ConfigMgr 2012 Design Questions

System Center 2012 Configuration
Manager
Design Questionnaire
Prepared for
Client
Client Contact Name
Client Contact Email
Client Contact Phone
Prepared by
Arun Singh
Document Information
Status
Document Status Information

Document Version 0.1
Version Date October 2012
Created By Arun Singh
Reviewed By
Released by
Release Date
Change History
Version Date Author Revision Description

0.1 19/10/2012 AS Initial Version
Approvals
This document was approved by:
Version Date Name Title
Distribution
This document must be distributed to:
Version Name Title

Contents
Introduction ............................................................................................................................................ 5
Design Process ........................................................................................................................................ 5
Define the Project Scope ........................................................................................................................ 6
Determine Which Features This Project Will Address ........................................................................ 6
SCCM Infrastructure................................................................................................................................ 8
Questionnaire ..................................................................................................................................... 8
Inventory ............................................................................................................................................... 10
Questionnaire ................................................................................................................................... 10
Hardware Inventory ...................................................................................................................... 10
Software Inventory ....................................................................................................................... 10
Asset Intelligence .......................................................................................................................... 10
Software Distribution ............................................................................................................................ 12
Questionnaire ................................................................................................................................... 12
Software Updates ................................................................................................................................. 13
Questionnaire ................................................................................................................................... 13
Application Virtualization...................................................................................................................... 15
Questionnaire ................................................................................................................................... 15
Software Metering ................................................................................................................................ 16
Questionnaire ................................................................................................................................... 16
Settings Management ........................................................................................................................... 17
Questionnaire ................................................................................................................................... 17
Network Access Protection ................................................................................................................... 18
Questionnaire ................................................................................................................................... 18
Wake On Lan and Power Management ................................................................................................ 19
Questionnaire ................................................................................................................................... 19
Out of Band Management .................................................................................................................... 20
Questionnaire ................................................................................................................................... 20
Remote Tools ........................................................................................................................................ 21
Questionnaire ................................................................................................................................... 21
Operating System Deployment ............................................................................................................. 22
Questionnaire ................................................................................................................................... 22
User State Migration ............................................................................................................................. 24
Questionnaire ................................................................................................................................... 24
Security ................................................................................................................................................. 25
Questionnaire ................................................................................................................................... 25
Remote Consoles .................................................................................................................................. 25
Questionnaire ................................................................................................................................... 25
Discovery ............................................................................................................................................... 26
Questionnaire ................................................................................................................................... 26
Mobile Device Management................................................................................................................. 29
Questionnaire ................................................................................................................................... 29
Client Installation .................................................................................................................................. 30
Questionnaire ................................................................................................................................... 31
Endpoint Protection .............................................................................................................................. 32
Questionnaire ................................................................................................................................... 32
Introduction
This guide leads the reader through the process of planning a System Center Configuration Manager
infrastructure.
The guide addresses the following fundamental decisions and tasks:
Identifying which SCCM capabilities will be needed.

Designing the components, layout, security, and connectivity of the SCCM infrastructure.
Designing the components and the dependencies that are required
Business objectives should be prioritized at the start of the project so that they are clearly understood
and agreed on by IT and business managers.
Following this guide should result in a design that is sized, configured, and appropriately placed to
deliver the stated business benefits, while considering the user experience, security, manageability,
performance, capacity, and fault tolerance of the system.
The guide addresses the scenarios most likely to be encountered by someone designing a SCCM
infrastructure.
Please note that the terms System Center Configuration Manager, ConfigMgr, Configuration Manager,
CM and SCCM all refer to the same Microsoft product, and the terms are used interchangeably.
Design Process
This guide addresses the following decisions and activities that must occur in planning the design for
SCCM. The following steps that represent the most critical design elements in a well-planned SCCM
design:
Define the Project Scope;

SCCM Infrastructure;
Asset Inventory;
Software Distribution;
Software Updates;
Application Virtualization;
Software Metering;
Compliance Settings;
Network Access Protection;
Wake On Lan;
Power Management;
Endpoint Protection;
Internet-based client;
Mobile device management;
Page 5 of 33
Remote Tools;
Operating System Deployment;
User State Migration;
Security;
Remote Consoles;
Discovery;
Client Installation;
Design Hierarchy/Site.
Define the Project Scope

