SMS R2 features patch ability, software flaw scan

Microsoft Tuesday released the first beta of System Management Server R2 and said the software would be generally available in May.

The release comes a few weeks after Microsoft released Service Pack 2 for SMS 2003, which is required to run the new SMS R2 software.

SMS R2 includes two prominent features, a new catalog service that will let users download third-party patches directly into SMS and a new vulnerability-scanning engine to discover misconfigured software.

SMS is one of two cornerstone tools Microsoft is developing under the System Center brand name. The other is Microsoft Operations Manager, which will get an R2 update later this year. Microsoft also plans to flesh out its System Center product family and revamp the System Center roadmap at its annual Management Summit in April.

SMS R2’s catalog features are part of the new Inventory Tool for Custom Updates. The tool allows third parties and application developers to create and publish a catalog of updates using the same formats used for Microsoft Update, which is Microsoft’s Web-based download center for patches. SMS R2, which now only scans the Microsoft Update catalog, will be able to scan catalogs posted on non-Microsoft Web sites and download the patches into SMS for later distribution. Currently, users must download the non-Microsoft patches manually, repackage them in the proper formats and then import them into SMS.

Users also can use the Inventory Tool to create native SMS-formatted updates for custom software and line-of-business applications.

“We worked with the hardware vendors to create the same experience for firmware upgrades using SMS, now we are turning to the application side,” says Felicity McGourty, director of product management in the Windows enterprise management division at Microsoft. “From the customer perspective it is real simple. Whether you do firmware, operating system, Microsoft applications, third-party applications or line-of-business you can do it in the same format, same tool same experience.”

The second tool that highlights SMS R2 is the Scan Tool for Vulnerability Assessment, which can scan for nearly 100 configuration settings to help identify potential security issues. The tool reports on settings that don’t meet with internal configuration policies such as having the firewall activated on all desktops. The scan tool allows you to create the policies, as well as, scan the network to ensure that desktops and servers adhere to those policies. The scan tool is based on Microsoft Baseline Security Analyzer (MBSA) 2.0, a free vulnerability assessment tool.

The SMS R2 tool, however, does not have an automatic remediation component, which means users will have to go out and change those configuration settings with another tool or manually. Microsoft plans to add automatic remediation tools in a future version of SMS.

In addition, Microsoft also announced an upgrade discount for users of SMS 2000, which will reach the end of its life on March 31, 2006.

Starting April 1, a 30 percent discount will be available to customers buying an SMS Server License or an SMS Configuration Management License. Users, however, will have to purchase Software Assurance, Microsoft’s maintenance program for volume licensing, to be eligible for the licensing discount.

Related Download
Five Reasons to Take Your Virtualization Environment to a New Level Sponsor: VMware
Five Reasons to Take Your Virtualization Environment to a New Level
Download this white paper to learn how vSphere with Operations Management helps you identify problems and proactively address issues before they affect your end users.
Register Now