy applications all laptops, desktops.
  • Push down new, updated Windows 10 OS versions.
  • OS imaging and deployment via BOOTP across various locations through North America
  • Patch management across various locations through North America
  • Easier to find where something is inside the application.
  • Faster results after patching has been completed, and it takes hours some time to see if a server was patched or something failed to install.
Big companies. Companies over different locations. For less, I would say for small companies it's overkill. A lot of initial setup, expense — Windows Server license, DB server license, Microsoft System Center Configuration Manager (SCCM) license.
I have never used Microsoft support. I took training, and if I can't get something to work, I Google for the error issue.
Kurt Ferguson | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use SCCM for application and Windows desktop, laptop, and server patching. We accompany it with the PatchMyPC addons, so we can update the majority of applications we use for end-users. We also use it to deploy security software.
  • Windows and Office patching: SCCM does this really well. It is efficient, reliable, and easy to schedule. It's quite simple to keep machines updated once they've been registered.
  • Application Deployment: SCCM very effectively deploys application and application updates. We use it very effectively to reinstall our security software if it gets uninstalled or needs to be updated.
  • Reporting: The SQL Reporting Services oriented user-interface is really not particularly user-friendly.
  • Inventory: The inventory function is overly basic and difficult to search. If this were improved to be a legitimate asset management tool, it would tremendously increase the value of SCCM to organizations.
SCCM is awesome for patching and great for application deployment as well. If you use powerful add-ons like PatchMyPC and use Microsoft Azure integration to extend its reach to remote machines, it is truly indispensable. It may be less so if you don't have the money for those additions. If you already have an effective patching solution that also handles third-party and remote patching, SCCM may not be worth the effort.
Microsoft's support for SCCM is excellent. Premium support is worth it, especially if organizations are managing their SCCM installations with very limited staff.
Score 9 out of 10
Vetted Review
Verified User
Review Source
Currently, we're using Microsoft System Center Configuration Manager to manage all our Windows assets, from PCs to laptops. Considering we use it across all organization, and we have a dozen of remote sites, some of them with distribution points, I can safely say that we solve basically 2 big business problem: We can manage all of those assets from a single pane of glass, delivering software with software-central feature, managing and keeping a eye on the status of those updates and also saving bandwidth at the same time, because we can deploy those software and updates from that distribution point, avoiding to have every single PC/laptop to download from the Internet itself.
  • You can run an inventory of your assets, from PCs to laptops, grouping them by location, type, department, all tight to your own Active Directory. That saves a lot of time when you need to report the status of hardware and software. You can even manage alerts to inform you when some hardware change has happened, which could possibly lead to a robbery.
  • You can centralize software distribution, controlling what kind of software is available for your organization, and here's the most important part: you can give end-users the power to install/remove that software by themselves. That way, you can avoid a ticket to your service desk and potentially save money on those tickets too.
  • Also, due to the distributed architecture of the product, you can deploy a component of the system in each remote site you have. Thanks to that, you can avoid using the bandwidth of the remote site, which usually is already limited, to download software/updates to each PC locally. You just need to download once for the distribution point it will deliver locally. You can also avoid the risk of having your local WAN to be contested by some unexpected outdated PC that was just connected to your network.
  • The licenses can be expensive if you are a small organization. Make sure you have a good deal with your Microsoft partner.
  • Deal with collections can be a little hard sometimes. Collections are the say the product classify or organize the groups. As the concept is a little different from what we're used to, like Active Directory Organizational Units or Security Groups, etc., it's best if you spend some time studying this before you deploy the product in your organization, especially if your organization has severy business or business units and remote sites.
  • You don't have as much product specialists as you have for other Microsoft products like MS Exchange, for example. So, make sure you hire a partner that have the skills needed to help you during the deploy of the product. Indeed, it is a complex product and it demands attention to details to avoid frustration in the future. People tend to save money on the implementation phase and that leads to frustration and, in some cases, projects cancellation due to underestimation of the requirements of the product.
Seems obvious, but if your organization's assets are all based on Microsoft Windows, this is the right product for you. If you have mixed environments, with most of the computers running Linux or Mac, I don't think you'll have the same results. Unfortunately, I can't say much about that, because my experience is only based on a full Windows environment, and honestly, I didn't waste to much time paying attention to other operating systems.