In this step, the project scope will be defined in order to align the goals of the project with the
business motivation. The appropriate parts of the organization will be identified for inclusion in the
project. Then one or more SCCM features will be selected to meet the business goals. SCCM is a
powerful product with a rich feature set, and so its very important to determine which of its
features to use.
The specific target machines that will become SCCM clients will be identified based on the project
scope and the selected features. Finally, the organizations service level expectations and future
growth plans will be documented to assist in the planning process.
Determine Which Features This Project Will Address

Business Goal Feature Description Included?
Inventory Hardware Inventory Collects hardware information from
business servers and client systems,
such as available disk space,
processor type, and operating
system.
Software Inventory Collects software information, such
as file versions.
Asset Intelligence Recognizes Microsoft and third-
party software signatures by
checking and verifying information
in a databasefor example,
checking executable filenames.
Automate Software Operating System Installs a configured operating
Installation Distribution system, even on systems that have
no operating systems (bare metal).
Software Distribution Installs and configures software
programs.
Application Streams applications that have been
Virtualization sequenced by Microsoft Application
Virtualization (App-V).
Page 6 of 33
Software Updates Scans servers and workstations for
software updates and deploys those
updates.
Standardize Network Access Provides enforcement of software
configurations and Protection updates on clients before they can
compliance access network resources.
Settings Management Defines configuration standards and
policies, and audits standards
compliance throughout the
enterprise against those defined
configurations.
Software Metering Collects and reports on software
that is in use so that this can be
compared against licenses to ensure
software license compliance.
Manage machines off Wake on LAN Can power on a system, even when
hours its switched off, which is useful for
performing software distribution or
software updates during off hours.
Out of Band Can manage systems when they are
Management turned off, in sleep mode, in
hibernation mode, or otherwise
unresponsive. The managed
computer must have the Intel V-Pro
chip installed.
Take the Help Desk to Remote Control Remotely administer client
the user workstations. Useful for Help Desk
personnel needing to troubleshoot
individual user issues
Antimalware Endpoint Protection Provides antimalware security for
protection, policy- client computers and servers that
based security can be integrated directly into
management, and System Center applications; also
reporting provides historical reporting of
malware events and client status.
Manage outside the Internet client Enables management of clients that
enterprise are beyond the organizations
firewall boundaryfor example, on
the Internet.
Mobile device Mobile devices, such as phones, can
management run a capabilities subset, such as
inventory and software distribution
(cannot be managed by remote
control or receive operating system
deployments like desktop clients).
Page 7 of 33
SCCM Infrastructure
Now that the scope has been identified, there are many constraints of its own that would affect a
SCCM Infrastructure. The following questions will help to identify the various elements and
components that will make up the base SCCM hierarchy.
Questionnaire
1. Physical locations
Location IP Range / Subnet / AD Site
2. Network connectivity
Location 1 Location 2 Connection Utilized Bandwidth
3. What are the company expectations for growth or contraction?
4. Server location
Manufacture Model Location Number
5. Client (desktop & laptop) location
Manufacture Model Location Number
6. Client Connectivity
Connection Number
7. Will clients move between locations?
8. Are any acquisitions or divestitures planned in the environment in which SCCM will be
implemented?
9. Is Active Directory Schema extension allowed to SCCM?
10. Is this solution should be fault-tolerance or high availability?
11. Can this solution be totally virtualized? If yes, which virtualization platform will be used?
12. Which locations virtual servers cannot be used?
Location
Page 8 of 33
13. Should a DR planning be part of the project?
14. If the solution is totally virtualized, can the DR planning be held as part of the
virtualization solution (ie. Server replication, VMotion, etc)
15. Are there any non-Domain clients that should be managed?
16. Should SQL Server (Installation and Configuration) be part of the project?
17. Should SQL Reporting Services (Installation and Configuration) be part of the project?
18. Can servers be installed on a Remote site? If yes, any exception?
Location
19. Will 3rd Party Software be considered as part of the project? (ie. 1E Nomad)
20. If required, Should Public Key Infrastructure (Design, Installation and Configuration) be
part of the project?
21. If required, Should configuration of the Active Directory for Bitlocker be part of the
project?
22. Does your company have Windows Intune Subscription?
23. List of languages the solution should support
Location Language
Page 9 of 33
Inventory
Inventory is responsible for collecting information about the clients machines hardware and
software resources. This information includes installed hardware, memory statistics, hard disk space
usage as well installed software patches.
The inventory information is often used to effectively target the installation of new software
packages. For example, when deploying Microsoft Office 2007; it is possible to use the inventory to
generate a report of the clients that meets the required installation prerequisites.
The following questions will help to identify the various elements and components that will make up
the base SCCM hierarchy.
Questionnaire
Hardware Inventory
1. How often should it be updated?
2. Classes that should be collected
Class Name Field Name Computers
3. New classes that should be created/collected
Class Name Source Fields Computers
Software Inventory
1. How often should it be updated?
2. List all files/extensions that will be inventoried
File name / Extension Location Computers
3. List all files/extensions that will be collected
File path / File name / Location Computers

