Asset Intelligence (while not perfect) doesn't use software inventory. J
From: [email protected] [mailto:[email protected]] On Behalf Of Miller, Todd Sent: Monday, May 13, 2013 10:03 AM To: [email protected] Subject: [mssms] RE: Keep awake for inventory Yes, every DLL EXE and OCX on the entire OS drive. I require this data. In order to search for vulnerable executables, I need to collect full inventory for all EXE OCX and DLLs. I need to know what is present on the computers. As an alternative, I could install the Secunia CSI tool on systems, but then it would be THAT tool inventorying every DLL, EXE and OCX on the system. I may as well use SCCM to collect the data rather than installing another tool to collect the data. Using SCCM to collect the data I can use it in Secunia as well as for other applications. If I used CSI alone to scan, then I would only have the info for Secunia. I am unsure how you would know what has been installed on your systems without collecting inventory. I understand that it is a burden on the system which is why I collect the data so infrequently. But I do need it periodically to scan for vulnerabilities that otherwise would be undetected. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Jason Sandys Sent: Monday, May 13, 2013 9:34 AM To: [email protected]<mailto:[email protected]> Subject: [mssms] RE: Keep awake for inventory 1 HR! OM, what are you inventorying? Every DLL on the system? Software Inventory is the devil. J From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Miller, Todd Sent: Monday, May 13, 2013 9:20 AM To: [email protected]<mailto:[email protected]> Subject: [mssms] Keep awake for inventory When a computer begins SWINV it takes something like 1 hour to complete. My trouble is that computers fall asleep during SWINV. Computers that are lightly used are hardly ever left on long enough to complete the inventory process. I have advertisements that go out occasionally that will use WOL to wake up machines, but a computer will go back to sleep after 2 minutes if it is sent a WOL and there is not activity from the user. Why doesn't HWINV and SWINV count as "activity" to keep the computer from going back to sleep? Is there a setting I could make that would keep the computer awake so that SWINV could complete when the computer wakes up via WOL? I know there is a power setting for how long Widows 7 will stay awake from WOL, but that setting is not available in SCCM power management. I don't think you can (or that it is a smart idea to) set some power settings via Group Policy or registry edits and some via SCCM power management. As I ratcheted up more aggressive power savings, I am finding that SCCM is having more and more trouble keeping the machine's information up to date. If SCCM agent on a machine is stuck on trying to finish Software Inventory, it is unable to send heartbeat - since that is also part of the inventory system. Software Inventory is blocking heartbeat and SCCM thinks the machine has fallen over. Kind of a mess. I would disable SW Inventory entirely except that we use the data to scan against for software vulnerabilities. Basically, I am looking for a way to make it so that SCCM Inventory counts as activity, and that SCCM will prevent sleeping while an inventory is running. ________________________________ Notice: This UI Health Care e-mail (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may be legally privileged. If you are not the intended recipient, you are hereby notified that any retention, dissemination, distribution, or copying of this communication is strictly prohibited. Please reply to the sender that you have received the message in error, then delete it. Thank you. ________________________________ ________________________________ Notice: This UI Health Care e-mail (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may be legally privileged. If you are not the intended recipient, you are hereby notified that any retention, dissemination, distribution, or copying of this communication is strictly prohibited. Please reply to the sender that you have received the message in error, then delete it. Thank you. ________________________________