Score 8 out of 10
Vetted Review
Verified User
Review Source
It is used by two departments, enterprise services (e.g Infrastructure Administration, Email, Sharepoint, etc) and Help Desk.
  • Patching lots of computers (in my case 400+) without leaving your seat!! Less administrative overheads.
  • Deploying new machines with a standard image that is the same across the organisation and no one has a different set of image and therefore consistancy within the organsation.
  • Provide a comprehensive inventory of the organisation's computer assets.
  • Provide security auditors with patching compliance reports within the organisation.
  • Driver portals for different PC/Laptop manufactures.
  • There is no dashboard for the executive summary of the organisation's patch levels.
  • Being able to see the downloaded patches (labeled with KB numbers) according to their names on the SCCM server.
Well suited where you have a vulnerability and just push the needed patch without going around each and every computer and addresses issues where the patch was released out of band. This saves valuable time and definitely frees administrators to do other tasks. You can push applications to users without them requiring administrators privileges and therefore still not having to be present!

It's less appropriate when it comes to third-party software patching e.g Winrar, 7Zip, Google Chrome, Firefox and these are not covered by SCCM. I would love for them to be able to extend their patch management to other vendors.
It has made our lives easier and has reduced a substantial amount of time we spend on patching, new machine/laptop provisioning, out of band patches, manually having to go one by one counting our computer assets. It has reduced our travel bill and our remote users get remote assistance from the Help Desk team.
Adam Martin | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
SCCM is used across our entire organization. We use it for zero-day remediations, as well as large scale package deployments. It saves the company an immense amount of hours wasted for on-site support team members having to manually install packages. We can also pull reports of software versions across our environment and deploy patches accordingly for any PC that's out of compliance.
  • It allows users to install packages from a Self-servicing application via an app called Software Center.
  • It allows for fast remediation of vulnerabilities across your organization.
  • Provides reports for high-level visibility of your environment for upper management.
  • Building a collection and deployment takes some time to learn. It isn't very user intuitive.
  • Getting up to date reports on a deployment isn't a one-click process. It requires triggering multiple events and waiting about 10-15 minutes
  • I wish there was a dashboard feature built into SCCM. I manage the JAMF platform in my environment as well, and this is one of the key features I rely on every day. When I need to pull a report in System Center Configuration Manager it is just clunky.
Microsoft System Center Configuration Manager is needed for any business with 300 or more PCs. It helps maintain application and security patch compliance. I use it for app deployments mostly, but it is also used for monthly security patch deployments by others on my team. The Software Center app is a nice bonus for end-users.
Microsoft support is very quick in assisting with large scale or even smaller-scale issues. They are available 24/7/365 (depending on your support tier contract), which is really nice if your system goes sideways. I've used them a handful of times when something goes wrong. They are always friendly and helpful.
Mark Fitzgerald | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
We use SCCM for a number of different use cases including imaging, OS and software deployments, inventory and desktop management. Its primary function is to push new software to the fleet. The benefit is being able to time when and what gets deployed and make it done in an automated fashion. We also use it to manage to patch existing software packages (in conjunction with a product called Ninite).
  • You are able to create queries to identify almost any combination of computers needed.
  • Its direct tie to active directory.
  • It fully leverages Windows functionality.
  • Its mac integrations, though improving, are really not much more than inventory.
  • It could benefit from an enterprise remote control solution more similar to Bomgar or LogMeIn.
  • Its web interface for reporting is very dated.
It is an enterprise. You have to have some level of scale to make this product feasible. It isn't just something you throw into the environment to make your life easier. When you are managing thousands of computers, the equation changes and it is incredibly valuable. It is complex and if not done correctly, it potentially can cause a lot of damage, so make sure you fully understand what you are doing before you press the button.
Valery Mezentsau | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
At my current and previous companies, I have used System Center Configuration Manager as one of the main tools to manage my IT infrastructure. From simple management of active directory users and computers to detailed inventorying of windows equipment (computers and server), software inventorying, software deployments and patch management. Also, it is used as a main endpoint protection solution that includes centrally managed Windows Defender and ATP. We use System Center Configuration Manager as one of the main monitoring tools to get reports of the Windows patching state, device availability and activity, to get information about what PCs users are using at a current time. Using as the only solution to capture and image new and existing workstations and servers. And, also SCCM is the main remote control/assistance tool for our help desk department.
  • We have mostly Windows environments, so SCCM provides us tons of monitoring options for computers and servers.