Extension
Asset Intelligence
1. Should Asset Management manage Microsoft Volume License licenses?
2. Should Asset Management manage non-Microsoft licenses?
Page 10 of 33
3. Should it synchronize its database with Microsoft online? If yes, how often?
4. Which classes should be enabled? (https://technet.microsoft.com/en-

us/library/gg712306.aspx)
Page 11 of 33
Software Distribution
Software distribution feature provides a set of tools and resources that help you create and manage
applications and packages used to distribute software to client resources within your enterprise.
Questionnaire
1. List all applications (Manufacture, name, version, service pack, size, deployment type) that
you believe will be deployed to your organisations client resources using SCCM.
Manufacturer Name Version Service Pack Size Deployment

Type (OSD,
Client, Base
Image)
2. Should a message be displayed to the end-user when installing application?
3. If a restart is needed, what should be restart countdown (in minutes)?
4. List of software that can be deployed to a user
Name Type (App-v, MSI, exe, etc) Primary Machine only?
5. How often a re-evaluation of the system should happen for software that is required to be
installed?
6. Will users be able to request software installation via web portal?
7. When requesting software via web portal that requires approval, should an e-mail be sent
to his/her manager? If yes, is this information populated into Active Directory?
8. Will Windows Intune be used to distribute content for Internet clients?
Page 12 of 33
Software Updates
The software updates feature provides a set of tools and resources that can help manage the
complex task of tracking and applying software updates to client computers in the enterprise.
Questionnaire
1. List of existing Windows Software Update Service in use
Server Name / OS WSUS Version Location
2. List of the Categories that will be used
Categories Included?
Critical Updates
Definition Updates
Drivers
Feature Packs
Service Packs
Tools
Update Rollups
Updates
3. List of Microsoft Software to be patched
Name Version Service Pack Size
4. List of non-Microsoft Software to be patched
Manufacture Name Version Service Pack Size
5. When the Software Update can be applied to clients? (maintenance window)
Start Time End Time Computer
6. List of Scan/evaluation
Date/Time Computer
7. How often the synchronization with Microsoft will happen?
8. Enforce mandatory deployment?
Page 13 of 33
9. Will Software Update be used to patch non-Microsoft software? If yes, can 3rd party
software be used?
10. Display message to the end user when applying patches?
11. How often the re-evaluation of installed updates happen?
12. List of automatic deployment rules
Rule (Product, classification, Computers Deadline

etc.)
Page 14 of 33
Application Virtualization
Application virtualization is at the heart of Microsoft Application Virtualization (App-V). It decouples
applications from the operating system and enables them to run as network services. Application
virtualization can be layered on top of other virtualization technologiesnetwork, storage,
machineto create a fully virtual IT environment where computing resources can be dynamically
allocated in real-time based on real-time needs. App-V's patented application virtualization, dynamic
streaming delivery, and centralized management technologies make everything from deployments
and upgrades to migrations and business continuity initiatives easier and faster with better agility:
Questionnaire
1. Does your company SA gives you access to the MDOP package?
2. What App-v client version will be integrated?
3. List all applications (Manufacture, name, version, service pack, size that you believe will be
deployed to your organisations client resources using SCCM.
Manufacture Name Version Service Pack Size
4. App-v Virtual Environment (App-v 5 only)
Application Middleware
Page 15 of 33
Software Metering
Software metering in SCCM allows you to monitor and collect software usage data on SCCM clients.
The collection of this usage data is based on software metering rules that can be configured by the
administrator in the SCCM console, or by the automatic generation of rules based on usage data
collected by SCCM inventory. These rules are evaluated by the software metering client agent on
SCCM client computers, which collects metering data and reports this back to the site database.
Questionnaire
1. How often Software Metering should be reported?
2. List of Application to be monitored
Manufacture Application File Name Version Language Location

Name
Page 16 of 33
Settings Management
The SCCM desired configuration management (DCM) feature provides a set of tools and resources
that can help assess and track configuration compliance of client computers in the enterprise.
Desired configuration management in SCCM allows you to assess the compliance of computers with
regard to a number of configurations, such as whether the correct Microsoft Windows operating
system versions are installed and configured appropriately, whether all required applications are
installed and configured correctly, whether optional applications are configured appropriately, and
whether prohibited applications are installed. Additionally, you can check for compliance with
software updates and security settings.
Questionnaire
1. Will Settings be used for Servers (Application Monitoring)?, if Yes, List all applications that
will be monitored
Manufacture Application Version Service Pack Language

Name
2. List of Items to be monitored
Item Name Rule Expected Value Auto-remediation
3. User data and Profiles
Type (Folder Redirection, Where Configuration

Offline, Roaming profile)
Page 17 of 33
Network Access Protection
The SCCM Network Access Protection (NAP) feature provides a set of tools and resources that can
enforce compliance of software updates on client computers to help protect the integrity of your
enterprise network.
Network Access Protection (NAP) is a policy enforcement platform built into Windows 7, Windows
Vista, and Windows Server 2008 operating system that lets you better protect network assets by
enforcing compliance with system health requirements.
Questionnaire
1. Is the Windows 2008 Network Access Protection in place?
2. How often the evaluation cycle will happen? Will it be a fresh scan every time?
3. Will it use the same Active Directory Forest? If not, what is the other domain suffix
Page 18 of 33
Wake On Lan and Power Management
Configure scheduled SCCM activities to take place outside business hours using the Wake On LAN or
Power Management feature, which has the following benefits:
Helps to achieve a higher success rate for SCCM activities.

Reduces the associated network traffic during business hours.
Helps to conserve power by not requiring computers to be left on outside business hours.
Questionnaire
1. Will Wake On Lan be used?
2. Will wake up be used? When will the wake up occur?
3. Are users allowed to exclude their devices from power management? If no, any exception?
User / Group
Page 19 of 33
Out of Band Management
Out of band management in SCCM provides powerful management control for computers that have
the Intel vPro chip set and a version of the Intel Active Management Technology (Intel AMT) that is
supported by SCCM.
Questionnaire
1. Are all machines v-pro capable?
2. Is there any Microsoft Enterprise Certificate Authority in place?
Page 20 of 33
Remote Tools
SCCM remote tools allow you to remotely access and operate client computers in the SCCM site
which have the remote tools client agent components installed.
Questionnaire
1. Will users be able to change the local settings?
2. Automatic grant permissions to local Administrators Groups?
3. Who will have rights to remote access client machines?
User / Group Computer Name Reason
4. Prompt for users permissions? If yes, any exception?
5. Display remote access notification? If yes, any exception?
6. List of remote tools to be used
Type Level Of Access Extra Information