  • SCCM saves a lot of time and money for our Help Desk team to provide remote assistance to end users.
  • In a Windows 10 environment, SCCM provides pretty decent endpoint protection.
  • Patch management: tons of options of management, deployment, and monitoring.
  • Systems Imaging: deploying images to new PCs or servers, reimaging existed environment.
  • And of course, systems inventorying (hardware and software).
  • Initial configuration is pretty much complex and requires some additional time for preparation and deployment.
  • It would be awesome to have Patch management and endpoint security be moved to separate tabs in the SCCM management console.
  • Imaging functionality is great but over-complicated, and sometimes simple processes take way longer compared to regular WDS services.
  • Better reporting and monitoring services with customized charts.
  • Better integration of SCCM patching services with Windows Updates services on Windows 10. Sometimes it is almost impossible to say if patches were installed on Windows 10 via SCCM deployment until you get that information within SCCM management console.
  • Requires a lot of learning about the product for IT personnel.
This is a great work frame for managing your IT infrastructure. Tons of different options to configure systems, to manage software inventorying and deployments, patch management, systems imaging, etc. It is too hard to find a similar solution with the same number of features and options under the single management console. However, you still need to get third-party products to manage your network and Unix/Linix systems. And, of course, you need to be prepared before starting to use SCCM, it requires a lot of knowledge of the product and predeployment work to be done in advance.
Michael Timms | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
My former company used System Center Configuration Manager for software deployment, Imaging, and Microsoft updates. It was used across the entire enterprise, but my department only used it for imaging and application deployment. Before SCCM we were using Landesk, which I preferred greatly. That being said, SCCM does work well, as long as it is configured correctly. I would recommend it, but it would not be my first choice for deployment or imaging software.
  • Imaging from PXE boot, and it can be configured for remote imaging. Any IT department that has ever imaged 100 or more workstations with a CD and external drive knows that this is a strength.
  • Application deployment. Sccm can be configured with a software store where end users can install the software they need.
  • Update deployment, updates can be deployed on a set schedule with SCCM.
  • Imaging. I know that I gave this as a plus, but this is also a drawback too. Images take much longer to deploy via SCCM than they do with FOG or Landesk.
  • The system itself is a huge learning curve and takes a great deal of configuration to make it work correctly.
  • Remote Desktop Tool -- Microsoft already has a remote desktop tool, so why include almost the exact same one in your VERY expensive management suite?
Microsoft System Center Configuration Manager would be best suited in a large scale enterprise with multiple locations, and plenty of money to spread around. Also, you need an IT team that knows how to research to set it up and configure it correctly. It works well and you can make it do pretty much what you need it to do IF you are willing to put in the time and research to configure it correctly. If you are a smaller company, with say, one location though, there are much cheaper alternatives that have the same, if not more features.
Angel Swalve | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
System Center Configuration Manager (SCCM)is being used across the whole organization on all of our Windows computers and our dual booted Mac computers. SCCM addresses the problem of having to have more employees to be available for hands on installing and updating any software that SCCM allows the user to do without another employee finding time to do it for them.
  • SCCM allows our administrator to push updates remotely and does not require our staff to do anything to install software/updates etc.
  • SCCM lets us control licenses to software by allowing our administrator to only push out software to staff members when requested instead of allowing all staff to choose software from a list. Prevents unauthorized usage of licenses to software.
  • SCCM allows periodic software updates to be scheduled even when our staff are not at their computers, because it does not require staff actions.
  • SCCM takes a long time to install once a computer has been reimaged and sometimes it fails.
  • When the SCCM server goes down, no one is able to install anything and causes staff to be frustrated.
  • There isn't a communication tool that tells users that new software has finished installing. Staff have to keep checking for software they requested to be installed to verify it was installed.
SCCM provides our company a great support tool allowing our administrator to work behind the scenes and eliminates the staff it would take to touch each computer individually to install software and updates.
It is less appropriate for communication as it does not notify user once software has been updated or installed.
Yamileth Cabrera Rendon | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
I use this tool to connect with my team remotely, and it has allowed us to have all the necessary information in an organized way and to have the documents ready to share quickly and safely. This harnessing has allowed me to build a real and very useful database, and allows me to establish service level objectives, review them, and generate associated reports.
In general, it has allowed me to automate some processes associated with personnel management.
  • It allows me to increase the response capacity to the requirements of the users to keep the information organized and accessible.