Remote Tools Full/View only/No Access
Remote Assistance None/Remote Viewing/Full Solicited/unsolicited
Control
Remote Access Require network level
authentication
Page 21 of 33
Operating System Deployment
Operating System Deployment allows you to create operating system images and deploy those
images to target computers. Operating System Deployment also provides task sequences which help
facilitate the deployment of operating system images, and other SCCM software
applications/packages.
Questionnaire
1. Will OS Deployment be integrated with MDT?
2. Will Bare Metal OS Deployment be used?
3. Will OS migration be used? (ie: from XP to Windows 7, from Windows 7 to Windows 7).
4. If Question 3 is yes, will the Migration be responsible for saving users profile?
5. Will Multicast be used?
6. If question 5 is yes, does your network (switches/routers) support Multicast? If yes, any
exception
Location
7. List of Operating Systems
Location OS Name / Version
8. Where OS Deployment be used?
Location Type (Migration, Bare Metal, Data Access (Media, Network)

Both)
9. What windows activation method will be used? MAK/KMS
10. How many partitions should be used?
11. Does your organization need deploy OS to any computer that SCCM do not know?
(Unknown computer support), if yes, should it use password?
12. Does the OS refresh/migration need install application that was already installed?
Page 22 of 33
13. Is there any disk encryption used?
14. Will UEFI be used instead Bios? If yes, exceptions?
Computer / Computer Model
15. Will BitLocker be used? If yes, will recovery key be stored in active directory?
Computer / Computer Model Bitlocker key management (TPM, USB, TPM +

USB, TPM + PIN)
16. Will Windows To Go be used? (Apply only to Windows 8 OS)
Computer / Computer Model Bitlocker key management (TPM, USB, TPM +

USB, TPM + PIN)
Page 23 of 33
User State Migration
A key goal of the project is to ensure that the users do not lose their locally stored files or settings
during the deployment process.
As such, the locally stored user data will be preserved using the Microsoft User State Migration Tool
(USMT).
Questionnaire
1. Should OS Deployment save user profile?
2. Should Offline capture be used? If yes, should BitLocker be disabled before installing new
OS (if applicable)?
3. Should users profile be saved on the local hard drive?
4. Should users profile be saved on a remote server? If yes, for how long it should be kept
there?
5. Should users profile be saved locally/on a USB disk when no remote server available or on
a remote site with unreliable/slow network connectivity?
6. What files/extensions should be saved?
File Path Extension
7. What applications should have their user settings saved?
Application Settings
8. Which user settings should be discarded?
Settings
9. Regional Settings
Location Regional Settings
10. Which users should have their profile excluded?
11. Exclude user profile on last logon? If yes, since when (Number of days / specific date time)
Page 24 of 33
Security
By default, only administrators have access to all SCCM features. Non-administrators may need
access to only a subset of features and this access should be controlled.
Questionnaire
1. List of user/group with their respective access
User / Group Access Computer
2. Is there any requirement to split the management in more than one SCCM infrastructure?
Remote Consoles
The SCCM console is the primary interface to configure, run, and access SCCM features and tools and
it is required to accomplish the day-to-day tasks required to configure sites, maintain SCCM site
database, and monitor the status of a SCCM hierarchy.
Questionnaire
1. How many concurrent consoles will be used?
2. List of connections
User / Group Location
Page 25 of 33
Discovery
An important concept to understand in SCCM is that of resource discovery. Before a client machine
can be controlled and managed by SCCM it must be discovered.
The discovery process is important to initially find all resources, and also on an on-going basis so that
newly built machines can be discovered quickly and added to the SCCM site database. Discovering
resources is the first phase of the client deployment process.
Once a resource has been discovered a Discovery Data Record, or DDR, is created and recorded in
the SCCM site database.
A DDR contains resource properties such as:
SCCM unique identifier (GUID)

NetBIOS name
IP addresses
IP subnets
Operating system name and version
Domain or workgroup
Last logon user name
Name of discovery agent that generated the DDR
Active directory service container.

Active directory group.
Questionnaire
1. Which of the following Discovery methods will be used?
Discovery Discover Source of How often Included? Observations

method Resources Data
Active Domain, IP Domain
Directory Address, Controllers
Forest Active
Discovery Directory
Sites
Active Computers Domain
Directory Controllers
System
Discovery
Page 26 of 33
Active Users Domain
Directory controllers
User
Discovery
Active Groups Domain
Directory controllers
Group
Discovery
Heartbeat Computers The
discovery discovered
computer
Network Computers, Network
Discovery routers and devices
devices that
respond to
network
requests
2. Should the membership of distribution groups be discovered? (applicable to Active
Directory Group Discovery)
3. Only discover computer that have logged on to a domain recently? If yes, what is the time
since last logon (days)? (applicable to Active Directory System Discovery and Group
Discovery)
4. Only discover computer that updated their computer account password recently? If yes,
what is the time since last password update (days)? (applicable to Active Directory System
Discovery and Group Discovery)
5. Forest Discovery
Domain Suffix Account
6. Active Directory System Discovery
AD Container Account Observations
7. Active Directory User Discovery
AD Container Account Observations
8. Active Directory Group Discovery
Location / Group Account Observations
Page 27 of 33
9. Network Discovery
Data Value
Type of Discovery
Slow network awareness
Subnets
Domains
SNMP
SNMP Devices
DHCP
Page 28 of 33
Mobile Device Management
Organizations with mobile devices, such as smart phones and tables that operate beyond firewalls
but must be managed centrally.
Questionnaire
1. List of mobile device types
Manufacturer OS Name Version
2. How often should the pooling interval (Windows CE only) be?
3. Will users be able to enrol mobile devices? If yes, list users and groups
User / Group
4. If answer of question 3 is yes, what are the Issuing Certification Authorities and the Mobile
device template to be used?
Certification Authority Mobile device template
5. Should Exchange Active Sync be used to manage mobile devices? If yes, list the exchange
servers and accounts
Exchange server Account
6. Will Windows Intune used to manage Mobile Devices?
Page 29 of 33
Client Installation
The next phase is to install the SCCM client software on the clients. The following section details the
various installation methods available in SCCM.
Client Installation method Advantage Disadvantage

Client push installation Can be used to push to a Can cause high network traffic
single computer, a collection when pushing to large
or the results from a query. collections.
Can be used to automatically Can only be used on
install the client on discovered computers that have been
computers. discovered.
Automatically uses client Cannot be used to install
installation properties defined clients in a workgroup.
on the Client tab of the Client A client push installation
Push Installation Properties account must be specified
dialog box. which has administrative
rights to the intended client
computer.
The Windows firewall must be
configured on client
computers with exceptions to
allow client push installation
to complete.
Software update point based Can use your existing software Requires functioning software
installation updates infrastructure to updates infrastructure as a
manage the client software. prerequisite.
Can automatically install the Must use the same server for
client software on new client installation and software
computers if WSUS and Active updates, and this server must
Directory Group Policy are reside in a primary site.
configured correctly. To install new clients, you
Does not require computers to must configure an Active
be discovered before the Directory Group Policy object
client can be installed. with the client's active
If the Active Directory schema software update point and
has been extended, port.
computers can read If the Active Directory schema
installation properties is not extended, you must use
published to Active Directory Group Policy to provision
Domain Services. computers with client
Will reinstall the client installation properties.
software if it is removed.
Group Policy installation Does not require computers to Can cause high network traffic
be discovered before the if a large number of clients are
client can be installed. being installed.
Can be used for new client If the Active Directory schema
installations or for upgrades. is not extended, you must use
Group Policy to add client
Page 30 of 33
If the Active Directory schema installation properties to
has been extended, computers in your site.
computers can read
installation properties
published to Active Directory.
Logon script installation Does not require computers to Can cause high network traffic
be discovered before the if a large number of clients are
client can be installed. being installed.
Supports using command line
properties for CCMSetup.
Manual installation Does not require computers to No automation, therefore time
be discovered before the consuming.
client can be installed.
Can be useful for testing
purposes.
Supports using command line
properties for CCMSetup.
Upgrade installation Can leverage the features to Can cause high network traffic
(software distribution) upgrade the client by when distributing the client to
collection, or to a defined large collections.
timescale. Can only be used to upgrade
Supports using command line the client software on
properties for CCMSetup. computers that have been
discovered and assigned to the
site.
Upgrade installation Can leverage the features to Can cause high network traffic
(automatic upgrade) upgrade the client by when distributing the client to
collection, or to a defined large collections.
timescale. Can only be used to upgrade
Supports using command line the client software on
properties for CCMSetup. computers that have been
discovered and assigned to the
site.
Questionnaire
1. Client Installation method
Method Included? Comments
2. If client push enabled, will Client installation be automatic or manual after initial
discovery?
Page 31 of 33
Endpoint Protection
Endpoint Protection uses SCCMs capabilities to perform tasks such as deploying antimalware
clients, enforcing security policies on endpoints, managing devices, and alerting administrators to
events.
Questionnaire
Automatically install Endpoint Protection on client computers? If yes, any exception?
Computer
Automatically remove previously installed antimalware software before installing