  • It allows me to build a really reliable database.
  • It allows me to automate processes and establish a single point of contact per user.
  • It is a very good tool to generate follow-up reports.
  • It is not an easy tool to use, it has many functions and tends to confuse the naked eye.
  • The implementation is a bit slow.
I recommend it for:
  • As a business management tool for large corporations with teams in different locations or places or doing remote work.
  • Following up on requests and generating reports of satisfaction.
  • If you need to organize and automate your processes.
I do not recommend it for:
  • If they need a quick implementation.
  • A small company with few work roles.
Joe Spradlin | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
We are a relatively small/medium company. I was fortunate enough to have enough influence to convince them to allow me to buy the Data Center version of both SCCM and SCOM. Having said that, we utilize SCCM within our IT Department to manage our IT inventory as well as push out critical updates and patches to our Microsoft Windows devices. Additionally, we utilize SCCM to track software licensing and usage across our organization. It has been a powerful tool for us as a company to enable not only the resource management functions, but leveraging the System Center Endpoint Protection (SCEP) product enables us to manage and take advantage Microsoft built in security products. The reporting is an extremely flexible and powerful tool that enables us to quickly visualize our inventory and assist with technology refreshes and forecasting our upgrades.
  • System Center Endpoint Protection (SCEP) product enables you to manage and take advantage Microsoft built in security products. Very simple to configure and maintain.
  • Track software licensing and usage across your organization.
  • Managing the ageing of our equipment and plan technical refreshes. Through reporting you can easily visualize your inventory and see basically any information needed to make informed decisions.
  • Configuration and setup of SCCM can be quite challenging if you have never performed this. Microsoft has very good documentation on this function and can guide a seasoned IT professional through the process.
  • Keeping SCCM up to date can be challenging and I believe that this is a major opportunity for an area of improvement.
  • There is a right-click tool kit that is separate that Microsoft should include in the console. Once you use them, you will understand why.
While there are other products that can perform functions that SCCM provides, I would still recommend SCCM due to the vast array of features that it provides IT professionals. Most great products that I have used require some configuration to ensure they are a useful tool that we as administrators and managers can utilize to extract data relating to our environment. SCCM can do just that.
Brandon Holbrook | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
We use MS SCCM in our organization to deploy and manage System Center Endpoint Protection. We also use it to deploy known good configurations of operating systems and programs for new machines to our network. We use SCCM to report and alert on the health status of servers and endpoints. We also use it to manage Windows and third party applications.
  • Patch Management
  • OS Deployement
  • Health Status Reporting
  • Application Deployement
  • It can be a house of cards at times. If one little thing fails it seems like the whole thing comes crashing down. SCCM is NOT for the faint of heart.
  • Setup is quite a chore. The setup process it NOT straight forward and relying on a third party walk-through is essential.
  • Diagnosing what is wrong with SCCM can be a daunting task. Again... not for the faint of heart.
If you are a small company with only a handful of endpoints and servers SCCM is not for you. SCCM would create far more problems than it would solve. If you are a medium to large company spread out over multiple sites SCCM would be the answer to your configuration management problems.
Muhammad Mulla | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Microsoft Systems Center Configuration Manager 2012 R2 is being used for:

  • Deployment of Windows 7 and Windows 10 client desktop and laptop machines
  • Deployment of Windows Server 2012 R2 and 2016 Server machines
  • Management of Windows updates for Windows servers and clients
  • Applying configuration and security baselines and ensuring compliance
  • Reporting and asset management
  • Client and server inventories
  • Software deployment and updates
  • Application deployment and compliance
  • Windows deployment is probably the biggest strength in my opinion. You can build and capture an operating system image, deploy it using as complex a task sequence as you want. The functionality can be combined with that of Microsoft Deployment Toolkit. A deployment can be Zero-Touch all the way to a fully managed sequence.
  • Update management is very good combined with WSUS.
  • The distributed model of SCCM makes it good for ensuring WAN links aren't overutilized.
  • Further work could be done on the software and application deployment side.
  • The ability to view the logs from the same console would make a lot of sense.
Config Manager is particularly well suited to larger environments where the flexibility and power of the product can be fully realised. It is one of those products that would benefit from a dedicated staff resource.

I do not think that Systems Center Configuration Manager is a good product to recommend to smaller business (e.g. those in single offices with fewer than 400 devices).