Endpoint Protection? If yes, any exception?
Computer
Allow Endpoint Protection client installation and restart outside maintenance windows? If
yes, any exception?
Computer
Supress any required computer restarts after Endpoint Protection installation? If yes, any
exception?
Computer
Allow users to postpone restart after Endpoint Protection installation? If yes, any
exception?
Computer How long (hours)
Allow 1st definition update download only from SCCM infrastructure? If yes, any
exception?
Computer
Anti-malware policy
Computer Policy Data

Scheduled Scans
Scan Settings
Default Actions
Page 32 of 33
Real-time protection
Exclusion Settings
Advanced
Threat overrides
Microsoft Active Protection
Services
Definition updates
Windows Firewall Policies
Computer Policy Enabled Incoming Notify blocks

connections
Domain Profile
Private Profile
Public Profile
Page 33 of 33

ConfigMgr 2012 Design Questions

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

ConfigMgr 2012 Design Questions

Încărcat de

Drepturi de autor:

Formate disponibile

System Center 2012 Configuration

Document Status Information

Version Date Author Revision Description

Version Date Name Title

Version Name Title

The guide addresses the following fundamental decisions and tasks:

Identifying which SCCM capabilities will be needed.

Define the Project Scope;

Define the Project Scope

Determine Which Features This Project Will Address

Location IP Range / Subnet / AD Site

Location 1 Location 2 Connection Utilized Bandwidth

3. What are the company expectations for growth or contraction?

Manufacture Model Location Number

5. Client (desktop & laptop) location

Manufacture Model Location Number

7. Will clients move between locations?

9. Is Active Directory Schema extension allowed to SCCM?

10. Is this solution should be fault-tolerance or high availability?

12. Which locations virtual servers cannot be used?

15. Are there any non-Domain clients that should be managed?

18. Can servers be installed on a Remote site? If yes, any exception?

22. Does your company have Windows Intune Subscription?

23. List of languages the solution should support

2. Classes that should be collected

Class Name Field Name Computers

3. New classes that should be created/collected

Class Name Source Fields Computers

2. List all files/extensions that will be inventoried

File name / Extension Location Computers

3. List all files/extensions that will be collected

File path / File name / Location Computers

2. Should Asset Management manage non-Microsoft licenses?

4. Which classes should be enabled? (https://technet.microsoft.com/en-

Manufacturer Name Version Service Pack Size Deployment

2. Should a message be displayed to the end-user when installing application?

3. If a restart is needed, what should be restart countdown (in minutes)?

4. List of software that can be deployed to a user

Name Type (App-v, MSI, exe, etc) Primary Machine only?

6. Will users be able to request software installation via web portal?

8. Will Windows Intune be used to distribute content for Internet clients?

Server Name / OS WSUS Version Location

2. List of the Categories that will be used

Name Version Service Pack Size

4. List of non-Microsoft Software to be patched

Manufacture Name Version Service Pack Size

5. When the Software Update can be applied to clients? (maintenance window)

Start Time End Time Computer

7. How often the synchronization with Microsoft will happen?

8. Enforce mandatory deployment?

10. Display message to the end user when applying patches?

11. How often the re-evaluation of installed updates happen?

12. List of automatic deployment rules

Rule (Product, classification, Computers Deadline

2. What App-v client version will be integrated?

Manufacture Name Version Service Pack Size

4. App-v Virtual Environment (App-v 5 only)

2. List of Application to be monitored

Manufacture Application File Name Version Language Location

Manufacture Application Version Service Pack Language

2. List of Items to be monitored

Item Name Rule Expected Value Auto-remediation

3. User data and Profiles